Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/5iBv4KPDEiowtOf-EIFpRx7LGEA.roa
File: 5iBv4KPDEiowtOf-EIFpRx7LGEA.roa (raw, json)
Hash identifier: s7N1aEjYU/I71mDIkD16RtBNAAMX/V7LYQ+Y1fO+Y7w=
Subject key identifier: E6:20:6F:E0:A3:C3:12:2A:30:B4:E7:FE:10:81:69:47:1E:CB:18:40
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 018BEEE70E108107325678DB5358311D8BC8
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/5iBv4KPDEiowtOf-EIFpRx7LGEA.roa
Signing time: Mon 20 Nov 2023 22:43:21 +0000
ROA not before: Mon 20 Nov 2023 22:43:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51765
IP address blocks: 94.154.113.0/24 maxlen: 24
193.31.126.0/24 maxlen: 24
46.253.131.0/24 maxlen: 24
88.218.45.0/24 maxlen: 24
88.218.47.0/24 maxlen: 24
178.20.28.0/22 maxlen: 24
212.18.113.0/24 maxlen: 24
193.163.89.0/24 maxlen: 24
212.18.127.0/24 maxlen: 24
194.99.24.0/24 maxlen: 24
194.99.26.0/24 maxlen: 24
83.97.116.0/22 maxlen: 24
185.212.115.0/24 maxlen: 24
91.246.51.0/24 maxlen: 24
185.202.108.0/24 maxlen: 24
62.204.49.0/24 maxlen: 24
193.163.92.0/24 maxlen: 24
91.247.163.0/24 maxlen: 24
176.126.104.0/24 maxlen: 24
37.72.141.0/24 maxlen: 24
193.151.189.0/24 maxlen: 24
193.151.191.0/24 maxlen: 24
193.151.190.0/24 maxlen: 24
194.70.234.0/24 maxlen: 24
146.19.39.0/24 maxlen: 24
146.19.44.0/24 maxlen: 24
45.159.22.0/24 maxlen: 24
45.159.21.0/24 maxlen: 24
193.163.207.0/24 maxlen: 24
77.83.24.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ee:e7:0e:10:81:07:32:56:78:db:53:58:31:1d:8b:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Nov 20 22:43:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6206fe0a3c3122a30b4e7fe108169471ecb1840
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:da:77:ce:81:9d:7f:34:16:46:a0:4a:ca:60:
f4:1b:22:f9:cf:b6:5c:84:2c:f7:4e:2d:42:0e:88:
55:f8:74:b3:00:a7:00:1e:a1:08:e7:1f:48:dc:db:
a4:14:e1:c5:3f:c6:9f:2f:b3:2e:58:27:ce:67:2c:
37:fc:9b:c0:2c:57:e4:8b:d1:52:97:cc:1b:ed:06:
a6:5f:ea:e7:3e:5c:1d:ee:6e:a3:29:f3:88:d4:99:
68:26:59:96:d2:bb:b1:5f:1d:6e:50:a2:86:25:0d:
bb:f3:48:46:a2:d8:63:d2:f0:5b:e1:c3:50:a4:05:
4d:dd:f4:47:64:7d:18:cf:da:20:e4:74:79:d6:88:
df:af:4e:ab:06:ec:23:9d:6f:3f:76:22:f1:fc:0f:
67:8d:1c:f8:ac:64:db:5d:ca:60:d9:21:99:3a:d6:
a7:b3:9c:06:4d:76:da:98:c4:ff:11:bd:1b:72:4d:
0c:96:60:04:bc:60:41:96:1a:05:48:80:9e:5a:de:
57:12:ef:cb:ed:70:18:b5:a9:2b:ad:33:84:63:37:
2d:f6:8d:6f:3a:d1:72:e8:25:ba:85:68:27:49:0f:
25:1a:bd:05:f4:c3:59:76:37:06:7d:ac:1b:16:23:
65:20:a6:72:35:28:f9:ac:53:84:85:98:90:a0:82:
89:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:20:6F:E0:A3:C3:12:2A:30:B4:E7:FE:10:81:69:47:1E:CB:18:40
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/5iBv4KPDEiowtOf-EIFpRx7LGEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.141.0/24
45.159.21.0-45.159.22.255
46.253.131.0/24
62.204.49.0/24
77.83.24.0/22
83.97.116.0/22
88.218.45.0/24
88.218.47.0/24
91.246.51.0/24
91.247.163.0/24
94.154.113.0/24
146.19.39.0/24
146.19.44.0/24
176.126.104.0/24
178.20.28.0/22
185.202.108.0/24
185.212.115.0/24
193.31.126.0/24
193.151.189.0-193.151.191.255
193.163.89.0/24
193.163.92.0/24
193.163.207.0/24
194.70.234.0/24
194.99.24.0/24
194.99.26.0/24
212.18.113.0/24
212.18.127.0/24
Signature Algorithm: sha256WithRSAEncryption
27:00:0d:cc:de:03:19:1d:13:f8:b1:a4:68:21:23:7e:4b:e2:
cb:1c:3a:4d:75:ed:b1:07:a9:a3:26:93:41:9c:f3:14:9c:0e:
6e:d5:37:2e:66:97:8b:9e:93:1d:fe:ec:0a:00:a7:66:ed:5e:
c2:81:db:6e:f0:66:ac:70:d6:c2:bb:75:91:64:f8:c6:36:6f:
c9:9e:ba:c3:32:c3:6e:3f:78:92:53:bf:2f:6f:b2:f3:b2:4d:
6a:4f:92:6d:c6:ea:b0:5e:1d:ef:0c:e5:55:e1:13:4e:1d:2f:
a4:7c:1c:83:07:db:45:d9:44:40:d9:6e:3c:58:64:8a:49:96:
a2:51:96:75:9e:6c:c8:35:46:7b:f2:63:bc:07:d2:d0:9f:a8:
5b:93:e1:d4:9f:86:76:97:d4:f3:e0:83:dd:f1:dc:2d:1e:a5:
4f:55:09:96:48:ad:88:32:8e:23:aa:e1:dc:36:2a:c1:08:39:
67:98:4b:81:a7:03:df:af:3f:39:66:5e:39:58:c4:53:e7:de:
06:59:44:53:cf:b4:65:55:eb:75:29:d4:41:98:9c:19:d0:32:
16:69:4f:a2:f7:98:15:f6:f0:6e:07:f7:a7:e0:3d:44:87:ba:
62:3e:e7:e7:46:47:44:04:87:73:b8:20:70:e7:15:6c:d6:dc:
5a:d9:43:64
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAYvu5w4QgQcyVnjbU1gxHYvIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMxMTIwMjI0MzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjIwNmZlMGEzYzMxMjJhMzBiNGU3ZmUxMDgxNjk0NzFlY2IxODQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9p3zoGdfzQWRqBKymD0GyL5z7Zc
hCz3Ti1CDohV+HSzAKcAHqEI5x9I3NukFOHFP8afL7MuWCfOZyw3/JvALFfki9FS
l8wb7QamX+rnPlwd7m6jKfOI1JloJlmW0ruxXx1uUKKGJQ2780hGothj0vBb4cNQ
pAVN3fRHZH0Yz9og5HR51ojfr06rBuwjnW8/diLx/A9njRz4rGTbXcpg2SGZOtan
s5wGTXbamMT/Eb0bck0MlmAEvGBBlhoFSICeWt5XEu/L7XAYtakrrTOEYzct9o1v
OtFy6CW6hWgnSQ8lGr0F9MNZdjcGfawbFiNlIKZyNSj5rFOEhZiQoIKJdQIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFOYgb+CjwxIqMLTn/hCBaUceyxhAMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvNWlCdjRLUERFaW93dE9mLUVJRnBSeDdMR0VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIDBAAl
SI0wDAMEAC2fFQMEAC2fFgMEAC79gwMEAD7MMQMEAk1TGAMEAlNhdAMEAFjaLQME
AFjaLwMEAFv2MwMEAFv3owMEAF6acQMEAJITJwMEAJITLAMEALB+aAMEArIUHAME
ALnKbAMEALnUcwMEAMEffjAMAwQAwZe9AwQGwZeAAwQAwaNZAwQAwaNcAwQAwaPP
AwQAwkbqAwQAwmMYAwQAwmMaAwQA1BJxAwQA1BJ/MA0GCSqGSIb3DQEBCwUAA4IB
AQAnAA3M3gMZHRP4saRoISN+S+LLHDpNde2xB6mjJpNBnPMUnA5u1TcuZpeLnpMd
/uwKAKdm7V7Cgdtu8GascNbCu3WRZPjGNm/JnrrDMsNuP3iSU78vb7Lzsk1qT5Jt
xuqwXh3vDOVV4RNOHS+kfByDB9tF2URA2W48WGSKSZaiUZZ1nmzINUZ78mO8B9LQ
n6hbk+HUn4Z2l9Tz4IPd8dwtHqVPVQmWSK2IMo4jquHcNirBCDlnmEuBpwPfrz85
Zl45WMRT594GWURTz7RlVet1KdRBmJwZ0DIWaU+i95gV9vBuB/en4D1Eh7piPufn
RkdEBIdzuCBw5xVs1txa2UNk
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:24 2024 by rpki-client on console-fra.rpki-client.org