Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/691LDHpWPkG5v3Qxap5s3vPGO_E.roa
File: 691LDHpWPkG5v3Qxap5s3vPGO_E.roa (raw, json)
Hash identifier: 20T0iJBkB3Yfg3M0u6e+m7Ve3FctCz0pVLcZ8rVD9dc=
Subject key identifier: EB:DD:4B:0C:7A:56:3E:41:B9:BF:74:31:6A:9E:6C:DE:F3:C6:3B:F1
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 018E84B2A9FEC6FF5A41ACF6056A43DE6DBE
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/691LDHpWPkG5v3Qxap5s3vPGO_E.roa
Signing time: Thu 28 Mar 2024 10:54:45 +0000
ROA not before: Thu 28 Mar 2024 10:54:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8399
IP address blocks: 37.97.64.0/19 maxlen: 19
37.97.69.0/24 maxlen: 24
37.97.70.0/24 maxlen: 24
37.97.80.0/23 maxlen: 23
37.97.96.0/20 maxlen: 20
65.39.64.0/19 maxlen: 19
80.251.96.0/20 maxlen: 20
81.93.0.0/19 maxlen: 19
88.213.224.0/19 maxlen: 19
109.235.232.0/21 maxlen: 21
109.235.232.0/24 maxlen: 24
109.235.233.0/24 maxlen: 24
109.235.239.0/24 maxlen: 24
157.143.128.0/17 maxlen: 17
178.157.16.0/20 maxlen: 20
178.157.32.0/20 maxlen: 20
178.174.96.0/20 maxlen: 20
178.255.160.0/21 maxlen: 21
185.6.92.0/22 maxlen: 22
185.8.252.0/22 maxlen: 22
185.24.140.0/22 maxlen: 22
185.32.208.0/22 maxlen: 22
185.42.176.0/22 maxlen: 22
185.65.248.0/22 maxlen: 22
185.218.208.0/22 maxlen: 22
185.249.20.0/22 maxlen: 22
195.135.0.0/17 maxlen: 17
195.135.0.0/18 maxlen: 18
195.135.48.0/24 maxlen: 24
217.74.96.0/20 maxlen: 20
217.181.128.0/17 maxlen: 17
217.181.250.0/23 maxlen: 23
2a02:6e8::/32 maxlen: 32
2a02:c440::/29 maxlen: 29
2a0b:e3c0::/29 maxlen: 29
2a0c:600::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 28 Mar 2024 13:22:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:84:b2:a9:fe:c6:ff:5a:41:ac:f6:05:6a:43:de:6d:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: Mar 28 10:54:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ebdd4b0c7a563e41b9bf74316a9e6cdef3c63bf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a2:00:da:a3:cf:3c:c4:87:27:ec:ed:bd:60:
3e:14:6a:62:81:26:2d:24:6e:1f:18:6e:17:29:66:
f7:e2:2f:ea:fd:0c:1c:f8:96:0f:06:71:81:68:e9:
87:3f:b0:41:45:ab:be:8e:bc:46:e4:0f:dd:a7:f6:
3a:a5:35:f2:ad:34:ff:da:2c:b3:c5:25:b7:d2:01:
3b:e0:f3:50:5e:de:c5:5d:e2:bf:e4:2a:dd:18:27:
0f:3e:05:fa:5a:be:81:19:32:ec:93:e8:bb:7f:82:
a7:95:43:2a:7c:6e:9b:10:d0:fb:22:d8:7b:5e:de:
6e:2a:0c:fc:a1:5c:d7:7b:95:9b:49:0a:25:ca:0b:
bd:34:a7:9f:0d:78:02:f0:df:f9:ea:12:aa:37:7a:
29:4c:75:5c:f3:c3:43:30:ce:63:44:8e:82:0d:32:
d1:c0:01:97:da:66:03:58:01:84:1a:f9:cc:d4:4e:
3a:c4:88:5a:c6:0e:5d:18:7a:67:8a:ce:a9:0f:5b:
dd:77:c4:85:27:c9:0d:54:d7:c9:47:6e:5e:b8:54:
bf:08:f7:08:58:a9:5d:5a:0c:42:74:c3:26:84:28:
d5:fd:6e:94:65:31:62:34:3d:1a:b3:38:7b:71:d5:
9b:6b:8e:7c:32:b4:c0:b1:92:5c:0e:c8:bb:32:99:
6d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:DD:4B:0C:7A:56:3E:41:B9:BF:74:31:6A:9E:6C:DE:F3:C6:3B:F1
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/691LDHpWPkG5v3Qxap5s3vPGO_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.64.0-37.97.111.255
65.39.64.0/19
80.251.96.0/20
81.93.0.0/19
88.213.224.0/19
109.235.232.0/21
157.143.128.0/17
178.157.16.0-178.157.47.255
178.174.96.0/20
178.255.160.0/21
185.6.92.0/22
185.8.252.0/22
185.24.140.0/22
185.32.208.0/22
185.42.176.0/22
185.65.248.0/22
185.218.208.0/22
185.249.20.0/22
195.135.0.0/17
217.74.96.0/20
217.181.128.0/17
IPv6:
2a02:6e8::/32
2a02:c440::/29
2a0b:e3c0::/29
2a0c:600::/29
Signature Algorithm: sha256WithRSAEncryption
18:85:4f:02:ef:02:54:2e:87:e7:a0:29:0e:a6:0f:25:95:e9:
f1:0a:c9:59:a7:88:ad:0b:39:94:a4:24:23:8d:52:2b:88:48:
e6:09:5d:fe:ac:12:9a:90:47:72:6e:f0:0f:40:15:52:8a:70:
46:8d:65:e0:dc:a0:6e:35:10:d0:64:a2:e6:b0:e3:07:03:d2:
84:58:ae:cd:1a:a2:59:9e:30:4a:4c:85:09:b2:d4:24:ae:1a:
fa:5b:5a:1e:6c:5b:44:71:37:09:72:5d:a6:5f:15:c5:da:4b:
06:36:8a:0a:d3:bf:e1:76:f9:c7:79:b3:0b:ae:c9:2e:6a:e6:
2c:33:2f:2a:a0:59:d5:89:90:82:74:6a:94:a3:9f:e3:43:f3:
02:0b:85:22:90:7b:e2:62:7a:11:7d:f8:8b:2d:31:6c:c0:85:
ae:85:3b:63:fc:54:51:e5:94:59:94:76:50:d8:96:d1:04:0c:
4e:4e:47:8e:0f:47:07:49:ce:db:77:ce:31:a2:68:cb:2a:37:
0f:be:af:98:98:41:56:47:a7:48:66:19:dc:db:88:cb:c0:b7:
b7:78:ea:a9:6e:93:ac:08:9a:95:e0:aa:4c:e4:0b:ea:94:d4:
a7:53:2f:46:38:93:ef:a2:51:48:29:94:cd:2b:a1:2d:cb:f8:
a0:a1:fe:85
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAY6Esqn+xv9aQaz2BWpD3m2+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDc5YjgzYzUyMGQ3ODQ0NDVjMjQ4MjhiYWI2MzNmMGQ3
MDJjZjMwHhcNMjQwMzI4MTA1NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmRkNGIwYzdhNTYzZTQxYjliZjc0MzE2YTllNmNkZWYzYzYzYmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKIA2qPPPMSHJ+ztvWA+FGpigSYt
JG4fGG4XKWb34i/q/Qwc+JYPBnGBaOmHP7BBRau+jrxG5A/dp/Y6pTXyrTT/2iyz
xSW30gE74PNQXt7FXeK/5CrdGCcPPgX6Wr6BGTLsk+i7f4KnlUMqfG6bEND7Ith7
Xt5uKgz8oVzXe5WbSQolygu9NKefDXgC8N/56hKqN3opTHVc88NDMM5jRI6CDTLR
wAGX2mYDWAGEGvnM1E46xIhaxg5dGHpnis6pD1vdd8SFJ8kNVNfJR25euFS/CPcI
WKldWgxCdMMmhCjV/W6UZTFiND0aszh7cdWba458MrTAsZJcDsi7MpltpQIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFOvdSwx6Vj5Bub90MWqebN7zxjvxMB8GA1UdIwQY
MBaAFPFHm4PFINeERFwkgourYz8NcCzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEt
YmRkNGFmNWYzNWQxLzEvNjkxTERIcFdQa0c1djNReGFwNXMzdlBHT19FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEtYmRkNGFmNWYzNWQx
LzEvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBlQQCAAEwgY4wDAME
BiVhQAMEBCVhYAMEBUEnQAMEBFD7YAMEBVFdAAMEBVjV4AMEA23r6AMEB52PgDAM
AwQEsp0QAwQEsp0gAwQEsq5gAwQDsv+gAwQCuQZcAwQCuQj8AwQCuRiMAwQCuSDQ
AwQCuSqwAwQCuUH4AwQCudrQAwQCufkUAwQHw4cAAwQE2UpgAwQH2bWAMCIEAgAC
MBwDBQAqAgboAwUDKgLEQAMFAyoL48ADBQMqDAYAMA0GCSqGSIb3DQEBCwUAA4IB
AQAYhU8C7wJULofnoCkOpg8llenxCslZp4itCzmUpCQjjVIriEjmCV3+rBKakEdy
bvAPQBVSinBGjWXg3KBuNRDQZKLmsOMHA9KEWK7NGqJZnjBKTIUJstQkrhr6W1oe
bFtEcTcJcl2mXxXF2ksGNooK07/hdvnHebMLrskuauYsMy8qoFnViZCCdGqUo5/j
Q/MCC4UikHviYnoRffiLLTFswIWuhTtj/FRR5ZRZlHZQ2JbRBAxOTkeOD0cHSc7b
d84xomjLKjcPvq+YmEFWR6dIZhnc24jLwLe3eOqpbpOsCJqV4KpM5AvqlNSnUy9G
OJPvolFIKZTNK6Ety/igof6F
-----END CERTIFICATE-----
Generated at Thu Mar 28 18:10:11 2024 by rpki-client on console-ams.rpki-client.org