Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/185eb3-2ab2-45b5-aa33-015ea5019520/1/u4f2kOO1C-1mdhwg5DVkKFAhUIM.roa
File: u4f2kOO1C-1mdhwg5DVkKFAhUIM.roa (raw, json)
Hash identifier: FvN+Loz0Gjp7re5km5eBvo3F+tEA8UtjGW8ph3BAprY=
Subject key identifier: BB:87:F6:90:E3:B5:0B:ED:66:76:1C:20:E4:35:64:28:50:21:50:83
Certificate issuer: /CN=a8e4918fc7fdfb73bba8cf58d4cb5fe449cf83f6
Certificate serial: 018C0FF71BC01512EC6E2C06ED74062A23EE
Authority key identifier: A8:E4:91:8F:C7:FD:FB:73:BB:A8:CF:58:D4:CB:5F:E4:49:CF:83:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qOSRj8f9-3O7qM9Y1Mtf5EnPg_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/185eb3-2ab2-45b5-aa33-015ea5019520/1/u4f2kOO1C-1mdhwg5DVkKFAhUIM.roa
Signing time: Mon 27 Nov 2023 08:48:21 +0000
ROA not before: Mon 27 Nov 2023 08:48:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29066
IP address blocks: 185.136.164.0/22 maxlen: 22
185.136.160.0/22 maxlen: 22
185.136.168.0/22 maxlen: 22
78.138.96.0/21 maxlen: 21
87.119.220.0/22 maxlen: 22
78.138.104.0/22 maxlen: 22
92.42.104.0/21 maxlen: 21
92.204.240.0/20 maxlen: 20
78.138.118.0/24 maxlen: 24
37.61.208.0/20 maxlen: 20
78.138.126.0/23 maxlen: 23
92.204.160.0/19 maxlen: 19
195.69.240.0/22 maxlen: 22
146.0.224.0/19 maxlen: 19
92.205.152.0/22 maxlen: 22
92.204.200.0/21 maxlen: 21
87.119.195.0/24 maxlen: 24
185.136.156.0/22 maxlen: 22
85.195.64.0/18 maxlen: 18
92.205.112.0/20 maxlen: 20
185.19.216.0/22 maxlen: 22
92.204.96.0/21 maxlen: 21
2a01:7a0::/29 maxlen: 29
2a01:7a7::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0f:f7:1b:c0:15:12:ec:6e:2c:06:ed:74:06:2a:23:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8e4918fc7fdfb73bba8cf58d4cb5fe449cf83f6
Validity
Not Before: Nov 27 08:48:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb87f690e3b50bed66761c20e435642850215083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c4:3f:12:f9:34:96:55:58:6c:6f:76:4f:45:
be:cd:c2:f7:ca:29:93:ee:5e:5f:19:18:56:40:ff:
dd:0a:a7:98:23:8a:b8:1e:23:f6:4d:11:e9:29:79:
c9:62:d7:73:2d:b2:b3:df:1f:49:3a:60:29:ae:61:
32:54:f9:ae:e7:71:b4:99:c2:c0:21:59:5c:10:14:
f8:a2:62:c9:70:7c:ed:41:f4:97:ba:c1:e1:e5:24:
96:21:1f:de:35:a0:b5:27:b2:5b:75:4f:f5:c9:98:
69:c5:b7:75:ae:1b:8b:9f:2c:0e:b5:85:38:60:91:
2a:96:ca:fb:57:f9:c3:a5:30:91:35:82:06:f2:bc:
66:d0:28:77:18:7c:23:2a:00:f8:c6:7e:35:16:a5:
27:c8:7a:46:37:1b:e7:4e:d7:51:7a:31:e3:18:c0:
26:dc:e1:c5:fe:c3:dd:e9:98:d1:26:f3:04:3e:de:
ff:9c:70:d2:75:34:8e:c4:04:a1:a0:75:08:76:75:
1d:b1:85:c0:74:10:03:97:90:6d:ad:02:52:7e:b1:
c0:ef:9a:e5:90:11:f7:89:77:73:d3:fb:36:77:1e:
e1:fc:43:c7:dd:ae:63:df:cd:b9:42:ed:f9:4f:81:
8b:14:40:61:02:78:e7:7b:90:1a:56:e0:1f:64:c8:
f7:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:87:F6:90:E3:B5:0B:ED:66:76:1C:20:E4:35:64:28:50:21:50:83
X509v3 Authority Key Identifier:
keyid:A8:E4:91:8F:C7:FD:FB:73:BB:A8:CF:58:D4:CB:5F:E4:49:CF:83:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qOSRj8f9-3O7qM9Y1Mtf5EnPg_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/185eb3-2ab2-45b5-aa33-015ea5019520/1/u4f2kOO1C-1mdhwg5DVkKFAhUIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/185eb3-2ab2-45b5-aa33-015ea5019520/1/qOSRj8f9-3O7qM9Y1Mtf5EnPg_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.61.208.0/20
78.138.96.0-78.138.107.255
78.138.118.0/24
78.138.126.0/23
85.195.64.0/18
87.119.195.0/24
87.119.220.0/22
92.42.104.0/21
92.204.96.0/21
92.204.160.0/19
92.204.200.0/21
92.204.240.0/20
92.205.112.0/20
92.205.152.0/22
146.0.224.0/19
185.19.216.0/22
185.136.156.0-185.136.171.255
195.69.240.0/22
IPv6:
2a01:7a0::/29
Signature Algorithm: sha256WithRSAEncryption
30:ca:04:bc:7c:dc:c6:f3:62:26:b8:9f:4e:7f:39:18:33:b6:
28:7c:74:ba:1a:df:d4:0b:cc:1e:f1:df:88:f3:3e:cb:6c:7a:
50:b5:6e:cc:15:a1:7a:88:3b:95:64:6a:cf:5e:7e:46:cb:ae:
40:d7:35:03:8d:0a:4a:26:1e:c1:98:95:2c:a4:11:12:2e:50:
0d:aa:73:e7:91:f4:7f:fa:c7:03:65:91:4e:bb:27:cf:46:bc:
ff:10:71:e4:5f:cb:af:07:aa:4d:a3:4c:4d:32:41:c6:ea:f0:
bb:b7:b0:ca:42:f6:5f:6f:f4:27:c5:26:df:ad:f1:d8:fc:76:
96:56:9d:a6:69:f1:a2:0e:ef:b4:06:9b:f2:44:02:41:a1:e6:
04:44:92:0c:f0:13:7f:b2:63:9b:81:b2:bc:77:23:8c:21:95:
e3:21:62:d2:09:c6:a6:36:c2:0a:3d:c8:22:aa:9c:d0:b6:6a:
7a:1a:5b:8f:7c:26:a6:bc:d1:ad:4e:6e:90:7f:d2:74:fa:59:
36:3e:31:7c:dd:71:3f:f4:32:e4:a3:e5:a7:09:fe:a3:9e:59:
eb:71:9b:7c:e5:dc:bb:a0:d4:5b:bc:98:53:84:a8:71:d1:78:
bf:02:0b:26:db:db:92:ba:3f:3a:22:44:95:1b:8b:b2:5b:95:
71:b8:af:84
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYwP9xvAFRLsbiwG7XQGKiPuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ZTQ5MThmYzdmZGZiNzNiYmE4Y2Y1OGQ0Y2I1ZmU0NDlj
ZjgzZjYwHhcNMjMxMTI3MDg0ODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjg3ZjY5MGUzYjUwYmVkNjY3NjFjMjBlNDM1NjQyODUwMjE1MDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsQ/Evk0llVYbG92T0W+zcL3yimT
7l5fGRhWQP/dCqeYI4q4HiP2TRHpKXnJYtdzLbKz3x9JOmAprmEyVPmu53G0mcLA
IVlcEBT4omLJcHztQfSXusHh5SSWIR/eNaC1J7JbdU/1yZhpxbd1rhuLnywOtYU4
YJEqlsr7V/nDpTCRNYIG8rxm0Ch3GHwjKgD4xn41FqUnyHpGNxvnTtdRejHjGMAm
3OHF/sPd6ZjRJvMEPt7/nHDSdTSOxAShoHUIdnUdsYXAdBADl5BtrQJSfrHA75rl
kBH3iXdz0/s2dx7h/EPH3a5j3825Qu35T4GLFEBhAnjne5AaVuAfZMj3vwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFLuH9pDjtQvtZnYcIOQ1ZChQIVCDMB8GA1UdIwQY
MBaAFKjkkY/H/ftzu6jPWNTLX+RJz4P2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcU9TUmo4ZjktM083cU05WTFNdGY1RW5QZ19ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8xODVlYjMtMmFiMi00NWI1LWFhMzMt
MDE1ZWE1MDE5NTIwLzEvdTRmMmtPTzFDLTFtZGh3ZzVEVmtLRkFoVUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8xODVlYjMtMmFiMi00NWI1LWFhMzMtMDE1ZWE1MDE5NTIw
LzEvcU9TUmo4ZjktM083cU05WTFNdGY1RW5QZ19ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBggQCAAEwfAMEBCU9
0DAMAwQFTopgAwQCTopoAwQATop2AwQBTop+AwQGVcNAAwQAV3fDAwQCV3fcAwQD
XCpoAwQDXMxgAwQFXMygAwQDXMzIAwQEXMzwAwQEXM1wAwQCXM2YAwQFkgDgAwQC
uRPYMAwDBAK5iJwDBAK5iKgDBALDRfAwDQQCAAIwBwMFAyoBB6AwDQYJKoZIhvcN
AQELBQADggEBADDKBLx83MbzYia4n05/ORgztih8dLoa39QLzB7x34jzPstselC1
bswVoXqIO5Vkas9efkbLrkDXNQONCkomHsGYlSykERIuUA2qc+eR9H/6xwNlkU67
J89GvP8QceRfy68Hqk2jTE0yQcbq8Lu3sMpC9l9v9CfFJt+t8dj8dpZWnaZp8aIO
77QGm/JEAkGh5gREkgzwE3+yY5uBsrx3I4whleMhYtIJxqY2wgo9yCKqnNC2anoa
W498Jqa80a1ObpB/0nT6WTY+MXzdcT/0MuSj5acJ/qOeWetxm3zl3Lug1Fu8mFOE
qHHReL8CCybb25K6PzoiRJUbi7JblXG4r4Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:44 2024 by rpki-client on console-fra.rpki-client.org