Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/99P57c1zVNrWmpI-GxycHqN_2JU.roa
File: 99P57c1zVNrWmpI-GxycHqN_2JU.roa (raw, json)
Hash identifier: y3ZHsTEmqnBKeqUU0a+uM9GUfwciN45PrDaLaV6327Y=
Subject key identifier: F7:D3:F9:ED:CD:73:54:DA:D6:9A:92:3E:1B:1C:9C:1E:A3:7F:D8:95
Certificate issuer: /CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Certificate serial: 018DE9B0183ADB65C934081CDB4576F9B096
Authority key identifier: 40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/99P57c1zVNrWmpI-GxycHqN_2JU.roa
Signing time: Tue 27 Feb 2024 08:30:48 +0000
ROA not before: Tue 27 Feb 2024 08:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34358
IP address blocks: 37.251.128.0/19 maxlen: 19
37.251.160.0/20 maxlen: 20
37.251.248.0/21 maxlen: 21
37.251.255.0/24 maxlen: 24
86.105.192.0/24 maxlen: 24
89.32.44.0/22 maxlen: 22
89.32.44.0/24 maxlen: 24
89.36.128.0/23 maxlen: 23
89.36.128.0/24 maxlen: 24
89.36.129.0/24 maxlen: 24
89.36.130.0/24 maxlen: 24
89.36.132.0/23 maxlen: 24
89.36.134.0/24 maxlen: 24
89.36.135.0/24 maxlen: 24
89.38.248.0/24 maxlen: 24
89.38.249.0/24 maxlen: 24
89.38.250.0/23 maxlen: 23
89.38.252.0/22 maxlen: 22
89.42.11.0/24 maxlen: 24
89.45.192.0/21 maxlen: 21
89.45.192.0/23 maxlen: 23
91.200.120.0/22 maxlen: 22
91.200.120.0/23 maxlen: 23
91.200.122.0/23 maxlen: 23
91.208.142.0/24 maxlen: 24
94.24.29.0/24 maxlen: 24
94.24.48.0/21 maxlen: 21
94.24.72.0/22 maxlen: 22
94.24.76.0/23 maxlen: 23
94.24.78.0/24 maxlen: 24
109.95.8.0/21 maxlen: 21
188.215.48.0/21 maxlen: 21
193.239.130.0/23 maxlen: 23
193.242.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Jun 2024 07:17:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e9:b0:18:3a:db:65:c9:34:08:1c:db:45:76:f9:b0:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Validity
Not Before: Feb 27 08:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7d3f9edcd7354dad69a923e1b1c9c1ea37fd895
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:cd:cd:15:e1:5c:c3:d5:92:f6:21:d9:27:76:
d8:2c:4d:b1:9f:e1:c8:0f:88:0d:80:c7:67:2a:3e:
e4:75:f0:3a:66:04:1a:f4:1e:93:46:50:dc:46:5b:
13:57:c9:1d:39:8a:11:b7:3b:79:85:61:53:13:12:
a6:3d:b2:36:f6:58:ef:67:fa:11:56:82:0d:4e:02:
58:1f:4c:43:65:af:1a:39:fe:7f:ab:30:0e:d4:3a:
bc:f1:e7:08:87:33:cc:dd:57:5f:6b:1d:ee:64:f8:
68:1d:e5:8c:48:3c:72:1f:25:76:a0:18:ad:89:06:
f2:ac:75:70:b5:df:bc:b3:3d:ec:06:35:e9:dd:a8:
59:c5:00:d2:eb:da:01:c3:ac:3f:c3:09:72:c5:e3:
63:9d:e5:62:2c:e7:ae:31:ab:ab:48:fe:bc:2d:11:
b5:6b:a8:90:62:07:de:c6:65:2b:50:02:1f:cf:36:
84:fe:17:fb:08:33:0d:1b:c7:93:bf:b4:6d:1e:fb:
11:fc:0a:93:23:ee:e3:a6:5f:91:e3:04:52:ee:82:
6f:d4:16:73:d5:d0:31:2a:27:ea:37:07:ea:61:61:
05:89:c0:b1:4c:02:02:df:92:6d:2d:df:51:f6:19:
d2:43:1b:81:0d:a7:14:82:5d:07:fd:60:1e:33:a9:
cb:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:D3:F9:ED:CD:73:54:DA:D6:9A:92:3E:1B:1C:9C:1E:A3:7F:D8:95
X509v3 Authority Key Identifier:
keyid:40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/99P57c1zVNrWmpI-GxycHqN_2JU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.251.128.0-37.251.175.255
37.251.248.0/21
86.105.192.0/24
89.32.44.0/22
89.36.128.0-89.36.130.255
89.36.132.0/22
89.38.248.0/21
89.42.11.0/24
89.45.192.0/21
91.200.120.0/22
91.208.142.0/24
94.24.29.0/24
94.24.48.0/21
94.24.72.0-94.24.78.255
109.95.8.0/21
188.215.48.0/21
193.239.130.0/23
193.242.120.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:2e:c0:cc:dc:33:bf:4e:bb:bb:e2:f3:3d:30:61:ed:b1:c2:
f1:3d:10:c6:ee:fd:72:d6:d7:e0:3e:af:d1:5e:26:b3:d2:e8:
0f:33:55:e2:bb:85:ef:c2:7f:00:69:ad:c1:c5:f3:07:17:8f:
f4:b8:27:94:56:e5:5e:89:54:b7:7b:f9:91:79:4c:e6:0f:de:
b7:ce:5a:8a:60:56:9f:e3:d7:ff:5f:72:98:cd:c6:cc:ac:65:
ff:76:52:58:b7:8b:5b:1e:b0:e4:42:cd:a6:c2:c3:30:1b:5a:
60:f6:ff:13:20:dd:73:98:da:49:a3:7a:c9:fa:3b:2e:54:2e:
20:9b:0a:17:39:a1:a5:91:e8:bd:d0:c1:1b:c6:d8:e8:21:49:
e7:71:7e:3f:d5:93:3c:06:32:67:6a:35:bf:c4:f4:de:c4:b9:
b6:c4:e4:36:f4:d1:33:55:17:c3:62:9b:2a:d8:d1:4b:a8:79:
7b:16:0d:b7:88:4e:ba:f4:fa:80:96:f6:ca:28:03:9e:ee:2f:
9a:6a:5b:05:a3:ac:53:58:b9:48:5f:8e:8a:91:7d:58:9a:86:
fc:59:14:f8:87:3a:59:46:18:91:0c:2f:14:b0:5a:9f:41:fe:
fd:69:60:b9:e3:41:70:62:5e:3b:2a:d9:8a:61:9c:37:23:37:
56:6a:27:7e
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAY3psBg622XJNAgc20V2+bCWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOGFmNDg1YjRmZDBmMDM3MTdjZDRhNzA5ZWYxMWM2MWQz
ZWY0NmUwHhcNMjQwMjI3MDgzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2QzZjllZGNkNzM1NGRhZDY5YTkyM2UxYjFjOWMxZWEzN2ZkODk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAks3NFeFcw9WS9iHZJ3bYLE2xn+HI
D4gNgMdnKj7kdfA6ZgQa9B6TRlDcRlsTV8kdOYoRtzt5hWFTExKmPbI29ljvZ/oR
VoINTgJYH0xDZa8aOf5/qzAO1Dq88ecIhzPM3Vdfax3uZPhoHeWMSDxyHyV2oBit
iQbyrHVwtd+8sz3sBjXp3ahZxQDS69oBw6w/wwlyxeNjneViLOeuMaurSP68LRG1
a6iQYgfexmUrUAIfzzaE/hf7CDMNG8eTv7RtHvsR/AqTI+7jpl+R4wRS7oJv1BZz
1dAxKifqNwfqYWEFicCxTAIC35JtLd9R9hnSQxuBDacUgl0H/WAeM6nL0QIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFPfT+e3Nc1Ta1pqSPhscnB6jf9iVMB8GA1UdIwQY
MBaAFECK9IW0/Q8DcXzUpwnvEcYdPvRuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlyMGhiVDlEd054Zk5TbkNlOFJ4aDAtOUc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lMTE3MWMtNTI3MC00OWNkLTkzNzkt
Yjk1YjA4YTIzYWUxLzEvOTlQNTdjMXpWTnJXbXBJLUd4eWNIcU5fMkpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lMTE3MWMtNTI3MC00OWNkLTkzNzktYjk1YjA4YTIzYWUx
LzEvUUlyMGhiVDlEd054Zk5TbkNlOFJ4aDAtOUc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQwDAME
ByX7gAMEBCX7oAMEAyX7+AMEAFZpwAMEAlkgLDAMAwQHWSSAAwQAWSSCAwQCWSSE
AwQDWSb4AwQAWSoLAwQDWS3AAwQCW8h4AwQAW9COAwQAXhgdAwQDXhgwMAwDBANe
GEgDBABeGE4DBANtXwgDBAO81zADBAHB74IDBADB8ngwDQYJKoZIhvcNAQELBQAD
ggEBAC8uwMzcM79Ou7vi8z0wYe2xwvE9EMbu/XLW1+A+r9FeJrPS6A8zVeK7he/C
fwBprcHF8wcXj/S4J5RW5V6JVLd7+ZF5TOYP3rfOWopgVp/j1/9fcpjNxsysZf92
Uli3i1sesORCzabCwzAbWmD2/xMg3XOY2kmjesn6Oy5ULiCbChc5oaWR6L3QwRvG
2OghSedxfj/VkzwGMmdqNb/E9N7EubbE5Db00TNVF8NimyrY0UuoeXsWDbeITrr0
+oCW9sooA57uL5pqWwWjrFNYuUhfjoqRfViahvxZFPiHOllGGJEMLxSwWp9B/v1p
YLnjQXBiXjsq2YphnDcjN1ZqJ34=
-----END CERTIFICATE-----
Generated at Mon Jun 17 10:59:45 2024 by rpki-client on console-fra.rpki-client.org