Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/4UoVmjQGMnU6hhwaZVpi-zvJPno.roa
File: 4UoVmjQGMnU6hhwaZVpi-zvJPno.roa (raw, json)
Hash identifier: HKKFgNme4Rkeir1qFMYZo+Ank21JtUN7NQOaNhRKGuc=
Subject key identifier: E1:4A:15:9A:34:06:32:75:3A:86:1C:1A:65:5A:62:FB:3B:C9:3E:7A
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018E2D6DF91953B50794FD2B78AC4BC325C8
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/4UoVmjQGMnU6hhwaZVpi-zvJPno.roa
Signing time: Mon 11 Mar 2024 12:12:45 +0000
ROA not before: Mon 11 Mar 2024 12:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 2.59.48.0/24 maxlen: 24
31.222.240.0/24 maxlen: 24
37.221.80.0/24 maxlen: 24
45.11.22.0/24 maxlen: 24
45.14.220.0/24 maxlen: 24
45.14.221.0/24 maxlen: 24
45.80.120.0/22 maxlen: 22
45.89.68.0/24 maxlen: 24
45.89.71.0/24 maxlen: 24
91.188.220.0/24 maxlen: 24
94.158.188.0/24 maxlen: 24
176.56.35.0/24 maxlen: 24
176.124.34.0/24 maxlen: 24
185.212.112.0/24 maxlen: 24
185.234.8.0/24 maxlen: 24
188.95.71.0/24 maxlen: 24
193.3.18.0/24 maxlen: 24
193.201.114.0/24 maxlen: 24
194.32.240.0/24 maxlen: 24
195.18.26.0/24 maxlen: 24
195.69.148.0/24 maxlen: 24
195.69.150.0/24 maxlen: 24
195.225.96.0/24 maxlen: 24
213.109.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 15:51:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2d:6d:f9:19:53:b5:07:94:fd:2b:78:ac:4b:c3:25:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Mar 11 12:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e14a159a340632753a861c1a655a62fb3bc93e7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e9:9e:36:4f:57:2b:bb:10:a7:43:0c:a1:c6:
7d:64:ba:55:fb:a5:c9:0e:1a:5d:2d:fc:e8:28:0b:
2c:0d:9c:3f:7e:ba:68:6b:12:12:ad:a1:a1:c1:de:
01:e2:39:3a:7c:36:ce:ec:b4:30:6d:9d:d3:4f:78:
e6:74:94:45:59:91:65:63:1c:45:a4:7f:9e:6d:1a:
25:59:ea:cd:81:6a:f7:7a:6c:54:23:83:7b:20:70:
8e:83:02:cc:e6:d8:98:50:d9:37:b8:7a:79:6c:8a:
5f:fd:f6:7a:2b:8b:65:8b:7d:2e:5e:91:83:d7:3e:
c8:95:54:31:14:f3:95:29:8b:98:5f:ca:c2:b6:73:
a0:e8:3f:6f:1b:34:79:69:07:64:53:61:f0:f2:8a:
6a:b2:56:77:03:ae:e5:ab:38:9b:2d:00:d8:1e:93:
b3:25:0a:81:53:dc:18:e7:40:5a:cf:04:de:a9:ea:
3f:1a:64:dd:95:59:1a:09:31:d6:af:3c:a6:bd:f0:
c2:e1:3c:45:78:97:01:91:de:63:bf:42:9a:78:96:
05:50:2c:d1:46:9d:45:cf:42:0c:64:35:04:bd:6e:
12:6b:62:b2:4d:b6:2d:b3:59:dc:68:22:bb:e5:0f:
77:df:09:27:26:de:7d:59:ac:65:d6:a6:cd:9b:b7:
8e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:4A:15:9A:34:06:32:75:3A:86:1C:1A:65:5A:62:FB:3B:C9:3E:7A
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/4UoVmjQGMnU6hhwaZVpi-zvJPno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.48.0/24
31.222.240.0/24
37.221.80.0/24
45.11.22.0/24
45.14.220.0/23
45.80.120.0/22
45.89.68.0/24
45.89.71.0/24
91.188.220.0/24
94.158.188.0/24
176.56.35.0/24
176.124.34.0/24
185.212.112.0/24
185.234.8.0/24
188.95.71.0/24
193.3.18.0/24
193.201.114.0/24
194.32.240.0/24
195.18.26.0/24
195.69.148.0/24
195.69.150.0/24
195.225.96.0/24
213.109.206.0/24
Signature Algorithm: sha256WithRSAEncryption
32:91:95:03:9c:1b:73:7d:71:6f:73:c9:c1:0d:bb:86:41:79:
cc:b6:6c:13:26:eb:d1:19:5f:e3:30:8a:d4:a4:24:11:91:aa:
a6:94:a9:c5:90:ad:d2:ee:16:ae:ae:39:b2:ec:fe:e7:fa:20:
0a:3c:08:3c:eb:58:4d:7a:23:4b:7e:75:7f:39:a1:55:a3:7d:
2b:e2:3c:f8:33:65:e7:d4:83:c9:d7:60:29:77:65:cc:33:06:
da:bd:dc:3d:3b:5b:5c:2c:0d:74:f9:ee:28:f0:75:b6:56:04:
12:d7:82:fa:d8:0e:98:54:1e:54:fa:48:62:ba:66:fa:67:76:
34:11:cc:97:3e:bb:50:10:df:24:1d:b5:39:c7:40:51:a7:c9:
09:10:14:ad:a9:5e:f2:4d:7f:ba:38:26:a0:28:34:a1:23:87:
a5:e2:2f:37:30:f1:b1:db:7a:2b:85:ca:3c:24:86:2d:af:aa:
bc:dc:af:bd:b5:82:ed:19:11:c1:1d:30:e9:23:81:6f:a3:17:
96:7d:29:8e:0e:2c:1b:a5:a9:e8:fc:25:20:20:4b:f4:13:2d:
e7:9f:80:28:f4:e4:8d:c5:11:4c:a3:5d:c4:34:e3:d5:fd:1f:
8a:b1:3f:c5:27:34:39:58:13:d2:f0:21:b8:c7:19:ef:a6:e1:
97:fb:b0:28
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAY4tbfkZU7UHlP0reKxLwyXIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMzExMTIxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTRhMTU5YTM0MDYzMjc1M2E4NjFjMWE2NTVhNjJmYjNiYzkzZTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+meNk9XK7sQp0MMocZ9ZLpV+6XJ
DhpdLfzoKAssDZw/frpoaxISraGhwd4B4jk6fDbO7LQwbZ3TT3jmdJRFWZFlYxxF
pH+ebRolWerNgWr3emxUI4N7IHCOgwLM5tiYUNk3uHp5bIpf/fZ6K4tli30uXpGD
1z7IlVQxFPOVKYuYX8rCtnOg6D9vGzR5aQdkU2Hw8opqslZ3A67lqzibLQDYHpOz
JQqBU9wY50BazwTeqeo/GmTdlVkaCTHWrzymvfDC4TxFeJcBkd5jv0KaeJYFUCzR
Rp1Fz0IMZDUEvW4Sa2KyTbYts1ncaCK75Q933wknJt59Waxl1qbNm7eO1wIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFOFKFZo0BjJ1OoYcGmVaYvs7yT56MB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvNFVvVm1qUUdNblU2aGh3YVpWcGktenZKUG5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAAC
OzADBAAf3vADBAAl3VADBAAtCxYDBAEtDtwDBAItUHgDBAAtWUQDBAAtWUcDBABb
vNwDBABenrwDBACwOCMDBACwfCIDBAC51HADBAC56ggDBAC8X0cDBADBAxIDBADB
yXIDBADCIPADBADDEhoDBADDRZQDBADDRZYDBADD4WADBADVbc4wDQYJKoZIhvcN
AQELBQADggEBADKRlQOcG3N9cW9zycENu4ZBecy2bBMm69EZX+MwitSkJBGRqqaU
qcWQrdLuFq6uObLs/uf6IAo8CDzrWE16I0t+dX85oVWjfSviPPgzZefUg8nXYCl3
ZcwzBtq93D07W1wsDXT57ijwdbZWBBLXgvrYDphUHlT6SGK6ZvpndjQRzJc+u1AQ
3yQdtTnHQFGnyQkQFK2pXvJNf7o4JqAoNKEjh6XiLzcw8bHbeiuFyjwkhi2vqrzc
r721gu0ZEcEdMOkjgW+jF5Z9KY4OLBulqej8JSAgS/QTLeefgCj05I3FEUyjXcQ0
49X9H4qxP8UnNDlYE9LwIbjHGe+m4Zf7sCg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:22 2024 by rpki-client on console-fra.rpki-client.org