Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/1K8-e3vkkI7HEHA3rUpQ4F9wrjY.roa
File: 1K8-e3vkkI7HEHA3rUpQ4F9wrjY.roa (raw, json)
Hash identifier: Vap9+1/hRR3MzFIU+ZB70AqEtrAe8KF4nI7Tts44M1I=
Subject key identifier: D4:AF:3E:7B:7B:E4:90:8E:C7:10:70:37:AD:4A:50:E0:5F:70:AE:36
Certificate issuer: /CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Certificate serial: 018CC2DAE377BAB4585122353C855EFA4AE8
Authority key identifier: 40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/1K8-e3vkkI7HEHA3rUpQ4F9wrjY.roa
Signing time: Mon 01 Jan 2024 02:29:34 +0000
ROA not before: Mon 01 Jan 2024 02:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34358
IP address blocks: 37.251.255.0/24 maxlen: 24
89.36.130.0/24 maxlen: 24
89.36.132.0/23 maxlen: 24
89.36.129.0/24 maxlen: 24
89.36.128.0/23 maxlen: 23
89.36.128.0/24 maxlen: 24
89.36.134.0/24 maxlen: 24
89.36.135.0/24 maxlen: 24
93.115.112.0/21 maxlen: 21
37.251.248.0/21 maxlen: 21
46.102.144.0/22 maxlen: 22
89.42.11.0/24 maxlen: 24
193.242.120.0/24 maxlen: 24
188.215.48.0/21 maxlen: 21
86.105.192.0/24 maxlen: 24
91.208.142.0/24 maxlen: 24
89.38.248.0/24 maxlen: 24
89.38.250.0/23 maxlen: 23
89.38.249.0/24 maxlen: 24
89.38.252.0/22 maxlen: 22
89.45.192.0/21 maxlen: 21
89.45.192.0/23 maxlen: 23
193.239.130.0/23 maxlen: 23
91.200.120.0/22 maxlen: 22
91.200.120.0/23 maxlen: 23
91.200.122.0/23 maxlen: 23
89.32.44.0/24 maxlen: 24
89.32.44.0/22 maxlen: 22
89.45.168.0/21 maxlen: 21
37.251.160.0/20 maxlen: 20
109.95.8.0/21 maxlen: 21
94.24.76.0/23 maxlen: 23
94.24.78.0/24 maxlen: 24
94.24.72.0/22 maxlen: 22
94.24.29.0/24 maxlen: 24
37.251.128.0/19 maxlen: 19
94.24.48.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 27 Feb 2024 08:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:e3:77:ba:b4:58:51:22:35:3c:85:5e:fa:4a:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Validity
Not Before: Jan 1 02:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4af3e7b7be4908ec7107037ad4a50e05f70ae36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:2b:c6:bc:b8:de:df:5f:0e:e2:12:41:35:aa:
73:2d:04:87:c5:d9:9c:a0:8f:10:da:3b:6e:80:54:
89:84:60:ba:73:74:e0:56:1a:72:db:1e:85:e1:06:
ab:79:ef:ec:32:d2:4e:15:3a:51:a3:c1:a4:9a:8c:
7b:7f:ff:23:15:61:de:42:c7:cb:c1:2b:21:e8:2d:
c2:3f:05:e9:e0:74:84:53:87:78:b2:30:58:eb:6e:
78:5f:9a:84:88:6c:20:92:be:1c:ce:f1:6a:96:22:
9c:47:5e:19:d8:ba:d4:9d:47:5d:14:46:30:d0:20:
67:61:a1:94:77:af:05:24:40:e3:70:72:65:c6:c8:
5d:8a:31:89:a7:19:f3:09:40:a9:d9:36:70:20:e7:
6d:f1:66:e0:48:cd:cf:4d:9c:e8:74:bb:f0:b7:83:
e0:0f:f5:56:db:52:f7:27:d8:f9:41:77:c6:dd:a0:
4d:99:0e:65:c3:f6:9b:bc:33:2e:b6:e2:6f:88:c1:
dd:79:6c:67:1b:e1:c4:d6:0c:36:0b:5f:71:9d:cc:
d1:3f:3f:49:b9:42:c8:9a:21:3c:66:6b:6c:64:b1:
40:64:31:00:79:08:d9:43:5e:d3:f2:d1:38:4b:cc:
2b:6f:b3:a1:63:6e:60:41:af:19:90:fd:98:1d:bf:
b5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:AF:3E:7B:7B:E4:90:8E:C7:10:70:37:AD:4A:50:E0:5F:70:AE:36
X509v3 Authority Key Identifier:
keyid:40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/1K8-e3vkkI7HEHA3rUpQ4F9wrjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.251.128.0-37.251.175.255
37.251.248.0/21
46.102.144.0/22
86.105.192.0/24
89.32.44.0/22
89.36.128.0-89.36.130.255
89.36.132.0/22
89.38.248.0/21
89.42.11.0/24
89.45.168.0/21
89.45.192.0/21
91.200.120.0/22
91.208.142.0/24
93.115.112.0/21
94.24.29.0/24
94.24.48.0/21
94.24.72.0-94.24.78.255
109.95.8.0/21
188.215.48.0/21
193.239.130.0/23
193.242.120.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:a3:7e:59:cc:52:9c:86:57:72:1c:0e:e5:aa:df:16:68:f3:
4c:69:a4:cf:81:a4:74:4a:aa:c8:37:b1:04:18:c0:84:a1:4c:
e5:63:05:66:61:a5:c9:af:fa:91:84:88:a9:b9:24:29:03:97:
7f:d6:0f:7e:03:0e:42:13:0a:51:70:db:9a:21:8d:f4:f8:fb:
0e:b5:8b:04:6e:0c:4e:dd:ae:8b:a0:45:fd:c9:80:2e:94:d1:
57:fd:17:6d:30:6d:b5:12:fb:63:86:af:e8:ca:0f:78:8f:75:
1a:0b:ee:21:30:94:63:1f:5a:df:70:d4:5f:16:8f:44:f8:6c:
20:50:a1:0b:48:90:25:25:e6:36:34:e8:5d:c6:f8:cc:fc:bb:
3d:c3:3b:3a:aa:16:40:c9:d4:05:e3:75:e4:ad:8a:ee:11:e9:
13:d6:58:01:e6:1d:66:5c:e3:fa:44:a5:eb:a2:ca:34:2f:ec:
5b:b7:6d:32:f7:09:96:81:7c:07:68:d4:52:bc:d7:98:d4:26:
ca:f8:66:67:f9:d3:af:1e:dc:30:8f:b6:9a:a8:02:8b:c9:ce:
9e:ce:5b:55:7e:f4:6f:b6:06:12:a8:68:d9:8f:d8:4f:fc:10:
62:60:6d:f8:ce:2f:c7:5b:1b:84:6e:4f:2a:20:81:cb:69:24:
6c:5d:4d:41
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYzC2uN3urRYUSI1PIVe+kroMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOGFmNDg1YjRmZDBmMDM3MTdjZDRhNzA5ZWYxMWM2MWQz
ZWY0NmUwHhcNMjQwMTAxMDIyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGFmM2U3YjdiZTQ5MDhlYzcxMDcwMzdhZDRhNTBlMDVmNzBhZTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSvGvLje318O4hJBNapzLQSHxdmc
oI8Q2jtugFSJhGC6c3TgVhpy2x6F4Qaree/sMtJOFTpRo8Gkmox7f/8jFWHeQsfL
wSsh6C3CPwXp4HSEU4d4sjBY6254X5qEiGwgkr4czvFqliKcR14Z2LrUnUddFEYw
0CBnYaGUd68FJEDjcHJlxshdijGJpxnzCUCp2TZwIOdt8WbgSM3PTZzodLvwt4Pg
D/VW21L3J9j5QXfG3aBNmQ5lw/abvDMutuJviMHdeWxnG+HE1gw2C19xnczRPz9J
uULImiE8ZmtsZLFAZDEAeQjZQ17T8tE4S8wrb7OhY25gQa8ZkP2YHb+1kQIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFNSvPnt75JCOxxBwN61KUOBfcK42MB8GA1UdIwQY
MBaAFECK9IW0/Q8DcXzUpwnvEcYdPvRuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlyMGhiVDlEd054Zk5TbkNlOFJ4aDAtOUc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lMTE3MWMtNTI3MC00OWNkLTkzNzkt
Yjk1YjA4YTIzYWUxLzEvMUs4LWUzdmtrSTdIRUhBM3JVcFE0Rjl3cmpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lMTE3MWMtNTI3MC00OWNkLTkzNzktYjk1YjA4YTIzYWUx
LzEvUUlyMGhiVDlEd054Zk5TbkNlOFJ4aDAtOUc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYwDAME
ByX7gAMEBCX7oAMEAyX7+AMEAi5mkAMEAFZpwAMEAlkgLDAMAwQHWSSAAwQAWSSC
AwQCWSSEAwQDWSb4AwQAWSoLAwQDWS2oAwQDWS3AAwQCW8h4AwQAW9COAwQDXXNw
AwQAXhgdAwQDXhgwMAwDBANeGEgDBABeGE4DBANtXwgDBAO81zADBAHB74IDBADB
8ngwDQYJKoZIhvcNAQELBQADggEBAB2jflnMUpyGV3IcDuWq3xZo80xppM+BpHRK
qsg3sQQYwIShTOVjBWZhpcmv+pGEiKm5JCkDl3/WD34DDkITClFw25ohjfT4+w61
iwRuDE7drougRf3JgC6U0Vf9F20wbbUS+2OGr+jKD3iPdRoL7iEwlGMfWt9w1F8W
j0T4bCBQoQtIkCUl5jY06F3G+Mz8uz3DOzqqFkDJ1AXjdeStiu4R6RPWWAHmHWZc
4/pEpeuiyjQv7Fu3bTL3CZaBfAdo1FK815jUJsr4Zmf5068e3DCPtpqoAovJzp7O
W1V+9G+2BhKoaNmP2E/8EGJgbfjOL8dbG4RuTyoggctpJGxdTUE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:06 2024 by rpki-client on console-ams.rpki-client.org