Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/rFKVRk1Hj3oeHbyQfjqlCXPtOxA.roa
File: rFKVRk1Hj3oeHbyQfjqlCXPtOxA.roa (raw, json)
Hash identifier: FbX7HqjXlwzSdYZq/mKVU3E5Ox1Ep79a2zfVyeVpxGE=
Subject key identifier: AC:52:95:46:4D:47:8F:7A:1E:1D:BC:90:7E:3A:A5:09:73:ED:3B:10
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 018E3371E35438A8B8826F64A0E9968BE89B
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/rFKVRk1Hj3oeHbyQfjqlCXPtOxA.roa
Signing time: Tue 12 Mar 2024 16:14:45 +0000
ROA not before: Tue 12 Mar 2024 16:14:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21267
IP address blocks: 31.192.96.0/21 maxlen: 24
45.8.100.0/22 maxlen: 24
45.132.108.0/22 maxlen: 24
80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
185.79.184.0/22 maxlen: 24
185.94.204.0/22 maxlen: 24
185.99.76.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.204.212.0/22 maxlen: 24
188.94.16.0/21 maxlen: 24
193.24.3.0/24 maxlen: 24
193.24.6.0/24 maxlen: 24
193.24.13.0/24 maxlen: 24
193.24.31.0/24 maxlen: 24
195.26.32.0/19 maxlen: 24
212.11.68.0/22 maxlen: 24
212.11.72.0/22 maxlen: 24
2a00:f1c0::/32 maxlen: 32
2a04:e9c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 13 Mar 2024 13:01:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:33:71:e3:54:38:a8:b8:82:6f:64:a0:e9:96:8b:e8:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Mar 12 16:14:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac5295464d478f7a1e1dbc907e3aa50973ed3b10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:10:55:5c:f2:e5:ee:3f:80:fc:51:b5:65:06:
c0:3f:b8:aa:fb:72:bf:7a:14:06:76:36:13:bb:fe:
de:0b:b8:84:bc:7c:63:e8:3d:2c:c6:23:f2:27:19:
4e:df:59:ec:c6:6b:83:50:9c:e1:46:da:c1:6d:74:
3a:3b:82:84:37:1f:1c:6d:24:04:20:29:31:a3:1f:
e0:f2:d4:31:70:26:7b:de:e2:00:7d:53:67:be:68:
67:46:07:0a:26:04:55:14:29:76:35:3e:7e:3e:b3:
03:6d:dd:06:4c:f7:aa:6f:8b:a3:61:5b:42:88:83:
9d:05:da:60:4a:94:eb:ce:21:5b:7c:55:32:82:f9:
d2:18:16:3e:00:9f:53:9a:55:55:95:b9:bd:94:87:
fd:1a:89:aa:dc:1a:a7:d4:60:10:9f:c3:18:05:56:
b7:b1:60:74:58:1c:24:5e:05:16:fb:87:af:d0:70:
32:7e:9f:6d:72:89:7d:3a:74:12:a4:bb:3e:03:79:
a1:57:2f:f3:00:bd:4a:2f:83:b5:d4:d1:79:ca:2b:
f6:e6:a0:66:a7:1d:d2:c9:e8:65:86:f8:c3:aa:f0:
2f:25:0b:d9:c5:1d:bc:b6:1d:68:38:0d:50:81:22:
9a:21:d3:59:36:8f:7f:d2:2d:d2:7b:d0:e4:67:cb:
a8:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:52:95:46:4D:47:8F:7A:1E:1D:BC:90:7E:3A:A5:09:73:ED:3B:10
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/rFKVRk1Hj3oeHbyQfjqlCXPtOxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.192.96.0/21
45.8.100.0/22
45.132.108.0/22
80.74.240.0/20
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
185.79.184.0/22
185.94.204.0/22
185.99.76.0/22
185.178.216.0/22
185.204.212.0/22
188.94.16.0/21
193.24.3.0/24
193.24.6.0/24
193.24.13.0/24
193.24.31.0/24
195.26.32.0/19
212.11.68.0-212.11.75.255
IPv6:
2a00:f1c0::/32
2a04:e9c0::/29
Signature Algorithm: sha256WithRSAEncryption
4c:08:2f:1a:b7:14:ff:6b:38:79:41:a9:f1:43:7c:f8:5f:e2:
d0:f3:bc:a5:e5:bd:93:59:19:f4:c2:96:2f:b2:61:e6:93:d8:
8b:6c:d7:74:7d:18:fa:7f:62:f8:49:2b:87:c5:6d:26:ac:df:
68:eb:75:1b:05:d6:d0:37:19:c5:7d:04:b2:a0:d7:6b:82:27:
68:31:58:91:45:f1:2f:24:5a:fb:3e:c1:3d:c7:d5:59:6e:ae:
aa:e7:e5:ad:03:84:7d:8f:5c:85:3a:6a:d0:b8:2f:72:35:43:
5f:f4:55:48:6a:f8:5b:a2:81:c7:d1:e2:2b:0c:1a:40:7b:6e:
8a:00:dc:a4:b6:b9:32:51:50:ee:06:a5:54:c0:77:8e:af:56:
83:53:a8:6a:72:b3:87:1d:02:27:3e:20:e8:fe:b4:d3:ba:8b:
ce:8d:af:5d:bc:92:7f:01:53:3f:c0:b3:7b:a4:fd:c4:21:aa:
b0:ce:4f:1b:30:61:de:f8:37:b1:52:59:03:04:af:78:22:c7:
bd:6d:e3:4b:46:04:d1:a9:a4:b6:66:85:3c:ff:74:de:73:e7:
be:b2:c8:26:fe:45:5a:e5:21:5e:f2:11:c1:51:b0:b9:06:04:
49:28:d0:9e:ee:9b:c2:01:7c:7f:36:94:3b:df:ff:41:3a:fe:
08:07:2b:c6
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAY4zceNUOKi4gm9koOmWi+ibMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwMzEyMTYxNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzUyOTU0NjRkNDc4ZjdhMWUxZGJjOTA3ZTNhYTUwOTczZWQzYjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBBVXPLl7j+A/FG1ZQbAP7iq+3K/
ehQGdjYTu/7eC7iEvHxj6D0sxiPyJxlO31nsxmuDUJzhRtrBbXQ6O4KENx8cbSQE
ICkxox/g8tQxcCZ73uIAfVNnvmhnRgcKJgRVFCl2NT5+PrMDbd0GTPeqb4ujYVtC
iIOdBdpgSpTrziFbfFUygvnSGBY+AJ9TmlVVlbm9lIf9Gomq3Bqn1GAQn8MYBVa3
sWB0WBwkXgUW+4ev0HAyfp9tcol9OnQSpLs+A3mhVy/zAL1KL4O11NF5yiv25qBm
px3SyehlhvjDqvAvJQvZxR28th1oOA1QgSKaIdNZNo9/0i3Se9DkZ8uo+QIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFKxSlUZNR496Hh28kH46pQlz7TsQMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvckZLVlJrMUhqM29lSGJ5UWZqcWxDWFB0T3hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBgAQCAAEwegMEAx/A
YAMEAi0IZAMEAi2EbAMEBFBK8AMEBVVfYAMEA1wqeAMEA1+BQAMEArlPuAMEArle
zAMEArljTAMEArmy2AMEArnM1AMEA7xeEAMEAMEYAwMEAMEYBgMEAMEYDQMEAMEY
HwMEBcMaIDAMAwQC1AtEAwQC1AtIMBQEAgACMA4DBQAqAPHAAwUDKgTpwDANBgkq
hkiG9w0BAQsFAAOCAQEATAgvGrcU/2s4eUGp8UN8+F/i0PO8peW9k1kZ9MKWL7Jh
5pPYi2zXdH0Y+n9i+Ekrh8VtJqzfaOt1GwXW0DcZxX0EsqDXa4InaDFYkUXxLyRa
+z7BPcfVWW6uquflrQOEfY9chTpq0LgvcjVDX/RVSGr4W6KBx9HiKwwaQHtuigDc
pLa5MlFQ7galVMB3jq9Wg1OoanKzhx0CJz4g6P6007qLzo2vXbySfwFTP8Cze6T9
xCGqsM5PGzBh3vg3sVJZAwSveCLHvW3jS0YE0amktmaFPP903nPnvrLIJv5FWuUh
XvIRwVGwuQYESSjQnu6bwgF8fzaUO9//QTr+CAcrxg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:14 2024 by rpki-client on console-fra.rpki-client.org