Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/1t6-sP9nMO-ZXJJMZ0Gc9SO7maI.roa
File: 1t6-sP9nMO-ZXJJMZ0Gc9SO7maI.roa (raw, json)
Hash identifier: QJTKd+OA22MzT/R95j62/m+rsEIiY7lu9LV6IND+9zI=
Subject key identifier: D6:DE:BE:B0:FF:67:30:EF:99:5C:92:4C:67:41:9C:F5:23:BB:99:A2
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 018E853A28FE15342B14A0069C489E1C1FCC
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/1t6-sP9nMO-ZXJJMZ0Gc9SO7maI.roa
Signing time: Thu 28 Mar 2024 13:22:45 +0000
ROA not before: Thu 28 Mar 2024 13:22:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8399
IP address blocks: 37.97.64.0/19 maxlen: 19
37.97.69.0/24 maxlen: 24
37.97.70.0/24 maxlen: 24
37.97.80.0/23 maxlen: 23
37.97.96.0/20 maxlen: 20
65.39.64.0/19 maxlen: 19
80.251.96.0/20 maxlen: 20
81.93.0.0/19 maxlen: 19
88.213.224.0/19 maxlen: 19
109.235.232.0/21 maxlen: 21
109.235.232.0/24 maxlen: 24
109.235.233.0/24 maxlen: 24
109.235.239.0/24 maxlen: 24
157.143.128.0/17 maxlen: 17
178.157.16.0/20 maxlen: 20
178.157.32.0/20 maxlen: 20
178.174.96.0/20 maxlen: 23
178.255.160.0/21 maxlen: 21
185.6.92.0/22 maxlen: 22
185.8.252.0/22 maxlen: 22
185.24.140.0/22 maxlen: 22
185.32.208.0/22 maxlen: 22
185.42.176.0/22 maxlen: 22
185.65.248.0/22 maxlen: 22
185.218.208.0/22 maxlen: 22
185.249.20.0/22 maxlen: 22
195.135.0.0/17 maxlen: 17
195.135.0.0/18 maxlen: 18
195.135.48.0/24 maxlen: 24
217.74.96.0/20 maxlen: 20
217.181.128.0/17 maxlen: 17
217.181.250.0/23 maxlen: 23
2a02:6e8::/32 maxlen: 32
2a02:c440::/29 maxlen: 29
2a0b:e3c0::/29 maxlen: 29
2a0c:600::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 16 May 2024 07:49:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:85:3a:28:fe:15:34:2b:14:a0:06:9c:48:9e:1c:1f:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: Mar 28 13:22:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6debeb0ff6730ef995c924c67419cf523bb99a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:66:83:2b:0b:17:58:d1:e7:ca:67:e0:4b:bf:
f1:b2:6f:b5:86:ff:c3:c4:c8:f4:ef:27:60:94:1e:
b4:e3:46:7c:f6:64:1d:73:f4:9c:b9:98:1d:93:78:
38:2f:7e:23:ee:13:23:e5:93:0e:7c:22:84:a4:ca:
1d:89:60:9f:b8:85:46:a2:84:98:8a:e4:4e:eb:94:
91:95:ad:31:7a:1f:3e:28:72:7e:9e:99:06:16:e5:
32:d2:a6:53:b7:75:be:12:a3:49:a9:39:97:70:91:
b9:a1:28:a2:97:73:7b:96:60:3d:dd:3d:62:a2:0c:
53:96:f6:fb:34:55:23:d3:a9:bb:24:bd:5c:22:08:
9f:2b:c6:43:03:c2:0d:24:3d:89:6e:26:ac:f3:44:
3f:23:ef:1a:a7:1f:6c:97:02:09:d5:69:5f:bc:97:
9a:b0:ee:70:0b:f3:59:bb:11:d2:00:4c:b6:15:c0:
22:a4:10:99:9d:e7:38:c8:64:27:fe:dd:ec:09:19:
91:ca:54:09:7f:03:49:80:a5:0b:a5:3b:94:55:02:
05:76:f2:a4:84:94:2f:bc:59:a3:dc:09:ba:af:bb:
cd:ae:48:06:bc:73:a7:52:c3:21:cb:b0:7c:50:65:
06:66:75:e0:67:bd:69:40:b7:d9:53:de:63:2b:fa:
d2:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:DE:BE:B0:FF:67:30:EF:99:5C:92:4C:67:41:9C:F5:23:BB:99:A2
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/1t6-sP9nMO-ZXJJMZ0Gc9SO7maI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.64.0-37.97.111.255
65.39.64.0/19
80.251.96.0/20
81.93.0.0/19
88.213.224.0/19
109.235.232.0/21
157.143.128.0/17
178.157.16.0-178.157.47.255
178.174.96.0/20
178.255.160.0/21
185.6.92.0/22
185.8.252.0/22
185.24.140.0/22
185.32.208.0/22
185.42.176.0/22
185.65.248.0/22
185.218.208.0/22
185.249.20.0/22
195.135.0.0/17
217.74.96.0/20
217.181.128.0/17
IPv6:
2a02:6e8::/32
2a02:c440::/29
2a0b:e3c0::/29
2a0c:600::/29
Signature Algorithm: sha256WithRSAEncryption
30:7c:a3:74:5f:28:16:d4:3d:3b:39:fd:52:cb:c0:5a:82:1b:
37:7f:ac:88:9a:07:a6:70:f8:d4:e5:a8:75:da:93:84:a3:d2:
18:bb:01:18:6f:25:a4:73:86:3f:0f:b3:7e:c0:2e:fe:ca:53:
4b:2e:e5:ef:3f:c7:b4:66:4c:2b:6d:25:08:57:49:f9:ef:30:
64:db:42:41:5c:fd:a6:85:76:39:87:0d:59:51:47:48:cf:ec:
b3:de:08:48:8d:5d:d4:ef:26:a3:0a:39:b1:39:1d:0e:e0:76:
70:94:7d:cd:04:10:3d:c9:26:d8:6f:da:0c:af:e9:3f:f8:51:
bf:0e:41:f4:ca:53:84:1d:69:1c:10:7a:61:7f:1a:a5:28:b1:
21:a3:d9:77:da:b9:50:13:d0:8e:af:61:60:e2:b9:ea:54:13:
3b:33:70:7e:3b:0d:06:f9:7f:13:bf:12:8d:3f:89:93:14:40:
3d:bc:18:28:56:43:78:8d:89:12:ac:6e:f7:e3:b9:cd:cc:f8:
06:a6:6e:61:2a:e0:fb:f5:13:8a:a1:20:9d:20:dd:10:af:5c:
da:0f:96:cd:77:af:a0:c1:90:34:89:51:53:57:77:08:56:b1:
2e:97:66:df:11:e8:84:83:cf:01:4a:63:41:22:e2:e6:7a:9d:
0e:67:c7:80
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAY6FOij+FTQrFKAGnEieHB/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDc5YjgzYzUyMGQ3ODQ0NDVjMjQ4MjhiYWI2MzNmMGQ3
MDJjZjMwHhcNMjQwMzI4MTMyMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmRlYmViMGZmNjczMGVmOTk1YzkyNGM2NzQxOWNmNTIzYmI5OWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomaDKwsXWNHnymfgS7/xsm+1hv/D
xMj07ydglB6040Z89mQdc/ScuZgdk3g4L34j7hMj5ZMOfCKEpModiWCfuIVGooSY
iuRO65SRla0xeh8+KHJ+npkGFuUy0qZTt3W+EqNJqTmXcJG5oSiil3N7lmA93T1i
ogxTlvb7NFUj06m7JL1cIgifK8ZDA8INJD2Jbias80Q/I+8apx9slwIJ1WlfvJea
sO5wC/NZuxHSAEy2FcAipBCZnec4yGQn/t3sCRmRylQJfwNJgKULpTuUVQIFdvKk
hJQvvFmj3Am6r7vNrkgGvHOnUsMhy7B8UGUGZnXgZ71pQLfZU95jK/rSHwIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFNbevrD/ZzDvmVySTGdBnPUju5miMB8GA1UdIwQY
MBaAFPFHm4PFINeERFwkgourYz8NcCzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEt
YmRkNGFmNWYzNWQxLzEvMXQ2LXNQOW5NTy1aWEpKTVowR2M5U083bWFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEtYmRkNGFmNWYzNWQx
LzEvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBlQQCAAEwgY4wDAME
BiVhQAMEBCVhYAMEBUEnQAMEBFD7YAMEBVFdAAMEBVjV4AMEA23r6AMEB52PgDAM
AwQEsp0QAwQEsp0gAwQEsq5gAwQDsv+gAwQCuQZcAwQCuQj8AwQCuRiMAwQCuSDQ
AwQCuSqwAwQCuUH4AwQCudrQAwQCufkUAwQHw4cAAwQE2UpgAwQH2bWAMCIEAgAC
MBwDBQAqAgboAwUDKgLEQAMFAyoL48ADBQMqDAYAMA0GCSqGSIb3DQEBCwUAA4IB
AQAwfKN0XygW1D07Of1Sy8Baghs3f6yImgemcPjU5ah12pOEo9IYuwEYbyWkc4Y/
D7N+wC7+ylNLLuXvP8e0ZkwrbSUIV0n57zBk20JBXP2mhXY5hw1ZUUdIz+yz3ghI
jV3U7yajCjmxOR0O4HZwlH3NBBA9ySbYb9oMr+k/+FG/DkH0ylOEHWkcEHphfxql
KLEho9l32rlQE9COr2Fg4rnqVBM7M3B+Ow0G+X8TvxKNP4mTFEA9vBgoVkN4jYkS
rG7347nNzPgGpm5hKuD79ROKoSCdIN0Qr1zaD5bNd6+gwZA0iVFTV3cIVrEul2bf
EeiEg88BSmNBIuLmep0OZ8eA
-----END CERTIFICATE-----
Generated at Thu May 16 09:54:28 2024 by rpki-client on console-ams.rpki-client.org