Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/u0SFATIsIeMST_N4hFXQDPQpoA0.roa
File: u0SFATIsIeMST_N4hFXQDPQpoA0.roa (raw, json)
Hash identifier: gKw3HyJghaWKHz+28W2KyY/sBaD0TlMeowobdHbmq8Y=
Subject key identifier: BB:44:85:01:32:2C:21:E3:12:4F:F3:78:84:55:D0:0C:F4:29:A0:0D
Certificate issuer: /CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Certificate serial: 018CC3B733363A90D20F5B95E4F915355811
Authority key identifier: 32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/u0SFATIsIeMST_N4hFXQDPQpoA0.roa
Signing time: Mon 01 Jan 2024 06:30:12 +0000
ROA not before: Mon 01 Jan 2024 06:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210021
IP address blocks: 86.105.144.0/24 maxlen: 24
86.105.145.0/24 maxlen: 24
86.105.147.0/24 maxlen: 24
86.105.146.0/24 maxlen: 24
185.206.172.0/24 maxlen: 24
185.206.172.0/22 maxlen: 22
185.206.175.0/24 maxlen: 24
185.206.174.0/24 maxlen: 24
185.206.173.0/24 maxlen: 24
31.14.231.0/24 maxlen: 24
31.14.230.0/24 maxlen: 24
31.14.229.0/24 maxlen: 24
31.14.228.0/22 maxlen: 22
31.14.228.0/24 maxlen: 24
2a05:27c0:1::/48 maxlen: 48
2a05:27c0::/48 maxlen: 48
2a05:27c0:4::/48 maxlen: 64
2a05:27c0:2::/48 maxlen: 64
2a05:27c0:3::/48 maxlen: 64
Validation: Failed, certificate revoked on Fri 09 Feb 2024 12:29:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:33:36:3a:90:d2:0f:5b:95:e4:f9:15:35:58:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Validity
Not Before: Jan 1 06:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb448501322c21e3124ff3788455d00cf429a00d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f1:0e:31:b8:99:53:c9:dc:6a:ed:fc:78:f0:
78:7e:a1:ed:dc:7d:d9:72:c4:29:4a:5b:63:d0:5c:
b5:84:eb:43:77:36:b9:24:87:ce:71:bb:7a:f4:a1:
12:88:20:35:c5:8c:49:43:a5:0b:53:6a:24:c3:d4:
2b:b9:49:55:be:4f:a4:19:ba:6e:f4:61:b1:97:fa:
74:46:a6:0c:a2:96:e0:50:3e:0e:fa:1e:d4:e1:3e:
5e:76:bc:a7:49:72:0c:78:d7:41:83:7d:83:6e:18:
bf:24:0e:e3:e5:c3:06:76:52:87:43:49:fc:00:60:
16:f3:11:b3:ca:98:ab:1a:df:2f:31:25:13:fe:20:
da:00:2f:e4:88:61:7d:31:08:53:5b:7c:63:31:11:
fc:6a:66:d9:ef:06:5f:b9:5c:ad:fe:3c:b2:f8:85:
b7:ef:5a:45:dd:3f:17:04:a2:ef:f6:a7:c4:b8:50:
b6:e4:d6:52:63:51:7e:90:62:90:c2:4a:83:4b:04:
56:04:36:30:35:d9:e4:07:a6:00:ad:1c:2f:2d:9d:
24:61:aa:cd:f7:95:ab:6a:f8:6b:72:92:8e:3f:76:
74:48:e4:9e:d3:bf:50:9d:4d:f0:fd:db:f1:3f:1a:
64:0d:f2:fe:f9:81:60:28:57:04:73:b4:14:6f:0e:
c8:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:44:85:01:32:2C:21:E3:12:4F:F3:78:84:55:D0:0C:F4:29:A0:0D
X509v3 Authority Key Identifier:
keyid:32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/u0SFATIsIeMST_N4hFXQDPQpoA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.228.0/22
86.105.144.0/22
185.206.172.0/22
IPv6:
2a05:27c0::-2a05:27c0:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
c5:1c:39:8c:a9:9b:9c:8c:91:d3:39:d2:b8:65:fa:51:dc:98:
96:b8:90:e9:03:c4:a1:0a:e1:2e:8f:e1:46:93:77:e2:3a:f4:
db:6e:51:fd:88:2f:4f:04:fd:93:bd:40:c3:d1:11:fe:1f:a8:
51:ba:df:75:b0:07:a4:00:60:ae:ef:ea:99:45:61:76:d4:10:
74:45:dc:11:76:98:9c:81:7b:b1:84:83:14:14:d9:58:fc:f2:
89:bf:2d:f8:69:3c:49:1e:03:7a:a6:f5:a2:e4:aa:60:09:7c:
4d:15:28:cc:62:51:bf:b3:28:9a:f5:50:ec:23:e2:57:f6:7b:
cb:70:23:a3:83:21:13:c7:74:8b:2e:fd:03:84:35:49:ff:33:
14:f0:de:30:80:d7:59:5d:3e:dd:de:a4:3d:f5:a1:3a:29:99:
f8:3c:4c:f6:7f:86:c3:f7:8d:e4:fe:5a:b2:14:60:51:29:d5:
b6:9b:cb:c6:b2:88:dd:c5:f1:44:8f:78:29:b4:f6:a2:a8:c0:
b8:70:bd:d3:a8:a8:df:99:e4:f8:9c:5b:6d:62:48:1f:cd:95:
cd:dc:ad:8b:d2:5b:c4:61:af:03:b5:d3:65:5d:5e:2c:50:b6:
d8:a1:f0:0f:8b:64:6b:49:b8:60:1c:52:c6:53:25:f6:3f:68:
d1:6b:24:6b
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzDtzM2OpDSD1uV5PkVNVgRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMjYzOWIzNWU1ZDlkMGZiMzY5NmZlMmZkNjFjYjZmNGMz
ZmE1MDQwHhcNMjQwMTAxMDYzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjQ0ODUwMTMyMmMyMWUzMTI0ZmYzNzg4NDU1ZDAwY2Y0MjlhMDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvEOMbiZU8ncau38ePB4fqHt3H3Z
csQpSltj0Fy1hOtDdza5JIfOcbt69KESiCA1xYxJQ6ULU2okw9QruUlVvk+kGbpu
9GGxl/p0RqYMopbgUD4O+h7U4T5edrynSXIMeNdBg32Dbhi/JA7j5cMGdlKHQ0n8
AGAW8xGzypirGt8vMSUT/iDaAC/kiGF9MQhTW3xjMRH8ambZ7wZfuVyt/jyy+IW3
71pF3T8XBKLv9qfEuFC25NZSY1F+kGKQwkqDSwRWBDYwNdnkB6YArRwvLZ0kYarN
95WravhrcpKOP3Z0SOSe079QnU3w/dvxPxpkDfL++YFgKFcEc7QUbw7IMQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFLtEhQEyLCHjEk/zeIRV0Az0KaANMB8GA1UdIwQY
MBaAFDImObNeXZ0Ps2lv4v1hy29MP6UEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmIt
YjViM2FlYWU5OGVhLzEvdTBTRkFUSXNJZU1TVF9ONGhGWFFEUFFwb0EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmItYjViM2FlYWU5OGVh
LzEvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQCHw7kAwQC
VmmQAwQCuc6sMBgEAgACMBIwEAMFBioFJ8ADBwAqBSfAAAQwDQYJKoZIhvcNAQEL
BQADggEBAMUcOYypm5yMkdM50rhl+lHcmJa4kOkDxKEK4S6P4UaTd+I69NtuUf2I
L08E/ZO9QMPREf4fqFG633WwB6QAYK7v6plFYXbUEHRF3BF2mJyBe7GEgxQU2Vj8
8om/LfhpPEkeA3qm9aLkqmAJfE0VKMxiUb+zKJr1UOwj4lf2e8twI6ODIRPHdIsu
/QOENUn/MxTw3jCA11ldPt3epD31oTopmfg8TPZ/hsP3jeT+WrIUYFEp1baby8ay
iN3F8USPeCm09qKowLhwvdOoqN+Z5PicW21iSB/Nlc3crYvSW8RhrwO102VdXixQ
ttih8A+LZGtJuGAcUsZTJfY/aNFrJGs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:39 2024 by rpki-client on console-fra.rpki-client.org