Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/C3PB53nEfmhrHrwKPBJjvp_USt8.roa
File: C3PB53nEfmhrHrwKPBJjvp_USt8.roa (raw, json)
Hash identifier: ZE4c1IVD+WjjEA2FPugY058Jp1ubLEMtQgoOfK0H/dE=
Subject key identifier: 0B:73:C1:E7:79:C4:7E:68:6B:1E:BC:0A:3C:12:63:BE:9F:D4:4A:DF
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 018B90988356D2A98769F02201523ABB283A
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/C3PB53nEfmhrHrwKPBJjvp_USt8.roa
Signing time: Thu 02 Nov 2023 15:13:15 +0000
ROA not before: Thu 02 Nov 2023 15:13:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24961
IP address blocks: 185.219.208.0/22 maxlen: 22
78.31.64.0/21 maxlen: 21
93.186.192.0/20 maxlen: 20
83.136.80.0/21 maxlen: 21
46.20.32.0/20 maxlen: 20
85.114.128.0/19 maxlen: 24
5.104.104.0/21 maxlen: 21
85.14.192.0/18 maxlen: 18
62.141.32.0/20 maxlen: 20
37.157.248.0/21 maxlen: 21
46.228.192.0/20 maxlen: 20
194.107.129.0/24 maxlen: 24
81.30.144.0/20 maxlen: 20
80.82.208.0/20 maxlen: 20
91.212.159.0/24 maxlen: 24
91.212.153.0/24 maxlen: 24
89.163.128.0/17 maxlen: 17
146.0.32.0/20 maxlen: 20
91.194.84.0/24 maxlen: 24
213.202.192.0/18 maxlen: 18
5.199.128.0/20 maxlen: 20
185.15.244.0/22 maxlen: 22
217.79.176.0/20 maxlen: 20
193.111.198.0/23 maxlen: 23
2001:4ba4::/32 maxlen: 32
2a01:480::/32 maxlen: 32
2001:4ba1::/32 maxlen: 32
2001:4ba0::/32 maxlen: 32
2001:4ba3::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 03 Nov 2023 20:09:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:90:98:83:56:d2:a9:87:69:f0:22:01:52:3a:bb:28:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Nov 2 15:13:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b73c1e779c47e686b1ebc0a3c1263be9fd44adf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:87:a5:ae:34:2f:ee:59:2e:a5:46:c7:28:3c:
d1:4d:ba:ac:fd:9d:26:57:f4:f0:26:cb:d0:a7:60:
16:ad:ee:7c:2c:20:99:6b:7c:c1:97:da:35:35:c3:
9b:de:c2:cc:a2:db:3e:a8:f7:4f:54:07:7c:4f:eb:
0c:82:28:ef:86:c9:91:a1:ea:46:40:54:68:59:24:
93:ac:4b:9b:36:06:14:c7:18:ac:bf:65:b7:fb:a4:
b1:ce:38:40:78:ba:51:7c:52:2f:82:f9:3e:7d:f6:
08:b1:07:c8:77:e5:4f:c6:ab:24:5a:85:66:0f:a1:
2a:e6:e1:45:df:f2:f3:a7:3a:01:25:23:85:b2:bc:
73:79:b4:a8:e8:ab:3b:94:15:c9:3b:78:f0:cf:c9:
c7:3e:89:c7:f3:66:c9:c0:f7:a9:03:1e:86:88:8a:
cf:0f:c1:39:04:39:3b:70:a1:03:17:4b:07:20:0e:
66:80:e9:cf:4c:fd:46:8c:6f:72:57:5d:d1:8f:d5:
fc:6a:a5:34:0f:8d:71:0b:78:e8:96:8c:fd:a1:b7:
fb:ae:d9:9b:be:0b:a0:9f:30:c7:f0:69:a4:ec:d2:
43:b6:2a:c4:a5:90:54:e1:71:53:00:b6:f3:a8:17:
86:57:2d:f9:2f:e4:c6:13:fa:a4:f0:85:c1:cd:12:
5a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:73:C1:E7:79:C4:7E:68:6B:1E:BC:0A:3C:12:63:BE:9F:D4:4A:DF
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/C3PB53nEfmhrHrwKPBJjvp_USt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.104.0/21
5.199.128.0/20
37.157.248.0/21
46.20.32.0/20
46.228.192.0/20
62.141.32.0/20
78.31.64.0/21
80.82.208.0/20
81.30.144.0/20
83.136.80.0/21
85.14.192.0/18
85.114.128.0/19
89.163.128.0/17
91.194.84.0/24
91.212.153.0/24
91.212.159.0/24
93.186.192.0/20
146.0.32.0/20
185.15.244.0/22
185.219.208.0/22
193.111.198.0/23
194.107.129.0/24
213.202.192.0/18
217.79.176.0/20
IPv6:
2001:4ba0::/31
2001:4ba3::-2001:4ba4:ffff:ffff:ffff:ffff:ffff:ffff
2a01:480::/32
Signature Algorithm: sha256WithRSAEncryption
81:42:72:df:7d:77:34:07:fc:b2:da:d1:31:17:f9:92:ec:84:
73:2e:a4:68:d5:3d:f1:f5:c1:b4:9e:c9:e7:c7:7d:9f:b5:87:
bd:6e:df:e1:b6:b3:9e:ea:1b:b7:2d:c9:6c:7e:a3:40:35:b3:
bc:fb:b7:a5:71:85:0c:d5:15:1f:cc:04:dc:d7:fc:94:79:1f:
52:40:28:46:3a:87:8d:25:7e:dc:a9:28:b0:9a:da:e8:fa:5c:
2f:7d:87:03:53:a7:4d:96:3f:45:3e:4f:ea:bc:8c:a1:89:bb:
50:fb:0a:36:d9:f1:e5:ff:d0:15:f6:0f:d7:e2:7e:52:b2:14:
78:5c:13:ca:5e:a1:7b:b7:80:f7:92:98:e8:25:7c:54:c7:ec:
8d:4c:0a:6b:c6:dc:83:7f:d6:aa:77:66:df:62:1a:b0:1c:c2:
f7:e8:90:52:4b:97:68:09:21:c0:69:6a:f8:13:41:de:fc:7e:
f8:2c:2c:e8:ca:39:f2:7d:ad:ec:ab:ad:33:69:33:0e:4d:bb:
e2:e4:36:43:27:d3:23:6f:3d:2e:4a:63:d3:79:f8:6e:fd:20:
62:68:73:92:74:bd:8a:66:e9:39:8b:a4:94:9d:26:07:a6:37:
09:59:8b:1e:fd:f1:f8:09:8c:9e:62:54:cb:54:0f:ca:26:02:
34:3b:cf:ac
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAYuQmINW0qmHafAiAVI6uyg6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjMxMTAyMTUxMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjczYzFlNzc5YzQ3ZTY4NmIxZWJjMGEzYzEyNjNiZTlmZDQ0YWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoelrjQv7lkupUbHKDzRTbqs/Z0m
V/TwJsvQp2AWre58LCCZa3zBl9o1NcOb3sLMots+qPdPVAd8T+sMgijvhsmRoepG
QFRoWSSTrEubNgYUxxisv2W3+6SxzjhAeLpRfFIvgvk+ffYIsQfId+VPxqskWoVm
D6Eq5uFF3/LzpzoBJSOFsrxzebSo6Ks7lBXJO3jwz8nHPonH82bJwPepAx6GiIrP
D8E5BDk7cKEDF0sHIA5mgOnPTP1GjG9yV13Rj9X8aqU0D41xC3joloz9obf7rtmb
vgugnzDH8Gmk7NJDtirEpZBU4XFTALbzqBeGVy35L+TGE/qk8IXBzRJagQIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFAtzwed5xH5oax68CjwSY76f1ErfMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvQzNQQjUzbkVmbWhySHJ3S1BCSmp2cF9VU3Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBlwQCAAEwgZADBAMF
aGgDBAQFx4ADBAMlnfgDBAQuFCADBAQu5MADBAQ+jSADBANOH0ADBARQUtADBARR
HpADBANTiFADBAZVDsADBAVVcoADBAdZo4ADBABbwlQDBABb1JkDBABb1J8DBARd
usADBASSACADBAK5D/QDBAK529ADBAHBb8YDBADCa4EDBAbVysADBATZT7AwJAQC
AAIwHgMFASABS6AwDgMFACABS6MDBQAgAUukAwUAKgEEgDANBgkqhkiG9w0BAQsF
AAOCAQEAgUJy3313NAf8strRMRf5kuyEcy6kaNU98fXBtJ7J58d9n7WHvW7f4baz
nuobty3JbH6jQDWzvPu3pXGFDNUVH8wE3Nf8lHkfUkAoRjqHjSV+3KkosJra6Ppc
L32HA1OnTZY/RT5P6ryMoYm7UPsKNtnx5f/QFfYP1+J+UrIUeFwTyl6he7eA95KY
6CV8VMfsjUwKa8bcg3/Wqndm32IasBzC9+iQUkuXaAkhwGlq+BNB3vx++Cws6Mo5
8n2t7KutM2kzDk274uQ2QyfTI289Lkpj03n4bv0gYmhzknS9imbpOYuklJ0mB6Y3
CVmLHv3x+AmMnmJUy1QPyiYCNDvPrA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:21 2024 by rpki-client on console-ams.rpki-client.org