Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/SHe-F9NLHh0h2NDrIhArFkydpsw.roa
File: SHe-F9NLHh0h2NDrIhArFkydpsw.roa (raw, json)
Hash identifier: KmX8nRJf0XUyF6Bm1ZocF2xypEbSGuSMCRxDPkkmH4A=
Subject key identifier: 48:77:BE:17:D3:4B:1E:1D:21:D8:D0:EB:22:10:2B:16:4C:9D:A6:CC
Certificate issuer: /CN=dc3cb20c5ca7c4ed8e42078b1a67287a0d991cec
Certificate serial: 0187DB606F66E1753F1A5C03A4F252C24C6F
Authority key identifier: DC:3C:B2:0C:5C:A7:C4:ED:8E:42:07:8B:1A:67:28:7A:0D:99:1C:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3DyyDFynxO2OQgeLGmcoeg2ZHOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/SHe-F9NLHh0h2NDrIhArFkydpsw.roa
Signing time: Tue 02 May 2023 07:32:22 +0000
ROA not before: Tue 02 May 2023 07:32:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201446
IP address blocks: 185.68.110.0/24 maxlen: 24
185.68.109.0/24 maxlen: 24
185.68.111.0/24 maxlen: 24
185.68.108.0/24 maxlen: 24
212.63.110.0/24 maxlen: 24
212.63.109.0/24 maxlen: 24
212.63.111.0/24 maxlen: 24
212.63.108.0/24 maxlen: 24
89.46.91.0/24 maxlen: 24
89.46.88.0/24 maxlen: 24
89.46.90.0/24 maxlen: 24
89.46.89.0/24 maxlen: 24
185.45.73.0/24 maxlen: 24
185.45.74.0/24 maxlen: 24
185.45.75.0/24 maxlen: 24
185.23.117.0/24 maxlen: 24
185.23.116.0/24 maxlen: 24
185.23.118.0/24 maxlen: 24
185.23.119.0/24 maxlen: 24
185.18.199.0/24 maxlen: 24
185.18.198.0/24 maxlen: 24
185.92.245.0/24 maxlen: 24
185.92.244.0/24 maxlen: 24
217.148.139.0/24 maxlen: 24
185.92.246.0/24 maxlen: 24
217.148.138.0/24 maxlen: 24
185.92.247.0/24 maxlen: 24
185.177.152.0/24 maxlen: 24
185.177.154.0/24 maxlen: 24
185.177.155.0/24 maxlen: 24
185.177.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:60:6f:66:e1:75:3f:1a:5c:03:a4:f2:52:c2:4c:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc3cb20c5ca7c4ed8e42078b1a67287a0d991cec
Validity
Not Before: May 2 07:32:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4877be17d34b1e1d21d8d0eb22102b164c9da6cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c6:ae:c7:e9:f5:bd:14:2e:47:a5:86:1e:ac:
f3:22:69:f3:3b:2e:0f:1c:80:7b:11:bd:41:43:fd:
c1:98:cd:36:4f:53:ef:56:24:3d:06:6c:cc:16:f2:
5d:d9:d8:b8:b5:af:81:65:4c:bc:08:ce:1b:5a:ec:
b0:5e:c6:ef:84:9f:af:4a:9b:ce:a9:65:12:ca:a9:
fc:7e:b0:09:48:5c:b0:67:02:70:d9:a7:78:b7:25:
5b:51:9a:a9:dc:7b:15:04:98:c3:65:78:b8:f6:eb:
44:fb:45:c1:f9:14:e7:19:d3:05:ad:c4:72:76:bd:
8f:32:03:62:67:84:86:a1:f0:1a:5e:f6:a5:a1:6b:
86:61:ab:9f:03:29:69:4f:0d:1d:ef:af:40:d0:bd:
17:28:6e:db:92:c3:78:dc:4d:5d:93:21:59:14:3f:
b0:d3:12:b0:9d:aa:d7:4f:ef:c9:f4:8a:d3:d7:5c:
1c:b3:d1:be:2e:19:2f:31:48:b9:5a:a0:ad:9e:fa:
7c:54:bf:d0:44:71:b9:71:67:61:88:ed:b0:f9:06:
8c:a7:87:1f:30:05:a9:02:eb:af:dc:a2:8a:55:6b:
7b:01:73:00:c2:c1:c6:8f:e8:8e:fc:64:1e:ef:ae:
11:4e:ac:81:a8:c6:ce:0e:40:19:fb:ee:a6:fe:74:
71:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:77:BE:17:D3:4B:1E:1D:21:D8:D0:EB:22:10:2B:16:4C:9D:A6:CC
X509v3 Authority Key Identifier:
keyid:DC:3C:B2:0C:5C:A7:C4:ED:8E:42:07:8B:1A:67:28:7A:0D:99:1C:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DyyDFynxO2OQgeLGmcoeg2ZHOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/SHe-F9NLHh0h2NDrIhArFkydpsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/3DyyDFynxO2OQgeLGmcoeg2ZHOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.88.0/22
185.18.198.0/23
185.23.116.0/22
185.45.73.0-185.45.75.255
185.68.108.0/22
185.92.244.0/22
185.177.152.0/22
212.63.108.0/22
217.148.138.0/23
Signature Algorithm: sha256WithRSAEncryption
20:43:d7:3f:38:1c:04:ca:3a:c9:8c:af:40:7a:45:b0:af:bf:
f8:a8:bf:a2:5a:c6:60:90:c8:24:bb:3b:a5:44:fb:3c:6e:56:
11:3d:07:c7:2a:4c:48:60:aa:99:f6:6b:00:d8:ba:cd:a6:8a:
98:43:6b:15:1b:c8:b6:d9:89:7d:1b:3b:84:8a:3b:5d:d4:18:
f2:b9:6d:bc:ea:64:4f:a2:7f:fd:23:b2:95:4b:a9:7d:6d:0b:
8a:54:88:73:31:69:b1:f1:6e:14:51:51:c6:16:c6:0f:f0:36:
81:cb:a1:09:1e:d6:44:fa:43:23:aa:6f:bc:5a:37:39:03:50:
79:35:bd:9b:b7:c0:ce:7d:08:b5:14:dd:09:3f:02:6b:7e:57:
80:29:2b:e6:6c:83:0d:48:d0:4e:9b:49:76:e3:b8:00:db:b9:
ec:d7:d7:4b:c1:ea:85:88:67:9e:8f:c2:d0:dc:2e:54:e0:db:
c8:c2:a8:66:4e:ec:a3:da:a7:e4:f7:53:cf:20:57:01:f7:41:
3b:e8:b9:4d:6c:d4:26:82:9f:1e:44:ac:8c:03:a0:0b:73:21:
70:ba:57:68:6e:b7:03:68:f3:ef:59:1d:3d:48:70:91:07:0c:
c9:bd:8d:9b:76:32:d0:ac:a1:09:70:1a:8d:76:cb:95:b4:2d:
20:48:f1:b9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYfbYG9m4XU/GlwDpPJSwkxvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjM2NiMjBjNWNhN2M0ZWQ4ZTQyMDc4YjFhNjcyODdhMGQ5
OTFjZWMwHhcNMjMwNTAyMDczMjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODc3YmUxN2QzNGIxZTFkMjFkOGQwZWIyMjEwMmIxNjRjOWRhNmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsaux+n1vRQuR6WGHqzzImnzOy4P
HIB7Eb1BQ/3BmM02T1PvViQ9BmzMFvJd2di4ta+BZUy8CM4bWuywXsbvhJ+vSpvO
qWUSyqn8frAJSFywZwJw2ad4tyVbUZqp3HsVBJjDZXi49utE+0XB+RTnGdMFrcRy
dr2PMgNiZ4SGofAaXvaloWuGYaufAylpTw0d769A0L0XKG7bksN43E1dkyFZFD+w
0xKwnarXT+/J9IrT11wcs9G+LhkvMUi5WqCtnvp8VL/QRHG5cWdhiO2w+QaMp4cf
MAWpAuuv3KKKVWt7AXMAwsHGj+iO/GQe764RTqyBqMbODkAZ++6m/nRxvQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFEh3vhfTSx4dIdjQ6yIQKxZMnabMMB8GA1UdIwQY
MBaAFNw8sgxcp8TtjkIHixpnKHoNmRzsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0R5eURGeW54TzJPUWdlTEdtY29lZzJaSE93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hODVmM2QtNjVhMi00ZjZjLTljYjkt
ODI2NjBlZTRlYWM0LzEvU0hlLUY5TkxIaDBoMk5EckloQXJGa3lkcHN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hODVmM2QtNjVhMi00ZjZjLTljYjktODI2NjBlZTRlYWM0
LzEvM0R5eURGeW54TzJPUWdlTEdtY29lZzJaSE93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQCWS5YAwQB
uRLGAwQCuRd0MAwDBAC5LUkDBAK5LUgDBAK5RGwDBAK5XPQDBAK5sZgDBALUP2wD
BAHZlIowDQYJKoZIhvcNAQELBQADggEBACBD1z84HATKOsmMr0B6RbCvv/iov6Ja
xmCQyCS7O6VE+zxuVhE9B8cqTEhgqpn2awDYus2miphDaxUbyLbZiX0bO4SKO13U
GPK5bbzqZE+if/0jspVLqX1tC4pUiHMxabHxbhRRUcYWxg/wNoHLoQke1kT6QyOq
b7xaNzkDUHk1vZu3wM59CLUU3Qk/Amt+V4ApK+Zsgw1I0E6bSXbjuADbuezX10vB
6oWIZ56PwtDcLlTg28jCqGZO7KPap+T3U88gVwH3QTvouU1s1CaCnx5ErIwDoAtz
IXC6V2hutwNo8+9ZHT1IcJEHDMm9jZt2MtCsoQlwGo12y5W0LSBI8bk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:33 2024 by rpki-client on console-fra.rpki-client.org