Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/n38gwaKi6nOCJJCgdQoApRvM_tE.roa
File: n38gwaKi6nOCJJCgdQoApRvM_tE.roa (raw, json)
Hash identifier: P9RofPa3Lcs8qh9xFZ617XYV2Was9jjMs4xvUOkUrNU=
Subject key identifier: 9F:7F:20:C1:A2:A2:EA:73:82:24:90:A0:75:0A:00:A5:1B:CC:FE:D1
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 018E31EF8885EA180846233D34AEBFBF0C44
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/n38gwaKi6nOCJJCgdQoApRvM_tE.roa
Signing time: Tue 12 Mar 2024 09:12:45 +0000
ROA not before: Tue 12 Mar 2024 09:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21267
IP address blocks: 80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
185.79.184.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.204.212.0/22 maxlen: 24
195.26.32.0/19 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 15:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:31:ef:88:85:ea:18:08:46:23:3d:34:ae:bf:bf:0c:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Mar 12 09:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f7f20c1a2a2ea73822490a0750a00a51bccfed1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:16:b2:2e:7d:0c:12:df:51:20:d2:0b:4f:82:
58:ac:4c:8b:13:39:92:16:0e:ea:92:cd:20:5f:61:
70:77:db:6a:56:6c:a9:fd:1a:74:5a:f5:0d:47:0d:
98:40:1f:c1:23:42:79:ae:c9:9f:46:ce:c1:cc:97:
01:82:a7:33:87:e7:fe:32:72:bc:da:92:48:31:57:
22:9b:06:c7:10:84:4c:c3:22:59:61:7b:d7:b8:53:
42:fd:64:ea:fc:f2:ea:d0:b0:f7:19:be:4f:99:9c:
3d:27:6c:34:3d:5b:0b:e2:ba:89:4c:9c:ab:b3:57:
ec:bb:f4:4c:49:30:b3:26:fe:aa:03:0f:8e:e6:cb:
c5:cb:24:98:2a:06:cb:22:5d:bc:a2:82:79:d0:5b:
2e:11:f7:34:7e:ca:6c:47:94:1b:83:9c:4f:1a:13:
58:a9:a8:e9:64:e7:22:43:dd:ae:18:5d:26:20:81:
ae:d7:34:54:3e:83:62:aa:e9:22:2f:81:ef:5b:ca:
0c:1c:4b:73:24:d6:5d:25:10:bd:e3:42:76:90:ec:
de:13:23:6b:a8:c5:4d:f5:ec:6b:ea:29:23:00:e3:
af:79:a5:ed:40:2a:03:f0:99:af:03:f8:2c:f4:1e:
9e:f1:aa:2f:a8:21:21:df:40:29:68:a6:71:4c:35:
2b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:7F:20:C1:A2:A2:EA:73:82:24:90:A0:75:0A:00:A5:1B:CC:FE:D1
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/n38gwaKi6nOCJJCgdQoApRvM_tE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.74.240.0/20
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
185.79.184.0/22
185.178.216.0/22
185.204.212.0/22
195.26.32.0/19
Signature Algorithm: sha256WithRSAEncryption
26:ff:90:38:4b:0a:a4:30:26:b6:fb:ff:db:8d:26:70:93:71:
da:c8:7f:c8:a5:31:cc:82:cf:69:86:cf:e9:14:2f:eb:ed:55:
cf:22:7d:92:ee:73:9b:83:b4:2e:a2:57:ee:4f:79:4d:1d:a0:
40:74:bf:5a:55:80:06:37:0e:c9:60:b9:dd:1f:bd:d2:56:b3:
75:eb:49:6b:29:3b:53:18:df:62:4d:ab:2f:ba:aa:e1:a3:d1:
8e:07:71:f0:2b:da:19:7f:33:5e:a1:43:38:f3:31:5e:cf:c1:
fb:94:ea:d0:db:85:33:a6:16:3f:f2:51:76:d3:00:92:6d:b5:
e2:ad:1b:e3:3d:03:7c:06:5d:cb:ed:49:fd:cb:b9:40:7d:45:
77:2f:10:63:06:8a:04:e9:f9:b6:48:33:a8:ef:1d:4d:e6:a5:
e3:5a:ea:81:fe:0f:f1:23:34:5c:5f:76:e4:2a:d6:77:1d:aa:
cf:63:0a:07:b0:b9:cc:8e:40:38:db:d4:be:42:66:b2:bf:e1:
c7:00:b4:da:87:ec:a2:0e:d4:c1:2a:66:f5:b6:ff:f4:19:68:
91:61:e6:a1:8a:da:f9:0e:36:03:28:dd:6f:f7:66:bc:8a:0f:
75:1d:f2:4c:0d:1f:b2:b3:cb:d2:79:b0:10:e1:1e:a3:04:d7:
7b:27:c5:14
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY4x74iF6hgIRiM9NK6/vwxEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwMzEyMDkxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjdmMjBjMWEyYTJlYTczODIyNDkwYTA3NTBhMDBhNTFiY2NmZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxayLn0MEt9RINILT4JYrEyLEzmS
Fg7qks0gX2Fwd9tqVmyp/Rp0WvUNRw2YQB/BI0J5rsmfRs7BzJcBgqczh+f+MnK8
2pJIMVcimwbHEIRMwyJZYXvXuFNC/WTq/PLq0LD3Gb5PmZw9J2w0PVsL4rqJTJyr
s1fsu/RMSTCzJv6qAw+O5svFyySYKgbLIl28ooJ50FsuEfc0fspsR5Qbg5xPGhNY
qajpZOciQ92uGF0mIIGu1zRUPoNiqukiL4HvW8oMHEtzJNZdJRC940J2kOzeEyNr
qMVN9exr6ikjAOOveaXtQCoD8JmvA/gs9B6e8aovqCEh30ApaKZxTDUrewIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJ9/IMGioupzgiSQoHUKAKUbzP7RMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvbjM4Z3dhS2k2bk9DSkpDZ2RRb0FwUnZNX3RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQEUErwAwQF
VV9gAwQDXCp4AwQDX4FAAwQCuU+4AwQCubLYAwQCuczUAwQFwxogMA0GCSqGSIb3
DQEBCwUAA4IBAQAm/5A4SwqkMCa2+//bjSZwk3HayH/IpTHMgs9phs/pFC/r7VXP
In2S7nObg7QuolfuT3lNHaBAdL9aVYAGNw7JYLndH73SVrN160lrKTtTGN9iTasv
uqrho9GOB3HwK9oZfzNeoUM48zFez8H7lOrQ24UzphY/8lF20wCSbbXirRvjPQN8
Bl3L7Un9y7lAfUV3LxBjBooE6fm2SDOo7x1N5qXjWuqB/g/xIzRcX3bkKtZ3HarP
YwoHsLnMjkA429S+Qmayv+HHALTah+yiDtTBKmb1tv/0GWiRYeahitr5DjYDKN1v
92a8ig91HfJMDR+ys8vSebAQ4R6jBNd7J8UU
-----END CERTIFICATE-----
Generated at Tue Mar 12 19:56:36 2024 by rpki-client on console-fra.rpki-client.org