Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/tNtoxWvXLUbHEx7Rns4IHNOJg84.roa
File: tNtoxWvXLUbHEx7Rns4IHNOJg84.roa (raw, json)
Hash identifier: UZXTIwuZr4um4UnBSTTdDGjU2oP0wsUReYgc6EW/fpo=
Subject key identifier: B4:DB:68:C5:6B:D7:2D:46:C7:13:1E:D1:9E:CE:08:1C:D3:89:83:CE
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 018ED2F665B235244685005330A959F2A53C
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/tNtoxWvXLUbHEx7Rns4IHNOJg84.roa
Signing time: Fri 12 Apr 2024 15:39:06 +0000
ROA not before: Fri 12 Apr 2024 15:39:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203
IP address blocks: 5.159.208.0/21 maxlen: 24
5.181.72.0/22 maxlen: 24
31.192.96.0/21 maxlen: 24
45.8.100.0/22 maxlen: 24
45.132.108.0/22 maxlen: 24
45.137.44.0/22 maxlen: 24
80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
83.150.252.0/22 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
176.58.0.0/21 maxlen: 24
185.79.184.0/22 maxlen: 24
185.90.0.0/22 maxlen: 24
185.94.204.0/22 maxlen: 24
185.99.76.0/22 maxlen: 24
185.145.88.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.182.200.0/23 maxlen: 24
185.204.212.0/22 maxlen: 24
185.229.4.0/22 maxlen: 24
185.246.132.0/22 maxlen: 24
185.247.200.0/22 maxlen: 24
185.248.252.0/24 maxlen: 24
185.248.254.0/24 maxlen: 24
188.94.16.0/21 maxlen: 24
193.24.3.0/24 maxlen: 24
193.24.6.0/24 maxlen: 24
193.24.13.0/24 maxlen: 24
193.24.31.0/24 maxlen: 24
195.26.32.0/19 maxlen: 24
195.88.8.0/23 maxlen: 24
212.11.68.0/22 maxlen: 24
212.11.72.0/22 maxlen: 24
217.145.128.0/20 maxlen: 24
2a00:f1c0::/32 maxlen: 32
2a04:e9c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 15 Apr 2024 08:08:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d2:f6:65:b2:35:24:46:85:00:53:30:a9:59:f2:a5:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Apr 12 15:39:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4db68c56bd72d46c7131ed19ece081cd38983ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ec:de:70:0e:ba:a3:02:41:df:d8:17:11:b1:
34:6b:64:42:40:af:0c:8a:17:64:4a:03:78:fa:a6:
3e:70:9b:0c:8b:90:96:91:6a:fd:a9:31:3b:e6:7f:
cf:e6:f0:0c:2c:6f:7d:fb:09:da:d2:27:48:ce:d1:
8c:29:0d:bc:c2:06:a8:5f:90:5b:cf:99:f9:0e:27:
7e:f0:63:f6:8b:6b:74:54:73:87:c6:fb:ed:d4:6c:
1f:bc:7a:62:56:80:2b:33:58:46:c6:cd:a2:54:35:
b4:68:86:9c:8f:ab:d6:a1:11:87:3b:45:2e:d3:ac:
b7:45:38:a5:47:99:14:f4:84:52:2f:13:70:13:7d:
57:1e:e2:b9:26:52:92:f2:ef:b5:b3:e2:c7:1f:a6:
ef:f2:08:27:10:90:59:8e:12:89:4a:11:e0:98:55:
b9:6c:0b:b9:86:2c:01:ae:29:e9:96:f5:41:26:f7:
44:05:04:18:c2:61:5c:65:38:99:ba:5e:38:86:c6:
51:71:91:60:12:b5:cf:be:63:82:b8:bb:cd:c4:fa:
d3:f2:15:a0:c4:6c:ab:8e:54:13:fa:1a:f4:8a:04:
b1:1f:e5:e7:3d:2f:b8:ad:6c:6f:44:c5:4f:63:05:
7b:b5:27:8d:9b:a8:1e:66:2d:78:94:7b:c9:35:77:
eb:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:DB:68:C5:6B:D7:2D:46:C7:13:1E:D1:9E:CE:08:1C:D3:89:83:CE
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/tNtoxWvXLUbHEx7Rns4IHNOJg84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.208.0/21
5.181.72.0/22
31.192.96.0/21
45.8.100.0/22
45.132.108.0/22
45.137.44.0/22
80.74.240.0/20
83.150.252.0/22
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
176.58.0.0/21
185.79.184.0/22
185.90.0.0/22
185.94.204.0/22
185.99.76.0/22
185.145.88.0/22
185.178.216.0/22
185.182.200.0/23
185.204.212.0/22
185.229.4.0/22
185.246.132.0/22
185.247.200.0/22
185.248.252.0/24
185.248.254.0/24
188.94.16.0/21
193.24.3.0/24
193.24.6.0/24
193.24.13.0/24
193.24.31.0/24
195.26.32.0/19
195.88.8.0/23
212.11.68.0-212.11.75.255
217.145.128.0/20
IPv6:
2a00:f1c0::/32
2a04:e9c0::/29
Signature Algorithm: sha256WithRSAEncryption
8a:93:5a:6f:e3:a6:2f:05:fc:2f:65:4b:47:bb:d3:40:9b:2a:
f8:94:a2:c1:c5:c3:73:ed:43:ee:e8:14:c5:ca:1c:fb:0c:1b:
59:05:e4:15:88:76:31:b3:de:77:23:9b:77:72:45:69:04:b2:
84:f7:4f:c0:ac:fd:f2:44:ff:00:06:e7:3c:0e:40:45:99:6a:
f4:46:2b:af:09:14:04:41:75:00:b9:38:8c:5a:d9:21:87:33:
bc:02:9e:b2:0c:91:c5:b3:67:90:a4:08:3b:3b:07:0b:f5:f8:
32:10:5e:32:d3:84:c8:7c:9e:24:62:eb:78:69:de:92:dc:e6:
4c:90:3b:46:2c:48:52:2d:57:03:1d:fd:dd:b3:cd:e4:66:fd:
77:6d:c7:ef:e0:c2:a4:2f:c2:c8:ef:62:c0:a4:79:4e:2d:95:
e0:c1:fd:0c:08:7f:b8:d8:7f:7b:7d:48:f9:12:6f:ba:a3:2e:
a8:63:85:f8:1a:72:06:64:f2:d9:e0:9b:90:0e:17:5f:e0:21:
f3:7d:73:e1:95:e5:e9:96:0d:2d:66:5f:ef:12:12:21:2a:58:
df:01:b4:a7:f5:a9:d8:17:e0:19:10:98:63:b1:fd:42:3d:a0:
bd:bb:b1:04:3f:32:28:7d:2b:82:7f:0b:b2:0d:b3:59:1b:d4:
00:ec:c6:9e
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAY7S9mWyNSRGhQBTMKlZ8qU8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwNDEyMTUzOTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGRiNjhjNTZiZDcyZDQ2YzcxMzFlZDE5ZWNlMDgxY2QzODk4M2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOzecA66owJB39gXEbE0a2RCQK8M
ihdkSgN4+qY+cJsMi5CWkWr9qTE75n/P5vAMLG99+wna0idIztGMKQ28wgaoX5Bb
z5n5Did+8GP2i2t0VHOHxvvt1GwfvHpiVoArM1hGxs2iVDW0aIacj6vWoRGHO0Uu
06y3RTilR5kU9IRSLxNwE31XHuK5JlKS8u+1s+LHH6bv8ggnEJBZjhKJShHgmFW5
bAu5hiwBrinplvVBJvdEBQQYwmFcZTiZul44hsZRcZFgErXPvmOCuLvNxPrT8hWg
xGyrjlQT+hr0igSxH+XnPS+4rWxvRMVPYwV7tSeNm6geZi14lHvJNXfrcQIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFLTbaMVr1y1GxxMe0Z7OCBzTiYPOMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvdE50b3hXdlhMVWJIRXg3Um5zNElITk9KZzg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBwYIKwYBBQUHAQcBAf8EgfcwgfQwgdsEAgABMIHUAwQD
BZ/QAwQCBbVIAwQDH8BgAwQCLQhkAwQCLYRsAwQCLYksAwQEUErwAwQCU5b8AwQF
VV9gAwQDXCp4AwQDX4FAAwQDsDoAAwQCuU+4AwQCuVoAAwQCuV7MAwQCuWNMAwQC
uZFYAwQCubLYAwQBubbIAwQCuczUAwQCueUEAwQCufaEAwQCuffIAwQAufj8AwQA
ufj+AwQDvF4QAwQAwRgDAwQAwRgGAwQAwRgNAwQAwRgfAwQFwxogAwQBw1gIMAwD
BALUC0QDBALUC0gDBATZkYAwFAQCAAIwDgMFACoA8cADBQMqBOnAMA0GCSqGSIb3
DQEBCwUAA4IBAQCKk1pv46YvBfwvZUtHu9NAmyr4lKLBxcNz7UPu6BTFyhz7DBtZ
BeQViHYxs953I5t3ckVpBLKE90/ArP3yRP8ABuc8DkBFmWr0RiuvCRQEQXUAuTiM
WtkhhzO8Ap6yDJHFs2eQpAg7OwcL9fgyEF4y04TIfJ4kYut4ad6S3OZMkDtGLEhS
LVcDHf3ds83kZv13bcfv4MKkL8LI72LApHlOLZXgwf0MCH+42H97fUj5Em+6oy6o
Y4X4GnIGZPLZ4JuQDhdf4CHzfXPhleXplg0tZl/vEhIhKljfAbSn9anYF+AZEJhj
sf1CPaC9u7EEPzIofSuCfwuyDbNZG9QA7Mae
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:14 2024 by rpki-client on console-fra.rpki-client.org