Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/7s68J2EIcLykFMigK8sm7r8TCOY.roa
File: 7s68J2EIcLykFMigK8sm7r8TCOY.roa (raw, json)
Hash identifier: QWenoVRbQKUSztz1HPuTUkYzbYIfc5u9uob0SByy8LQ=
Subject key identifier: EE:CE:BC:27:61:08:70:BC:A4:14:C8:A0:2B:CB:26:EE:BF:13:08:E6
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 018CCA99F77234F94470A4558D6CC4518DFB
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/7s68J2EIcLykFMigK8sm7r8TCOY.roa
Signing time: Tue 02 Jan 2024 14:35:37 +0000
ROA not before: Tue 02 Jan 2024 14:35:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12663
IP address blocks: 46.108.0.0/16 maxlen: 24
37.25.128.0/17 maxlen: 24
188.240.84.0/22 maxlen: 22
92.114.8.0/21 maxlen: 21
176.125.0.0/19 maxlen: 24
85.205.0.0/16 maxlen: 24
130.195.96.0/19 maxlen: 19
192.125.128.0/17 maxlen: 24
195.232.128.0/17 maxlen: 24
145.230.0.0/16 maxlen: 24
130.195.128.0/18 maxlen: 24
89.32.48.0/21 maxlen: 21
46.190.128.0/17 maxlen: 24
130.195.64.0/19 maxlen: 19
108.179.64.0/18 maxlen: 19
130.195.200.0/21 maxlen: 21
86.104.216.0/22 maxlen: 22
208.53.128.0/18 maxlen: 18
62.213.128.0/19 maxlen: 19
139.47.160.0/19 maxlen: 24
139.47.192.0/18 maxlen: 24
195.233.0.0/16 maxlen: 24
130.195.32.0/20 maxlen: 20
Validation: Failed, certificate revoked on Tue 30 Apr 2024 14:27:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:f7:72:34:f9:44:70:a4:55:8d:6c:c4:51:8d:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Jan 2 14:35:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eecebc27610870bca414c8a02bcb26eebf1308e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:05:a1:85:06:d0:ca:f5:17:78:c3:ed:04:b3:
b5:bc:b0:2c:d8:8d:b6:56:fd:b8:8d:52:3b:f8:b3:
ef:3f:c3:92:c2:82:36:f6:10:de:f4:f6:11:29:04:
72:6d:0e:93:62:5b:64:6f:b0:42:f1:4f:b6:64:cf:
85:bf:57:e8:7b:61:0a:07:c2:87:f2:d0:dd:5d:54:
1f:82:4d:ec:71:43:6d:fc:f1:ea:9f:76:12:93:a2:
31:b3:32:12:cb:8a:93:3c:b4:fe:b1:9f:54:d1:8a:
d7:48:e4:f2:68:04:48:db:08:49:96:83:64:61:cb:
a5:86:73:3a:7f:15:0b:c9:9a:fb:0f:5a:f6:ab:4f:
c1:dd:ca:6c:45:29:a3:1d:c2:a9:ff:4a:55:94:61:
f7:3b:49:88:e8:02:a7:00:94:81:b6:a2:f1:1c:ec:
ed:0f:8a:0d:c2:d6:60:27:22:59:0a:01:7a:30:f5:
b7:3b:84:83:26:15:a5:12:f5:c7:f4:ae:70:22:ab:
34:4b:de:41:ef:f1:6e:bd:51:86:dc:d4:d5:2d:b6:
a1:94:20:11:05:dc:d3:05:d3:91:71:86:84:9b:b5:
f7:84:e9:99:b5:4d:21:fd:13:6a:8a:61:e4:58:3e:
20:08:3d:11:15:76:52:af:9e:1b:80:ee:09:b4:be:
9d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:CE:BC:27:61:08:70:BC:A4:14:C8:A0:2B:CB:26:EE:BF:13:08:E6
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/7s68J2EIcLykFMigK8sm7r8TCOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.25.128.0/17
46.108.0.0/16
46.190.128.0/17
62.213.128.0/19
85.205.0.0/16
86.104.216.0/22
89.32.48.0/21
92.114.8.0/21
108.179.64.0/18
130.195.32.0/20
130.195.64.0-130.195.191.255
130.195.200.0/21
139.47.160.0-139.47.255.255
145.230.0.0/16
176.125.0.0/19
188.240.84.0/22
192.125.128.0/17
195.232.128.0-195.233.255.255
208.53.128.0/18
Signature Algorithm: sha256WithRSAEncryption
1d:67:b8:7c:db:13:a1:c6:a0:07:be:72:fb:82:9c:f0:ce:44:
29:b8:ab:dc:71:c9:eb:a6:17:ab:e8:d8:f8:81:ce:18:fd:c7:
0b:e6:77:be:a0:26:4b:ad:72:0a:7f:4a:8e:45:f7:c1:68:7a:
55:0a:da:79:49:bb:ef:9f:e2:ba:56:f4:65:4f:63:e4:90:9a:
1c:eb:69:c5:44:2b:39:14:c8:96:40:63:5a:e5:a8:ab:01:7a:
f4:47:19:0f:73:36:b4:90:1a:7f:48:9f:b9:b3:f7:97:8c:64:
c3:3d:2d:8b:69:48:6a:20:df:b2:07:30:72:ef:8d:f8:33:f9:
bd:7f:31:1e:ca:56:83:b2:f9:e2:52:38:a3:b6:90:bc:ff:6d:
b6:ea:fe:81:d2:93:e8:94:8c:d8:49:ce:fb:92:f2:c3:d0:10:
3e:1e:0d:82:24:32:d7:16:30:ca:cc:73:f4:eb:6e:13:29:df:
81:81:5f:ca:95:c6:eb:63:9b:6a:90:26:20:7f:28:35:90:17:
f0:5e:00:c1:87:67:65:5f:8e:76:79:a0:3c:35:4d:5e:77:4b:
a2:92:f8:b3:64:c9:c3:05:2e:00:f1:4d:b8:d5:90:b6:cf:9a:
f6:9f:c1:70:72:e3:a3:72:7b:a7:11:96:45:54:f8:8d:a6:5a:
19:ed:3c:c3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAYzKmfdyNPlEcKRVjWzEUY37MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjQwMTAyMTQzNTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWNlYmMyNzYxMDg3MGJjYTQxNGM4YTAyYmNiMjZlZWJmMTMwOGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgWhhQbQyvUXeMPtBLO1vLAs2I22
Vv24jVI7+LPvP8OSwoI29hDe9PYRKQRybQ6TYltkb7BC8U+2ZM+Fv1foe2EKB8KH
8tDdXVQfgk3scUNt/PHqn3YSk6IxszISy4qTPLT+sZ9U0YrXSOTyaARI2whJloNk
YculhnM6fxULyZr7D1r2q0/B3cpsRSmjHcKp/0pVlGH3O0mI6AKnAJSBtqLxHOzt
D4oNwtZgJyJZCgF6MPW3O4SDJhWlEvXH9K5wIqs0S95B7/FuvVGG3NTVLbahlCAR
BdzTBdORcYaEm7X3hOmZtU0h/RNqimHkWD4gCD0RFXZSr54bgO4JtL6dPwIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFO7OvCdhCHC8pBTIoCvLJu6/EwjmMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvN3M2OEoyRUljTHlrRk1pZ0s4c203cjhUQ09ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzCBjAQCAAEwgYUDBAcl
GYADAwAubAMEBy6+gAMEBT7VgAMDAFXNAwQCVmjYAwQDWSAwAwQDXHIIAwQGbLNA
AwQEgsMgMAwDBAaCw0ADBAaCw4ADBAOCw8gwCwMEBYsvoAMDBIsgAwMAkeYDBAWw
fQADBAK88FQDBAfAfYAwCwMEB8PogAMDAcPoAwQG0DWAMA0GCSqGSIb3DQEBCwUA
A4IBAQAdZ7h82xOhxqAHvnL7gpzwzkQpuKvcccnrpher6Nj4gc4Y/ccL5ne+oCZL
rXIKf0qORffBaHpVCtp5Sbvvn+K6VvRlT2PkkJoc62nFRCs5FMiWQGNa5airAXr0
RxkPcza0kBp/SJ+5s/eXjGTDPS2LaUhqIN+yBzBy7434M/m9fzEeylaDsvniUjij
tpC8/2226v6B0pPolIzYSc77kvLD0BA+Hg2CJDLXFjDKzHP0624TKd+BgV/Klcbr
Y5tqkCYgfyg1kBfwXgDBh2dlX452eaA8NU1ed0uikvizZMnDBS4A8U241ZC2z5r2
n8FwcuOjcnunEZZFVPiNploZ7TzD
-----END CERTIFICATE-----
Generated at Tue Apr 30 18:14:22 2024 by rpki-client on console-fra.rpki-client.org