Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/GF4cyrXLpQ7NXiFstCoNLYUkunA.roa
File: GF4cyrXLpQ7NXiFstCoNLYUkunA.roa (raw, json)
Hash identifier: pXja1Bz7egOmHrYFxCGkTmM3JllZiEk/hFNyi4XkvTE=
Subject key identifier: 18:5E:1C:CA:B5:CB:A5:0E:CD:5E:21:6C:B4:2A:0D:2D:85:24:BA:70
Certificate issuer: /CN=e9aab1446100a8fce03df19d755e06329ee24713
Certificate serial: 018571D7E7377A7114C9A693C3AA5B578A1A
Authority key identifier: E9:AA:B1:44:61:00:A8:FC:E0:3D:F1:9D:75:5E:06:32:9E:E2:47:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/GF4cyrXLpQ7NXiFstCoNLYUkunA.roa
Signing time: Mon 02 Jan 2023 09:37:32 +0000
ROA not before: Mon 02 Jan 2023 09:37:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42708
IP address blocks: 46.21.96.0/20 maxlen: 24
46.21.100.0/24 maxlen: 24
195.149.101.0/24 maxlen: 24
185.157.220.0/22 maxlen: 24
212.112.0.0/19 maxlen: 24
31.192.224.0/21 maxlen: 24
31.192.228.0/24 maxlen: 24
193.108.196.0/24 maxlen: 24
91.223.232.0/24 maxlen: 24
109.74.0.0/20 maxlen: 24
188.126.64.0/19 maxlen: 24
80.67.0.0/20 maxlen: 24
79.99.0.0/21 maxlen: 24
178.73.192.0/18 maxlen: 24
91.228.194.0/23 maxlen: 24
91.228.193.0/24 maxlen: 24
178.73.224.0/19 maxlen: 19
5.178.72.0/21 maxlen: 21
185.118.36.0/22 maxlen: 22
91.213.246.0/24 maxlen: 24
94.247.168.0/21 maxlen: 24
46.246.0.0/17 maxlen: 24
37.152.56.0/21 maxlen: 24
194.54.164.0/22 maxlen: 24
195.238.76.0/23 maxlen: 24
185.39.144.0/22 maxlen: 24
159.253.24.0/21 maxlen: 24
91.217.189.0/24 maxlen: 24
159.253.28.0/24 maxlen: 24
159.253.29.0/24 maxlen: 24
195.246.120.0/23 maxlen: 24
195.20.206.0/23 maxlen: 24
2a03:5e00::/32 maxlen: 32
2a00:1a28::/32 maxlen: 48
2a02:750::/29 maxlen: 48
2a02:750:10::/48 maxlen: 48
2a02:750:14::/48 maxlen: 48
2a02:750:8::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 12 Jan 2023 09:32:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:e7:37:7a:71:14:c9:a6:93:c3:aa:5b:57:8a:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9aab1446100a8fce03df19d755e06329ee24713
Validity
Not Before: Jan 2 09:37:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=185e1ccab5cba50ecd5e216cb42a0d2d8524ba70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:bb:a6:65:68:d3:4c:58:2e:09:4d:e5:0e:a4:
8d:4e:4b:ce:30:8b:1e:6e:c9:2d:ca:b6:86:1d:92:
f4:06:16:9a:40:cb:f6:e1:b8:5a:de:72:29:72:76:
96:35:9a:8c:e2:c8:81:6c:c0:a2:91:83:42:58:2e:
bd:5f:a5:25:15:5e:7d:af:78:e6:1f:c4:e1:de:77:
17:bb:c6:c5:6b:e6:fa:b1:4c:fa:00:44:0a:84:88:
3c:c8:7a:ca:ea:b9:c9:81:da:ce:b9:15:0f:f7:4c:
56:be:f3:5c:18:a6:02:bd:8f:0b:9a:71:90:c4:e1:
f2:32:61:72:f9:18:c3:e6:31:4e:9b:3f:28:70:20:
68:a0:89:7f:83:df:f3:80:84:a9:d0:98:b6:b9:90:
01:b5:39:ac:f9:e3:bd:4e:61:33:b0:78:87:cd:7d:
9c:ca:15:c1:77:88:c7:d2:d3:c5:77:70:0c:71:26:
01:c5:17:0c:8f:f7:bb:e1:c8:89:c5:7a:fc:24:39:
11:53:62:04:56:53:06:d8:8a:66:a2:b7:b8:0e:03:
80:24:59:66:24:2c:62:2e:d6:47:1b:53:07:c2:74:
68:6b:c8:e8:3a:ac:52:ef:bf:8f:ec:7b:eb:e0:80:
05:ce:a6:f7:31:50:f9:a4:ab:11:b5:49:ea:aa:c1:
62:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:5E:1C:CA:B5:CB:A5:0E:CD:5E:21:6C:B4:2A:0D:2D:85:24:BA:70
X509v3 Authority Key Identifier:
keyid:E9:AA:B1:44:61:00:A8:FC:E0:3D:F1:9D:75:5E:06:32:9E:E2:47:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/GF4cyrXLpQ7NXiFstCoNLYUkunA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/6aqxRGEAqPzgPfGddV4GMp7iRxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.72.0/21
31.192.224.0/21
37.152.56.0/21
46.21.96.0/20
46.246.0.0/17
79.99.0.0/21
80.67.0.0/20
91.213.246.0/24
91.217.189.0/24
91.223.232.0/24
91.228.193.0-91.228.195.255
94.247.168.0/21
109.74.0.0/20
159.253.24.0/21
178.73.192.0/18
185.39.144.0/22
185.118.36.0/22
185.157.220.0/22
188.126.64.0/19
193.108.196.0/24
194.54.164.0/22
195.20.206.0/23
195.149.101.0/24
195.238.76.0/23
195.246.120.0/23
212.112.0.0/19
IPv6:
2a00:1a28::/32
2a02:750::/29
2a03:5e00::/32
Signature Algorithm: sha256WithRSAEncryption
06:72:49:9d:e9:47:8f:61:10:9c:20:36:5b:16:44:97:aa:a6:
da:b4:12:05:e9:4d:4c:17:21:82:32:ce:73:53:67:8c:1a:fc:
1f:e3:cb:f4:f7:a2:a9:0b:96:d7:c0:68:af:78:a3:cc:3c:50:
93:7b:50:52:f8:fa:89:3e:08:94:11:71:e1:3e:52:3d:44:7b:
b8:c0:ae:a4:96:1c:e0:ad:cb:fb:2e:7d:82:5a:45:26:64:ff:
68:64:b0:21:9a:72:3d:0d:2c:64:05:f8:66:ad:ee:5c:88:88:
c0:bc:18:ea:d3:9a:32:d1:3f:63:8f:b2:09:55:88:dd:ee:e0:
87:e4:fe:d8:27:8c:9c:6d:20:09:4f:97:99:ef:37:c7:61:45:
33:83:e0:8a:ec:87:f1:5a:ae:1f:a9:58:a6:3c:8d:69:10:c0:
e7:8e:a6:30:f5:f7:95:ba:db:b6:ed:2b:3e:f6:0b:fe:19:fd:
be:f9:c9:f3:7c:45:4a:37:a9:d2:59:cc:c6:b3:36:5b:0e:14:
21:d9:72:9a:2e:d3:62:0d:95:9e:41:3d:48:64:86:28:6c:94:
5c:34:04:8c:3d:d2:19:81:9b:fc:97:c2:fa:6a:c8:7c:7c:8f:
77:ec:1e:ea:47:27:c2:f3:5f:aa:dd:a4:41:ad:1b:9d:a3:47:
b0:c9:67:f8
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgISAYVx1+c3enEUyaaTw6pbV4oaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YWFiMTQ0NjEwMGE4ZmNlMDNkZjE5ZDc1NWUwNjMyOWVl
MjQ3MTMwHhcNMjMwMTAyMDkzNzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODVlMWNjYWI1Y2JhNTBlY2Q1ZTIxNmNiNDJhMGQyZDg1MjRiYTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7umZWjTTFguCU3lDqSNTkvOMIse
bsktyraGHZL0BhaaQMv24bha3nIpcnaWNZqM4siBbMCikYNCWC69X6UlFV59r3jm
H8Th3ncXu8bFa+b6sUz6AEQKhIg8yHrK6rnJgdrOuRUP90xWvvNcGKYCvY8LmnGQ
xOHyMmFy+RjD5jFOmz8ocCBooIl/g9/zgISp0Ji2uZABtTms+eO9TmEzsHiHzX2c
yhXBd4jH0tPFd3AMcSYBxRcMj/e74ciJxXr8JDkRU2IEVlMG2Ipmore4DgOAJFlm
JCxiLtZHG1MHwnRoa8joOqxS77+P7Hvr4IAFzqb3MVD5pKsRtUnqqsFi2QIDAQAB
o4ICyTCCAsUwHQYDVR0OBBYEFBheHMq1y6UOzV4hbLQqDS2FJLpwMB8GA1UdIwQY
MBaAFOmqsURhAKj84D3xnXVeBjKe4kcTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmFxeFJHRUFxUHpnUGZHZGRWNEdNcDdpUnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83MWUwOWMtMjhmMy00ODI1LTgwNmYt
YTBkYzM1NGY0Y2EzLzEvR0Y0Y3lyWExwUTdOWGlGc3RDb05MWVVrdW5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83MWUwOWMtMjhmMy00ODI1LTgwNmYtYTBkYzM1NGY0Y2Ez
LzEvNmFxeFJHRUFxUHpnUGZHZGRWNEdNcDdpUnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHeBggrBgEFBQcBBwEB/wSBzjCByzCBqwQCAAEwgaQDBAMF
skgDBAMfwOADBAMlmDgDBAQuFWADBAcu9gADBANPYwADBARQQwADBABb1fYDBABb
2b0DBABb3+gwDAMEAFvkwQMEAlvkwAMEA173qAMEBG1KAAMEA5/9GAMEBrJJwAME
ArknkAMEArl2JAMEArmd3AMEBbx+QAMEAMFsxAMEAsI2pAMEAcMUzgMEAMOVZQME
AcPuTAMEAcP2eAMEBdRwADAbBAIAAjAVAwUAKgAaKAMFAyoCB1ADBQAqA14AMA0G
CSqGSIb3DQEBCwUAA4IBAQAGckmd6UePYRCcIDZbFkSXqqbatBIF6U1MFyGCMs5z
U2eMGvwf48v096KpC5bXwGiveKPMPFCTe1BS+PqJPgiUEXHhPlI9RHu4wK6klhzg
rcv7Ln2CWkUmZP9oZLAhmnI9DSxkBfhmre5ciIjAvBjq05oy0T9jj7IJVYjd7uCH
5P7YJ4ycbSAJT5eZ7zfHYUUzg+CK7IfxWq4fqVimPI1pEMDnjqYw9feVutu27Ss+
9gv+Gf2++cnzfEVKN6nSWczGszZbDhQh2XKaLtNiDZWeQT1IZIYobJRcNASMPdIZ
gZv8l8L6ash8fI937B7qRyfC81+q3aRBrRudo0ewyWf4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:17 2024 by rpki-client on console-fra.rpki-client.org