Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/3u_xtEZoXvWUF2cVs24CySKBSNc.roa
File: 3u_xtEZoXvWUF2cVs24CySKBSNc.roa (raw, json)
Hash identifier: Ixxq1uFycIoubbSjy4F4fvP+n0K79MAcgX3nn3xM7IA=
Subject key identifier: DE:EF:F1:B4:46:68:5E:F5:94:17:67:15:B3:6E:02:C9:22:81:48:D7
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 01871A9DE1FFF05A04CCAADD345D272FC3D6
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/3u_xtEZoXvWUF2cVs24CySKBSNc.roa
Signing time: Sat 25 Mar 2023 21:12:47 +0000
ROA not before: Sat 25 Mar 2023 21:12:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 88.218.80.0/24 maxlen: 24
176.118.189.0/24 maxlen: 24
176.118.188.0/24 maxlen: 24
176.118.191.0/24 maxlen: 24
45.130.186.0/24 maxlen: 24
45.130.185.0/24 maxlen: 24
45.130.184.0/24 maxlen: 24
5.104.75.0/24 maxlen: 24
5.104.72.0/24 maxlen: 24
88.218.239.0/24 maxlen: 24
194.28.157.0/24 maxlen: 24
84.252.64.0/22 maxlen: 24
45.140.7.0/24 maxlen: 24
193.160.68.0/24 maxlen: 24
193.160.72.0/24 maxlen: 24
91.245.239.0/24 maxlen: 24
193.228.48.0/22 maxlen: 24
95.214.83.0/24 maxlen: 24
185.177.77.0/24 maxlen: 24
185.177.76.0/24 maxlen: 24
212.69.135.0/24 maxlen: 24
95.214.92.0/24 maxlen: 24
95.214.95.0/24 maxlen: 24
95.214.93.0/24 maxlen: 24
77.83.20.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:1a:9d:e1:ff:f0:5a:04:cc:aa:dd:34:5d:27:2f:c3:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 25 21:12:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=deeff1b446685ef594176715b36e02c9228148d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:db:a4:46:f5:2f:d0:16:b8:c6:15:4c:d7:8c:
3e:c8:44:9e:23:74:08:6d:79:8c:5e:61:32:6e:6a:
3e:62:10:f5:a2:a1:a3:8c:50:da:56:81:1c:43:4d:
3a:0b:7a:3d:bf:8c:f5:90:1e:ea:a6:04:0a:3f:98:
8c:fc:2e:25:c4:d9:6f:c5:b0:b5:15:28:7d:a5:dc:
ee:ce:87:51:0e:11:d3:c8:91:fc:03:89:08:4f:c6:
2e:a5:66:28:d7:09:35:a0:9c:33:37:1c:b8:c1:67:
8b:31:1e:ec:0b:64:22:77:b7:a4:4e:c4:e4:05:9e:
ed:40:0f:f2:62:d9:28:66:e9:51:c3:b6:f1:dd:78:
94:0a:b1:69:5e:82:c7:5a:4d:09:9e:cc:e1:80:7c:
b2:40:42:3d:98:eb:f5:b9:af:c0:4e:45:94:24:8d:
fa:70:39:33:00:6d:35:36:62:f1:fe:00:4c:64:4b:
c4:05:f7:fb:0e:98:dc:05:5e:1c:68:e4:1d:2d:43:
7f:51:5a:6d:18:64:ef:1c:11:e0:98:17:1c:65:21:
29:57:8c:3a:e8:e0:01:45:5a:a6:aa:6d:0d:a2:15:
f2:ba:3d:a6:71:2f:a5:f8:67:b5:29:2b:82:14:5c:
ad:9d:e6:8d:54:b0:f1:ca:ed:97:e3:74:27:12:61:
d1:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:EF:F1:B4:46:68:5E:F5:94:17:67:15:B3:6E:02:C9:22:81:48:D7
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/3u_xtEZoXvWUF2cVs24CySKBSNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.72.0/24
5.104.75.0/24
45.130.184.0-45.130.186.255
45.140.7.0/24
77.83.20.0/22
84.252.64.0/22
88.218.80.0/24
88.218.239.0/24
91.245.239.0/24
95.214.83.0/24
95.214.92.0/23
95.214.95.0/24
176.118.188.0/23
176.118.191.0/24
185.177.76.0/23
193.160.68.0/24
193.160.72.0/24
193.228.48.0/22
194.28.157.0/24
212.69.135.0/24
Signature Algorithm: sha256WithRSAEncryption
22:df:cd:8a:99:7d:b0:e9:57:15:45:b2:99:2e:c5:b5:22:e4:
f1:1e:25:ee:f0:ee:89:42:43:7f:b8:e7:05:16:b1:9c:4f:34:
28:10:4f:0c:55:89:0d:ef:91:8e:77:f5:cd:44:08:c4:3a:7e:
15:2d:a1:a2:2e:21:df:35:cb:34:2b:f5:41:0a:3a:e3:b5:99:
ba:8c:36:c4:fc:28:6f:b4:2c:2b:ee:db:e3:e2:ea:6d:f0:8d:
bd:e2:6c:d2:10:97:ce:27:13:95:c3:b9:9d:89:b3:05:9d:dd:
a2:98:f1:1e:58:6c:df:73:9d:b8:29:e7:0e:fc:a3:8e:ba:4e:
8f:ee:26:0c:21:4d:9c:d8:13:46:df:cd:1c:41:e4:a6:0f:bf:
76:16:b3:db:9e:67:2a:f0:6a:6c:d1:9d:52:23:e9:40:ce:f4:
34:f1:46:89:c9:64:b8:62:b3:02:d2:cc:a9:a0:23:77:cc:6e:
b8:19:74:1a:0d:8e:8a:a2:97:46:f3:07:d7:2f:8e:bb:51:c3:
ba:1a:5f:73:d3:b1:f0:35:59:70:85:98:da:37:26:f4:44:6a:
60:16:c0:3b:a4:26:a8:bd:cb:01:69:a9:33:d6:98:ea:d4:00:
8c:6b:0b:07:0c:52:6e:93:6c:81:32:b4:85:bb:d7:a9:51:b6:
f6:9b:52:6f
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYcaneH/8FoEzKrdNF0nL8PWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzI1MjExMjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWVmZjFiNDQ2Njg1ZWY1OTQxNzY3MTViMzZlMDJjOTIyODE0OGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9ukRvUv0Ba4xhVM14w+yESeI3QI
bXmMXmEybmo+YhD1oqGjjFDaVoEcQ006C3o9v4z1kB7qpgQKP5iM/C4lxNlvxbC1
FSh9pdzuzodRDhHTyJH8A4kIT8YupWYo1wk1oJwzNxy4wWeLMR7sC2Qid7ekTsTk
BZ7tQA/yYtkoZulRw7bx3XiUCrFpXoLHWk0JnszhgHyyQEI9mOv1ua/ATkWUJI36
cDkzAG01NmLx/gBMZEvEBff7DpjcBV4caOQdLUN/UVptGGTvHBHgmBccZSEpV4w6
6OABRVqmqm0NohXyuj2mcS+l+Ge1KSuCFFytneaNVLDxyu2X43QnEmHRmwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFN7v8bRGaF71lBdnFbNuAskigUjXMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvM3VfeHRFWm9YdldVRjJjVnMyNEN5U0tCU05jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBAAF
aEgDBAAFaEswDAMEAy2CuAMEAC2CugMEAC2MBwMEAk1TFAMEAlT8QAMEAFjaUAME
AFja7wMEAFv17wMEAF/WUwMEAV/WXAMEAF/WXwMEAbB2vAMEALB2vwMEAbmxTAME
AMGgRAMEAMGgSAMEAsHkMAMEAMIcnQMEANRFhzANBgkqhkiG9w0BAQsFAAOCAQEA
It/Nipl9sOlXFUWymS7FtSLk8R4l7vDuiUJDf7jnBRaxnE80KBBPDFWJDe+Rjnf1
zUQIxDp+FS2hoi4h3zXLNCv1QQo647WZuow2xPwob7QsK+7b4+LqbfCNveJs0hCX
zicTlcO5nYmzBZ3dopjxHlhs33OduCnnDvyjjrpOj+4mDCFNnNgTRt/NHEHkpg+/
dhaz255nKvBqbNGdUiPpQM70NPFGiclkuGKzAtLMqaAjd8xuuBl0Gg2OiqKXRvMH
1y+Ou1HDuhpfc9Ox8DVZcIWY2jcm9ERqYBbAO6QmqL3LAWmpM9aY6tQAjGsLBwxS
bpNsgTK0hbvXqVG29ptSbw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:40 2023 by rpki-client on console-fra.rpki-client.org