Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/cM3iSyQ96B_8X31kWtjhwyD3QNw.roa
File: cM3iSyQ96B_8X31kWtjhwyD3QNw.roa (raw, json)
Hash identifier: Bvp4UovFwixVFA09UYbVYC1e0amMQT0gIPPOctaA2rc=
Subject key identifier: 70:CD:E2:4B:24:3D:E8:1F:FC:5F:7D:64:5A:D8:E1:C3:20:F7:40:DC
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018A8A64660C34235DD8C23C35F899631A37
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/cM3iSyQ96B_8X31kWtjhwyD3QNw.roa
Signing time: Tue 12 Sep 2023 17:15:50 +0000
ROA not before: Tue 12 Sep 2023 17:15:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50835
IP address blocks: 91.193.30.0/23 maxlen: 23
81.161.48.0/22 maxlen: 22
91.246.192.0/22 maxlen: 24
176.113.180.0/22 maxlen: 22
91.246.203.0/24 maxlen: 24
176.110.112.0/23 maxlen: 23
81.161.8.0/22 maxlen: 22
37.97.121.0/24 maxlen: 24
37.97.120.0/24 maxlen: 24
91.232.56.0/23 maxlen: 23
193.36.220.0/22 maxlen: 22
194.33.66.0/23 maxlen: 23
91.232.19.0/24 maxlen: 24
64.43.120.0/22 maxlen: 24
91.233.200.0/24 maxlen: 24
176.115.236.0/22 maxlen: 24
109.207.130.0/24 maxlen: 24
109.207.132.0/24 maxlen: 24
176.96.94.0/24 maxlen: 24
91.200.134.0/23 maxlen: 23
176.121.108.0/23 maxlen: 24
176.121.110.0/23 maxlen: 24
91.238.39.0/24 maxlen: 24
176.116.228.0/24 maxlen: 24
176.116.236.0/24 maxlen: 24
91.239.226.0/24 maxlen: 24
91.224.212.0/24 maxlen: 24
91.232.226.0/24 maxlen: 24
46.173.248.0/22 maxlen: 24
91.236.76.0/24 maxlen: 24
46.173.254.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8a:64:66:0c:34:23:5d:d8:c2:3c:35:f8:99:63:1a:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Sep 12 17:15:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70cde24b243de81ffc5f7d645ad8e1c320f740dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d2:d2:b7:cc:85:e8:bd:c0:8e:9f:70:8d:22:
61:26:aa:ad:cf:41:02:07:26:40:fe:1a:6c:27:92:
91:35:82:17:84:03:8d:78:fc:86:73:e0:a0:d2:29:
0b:1d:82:70:b9:1d:20:98:a3:ca:a3:bb:7f:35:67:
69:8e:25:e3:d2:3a:a1:9c:1f:f9:e8:31:8b:9b:29:
41:80:16:64:1d:27:f1:aa:19:50:40:a0:20:e2:26:
eb:b5:31:46:29:7a:e9:5c:a0:33:0b:49:d0:a8:7c:
f8:bb:1f:2d:17:d6:fe:52:a7:bc:2f:d5:ce:0d:d6:
ba:6d:d9:a1:b8:52:25:e2:c6:4b:56:82:22:b4:eb:
b0:d2:1f:00:dd:b5:78:fd:b3:ad:5f:87:a3:e8:20:
3f:b0:e7:60:36:1c:f1:ff:66:ee:d5:e5:42:0b:6d:
fd:7b:ae:a1:c6:c8:5d:ed:e8:25:13:d6:07:cf:29:
8b:16:91:97:cf:a7:38:ac:a7:fb:3b:4b:b6:69:9a:
ed:ff:6f:90:6f:ad:3c:15:4b:29:33:32:65:75:1a:
e8:6a:ef:88:43:8b:8f:84:99:28:73:97:bd:ae:6e:
44:ce:41:96:ab:7f:32:fd:76:32:1d:89:db:d1:2e:
d2:8a:69:e3:20:8b:77:7a:b0:88:00:bf:68:9d:32:
3a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:CD:E2:4B:24:3D:E8:1F:FC:5F:7D:64:5A:D8:E1:C3:20:F7:40:DC
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/cM3iSyQ96B_8X31kWtjhwyD3QNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.120.0/23
46.173.248.0/22
46.173.254.0/23
64.43.120.0/22
81.161.8.0/22
81.161.48.0/22
91.193.30.0/23
91.200.134.0/23
91.224.212.0/24
91.232.19.0/24
91.232.56.0/23
91.232.226.0/24
91.233.200.0/24
91.236.76.0/24
91.238.39.0/24
91.239.226.0/24
91.246.192.0/22
91.246.203.0/24
109.207.130.0/24
109.207.132.0/24
176.96.94.0/24
176.110.112.0/23
176.113.180.0/22
176.115.236.0/22
176.116.228.0/24
176.116.236.0/24
176.121.108.0/22
193.36.220.0/22
194.33.66.0/23
Signature Algorithm: sha256WithRSAEncryption
86:46:c3:89:3b:71:87:90:de:4b:a7:70:c5:2a:64:97:d9:f1:
ef:5f:2f:c6:e2:19:8a:a3:e1:88:30:74:bf:65:a6:30:01:14:
39:0c:f8:1d:73:fc:a1:9c:f0:f6:bf:b7:2e:1c:62:79:fe:a9:
7c:02:bb:b2:32:60:de:12:4a:27:b1:38:41:17:3d:59:70:a9:
15:a0:60:78:38:bc:92:36:94:38:a4:48:1b:80:76:4c:0e:52:
18:da:ea:9c:3c:96:be:90:d7:46:8e:fd:c8:10:7a:7b:fb:ad:
b5:d6:2c:a3:c0:8f:8a:f4:df:ee:e3:f8:4f:00:a5:38:d7:63:
04:e0:21:62:23:25:9d:23:c7:f1:c4:09:6d:9f:c2:5b:e8:1d:
f0:d2:75:3e:19:28:4b:91:66:8e:9f:b7:6a:d0:2f:a0:58:76:
29:f5:c3:dc:91:c4:16:3e:ac:b1:e6:9b:24:ad:ac:5e:9c:7f:
5f:fe:d9:ac:bb:d0:59:eb:12:7c:83:9e:a8:24:e0:ce:17:8b:
df:cd:fe:67:1d:a5:a2:84:3f:57:fd:92:a4:f4:47:79:5e:a8:
8f:f7:95:2d:45:9f:8d:de:65:fe:d8:cd:a8:b3:a5:ad:6d:61:
db:bf:57:1d:15:10:23:44:bc:e6:a2:e8:6f:03:15:d2:af:33:
23:46:d6:44
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAYqKZGYMNCNd2MI8NfiZYxo3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwOTEyMTcxNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGNkZTI0YjI0M2RlODFmZmM1ZjdkNjQ1YWQ4ZTFjMzIwZjc0MGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9LSt8yF6L3Ajp9wjSJhJqqtz0EC
ByZA/hpsJ5KRNYIXhAONePyGc+Cg0ikLHYJwuR0gmKPKo7t/NWdpjiXj0jqhnB/5
6DGLmylBgBZkHSfxqhlQQKAg4ibrtTFGKXrpXKAzC0nQqHz4ux8tF9b+Uqe8L9XO
Dda6bdmhuFIl4sZLVoIitOuw0h8A3bV4/bOtX4ej6CA/sOdgNhzx/2bu1eVCC239
e66hxshd7eglE9YHzymLFpGXz6c4rKf7O0u2aZrt/2+Qb608FUspMzJldRroau+I
Q4uPhJkoc5e9rm5EzkGWq38y/XYyHYnb0S7SimnjIIt3erCIAL9onTI6dQIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFHDN4kskPegf/F99ZFrY4cMg90DcMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvY00zaVN5UTk2Ql84WDMxa1d0amh3eUQzUU53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBtQQCAAEwga4DBAEl
YXgDBAIurfgDBAEurf4DBAJAK3gDBAJRoQgDBAJRoTADBAFbwR4DBAFbyIYDBABb
4NQDBABb6BMDBAFb6DgDBABb6OIDBABb6cgDBABb7EwDBABb7icDBABb7+IDBAJb
9sADBABb9ssDBABtz4IDBABtz4QDBACwYF4DBAGwbnADBAKwcbQDBAKwc+wDBACw
dOQDBACwdOwDBAKweWwDBALBJNwDBAHCIUIwDQYJKoZIhvcNAQELBQADggEBAIZG
w4k7cYeQ3kuncMUqZJfZ8e9fL8biGYqj4YgwdL9lpjABFDkM+B1z/KGc8Pa/ty4c
Ynn+qXwCu7IyYN4SSiexOEEXPVlwqRWgYHg4vJI2lDikSBuAdkwOUhja6pw8lr6Q
10aO/cgQenv7rbXWLKPAj4r03+7j+E8ApTjXYwTgIWIjJZ0jx/HECW2fwlvoHfDS
dT4ZKEuRZo6ft2rQL6BYdin1w9yRxBY+rLHmmyStrF6cf1/+2ay70FnrEnyDnqgk
4M4Xi9/N/mcdpaKEP1f9kqT0R3leqI/3lS1Fn43eZf7Yzaizpa1tYdu/Vx0VECNE
vOai6G8DFdKvMyNG1kQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org