Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/48c9f6-5b5f-41d4-8e56-08e4b79387c0/1/9wHPBZDCB516b5HtyLGoO2Aytgo.roa
File: 9wHPBZDCB516b5HtyLGoO2Aytgo.roa (raw, json)
Hash identifier: j6UsnzSoRuG37yir0dIeulrSWtchiZz5j97DDkvPMfM=
Subject key identifier: F7:01:CF:05:90:C2:07:9D:7A:6F:91:ED:C8:B1:A8:3B:60:32:B6:0A
Certificate issuer: /CN=4ee1713e16b4fd8f3301887de6a111980449b29e
Certificate serial: 0185708CD6607C159BF00B3F27A1B5965A8D
Authority key identifier: 4E:E1:71:3E:16:B4:FD:8F:33:01:88:7D:E6:A1:11:98:04:49:B2:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuFxPha0_Y8zAYh95qERmARJsp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/48c9f6-5b5f-41d4-8e56-08e4b79387c0/1/9wHPBZDCB516b5HtyLGoO2Aytgo.roa
Signing time: Mon 02 Jan 2023 03:35:56 +0000
ROA not before: Mon 02 Jan 2023 03:35:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58321
IP address blocks: 185.73.88.0/22 maxlen: 22
185.80.212.0/22 maxlen: 22
91.232.44.0/23 maxlen: 23
109.199.0.0/19 maxlen: 19
176.227.160.0/21 maxlen: 21
109.207.48.0/20 maxlen: 20
81.161.192.0/24 maxlen: 24
81.161.192.0/21 maxlen: 21
81.161.192.0/20 maxlen: 20
81.161.193.0/24 maxlen: 24
81.161.194.0/24 maxlen: 24
81.161.195.0/24 maxlen: 24
178.249.88.0/21 maxlen: 21
81.161.196.0/24 maxlen: 24
81.161.197.0/24 maxlen: 24
81.161.198.0/24 maxlen: 24
81.161.199.0/24 maxlen: 24
81.161.203.0/24 maxlen: 24
81.161.204.0/24 maxlen: 24
81.161.200.0/21 maxlen: 21
81.161.205.0/24 maxlen: 24
81.161.206.0/24 maxlen: 24
81.161.200.0/24 maxlen: 24
81.161.201.0/24 maxlen: 24
81.161.202.0/24 maxlen: 24
193.242.168.0/24 maxlen: 24
193.242.169.0/24 maxlen: 24
195.3.232.0/22 maxlen: 22
5.104.248.0/21 maxlen: 21
185.34.76.0/22 maxlen: 22
2a04:4c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 17 Nov 2023 10:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:d6:60:7c:15:9b:f0:0b:3f:27:a1:b5:96:5a:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee1713e16b4fd8f3301887de6a111980449b29e
Validity
Not Before: Jan 2 03:35:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f701cf0590c2079d7a6f91edc8b1a83b6032b60a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:13:41:07:99:e6:f3:8e:f9:b3:af:79:a3:e2:
40:49:96:17:77:2b:bc:5f:54:2b:d5:d2:28:34:ca:
e2:24:d2:eb:d1:14:d1:5a:d4:d2:3c:a2:71:0a:ab:
cb:95:24:55:86:83:a9:e9:c0:fd:49:63:df:38:13:
5e:3f:c4:7a:56:8b:11:6f:b6:36:ed:99:8e:78:15:
04:9a:dc:56:56:5a:a0:96:9f:69:f4:93:3a:66:d6:
a4:f6:f6:0b:d1:5c:3c:ba:ed:24:03:3d:f2:75:42:
4f:d4:4d:ae:ea:b1:4d:2a:45:e5:8b:5c:26:c6:dd:
f2:c2:53:36:7e:c4:3d:22:38:73:be:74:58:54:12:
ba:5a:cb:be:52:cd:1d:ae:9f:f8:00:cb:a2:f9:97:
51:9c:95:e1:6e:33:1b:b1:f5:57:b2:0c:07:b9:f4:
7f:39:ff:ff:e0:98:83:cb:6a:ed:04:bc:f6:e1:00:
ae:41:a8:76:2c:62:f1:4b:18:df:34:52:f0:e4:18:
54:78:6a:be:2c:26:24:57:ca:ff:63:75:80:5a:bb:
cf:9f:3a:cc:77:1a:86:a2:0f:73:6a:7c:1f:84:17:
54:74:82:02:0d:3a:13:80:93:ec:44:86:1e:14:ca:
26:de:c0:27:6e:ee:ce:93:fd:72:64:96:56:ef:48:
ab:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:01:CF:05:90:C2:07:9D:7A:6F:91:ED:C8:B1:A8:3B:60:32:B6:0A
X509v3 Authority Key Identifier:
keyid:4E:E1:71:3E:16:B4:FD:8F:33:01:88:7D:E6:A1:11:98:04:49:B2:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuFxPha0_Y8zAYh95qERmARJsp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/48c9f6-5b5f-41d4-8e56-08e4b79387c0/1/9wHPBZDCB516b5HtyLGoO2Aytgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/48c9f6-5b5f-41d4-8e56-08e4b79387c0/1/TuFxPha0_Y8zAYh95qERmARJsp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.248.0/21
81.161.192.0/20
91.232.44.0/23
109.199.0.0/19
109.207.48.0/20
176.227.160.0/21
178.249.88.0/21
185.34.76.0/22
185.73.88.0/22
185.80.212.0/22
193.242.168.0/23
195.3.232.0/22
IPv6:
2a04:4c0::/29
Signature Algorithm: sha256WithRSAEncryption
48:3b:48:9b:58:8c:c6:0d:1f:b4:86:aa:e3:7c:9c:1d:e9:2c:
5e:52:4f:78:ad:24:b3:66:1f:e0:e0:1d:c1:be:0f:40:fb:ee:
d4:d9:25:7d:f0:59:3f:2a:8b:cf:a0:eb:c3:4e:ff:ee:c3:93:
fe:01:37:ce:83:3f:bb:6a:99:c1:8f:af:f1:f4:27:a9:ce:b4:
1e:67:79:df:eb:46:a2:63:64:1f:82:65:bd:cb:ef:fc:e4:f2:
d0:71:0d:88:95:35:82:f4:8e:8c:55:43:a2:65:46:cb:13:9f:
f0:42:58:c1:d8:fc:8c:14:cd:57:d6:98:26:27:63:e1:f8:5b:
42:35:c3:4c:39:45:b0:65:19:28:24:87:e4:26:1c:88:26:46:
29:73:c1:b3:03:cc:d0:fc:7a:1a:74:5e:53:fe:38:19:5f:76:
b9:ba:e4:1f:4c:32:92:6d:f0:50:dd:56:1c:f4:b3:6c:03:c0:
4e:c6:18:dd:fb:26:e0:79:c3:6a:c7:f7:73:bd:1f:13:42:81:
ba:54:b2:6b:94:71:be:49:ff:8c:28:d1:36:d6:c4:a4:11:45:
7b:4d:1c:11:8c:63:02:86:a4:68:9c:6d:1a:5e:2d:43:5e:2a:
a4:0f:2e:c8:65:81:e7:0a:7e:3d:95:79:47:c1:1b:e3:5f:dc:
cd:3e:87:12
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYVwjNZgfBWb8As/J6G1llqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZTE3MTNlMTZiNGZkOGYzMzAxODg3ZGU2YTExMTk4MDQ0
OWIyOWUwHhcNMjMwMTAyMDMzNTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzAxY2YwNTkwYzIwNzlkN2E2ZjkxZWRjOGIxYTgzYjYwMzJiNjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RNBB5nm8475s695o+JASZYXdyu8
X1Qr1dIoNMriJNLr0RTRWtTSPKJxCqvLlSRVhoOp6cD9SWPfOBNeP8R6VosRb7Y2
7ZmOeBUEmtxWVlqglp9p9JM6Ztak9vYL0Vw8uu0kAz3ydUJP1E2u6rFNKkXli1wm
xt3ywlM2fsQ9IjhzvnRYVBK6Wsu+Us0drp/4AMui+ZdRnJXhbjMbsfVXsgwHufR/
Of//4JiDy2rtBLz24QCuQah2LGLxSxjfNFLw5BhUeGq+LCYkV8r/Y3WAWrvPnzrM
dxqGog9zanwfhBdUdIICDToTgJPsRIYeFMom3sAnbu7Ok/1yZJZW70irMQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFPcBzwWQwgedem+R7cixqDtgMrYKMB8GA1UdIwQY
MBaAFE7hcT4WtP2PMwGIfeahEZgESbKeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHVGeFBoYTBfWTh6QVloOTVxRVJtQVJKc3A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC80OGM5ZjYtNWI1Zi00MWQ0LThlNTYt
MDhlNGI3OTM4N2MwLzEvOXdIUEJaRENCNTE2YjVIdHlMR29PMkF5dGdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC80OGM5ZjYtNWI1Zi00MWQ0LThlNTYtMDhlNGI3OTM4N2Mw
LzEvVHVGeFBoYTBfWTh6QVloOTVxRVJtQVJKc3A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDBWj4AwQE
UaHAAwQBW+gsAwQFbccAAwQEbc8wAwQDsOOgAwQDsvlYAwQCuSJMAwQCuUlYAwQC
uVDUAwQBwfKoAwQCwwPoMA0EAgACMAcDBQMqBATAMA0GCSqGSIb3DQEBCwUAA4IB
AQBIO0ibWIzGDR+0hqrjfJwd6SxeUk94rSSzZh/g4B3Bvg9A++7U2SV98Fk/KovP
oOvDTv/uw5P+ATfOgz+7apnBj6/x9CepzrQeZ3nf60aiY2QfgmW9y+/85PLQcQ2I
lTWC9I6MVUOiZUbLE5/wQljB2PyMFM1X1pgmJ2Ph+FtCNcNMOUWwZRkoJIfkJhyI
JkYpc8GzA8zQ/HoadF5T/jgZX3a5uuQfTDKSbfBQ3VYc9LNsA8BOxhjd+ybgecNq
x/dzvR8TQoG6VLJrlHG+Sf+MKNE21sSkEUV7TRwRjGMChqRonG0aXi1DXiqkDy7I
ZYHnCn49lXlHwRvjX9zNPocS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:53 2024 by rpki-client on console-fra.rpki-client.org