Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/VIH4VAl3xzBjKLR2OTc3HqGypjo.roa
File: VIH4VAl3xzBjKLR2OTc3HqGypjo.roa (raw, json)
Hash identifier: IbXGilXZdBRoESDEIL8EBQnYFA0J+4eAmmjnCrVHFfs=
Subject key identifier: 54:81:F8:54:09:77:C7:30:63:28:B4:76:39:37:37:1E:A1:B2:A6:3A
Certificate issuer: /CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Certificate serial: 018E13192E138EBB4B9B561FCAF4DC01D9D1
Authority key identifier: EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/VIH4VAl3xzBjKLR2OTc3HqGypjo.roa
Signing time: Wed 06 Mar 2024 09:30:01 +0000
ROA not before: Wed 06 Mar 2024 09:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8903
IP address blocks: 84.18.0.0/19 maxlen: 19
92.60.160.0/20 maxlen: 20
92.60.170.0/24 maxlen: 24
92.60.173.0/24 maxlen: 24
92.60.174.0/24 maxlen: 24
185.66.60.0/22 maxlen: 22
185.66.60.0/24 maxlen: 24
185.66.61.0/24 maxlen: 24
185.66.62.0/24 maxlen: 24
195.5.64.0/19 maxlen: 19
212.49.128.0/18 maxlen: 18
212.49.129.0/24 maxlen: 24
212.49.189.0/24 maxlen: 24
212.59.192.0/19 maxlen: 19
212.66.161.0/24 maxlen: 24
212.66.162.0/23 maxlen: 23
212.66.163.0/24 maxlen: 24
212.66.164.0/22 maxlen: 22
212.66.168.0/21 maxlen: 21
212.66.176.0/20 maxlen: 20
212.163.0.0/16 maxlen: 16
212.163.1.0/24 maxlen: 24
212.163.5.0/24 maxlen: 24
212.163.31.0/24 maxlen: 24
212.163.48.0/24 maxlen: 24
212.163.91.0/24 maxlen: 24
212.163.92.0/24 maxlen: 24
212.163.94.0/24 maxlen: 24
212.163.130.0/24 maxlen: 24
212.163.185.0/24 maxlen: 24
212.163.193.0/24 maxlen: 24
212.163.216.0/22 maxlen: 22
212.163.220.0/22 maxlen: 22
212.163.225.0/24 maxlen: 24
212.163.226.0/24 maxlen: 24
212.163.227.0/24 maxlen: 24
212.163.235.0/24 maxlen: 24
212.163.240.0/20 maxlen: 20
213.9.128.0/17 maxlen: 17
213.9.142.0/23 maxlen: 23
213.9.144.0/24 maxlen: 24
213.9.162.0/23 maxlen: 23
213.9.182.0/24 maxlen: 24
213.9.185.0/24 maxlen: 24
213.9.186.0/24 maxlen: 24
213.9.190.0/23 maxlen: 23
213.9.217.0/24 maxlen: 24
213.9.224.0/20 maxlen: 20
213.9.240.0/23 maxlen: 23
213.9.244.0/24 maxlen: 24
213.9.245.0/24 maxlen: 24
213.9.246.0/24 maxlen: 24
213.9.247.0/24 maxlen: 24
213.9.248.0/24 maxlen: 24
213.192.192.0/18 maxlen: 18
213.192.193.0/24 maxlen: 24
213.192.200.0/22 maxlen: 22
213.192.203.0/24 maxlen: 24
213.192.206.0/23 maxlen: 23
213.192.212.0/22 maxlen: 22
213.192.213.0/24 maxlen: 24
213.192.216.0/21 maxlen: 21
213.192.224.0/22 maxlen: 22
213.192.228.0/23 maxlen: 23
213.192.232.0/22 maxlen: 22
213.192.238.0/24 maxlen: 24
213.192.239.0/24 maxlen: 24
213.192.240.0/24 maxlen: 24
213.192.241.0/24 maxlen: 24
213.192.242.0/23 maxlen: 23
213.192.244.0/23 maxlen: 23
213.192.246.0/24 maxlen: 24
213.192.247.0/24 maxlen: 24
213.192.248.0/21 maxlen: 21
213.192.249.0/24 maxlen: 24
213.192.251.0/24 maxlen: 24
213.192.252.0/23 maxlen: 23
213.192.253.0/24 maxlen: 24
213.192.254.0/24 maxlen: 24
213.192.255.0/24 maxlen: 24
2001:ac0::/29 maxlen: 29
2001:ac0::/32 maxlen: 32
2001:ac0:30fd::/48 maxlen: 48
2001:ac0:c040::/44 maxlen: 44
2001:ac0:c0c0::/44 maxlen: 44
2001:ac0:c880::/44 maxlen: 44
Validation: Failed, certificate revoked on Sat 11 May 2024 10:28:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:13:19:2e:13:8e:bb:4b:9b:56:1f:ca:f4:dc:01:d9:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Validity
Not Before: Mar 6 09:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5481f8540977c7306328b4763937371ea1b2a63a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b2:2f:23:51:66:08:c5:f6:4f:2a:fe:57:cf:
94:34:3a:80:f0:02:8a:35:60:35:9a:b6:38:1f:62:
5d:ac:c2:ac:d2:1d:1d:34:05:c9:0f:a5:f3:94:b4:
44:5c:ab:3a:59:fe:7d:4e:7d:f9:fc:ed:db:76:10:
fe:66:ce:d4:3f:e2:f4:e1:76:64:4b:ba:45:15:6e:
1f:8c:43:f6:cf:77:b8:79:8f:66:13:bd:d1:41:3e:
49:0d:03:21:01:31:db:2b:62:bd:c8:e2:f9:e6:bc:
1f:fe:ab:ca:f1:e3:b0:79:f0:79:14:ca:19:4e:73:
c1:cf:ec:ac:7b:df:59:47:5b:fa:ff:bb:3e:eb:23:
82:dd:9e:f9:c9:1b:04:ad:e3:38:ab:72:d2:20:10:
19:91:d4:e9:ca:c3:84:60:5b:de:36:e2:f7:bc:0e:
58:3e:a6:d4:5d:71:52:66:ed:dc:89:95:1f:9a:2a:
89:cb:eb:96:46:86:82:7f:e0:fd:32:88:dd:d2:03:
53:cf:3c:b9:7c:bd:6a:61:d5:ca:dd:0e:14:85:43:
cc:be:47:9b:69:80:e9:2b:35:bf:b2:f9:40:23:1d:
15:d4:3b:22:8d:f9:9a:2e:d2:e5:37:cb:44:3a:d0:
2d:05:a7:c1:f6:22:22:55:ab:26:f0:c8:e7:f3:c2:
bc:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:81:F8:54:09:77:C7:30:63:28:B4:76:39:37:37:1E:A1:B2:A6:3A
X509v3 Authority Key Identifier:
keyid:EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/VIH4VAl3xzBjKLR2OTc3HqGypjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.18.0.0/19
92.60.160.0/20
185.66.60.0/22
195.5.64.0/19
212.49.128.0/18
212.59.192.0/19
212.66.161.0-212.66.191.255
212.163.0.0/16
213.9.128.0/17
213.192.192.0/18
IPv6:
2001:ac0::/29
Signature Algorithm: sha256WithRSAEncryption
85:f8:77:34:d4:53:7c:be:b6:12:26:c4:34:a3:3e:77:b9:10:
de:7c:f2:47:ff:60:a7:a7:77:ec:83:d7:7a:e5:f3:d7:2d:82:
8d:67:a9:fa:0d:be:72:aa:ee:9e:21:95:78:1b:8c:02:49:f0:
08:fe:bd:40:6a:1b:ef:66:bf:8d:ee:1c:dd:74:e5:73:b6:b5:
6f:84:b2:38:d2:7f:ac:0f:fd:ea:ec:89:0a:94:25:cc:fe:5d:
cf:77:3a:da:51:fb:a1:52:70:7d:9b:0d:fe:83:71:42:1a:e6:
6a:53:97:81:96:70:9f:5f:57:b6:1c:50:5b:c9:36:ac:b5:b8:
b8:29:f3:3a:fa:bd:fc:fc:8e:ba:1d:c7:42:17:b3:42:ab:ec:
fd:f2:fb:10:c1:e0:60:b0:28:57:77:37:95:50:30:37:ef:a5:
7b:1f:8b:e1:6c:5f:74:69:3d:66:37:ed:df:33:23:4f:b2:aa:
46:7d:f8:7e:8f:61:c5:17:1b:aa:6a:38:3c:a8:07:7d:05:70:
76:82:2f:83:5b:84:e1:60:e3:fe:d9:ff:2a:98:00:cc:6d:5f:
a8:53:9c:79:36:19:3f:4e:ca:38:27:11:07:94:29:37:64:cb:
4e:b7:d6:8d:8c:b3:bd:e3:06:2e:f5:6c:7f:00:eb:a4:62:9f:
e7:3f:54:10
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAY4TGS4TjrtLm1YfyvTcAdnRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmM2U3MWI5Njk5MmRhM2Q5MWM4OGRkNzRlZjQxZjliOTVi
OTQ4NWIwHhcNMjQwMzA2MDkzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDgxZjg1NDA5NzdjNzMwNjMyOGI0NzYzOTM3MzcxZWExYjJhNjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbIvI1FmCMX2Tyr+V8+UNDqA8AKK
NWA1mrY4H2JdrMKs0h0dNAXJD6XzlLREXKs6Wf59Tn35/O3bdhD+Zs7UP+L04XZk
S7pFFW4fjEP2z3e4eY9mE73RQT5JDQMhATHbK2K9yOL55rwf/qvK8eOwefB5FMoZ
TnPBz+yse99ZR1v6/7s+6yOC3Z75yRsEreM4q3LSIBAZkdTpysOEYFveNuL3vA5Y
PqbUXXFSZu3ciZUfmiqJy+uWRoaCf+D9Mojd0gNTzzy5fL1qYdXK3Q4UhUPMvkeb
aYDpKzW/svlAIx0V1DsijfmaLtLlN8tEOtAtBafB9iIiVasm8Mjn88K86wIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFFSB+FQJd8cwYyi0djk3Nx6hsqY6MB8GA1UdIwQY
MBaAFO8+cblpkto9kciN1070H5uVuUhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDIt
OTE5NmNlNDQ2NTI3LzEvVklINFZBbDN4ekJqS0xSMk9UYzNIcUd5cGpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDItOTE5NmNlNDQ2NTI3
LzEvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBJBAIAATBDAwQFVBIAAwQE
XDygAwQCuUI8AwQFwwVAAwQG1DGAAwQF1DvAMAwDBADUQqEDBAbUQoADAwDUowME
B9UJgAMEBtXAwDANBAIAAjAHAwUDIAEKwDANBgkqhkiG9w0BAQsFAAOCAQEAhfh3
NNRTfL62EibENKM+d7kQ3nzyR/9gp6d37IPXeuXz1y2CjWep+g2+cqruniGVeBuM
AknwCP69QGob72a/je4c3XTlc7a1b4SyONJ/rA/96uyJCpQlzP5dz3c62lH7oVJw
fZsN/oNxQhrmalOXgZZwn19XthxQW8k2rLW4uCnzOvq9/PyOuh3HQhezQqvs/fL7
EMHgYLAoV3c3lVAwN++lex+L4WxfdGk9Zjft3zMjT7KqRn34fo9hxRcbqmo4PKgH
fQVwdoIvg1uE4WDj/tn/KpgAzG1fqFOceTYZP07KOCcRB5QpN2TLTrfWjYyzveMG
LvVsfwDrpGKf5z9UEA==
-----END CERTIFICATE-----
Generated at Sat May 11 11:26:36 2024 by rpki-client on console-fra.rpki-client.org