Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/97RdKkbphKazuPzsONpxCtL87OA.roa
File: 97RdKkbphKazuPzsONpxCtL87OA.roa (raw, json)
Hash identifier: DpDhTrWISgNOFGcZ/5E7yYoBcxKshaspSww21s9jCOI=
Subject key identifier: F7:B4:5D:2A:46:E9:84:A6:B3:B8:FC:EC:38:DA:71:0A:D2:FC:EC:E0
Certificate issuer: /CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Certificate serial: 018BB9C10A29084F686498B7451C35D3EE13
Authority key identifier: 01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/97RdKkbphKazuPzsONpxCtL87OA.roa
Signing time: Fri 10 Nov 2023 15:01:57 +0000
ROA not before: Fri 10 Nov 2023 15:01:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16839
IP address blocks: 148.139.48.0/20 maxlen: 20
148.139.64.0/20 maxlen: 20
148.139.80.0/20 maxlen: 20
37.98.233.0/24 maxlen: 24
37.98.232.0/24 maxlen: 24
37.98.236.0/24 maxlen: 24
37.98.238.0/24 maxlen: 24
37.98.237.0/24 maxlen: 24
37.98.235.0/24 maxlen: 24
37.98.234.0/24 maxlen: 24
37.98.239.0/24 maxlen: 24
148.139.4.0/22 maxlen: 22
148.139.1.0/24 maxlen: 24
148.139.0.0/24 maxlen: 24
148.139.3.0/24 maxlen: 24
148.139.2.0/24 maxlen: 24
163.120.128.0/17 maxlen: 24
148.139.8.0/22 maxlen: 22
148.139.12.0/22 maxlen: 22
148.139.16.0/22 maxlen: 22
148.139.29.0/24 maxlen: 24
148.139.28.0/24 maxlen: 24
148.139.30.0/24 maxlen: 24
148.139.32.0/20 maxlen: 20
148.139.96.0/22 maxlen: 22
148.139.105.0/24 maxlen: 24
148.139.104.0/24 maxlen: 24
148.139.100.0/22 maxlen: 22
148.139.108.0/22 maxlen: 22
148.139.112.0/22 maxlen: 22
148.139.116.0/22 maxlen: 22
148.139.125.0/24 maxlen: 24
148.139.124.0/24 maxlen: 24
148.139.120.0/22 maxlen: 22
138.12.128.0/17 maxlen: 24
2a04:37c0:3110::/48 maxlen: 48
2a04:37c0:4410::/48 maxlen: 48
2a04:37c0:4110::/48 maxlen: 48
2a04:37c0:4910::/48 maxlen: 48
2a04:37c0:3510::/48 maxlen: 48
2a04:37c0:4430::/48 maxlen: 48
2a04:37c0::/29 maxlen: 48
2a04:37c0:3520::/48 maxlen: 48
2a04:37c0:4920::/48 maxlen: 48
2a04:37c0:4420::/48 maxlen: 48
2a04:37c0:4120::/48 maxlen: 48
2a04:37c0:3120::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 13 Nov 2023 07:06:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b9:c1:0a:29:08:4f:68:64:98:b7:45:1c:35:d3:ee:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Validity
Not Before: Nov 10 15:01:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7b45d2a46e984a6b3b8fcec38da710ad2fcece0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3f:a7:b8:92:23:f1:cb:6a:d8:ab:44:f7:dd:
f4:ab:cd:83:4f:ad:ce:58:e8:63:7c:95:b1:ef:f0:
15:9c:89:1c:97:33:64:92:cd:54:62:dc:c0:5b:29:
26:33:2f:6c:f1:95:60:7f:07:41:84:df:b2:3c:c3:
bc:e7:d5:36:8c:60:45:11:77:0f:30:92:62:29:58:
bc:b9:14:07:aa:6c:6c:65:fd:e3:69:b1:84:b8:56:
86:b6:e7:32:70:7c:14:c8:f9:0a:f2:02:53:71:bd:
08:4a:1a:60:54:68:9f:77:29:78:7d:a0:bf:c8:39:
7f:d9:a0:36:e0:d4:89:d8:4a:ac:12:28:c9:e6:63:
e5:19:c3:dc:e6:6c:9d:c7:44:bc:a6:e6:ab:4f:ac:
39:72:76:0c:5c:27:99:50:2f:a6:fc:d4:8b:70:2f:
dd:9a:da:ba:68:9d:2e:d5:6b:fd:81:dc:da:3b:ea:
81:3e:e0:71:b8:eb:e7:80:64:05:1e:10:94:0e:bb:
c6:0d:bc:13:3e:20:e7:75:8c:6c:57:f1:ac:ad:c9:
63:31:1b:1f:89:2d:47:36:2b:ae:c7:07:14:62:6e:
91:cd:a4:85:5e:56:48:d0:c3:a6:5e:29:cf:4d:67:
86:ac:46:6c:2f:2b:f8:c8:1e:f7:17:16:03:db:42:
5a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:B4:5D:2A:46:E9:84:A6:B3:B8:FC:EC:38:DA:71:0A:D2:FC:EC:E0
X509v3 Authority Key Identifier:
keyid:01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/97RdKkbphKazuPzsONpxCtL87OA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.232.0/21
138.12.128.0/17
148.139.0.0-148.139.19.255
148.139.28.0-148.139.30.255
148.139.32.0-148.139.105.255
148.139.108.0-148.139.125.255
163.120.128.0/17
IPv6:
2a04:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
77:33:63:44:19:ae:11:4a:c8:13:6e:2d:78:49:4f:ad:6f:0f:
a2:4b:1d:e9:3e:a1:27:21:4a:bf:7c:ff:4b:f9:bb:e3:0e:10:
8f:8a:ab:18:92:8c:b7:ee:50:a6:1d:c2:cd:d6:d9:d2:5c:ed:
7b:dd:b3:12:19:39:e7:f0:37:98:70:20:5f:41:d2:7b:21:ee:
71:1c:72:66:6a:36:81:2d:ff:5b:8e:ed:01:c4:fe:f7:c3:82:
3b:4e:e6:f8:d8:64:b4:1d:6b:12:cc:9b:48:73:10:c8:8c:dd:
73:a4:7c:f6:8e:3c:2f:95:69:08:62:6d:f7:5b:c1:54:a4:ec:
3b:e1:00:7d:51:22:cb:d1:24:07:94:4c:8e:2b:fe:2c:4d:62:
32:38:d3:e4:98:ef:1e:2e:7f:0b:8c:b3:eb:76:aa:a1:74:75:
07:8e:f3:25:fc:34:ee:fa:a9:36:99:bb:dd:11:e0:11:b4:12:
49:08:78:b1:ae:5c:2d:01:b8:b9:af:0e:28:31:51:6c:41:17:
6c:db:f2:7c:e1:95:96:4e:bc:0e:a7:43:79:fc:5f:1d:68:83:
da:11:c3:d7:dd:4a:7d:eb:66:e8:75:b0:29:a7:1f:e8:cc:7a:
13:0e:fc:72:e9:07:db:e5:dd:8d:54:96:a5:fe:df:78:71:ac:
a1:26:59:6a
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYu5wQopCE9oZJi3RRw10+4TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYzM4YTA2YTM5YjIwYjhkYTQwMDA5MjM3ZDc2YWNkZDI4
ZTcxYTUwHhcNMjMxMTEwMTUwMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2I0NWQyYTQ2ZTk4NGE2YjNiOGZjZWMzOGRhNzEwYWQyZmNlY2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqj+nuJIj8ctq2KtE9930q82DT63O
WOhjfJWx7/AVnIkclzNkks1UYtzAWykmMy9s8ZVgfwdBhN+yPMO859U2jGBFEXcP
MJJiKVi8uRQHqmxsZf3jabGEuFaGtucycHwUyPkK8gJTcb0IShpgVGifdyl4faC/
yDl/2aA24NSJ2EqsEijJ5mPlGcPc5mydx0S8puarT6w5cnYMXCeZUC+m/NSLcC/d
mtq6aJ0u1Wv9gdzaO+qBPuBxuOvngGQFHhCUDrvGDbwTPiDndYxsV/GsrcljMRsf
iS1HNiuuxwcUYm6RzaSFXlZI0MOmXinPTWeGrEZsLyv4yB73FxYD20JaywIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFPe0XSpG6YSms7j87DjacQrS/OzgMB8GA1UdIwQY
MBaAFAHDigajmyC42kAAkjfXas3SjnGlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAt
YjI5ZjEwY2MwMzI4LzEvOTdSZEtrYnBoS2F6dVB6c09OcHhDdEw4N09BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAtYjI5ZjEwY2MwMzI4
LzEvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBPBAIAATBJAwQDJWLoAwQH
igyAMAsDAwCUiwMEApSLEDAMAwQClIscAwQAlIseMAwDBAWUiyADBAGUi2gwDAME
ApSLbAMEAZSLfAMEB6N4gDANBAIAAjAHAwUDKgQ3wDANBgkqhkiG9w0BAQsFAAOC
AQEAdzNjRBmuEUrIE24teElPrW8Poksd6T6hJyFKv3z/S/m74w4Qj4qrGJKMt+5Q
ph3CzdbZ0lzte92zEhk55/A3mHAgX0HSeyHucRxyZmo2gS3/W47tAcT+98OCO07m
+NhktB1rEsybSHMQyIzdc6R89o48L5VpCGJt91vBVKTsO+EAfVEiy9EkB5RMjiv+
LE1iMjjT5JjvHi5/C4yz63aqoXR1B47zJfw07vqpNpm73RHgEbQSSQh4sa5cLQG4
ua8OKDFRbEEXbNvyfOGVlk68DqdDefxfHWiD2hHD191Kfetm6HWwKacf6Mx6Ew78
cukH2+XdjVSWpf7feHGsoSZZag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:42 2024 by rpki-client on console-fra.rpki-client.org