Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/A7fWCX8k_NjeN68D0EYHF5ZYZA4.roa
File: A7fWCX8k_NjeN68D0EYHF5ZYZA4.roa (raw, json)
Hash identifier: 8Ck6AXHN0m7whMS12DIRBBBtJc7OCwfkeHQ7DI37HTM=
Subject key identifier: 03:B7:D6:09:7F:24:FC:D8:DE:37:AF:03:D0:46:07:17:96:58:64:0E
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 01856FD52749CBA3F6BF3F955D461F557DC0
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/A7fWCX8k_NjeN68D0EYHF5ZYZA4.roa
Signing time: Mon 02 Jan 2023 00:15:18 +0000
ROA not before: Mon 02 Jan 2023 00:15:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48635
IP address blocks: 195.39.204.0/23 maxlen: 24
195.39.214.0/23 maxlen: 24
185.103.240.0/22 maxlen: 24
185.103.156.0/22 maxlen: 24
93.187.220.0/22 maxlen: 24
185.56.144.0/22 maxlen: 24
109.72.80.0/20 maxlen: 24
185.159.240.0/22 maxlen: 24
2.57.56.0/22 maxlen: 24
185.66.248.0/22 maxlen: 24
92.63.168.0/21 maxlen: 24
62.221.248.0/21 maxlen: 24
31.186.168.0/21 maxlen: 24
185.37.68.0/22 maxlen: 24
185.182.56.0/22 maxlen: 24
185.224.88.0/22 maxlen: 24
185.109.216.0/22 maxlen: 24
93.180.64.0/21 maxlen: 24
185.107.212.0/22 maxlen: 24
185.107.224.0/23 maxlen: 24
185.187.12.0/22 maxlen: 24
31.25.96.0/21 maxlen: 24
185.87.184.0/22 maxlen: 24
79.99.128.0/21 maxlen: 24
185.175.200.0/22 maxlen: 24
185.233.28.0/22 maxlen: 24
5.157.80.0/21 maxlen: 24
185.27.172.0/22 maxlen: 24
185.95.28.0/22 maxlen: 24
195.238.74.0/23 maxlen: 24
185.223.32.0/22 maxlen: 24
109.106.160.0/19 maxlen: 24
185.94.228.0/22 maxlen: 24
2a01:b942::/32 maxlen: 48
2a03:3060::/29 maxlen: 48
2a0b:7280::/29 maxlen: 48
2a04:6bc0::/36 maxlen: 48
2a0b:8f80::/48 maxlen: 48
2a02:40c1::/32 maxlen: 48
2a05:1500::/29 maxlen: 48
2a01:b944::/32 maxlen: 48
2a00:f10::/29 maxlen: 48
2a0c:84c0::/29 maxlen: 48
2a01:b940::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 03 Feb 2023 15:22:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:27:49:cb:a3:f6:bf:3f:95:5d:46:1f:55:7d:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Jan 2 00:15:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03b7d6097f24fcd8de37af03d04607179658640e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0a:a7:1e:ee:ef:ec:64:1f:9e:89:44:74:8f:
bf:d0:8c:c2:fa:2a:03:d7:ec:6a:21:c6:ca:07:f6:
34:f4:ee:8d:5c:6f:07:0e:a7:c6:b1:88:e0:60:b0:
6e:ec:23:9e:7f:f4:04:33:cc:d7:c2:c5:b4:10:0b:
55:1e:c4:9b:36:eb:f5:dc:be:08:d8:5a:c3:72:39:
d9:17:90:32:8b:87:e4:60:38:3a:65:44:a0:2e:b3:
16:62:dc:b9:dd:06:5e:fc:2e:48:36:09:8f:87:0c:
e2:08:aa:2e:db:be:ba:73:00:2c:47:30:5c:a8:83:
26:7a:8e:b2:f6:0a:44:da:75:c2:0c:8f:00:0b:b3:
a5:06:b1:e8:3e:a9:33:a3:96:96:4f:cd:a6:fa:26:
7f:27:46:17:38:fa:e1:2c:bf:4d:dd:d1:87:2e:3c:
21:64:d5:34:19:b2:f1:11:3c:38:5a:15:3d:de:f2:
d5:28:31:b7:3e:5b:30:25:5a:ec:a7:c9:3d:ca:03:
16:7f:f5:f0:52:7e:b8:c6:78:95:d8:b5:57:a8:df:
a3:fb:48:21:2d:00:34:0f:d5:38:15:d3:47:f3:67:
21:bc:45:fd:a9:a4:bb:68:f9:a2:c2:24:e0:19:74:
ac:35:89:bc:73:ce:fd:c7:e1:47:90:3a:e1:ec:d0:
f9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:B7:D6:09:7F:24:FC:D8:DE:37:AF:03:D0:46:07:17:96:58:64:0E
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/A7fWCX8k_NjeN68D0EYHF5ZYZA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.56.0/22
5.157.80.0/21
31.25.96.0/21
31.186.168.0/21
62.221.248.0/21
79.99.128.0/21
92.63.168.0/21
93.180.64.0/21
93.187.220.0/22
109.72.80.0/20
109.106.160.0/19
185.27.172.0/22
185.37.68.0/22
185.56.144.0/22
185.66.248.0/22
185.87.184.0/22
185.94.228.0/22
185.95.28.0/22
185.103.156.0/22
185.103.240.0/22
185.107.212.0/22
185.107.224.0/23
185.109.216.0/22
185.159.240.0/22
185.175.200.0/22
185.182.56.0/22
185.187.12.0/22
185.223.32.0/22
185.224.88.0/22
185.233.28.0/22
195.39.204.0/23
195.39.214.0/23
195.238.74.0/23
IPv6:
2a00:f10::/29
2a01:b940::/29
2a02:40c1::/32
2a03:3060::/29
2a04:6bc0::/36
2a05:1500::/29
2a0b:7280::/29
2a0b:8f80::/48
2a0c:84c0::/29
Signature Algorithm: sha256WithRSAEncryption
4e:c2:af:78:be:b0:01:3f:88:a5:ab:4b:05:b3:54:24:2b:a7:
80:4f:f4:66:11:0d:25:09:3f:bf:6e:64:76:12:3d:6f:4d:8a:
3e:3b:da:72:de:8a:02:48:40:8d:69:4b:59:b8:59:c8:ee:6b:
b1:56:3d:06:1e:79:cf:2e:a5:4e:c0:94:d9:89:2f:14:6f:9c:
9f:7c:53:92:b2:84:e5:bd:e3:18:22:e1:08:eb:e6:4f:2c:80:
d4:48:98:04:10:fa:95:e9:c9:41:31:97:00:0a:9f:e3:de:78:
34:8d:c5:9c:bd:ae:d6:98:8b:4c:62:f9:ad:fe:18:5d:e2:e4:
7b:ce:a0:88:85:0e:7b:6b:45:af:ba:a0:de:95:45:4e:9f:6a:
36:32:89:83:62:77:14:5c:7e:29:b5:42:24:ba:f6:0b:ff:3e:
21:48:39:5c:63:ab:43:2d:36:c1:65:b8:21:f0:1d:e2:59:b3:
9c:fa:76:3c:5a:37:b7:6a:73:ed:c5:5f:4d:7d:93:23:ac:2e:
79:80:12:e7:b9:95:6a:b9:52:07:cf:b7:c9:6b:33:28:4a:41:
f8:10:41:ce:f8:51:cb:17:21:3e:d6:75:8d:17:15:de:a2:13:
b8:cf:d5:6e:5e:43:dc:f0:4e:31:d3:d1:4e:42:0a:66:1c:c7:
57:79:aa:09
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAYVv1SdJy6P2vz+VXUYfVX3AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjMwMTAyMDAxNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2I3ZDYwOTdmMjRmY2Q4ZGUzN2FmMDNkMDQ2MDcxNzk2NTg2NDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgqnHu7v7GQfnolEdI+/0IzC+ioD
1+xqIcbKB/Y09O6NXG8HDqfGsYjgYLBu7COef/QEM8zXwsW0EAtVHsSbNuv13L4I
2FrDcjnZF5Ayi4fkYDg6ZUSgLrMWYty53QZe/C5INgmPhwziCKou2766cwAsRzBc
qIMmeo6y9gpE2nXCDI8AC7OlBrHoPqkzo5aWT82m+iZ/J0YXOPrhLL9N3dGHLjwh
ZNU0GbLxETw4WhU93vLVKDG3PlswJVrsp8k9ygMWf/XwUn64xniV2LVXqN+j+0gh
LQA0D9U4FdNH82chvEX9qaS7aPmiwiTgGXSsNYm8c879x+FHkDrh7ND5eQIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFAO31gl/JPzY3jevA9BGBxeWWGQOMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvQTdmV0NYOGtfTmplTjY4RDBFWUhGNVpZWkE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCBzQQCAAEwgcYD
BAICOTgDBAMFnVADBAMfGWADBAMfuqgDBAM+3fgDBANPY4ADBANcP6gDBANdtEAD
BAJdu9wDBARtSFADBAVtaqADBAK5G6wDBAK5JUQDBAK5OJADBAK5QvgDBAK5V7gD
BAK5XuQDBAK5XxwDBAK5Z5wDBAK5Z/ADBAK5a9QDBAG5a+ADBAK5bdgDBAK5n/AD
BAK5r8gDBAK5tjgDBAK5uwwDBAK53yADBAK54FgDBAK56RwDBAHDJ8wDBAHDJ9YD
BAHD7kowSAQCAAIwQgMFAyoADxADBQMqAblAAwUAKgJAwQMFAyoDMGADBgQqBGvA
AAMFAyoFFQADBQMqC3KAAwcAKguPgAAAAwUDKgyEwDANBgkqhkiG9w0BAQsFAAOC
AQEATsKveL6wAT+IpatLBbNUJCungE/0ZhENJQk/v25kdhI9b02KPjvact6KAkhA
jWlLWbhZyO5rsVY9Bh55zy6lTsCU2YkvFG+cn3xTkrKE5b3jGCLhCOvmTyyA1EiY
BBD6lenJQTGXAAqf4954NI3FnL2u1piLTGL5rf4YXeLke86giIUOe2tFr7qg3pVF
Tp9qNjKJg2J3FFx+KbVCJLr2C/8+IUg5XGOrQy02wWW4IfAd4lmznPp2PFo3t2pz
7cVfTX2TI6wueYAS57mVarlSB8+3yWszKEpB+BBBzvhRyxchPtZ1jRcV3qITuM/V
bl5D3PBOMdPRTkIKZhzHV3mqCQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:11 2024 by rpki-client on console-ams.rpki-client.org