Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/44Ctfw_gHATQd9Stb1aj6ExRmec.roa
File: 44Ctfw_gHATQd9Stb1aj6ExRmec.roa (raw, json)
Hash identifier: iEDZCRc/8rS/cGEYX5qG47EMVyqgOf2Ae71+aI0caQU=
Subject key identifier: E3:80:AD:7F:0F:E0:1C:04:D0:77:D4:AD:6F:56:A3:E8:4C:51:99:E7
Certificate issuer: /CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Certificate serial: 018CF492A6B297689EF785784AD0E41A8948
Authority key identifier: EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/44Ctfw_gHATQd9Stb1aj6ExRmec.roa
Signing time: Wed 10 Jan 2024 18:11:40 +0000
ROA not before: Wed 10 Jan 2024 18:11:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203217
IP address blocks: 144.86.230.0/23 maxlen: 23
144.86.228.0/23 maxlen: 23
144.86.228.0/22 maxlen: 22
144.86.228.0/24 maxlen: 24
144.86.229.0/24 maxlen: 24
144.86.230.0/24 maxlen: 24
144.86.231.0/24 maxlen: 24
185.254.13.0/24 maxlen: 24
185.254.14.0/24 maxlen: 24
185.254.15.0/24 maxlen: 24
185.138.121.0/24 maxlen: 24
185.138.122.0/24 maxlen: 24
185.138.120.0/23 maxlen: 23
185.138.123.0/24 maxlen: 24
185.138.122.0/23 maxlen: 23
185.138.120.0/24 maxlen: 24
199.74.188.0/24 maxlen: 24
199.74.190.0/23 maxlen: 23
199.74.191.0/24 maxlen: 24
199.74.188.0/23 maxlen: 23
199.74.189.0/24 maxlen: 24
199.74.190.0/24 maxlen: 24
93.180.218.0/24 maxlen: 24
93.180.218.0/23 maxlen: 23
93.180.219.0/24 maxlen: 24
93.180.216.0/24 maxlen: 24
93.180.217.0/24 maxlen: 24
93.180.220.0/24 maxlen: 24
93.180.221.0/24 maxlen: 24
93.180.222.0/24 maxlen: 24
93.180.223.0/24 maxlen: 24
195.133.220.0/24 maxlen: 24
195.133.221.0/24 maxlen: 24
195.133.222.0/24 maxlen: 24
195.133.223.0/24 maxlen: 24
195.133.220.0/23 maxlen: 23
185.20.196.0/24 maxlen: 24
185.20.196.0/23 maxlen: 23
185.20.198.0/23 maxlen: 23
185.20.197.0/24 maxlen: 24
185.20.198.0/24 maxlen: 24
185.20.199.0/24 maxlen: 24
2a0b:1880::/48 maxlen: 48
2a0b:1880:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 23 Jan 2024 14:41:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f4:92:a6:b2:97:68:9e:f7:85:78:4a:d0:e4:1a:89:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Validity
Not Before: Jan 10 18:11:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e380ad7f0fe01c04d077d4ad6f56a3e84c5199e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a4:07:62:29:44:25:4f:87:11:3a:e8:89:45:
1b:23:4b:0c:84:7b:32:f7:23:9c:24:05:5c:61:23:
1c:1e:8e:d3:5d:b7:50:3f:3c:d8:d1:58:7a:0f:4b:
d8:8d:da:1a:f0:5c:e9:50:3c:92:fb:50:48:4e:93:
c1:41:93:7a:76:be:fb:7c:ba:24:1f:46:58:ea:15:
15:b2:ee:be:86:93:97:e2:8e:89:32:e5:44:de:84:
1b:7c:16:49:6b:c0:01:bf:a1:e4:95:c3:92:b2:63:
dc:07:c2:b8:75:30:58:36:a3:34:da:8d:49:05:73:
d6:57:15:0a:33:6b:f6:b6:d6:e7:38:75:83:df:dd:
43:6d:92:84:22:65:ad:92:3c:35:59:c3:3f:22:a7:
e6:ef:73:1f:42:97:90:79:53:cf:7b:ee:bc:da:44:
98:7a:94:04:02:3a:2d:05:5f:cf:c0:56:ea:8c:3d:
5a:7d:bd:4a:b3:69:20:47:5a:fd:62:86:0a:bd:9e:
28:51:37:a6:e5:f4:dc:39:32:a9:ae:3b:1e:d1:4a:
82:65:de:18:b4:a3:8e:52:cb:1b:33:6f:35:3b:bd:
79:3c:d6:e0:14:02:6e:6e:92:35:6d:70:fe:d7:ce:
32:68:da:18:81:0f:9b:af:df:a1:2b:c2:25:fa:65:
4e:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:80:AD:7F:0F:E0:1C:04:D0:77:D4:AD:6F:56:A3:E8:4C:51:99:E7
X509v3 Authority Key Identifier:
keyid:EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/44Ctfw_gHATQd9Stb1aj6ExRmec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.180.216.0/21
144.86.228.0/22
185.20.196.0/22
185.138.120.0/22
185.254.13.0-185.254.15.255
195.133.220.0/22
199.74.188.0/22
IPv6:
2a0b:1880::/47
Signature Algorithm: sha256WithRSAEncryption
b4:fc:74:f1:f0:4d:ae:8a:01:b2:ff:d9:ad:e2:99:93:ea:c6:
f4:12:52:31:f2:b7:ba:76:b6:8a:74:de:39:12:6d:02:66:56:
64:34:7a:e2:8f:c4:25:84:c5:94:f6:15:81:aa:26:02:63:c5:
09:f3:29:80:46:a4:da:2f:3c:14:5e:b6:9f:52:7c:19:b5:b9:
05:44:b4:96:14:aa:b1:ed:b6:b4:21:5e:39:8f:a8:68:ac:11:
df:21:92:25:57:d1:81:09:6e:3c:1e:17:db:7b:d0:0c:c0:3c:
43:35:4d:52:ea:de:42:cc:51:3e:82:9b:5d:11:38:d5:58:95:
93:4e:80:eb:26:cf:cd:cb:8f:c6:e2:f4:33:f5:34:79:9d:8d:
29:ce:72:3e:c7:f8:a0:70:0e:56:30:b5:e8:6d:d5:28:6a:0e:
bc:02:00:e4:db:ad:bc:ea:a5:05:29:8c:6b:58:c3:30:44:2f:
de:ff:63:7d:2a:25:f0:f7:0d:cb:57:26:2e:e1:fc:3d:58:11:
a9:23:5c:6d:a0:0e:55:19:a8:e0:6d:dd:c6:45:93:ed:8d:6a:
f4:54:8a:9f:25:fc:b3:91:76:b9:93:4d:aa:68:ad:dc:49:10:
7c:da:33:fa:b3:60:45:13:94:2e:b7:f3:aa:a4:06:28:5f:5e:
d8:fa:d3:cb
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYz0kqayl2ie94V4StDkGolIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTRkOWU0MWVhNWUyZDE2MWI3YzRjZGIyZTQ3MDJjNGYy
NDhlMTQwHhcNMjQwMTEwMTgxMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzgwYWQ3ZjBmZTAxYzA0ZDA3N2Q0YWQ2ZjU2YTNlODRjNTE5OWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6QHYilEJU+HETroiUUbI0sMhHsy
9yOcJAVcYSMcHo7TXbdQPzzY0Vh6D0vYjdoa8FzpUDyS+1BITpPBQZN6dr77fLok
H0ZY6hUVsu6+hpOX4o6JMuVE3oQbfBZJa8ABv6HklcOSsmPcB8K4dTBYNqM02o1J
BXPWVxUKM2v2ttbnOHWD391DbZKEImWtkjw1WcM/Iqfm73MfQpeQeVPPe+682kSY
epQEAjotBV/PwFbqjD1afb1Ks2kgR1r9YoYKvZ4oUTem5fTcOTKprjse0UqCZd4Y
tKOOUssbM281O715PNbgFAJubpI1bXD+184yaNoYgQ+br9+hK8Il+mVOrQIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFOOArX8P4BwE0HfUrW9Wo+hMUZnnMB8GA1UdIwQY
MBaAFO9U2eQepeLRYbfEzbLkcCxPJI4UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzIt
ZmJjNmZjYjVlN2E2LzEvNDRDdGZ3X2dIQVRRZDlTdGIxYWo2RXhSbWVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzItZmJjNmZjYjVlN2E2
LzEvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzA4BAIAATAyAwQDXbTYAwQC
kFbkAwQCuRTEAwQCuYp4MAwDBAC5/g0DBAS5/gADBALDhdwDBALHSrwwDwQCAAIw
CQMHASoLGIAAADANBgkqhkiG9w0BAQsFAAOCAQEAtPx08fBNrooBsv/ZreKZk+rG
9BJSMfK3una2inTeORJtAmZWZDR64o/EJYTFlPYVgaomAmPFCfMpgEak2i88FF62
n1J8GbW5BUS0lhSqse22tCFeOY+oaKwR3yGSJVfRgQluPB4X23vQDMA8QzVNUure
QsxRPoKbXRE41ViVk06A6ybPzcuPxuL0M/U0eZ2NKc5yPsf4oHAOVjC16G3VKGoO
vAIA5NutvOqlBSmMa1jDMEQv3v9jfSol8PcNy1cmLuH8PVgRqSNcbaAOVRmo4G3d
xkWT7Y1q9FSKnyX8s5F2uZNNqmit3EkQfNoz+rNgRROULrfzqqQGKF9e2PrTyw==
-----END CERTIFICATE-----
Generated at Tue Jan 23 17:46:24 2024 by rpki-client on console-fra.rpki-client.org