Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/CXZATJmwWn3ZNKHexNwg13NCOBw.roa
File: CXZATJmwWn3ZNKHexNwg13NCOBw.roa (raw, json)
Hash identifier: sL5nY0cXkjcLmsIYynqT/w3Ejydf/rPdz9gy5ElmB00=
Subject key identifier: 09:76:40:4C:99:B0:5A:7D:D9:34:A1:DE:C4:DC:20:D7:73:42:38:1C
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 018CCA2967299966E8AE7E414154ABFFBD5F
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/CXZATJmwWn3ZNKHexNwg13NCOBw.roa
Signing time: Tue 02 Jan 2024 12:32:40 +0000
ROA not before: Tue 02 Jan 2024 12:32:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9105
IP address blocks: 84.12.0.0/16 maxlen: 24
212.74.96.0/19 maxlen: 24
213.208.64.0/18 maxlen: 24
193.218.99.0/24 maxlen: 24
194.247.224.0/19 maxlen: 24
212.159.128.0/18 maxlen: 24
81.178.0.0/15 maxlen: 24
185.175.144.0/22 maxlen: 24
79.77.0.0/16 maxlen: 24
195.112.0.0/18 maxlen: 24
194.106.32.0/19 maxlen: 24
81.6.192.0/18 maxlen: 24
89.168.128.0/17 maxlen: 24
212.139.0.0/16 maxlen: 24
81.86.0.0/16 maxlen: 24
80.40.0.0/13 maxlen: 24
212.1.128.0/19 maxlen: 24
81.170.0.0/17 maxlen: 24
82.133.0.0/17 maxlen: 24
195.149.0.0/18 maxlen: 24
81.1.64.0/18 maxlen: 24
83.67.0.0/16 maxlen: 24
79.78.0.0/15 maxlen: 24
195.137.0.0/17 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Feb 2024 17:19:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:67:29:99:66:e8:ae:7e:41:41:54:ab:ff:bd:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Jan 2 12:32:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0976404c99b05a7dd934a1dec4dc20d77342381c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:06:46:ab:6b:c0:f6:b8:33:e8:28:24:f8:f6:
7b:59:c9:a0:86:21:b3:2e:b6:68:05:6c:3a:bd:ac:
67:1d:f9:08:80:9f:cb:a0:73:e9:ec:61:88:0c:8c:
c5:b8:f6:63:f2:4b:1f:96:b3:13:73:67:a9:c8:31:
2e:9d:4a:4f:4b:ac:49:cd:32:da:c0:00:6a:be:6c:
53:21:ca:1e:1c:64:11:94:72:38:5c:3c:46:57:f9:
44:ca:5f:0e:d1:ba:7c:6b:bd:88:36:be:7e:24:ea:
82:98:e2:ff:93:df:9c:40:31:44:7e:55:b9:ec:1c:
30:97:02:c9:dc:92:66:8d:c9:b5:3f:0f:1b:db:b7:
4e:98:0c:64:b9:26:8c:74:f9:dc:86:1f:0f:79:ec:
e0:03:7c:94:1e:8b:76:b9:d1:5a:4c:c1:92:aa:6f:
68:a3:8c:2d:89:75:61:39:fe:1b:79:02:52:d3:7b:
57:49:00:aa:ce:ec:00:d3:25:a4:70:4e:5a:b7:ea:
a5:69:82:3a:93:73:56:9c:1c:45:42:09:76:82:7b:
ff:4b:53:b7:df:e8:bc:62:61:f2:01:25:3d:80:d8:
5c:72:07:84:b4:d0:98:9d:0a:0f:8f:8f:41:f2:cb:
ae:a1:3f:1b:33:0f:18:d3:33:d8:e8:77:7d:69:a1:
88:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:76:40:4C:99:B0:5A:7D:D9:34:A1:DE:C4:DC:20:D7:73:42:38:1C
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/CXZATJmwWn3ZNKHexNwg13NCOBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.77.0.0-79.79.255.255
80.40.0.0/13
81.1.64.0/18
81.6.192.0/18
81.86.0.0/16
81.170.0.0/17
81.178.0.0/15
82.133.0.0/17
83.67.0.0/16
84.12.0.0/16
89.168.128.0/17
185.175.144.0/22
193.218.99.0/24
194.106.32.0/19
194.247.224.0/19
195.112.0.0/18
195.137.0.0/17
195.149.0.0/18
212.1.128.0/19
212.74.96.0/19
212.139.0.0/16
212.159.128.0/18
213.208.64.0/18
Signature Algorithm: sha256WithRSAEncryption
9e:60:98:a1:e9:c5:bc:21:e4:80:81:0e:1c:24:a4:de:15:19:
8e:22:f6:cf:38:e2:51:d0:5d:fb:c1:93:85:6a:cf:a4:e2:2a:
e8:df:d5:01:f5:8c:40:84:41:97:8e:b3:b0:92:6e:a3:6d:3c:
68:85:85:37:9e:de:16:54:9e:5d:c3:61:80:4c:38:ab:89:31:
c6:56:54:61:e8:26:4d:b1:d6:02:28:ee:2a:43:d4:18:7c:24:
5d:ec:10:a2:cc:0f:cb:a8:eb:fd:0b:45:aa:ad:9a:fb:fd:55:
b5:da:6c:82:dd:cb:35:bf:ea:73:c9:93:10:8f:82:da:5f:02:
1e:c7:02:67:8c:29:d4:c5:54:30:20:89:95:67:0b:b7:18:c9:
b9:4d:fe:b5:09:dd:0b:08:6e:51:e6:cb:30:a9:96:6c:80:1b:
ea:f1:dd:3d:7a:52:c4:26:04:b6:ba:89:b6:fe:f2:6f:bd:c5:
1f:25:2b:b2:23:27:39:e0:cb:6a:1a:ec:44:0d:99:b4:34:18:
90:21:0f:0d:27:56:3f:4f:65:e9:a6:96:94:ac:b9:3c:60:2a:
5d:a1:b1:3a:a5:ad:54:b5:57:10:01:28:f9:1d:15:62:c3:14:
9d:f3:b7:43:c0:ff:d0:84:dc:06:70:81:31:5b:ba:88:ae:5b:
01:72:99:ca
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYzKKWcpmWborn5BQVSr/71fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjQwMTAyMTIzMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTc2NDA0Yzk5YjA1YTdkZDkzNGExZGVjNGRjMjBkNzczNDIzODFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgZGq2vA9rgz6Cgk+PZ7WcmghiGz
LrZoBWw6vaxnHfkIgJ/LoHPp7GGIDIzFuPZj8ksflrMTc2epyDEunUpPS6xJzTLa
wABqvmxTIcoeHGQRlHI4XDxGV/lEyl8O0bp8a72INr5+JOqCmOL/k9+cQDFEflW5
7BwwlwLJ3JJmjcm1Pw8b27dOmAxkuSaMdPnchh8PeezgA3yUHot2udFaTMGSqm9o
o4wtiXVhOf4beQJS03tXSQCqzuwA0yWkcE5at+qlaYI6k3NWnBxFQgl2gnv/S1O3
3+i8YmHyASU9gNhccgeEtNCYnQoPj49B8suuoT8bMw8Y0zPY6Hd9aaGIUwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFAl2QEyZsFp92TSh3sTcINdzQjgcMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvQ1haQVRKbXdXbjNaTktIZXhOd2cxM05DT0J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYowCgMD
AE9NAwMET0ADAwNQKAMEBlEBQAMEBlEGwAMDAFFWAwQHUaoAAwMBUbIDBAdShQAD
AwBTQwMDAFQMAwQHWaiAAwQCua+QAwQAwdpjAwQFwmogAwQFwvfgAwQGw3AAAwQH
w4kAAwQGw5UAAwQF1AGAAwQF1EpgAwMA1IsDBAbUn4ADBAbV0EAwDQYJKoZIhvcN
AQELBQADggEBAJ5gmKHpxbwh5ICBDhwkpN4VGY4i9s844lHQXfvBk4Vqz6TiKujf
1QH1jECEQZeOs7CSbqNtPGiFhTee3hZUnl3DYYBMOKuJMcZWVGHoJk2x1gIo7ipD
1Bh8JF3sEKLMD8uo6/0LRaqtmvv9VbXabILdyzW/6nPJkxCPgtpfAh7HAmeMKdTF
VDAgiZVnC7cYyblN/rUJ3QsIblHmyzCplmyAG+rx3T16UsQmBLa6ibb+8m+9xR8l
K7IjJzngy2oa7EQNmbQ0GJAhDw0nVj9PZemmlpSsuTxgKl2hsTqlrVS1VxABKPkd
FWLDFJ3zt0PA/9CE3AZwgTFbuoiuWwFymco=
-----END CERTIFICATE-----
Generated at Thu Feb 15 20:37:08 2024 by rpki-client on console-ams.rpki-client.org