Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/yFOhQT0CPdO8g8nz6szmpBPPJB4.roa
File: yFOhQT0CPdO8g8nz6szmpBPPJB4.roa (raw, json)
Hash identifier: LDKimMNscXOqSqzZWRU0mD3lUzjDEpE7FNGRnfkXlUQ=
Subject key identifier: C8:53:A1:41:3D:02:3D:D3:BC:83:C9:F3:EA:CC:E6:A4:13:CF:24:1E
Certificate issuer: /CN=40e3953c5cb452f159f8e1505fc702e883657e72
Certificate serial: 018BD7A1F0D9254D041D9753F59D6FCD85EE
Authority key identifier: 40:E3:95:3C:5C:B4:52:F1:59:F8:E1:50:5F:C7:02:E8:83:65:7E:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QOOVPFy0UvFZ-OFQX8cC6INlfnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/yFOhQT0CPdO8g8nz6szmpBPPJB4.roa
Signing time: Thu 16 Nov 2023 10:16:36 +0000
ROA not before: Thu 16 Nov 2023 10:16:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22822
IP address blocks: 95.140.224.0/22 maxlen: 22
95.140.224.0/20 maxlen: 24
87.248.192.0/19 maxlen: 24
46.228.144.0/20 maxlen: 24
87.248.210.0/23 maxlen: 23
87.248.212.0/23 maxlen: 23
216.247.120.0/21 maxlen: 24
185.178.54.0/24 maxlen: 24
185.178.53.0/24 maxlen: 24
185.178.55.0/24 maxlen: 24
185.178.52.0/24 maxlen: 24
185.178.52.0/22 maxlen: 22
46.183.88.0/21 maxlen: 24
178.249.105.0/24 maxlen: 24
178.249.104.0/21 maxlen: 24
185.116.100.0/22 maxlen: 22
178.79.203.0/24 maxlen: 24
178.79.214.0/23 maxlen: 23
178.79.228.0/23 maxlen: 23
178.79.230.0/23 maxlen: 23
178.79.232.0/22 maxlen: 22
178.79.236.0/22 maxlen: 22
178.79.240.0/21 maxlen: 21
178.79.248.0/21 maxlen: 21
178.79.196.0/23 maxlen: 23
178.79.192.0/18 maxlen: 24
2a02:3d0:621::/48 maxlen: 48
2a02:3d0:601::/48 maxlen: 48
2a02:3d0::/32 maxlen: 48
2a02:3d0:600::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d7:a1:f0:d9:25:4d:04:1d:97:53:f5:9d:6f:cd:85:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40e3953c5cb452f159f8e1505fc702e883657e72
Validity
Not Before: Nov 16 10:16:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c853a1413d023dd3bc83c9f3eacce6a413cf241e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:78:f0:b0:88:ee:46:9c:c4:34:ed:66:4b:f8:
aa:18:5f:89:d2:e9:30:65:dd:de:48:2d:97:e8:64:
ac:94:6d:80:9b:1e:71:98:c0:f3:c2:a8:89:e2:67:
75:98:1b:3c:06:3c:07:bc:9f:c7:cf:d7:45:0b:5f:
ef:ba:e7:bc:3e:2e:34:df:53:5f:5e:bf:07:66:be:
25:57:ee:d0:7a:d2:43:64:17:b3:f6:d5:8c:f3:44:
40:44:49:94:38:d1:58:db:21:4e:2f:4d:4d:ee:10:
c3:27:6f:16:2d:17:1e:ac:6c:e0:5e:66:e3:a3:b6:
2b:bb:73:05:8c:9a:5e:5b:6a:81:f1:23:49:9f:2f:
07:e2:8c:b9:5b:33:db:1f:da:fe:2d:94:93:f0:bb:
a1:ec:fb:db:b7:e2:14:fd:00:9b:fa:68:e1:0c:63:
74:2b:0a:f4:5f:fd:de:ea:9c:da:75:cd:e7:23:2c:
60:fa:4e:7b:5f:85:8b:a3:02:2e:20:ba:61:43:62:
fd:38:a0:40:b5:18:ef:fb:46:5f:01:8a:66:d6:5b:
69:dd:37:90:c3:5c:4f:6a:13:a5:d4:00:0f:4d:aa:
6a:25:a2:c6:1c:d2:45:5a:cb:01:5d:02:e5:ea:cc:
d4:6c:57:f7:b2:c7:39:89:5e:f3:e6:d5:4a:06:aa:
dc:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:53:A1:41:3D:02:3D:D3:BC:83:C9:F3:EA:CC:E6:A4:13:CF:24:1E
X509v3 Authority Key Identifier:
keyid:40:E3:95:3C:5C:B4:52:F1:59:F8:E1:50:5F:C7:02:E8:83:65:7E:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QOOVPFy0UvFZ-OFQX8cC6INlfnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/yFOhQT0CPdO8g8nz6szmpBPPJB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/QOOVPFy0UvFZ-OFQX8cC6INlfnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.88.0/21
46.228.144.0/20
87.248.192.0/19
95.140.224.0/20
178.79.192.0/18
178.249.104.0/21
185.116.100.0/22
185.178.52.0/22
216.247.120.0/21
IPv6:
2a02:3d0::/32
Signature Algorithm: sha256WithRSAEncryption
09:25:d7:47:7c:9f:eb:3a:22:df:a7:96:6a:92:aa:7d:85:bd:
62:00:26:da:f6:23:8e:3e:e5:75:c1:cd:55:8a:a6:5b:2a:0b:
07:29:75:f0:f6:2c:ed:1d:12:91:fd:6b:47:06:e8:2d:33:01:
44:f2:3d:5a:89:66:7f:ca:c7:59:8a:cf:2d:e8:6a:8f:5c:38:
e7:5a:4b:82:c6:fd:5c:48:11:0f:54:09:71:01:0e:e4:e5:5c:
71:13:e2:e1:29:73:8c:5c:a8:c6:40:56:8b:ca:47:5b:d0:9d:
f2:69:ed:a5:6f:dc:29:7d:04:69:ef:ca:68:f1:6b:a5:62:87:
32:c8:4b:b2:e2:21:49:f2:a0:f2:4f:c4:db:a5:7e:5a:13:6b:
7b:eb:19:e3:ac:e4:e5:f0:46:6e:0a:b6:b1:78:ad:3a:54:cf:
0a:56:ed:dc:ea:44:5c:79:df:e8:ed:ea:cc:c3:5e:f4:4f:a4:
c8:46:98:5a:2a:c9:8a:60:8d:9e:5f:43:f5:ae:86:32:48:59:
e3:89:4d:8a:91:c7:00:96:32:e5:fd:87:ba:76:3b:7d:88:c5:
f1:32:80:bd:e6:6c:a6:7c:a6:df:ea:dc:8c:ea:ee:19:e4:a3:
ed:dc:f4:d2:82:15:78:30:00:5e:f3:9a:9f:10:cd:a8:14:b7:
7a:2d:80:4a
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYvXofDZJU0EHZdT9Z1vzYXuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZTM5NTNjNWNiNDUyZjE1OWY4ZTE1MDVmYzcwMmU4ODM2
NTdlNzIwHhcNMjMxMTE2MTAxNjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODUzYTE0MTNkMDIzZGQzYmM4M2M5ZjNlYWNjZTZhNDEzY2YyNDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HjwsIjuRpzENO1mS/iqGF+J0ukw
Zd3eSC2X6GSslG2Amx5xmMDzwqiJ4md1mBs8BjwHvJ/Hz9dFC1/vuue8Pi4031Nf
Xr8HZr4lV+7QetJDZBez9tWM80RAREmUONFY2yFOL01N7hDDJ28WLRcerGzgXmbj
o7Yru3MFjJpeW2qB8SNJny8H4oy5WzPbH9r+LZST8Luh7Pvbt+IU/QCb+mjhDGN0
Kwr0X/3e6pzadc3nIyxg+k57X4WLowIuILphQ2L9OKBAtRjv+0ZfAYpm1ltp3TeQ
w1xPahOl1AAPTapqJaLGHNJFWssBXQLl6szUbFf3ssc5iV7z5tVKBqrcWwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFMhToUE9Aj3TvIPJ8+rM5qQTzyQeMB8GA1UdIwQY
MBaAFEDjlTxctFLxWfjhUF/HAuiDZX5yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU9PVlBGeTBVdkZaLU9GUVg4Y0M2SU5sZm5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi83ZDg1MDUtMzg5OS00YTllLThjZjEt
ZmE1YWYzOGRlYjVlLzEveUZPaFFUMENQZE84ZzhuejZzem1wQlBQSkI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi83ZDg1MDUtMzg5OS00YTllLThjZjEtZmE1YWYzOGRlYjVl
LzEvUU9PVlBGeTBVdkZaLU9GUVg4Y0M2SU5sZm5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDLrdYAwQE
LuSQAwQFV/jAAwQEX4zgAwQGsk/AAwQDsvloAwQCuXRkAwQCubI0AwQD2Pd4MA0E
AgACMAcDBQAqAgPQMA0GCSqGSIb3DQEBCwUAA4IBAQAJJddHfJ/rOiLfp5Zqkqp9
hb1iACba9iOOPuV1wc1ViqZbKgsHKXXw9iztHRKR/WtHBugtMwFE8j1aiWZ/ysdZ
is8t6GqPXDjnWkuCxv1cSBEPVAlxAQ7k5VxxE+LhKXOMXKjGQFaLykdb0J3yae2l
b9wpfQRp78po8WulYocyyEuy4iFJ8qDyT8TbpX5aE2t76xnjrOTl8EZuCraxeK06
VM8KVu3c6kRced/o7erMw170T6TIRphaKsmKYI2eX0P1roYySFnjiU2KkccAljLl
/Ye6djt9iMXxMoC95mymfKbf6tyM6u4Z5KPt3PTSghV4MABe85qfEM2oFLd6LYBK
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:01 2024 by rpki-client on console-ams.rpki-client.org