Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/x2C75RGal387cm0roahfb02Tctc.roa
File: x2C75RGal387cm0roahfb02Tctc.roa (raw, json)
Hash identifier: 9F/kdGEOS3HAhaqoPhIwmMHnsglwRULMv93CjrQNjBo=
Subject key identifier: C7:60:BB:E5:11:9A:97:7F:3B:72:6D:2B:A1:A8:5F:6F:4D:93:72:D7
Certificate issuer: /CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Certificate serial: 0190F899C25443C00AC5A293C8CCBFE66091
Authority key identifier: EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/x2C75RGal387cm0roahfb02Tctc.roa
Signing time: Sun 28 Jul 2024 09:09:04 +0000
ROA not before: Sun 28 Jul 2024 09:09:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202766
IP address blocks: 84.18.0.0/19 maxlen: 24
92.60.160.0/20 maxlen: 24
185.66.60.0/22 maxlen: 24
195.5.64.0/19 maxlen: 24
212.49.128.0/18 maxlen: 24
212.59.192.0/19 maxlen: 24
212.66.161.0/24 maxlen: 24
212.66.162.0/23 maxlen: 24
212.66.164.0/22 maxlen: 24
212.66.168.0/21 maxlen: 24
212.66.176.0/20 maxlen: 24
212.163.0.0/16 maxlen: 24
213.9.128.0/17 maxlen: 24
213.192.192.0/18 maxlen: 24
2001:ac0::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 29 Jul 2024 16:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:f8:99:c2:54:43:c0:0a:c5:a2:93:c8:cc:bf:e6:60:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Validity
Not Before: Jul 28 09:09:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c760bbe5119a977f3b726d2ba1a85f6f4d9372d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:93:00:6b:16:db:d1:36:53:58:72:bf:45:31:
f6:c6:7f:cd:3f:39:7e:77:e5:d1:0b:0c:bf:ca:26:
6b:b2:63:30:5e:51:e7:7a:41:00:fd:02:62:9d:38:
d7:0a:ca:07:25:4f:a0:36:55:7b:4c:77:9d:ec:0f:
b4:eb:6c:1a:03:91:b3:7f:27:24:04:33:e4:d6:7f:
32:4d:9e:a6:7b:23:f5:0c:a7:2d:3e:35:62:34:44:
67:e8:ec:30:21:83:a7:07:97:ba:63:f6:c2:0b:2f:
c1:77:ee:5a:b3:4a:b6:d6:c1:87:b4:3c:ca:d5:2d:
50:cd:01:f2:05:b4:83:48:15:92:00:0e:4f:1c:de:
33:ad:53:27:91:aa:9b:07:40:00:62:e4:8e:ca:5e:
9d:26:13:f8:12:33:be:cb:09:17:d0:98:83:ff:f1:
72:ee:ba:af:2d:f5:8a:3b:b4:6c:da:f4:3d:b5:a9:
2d:c6:a0:fb:ce:c9:e4:0a:a3:b5:35:59:5e:cc:a1:
96:9e:aa:26:8a:59:03:02:dd:68:4c:86:bd:1b:01:
20:59:d2:38:e4:c0:5a:cf:0d:50:89:48:c9:3b:be:
5f:ca:b8:a4:5f:42:88:68:21:12:32:42:a1:7b:cd:
e0:bb:af:db:bf:2e:52:ad:27:c7:6b:d1:64:fe:89:
16:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:60:BB:E5:11:9A:97:7F:3B:72:6D:2B:A1:A8:5F:6F:4D:93:72:D7
X509v3 Authority Key Identifier:
keyid:EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/x2C75RGal387cm0roahfb02Tctc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.18.0.0/19
92.60.160.0/20
185.66.60.0/22
195.5.64.0/19
212.49.128.0/18
212.59.192.0/19
212.66.161.0-212.66.191.255
212.163.0.0/16
213.9.128.0/17
213.192.192.0/18
IPv6:
2001:ac0::/29
Signature Algorithm: sha256WithRSAEncryption
1a:73:c9:ae:dd:aa:7f:81:c7:90:a3:ac:16:85:93:4f:5f:c0:
ae:af:77:53:1d:81:a8:e8:56:01:50:7c:d6:29:1c:80:92:d7:
08:45:fa:80:10:4a:8c:e0:58:10:3d:2a:69:6e:a5:f3:0e:0e:
34:ca:81:86:cd:b3:d6:b9:50:fe:31:1e:8e:f9:82:e0:9f:a7:
40:aa:6a:76:36:92:bd:a6:dd:d6:db:13:a2:1a:73:13:33:98:
ae:22:7f:f7:69:09:80:c8:9b:d1:e2:b7:13:86:e3:e0:9e:56:
35:ce:44:22:df:24:77:b8:4b:ae:4d:07:f6:b4:89:3e:4b:47:
6e:74:a0:bf:c4:0a:28:31:f4:19:fd:c7:71:ad:41:b0:82:de:
21:76:0a:86:0f:23:a8:9c:b6:a9:ae:6f:a7:60:17:a6:e8:4e:
fc:dd:59:a2:2f:a8:ea:6c:e1:5d:e7:84:25:ac:ac:3e:61:85:
78:08:8e:ea:56:3c:1b:9a:c7:b1:52:64:e7:01:5b:ca:e4:0f:
a4:65:41:60:d4:55:7f:8c:59:be:f6:1d:07:c9:28:7d:80:17:
91:68:7f:d3:f9:53:aa:ee:c4:0d:d2:2c:46:9e:54:14:08:11:
3d:9f:28:2f:f9:63:7e:01:e0:70:eb:7e:3f:95:b5:c6:66:56:
94:99:e7:e9
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZD4mcJUQ8AKxaKTyMy/5mCRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmM2U3MWI5Njk5MmRhM2Q5MWM4OGRkNzRlZjQxZjliOTVi
OTQ4NWIwHhcNMjQwNzI4MDkwOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzYwYmJlNTExOWE5NzdmM2I3MjZkMmJhMWE4NWY2ZjRkOTM3MmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5MAaxbb0TZTWHK/RTH2xn/NPzl+
d+XRCwy/yiZrsmMwXlHnekEA/QJinTjXCsoHJU+gNlV7THed7A+062waA5Gzfyck
BDPk1n8yTZ6meyP1DKctPjViNERn6OwwIYOnB5e6Y/bCCy/Bd+5as0q21sGHtDzK
1S1QzQHyBbSDSBWSAA5PHN4zrVMnkaqbB0AAYuSOyl6dJhP4EjO+ywkX0JiD//Fy
7rqvLfWKO7Rs2vQ9taktxqD7zsnkCqO1NVlezKGWnqomilkDAt1oTIa9GwEgWdI4
5MBazw1QiUjJO75fyrikX0KIaCESMkKhe83gu6/bvy5SrSfHa9Fk/okWAQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFMdgu+URmpd/O3JtK6GoX29Nk3LXMB8GA1UdIwQY
MBaAFO8+cblpkto9kciN1070H5uVuUhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDIt
OTE5NmNlNDQ2NTI3LzEveDJDNzVSR2FsMzg3Y20wcm9haGZiMDJUY3RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDItOTE5NmNlNDQ2NTI3
LzEvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBJBAIAATBDAwQFVBIAAwQE
XDygAwQCuUI8AwQFwwVAAwQG1DGAAwQF1DvAMAwDBADUQqEDBAbUQoADAwDUowME
B9UJgAMEBtXAwDANBAIAAjAHAwUDIAEKwDANBgkqhkiG9w0BAQsFAAOCAQEAGnPJ
rt2qf4HHkKOsFoWTT1/Arq93Ux2BqOhWAVB81ikcgJLXCEX6gBBKjOBYED0qaW6l
8w4ONMqBhs2z1rlQ/jEejvmC4J+nQKpqdjaSvabd1tsTohpzEzOYriJ/92kJgMib
0eK3E4bj4J5WNc5EIt8kd7hLrk0H9rSJPktHbnSgv8QKKDH0Gf3Hca1BsILeIXYK
hg8jqJy2qa5vp2AXpuhO/N1Zoi+o6mzhXeeEJaysPmGFeAiO6lY8G5rHsVJk5wFb
yuQPpGVBYNRVf4xZvvYdB8kofYAXkWh/0/lTqu7EDdIsRp5UFAgRPZ8oL/ljfgHg
cOt+P5W1xmZWlJnn6Q==
-----END CERTIFICATE-----
Generated at Mon Jul 29 19:29:06 2024 by rpki-client on console-ams.rpki-client.org