Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/ad7ac3-b8ad-42b0-ad2a-ae967d739dd3/1/hv7i5XS8rttc5LbLNhPzfTfPQSI.roa
File: hv7i5XS8rttc5LbLNhPzfTfPQSI.roa (raw, json)
Hash identifier: ThFKj2TwiCnyDIGv98wDEl2zp8H4XE4mdLxx/Nm0IHs=
Subject key identifier: 86:FE:E2:E5:74:BC:AE:DB:5C:E4:B6:CB:36:13:F3:7D:37:CF:41:22
Certificate issuer: /CN=3ba1782b6afba7c6bcf070b93fed4cc84af41352
Certificate serial: 01891B40C740497B87120CBD347FD1E34022
Authority key identifier: 3B:A1:78:2B:6A:FB:A7:C6:BC:F0:70:B9:3F:ED:4C:C8:4A:F4:13:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6F4K2r7p8a88HC5P-1MyEr0E1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/ad7ac3-b8ad-42b0-ad2a-ae967d739dd3/1/hv7i5XS8rttc5LbLNhPzfTfPQSI.roa
Signing time: Mon 03 Jul 2023 10:16:17 +0000
ROA not before: Mon 03 Jul 2023 10:16:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34879
IP address blocks: 78.41.104.0/23 maxlen: 24
78.41.106.0/24 maxlen: 24
78.41.110.0/23 maxlen: 24
78.41.109.0/24 maxlen: 24
78.41.108.0/24 maxlen: 24
78.41.107.0/24 maxlen: 24
46.235.186.0/24 maxlen: 24
46.235.184.0/23 maxlen: 24
46.235.189.0/24 maxlen: 24
46.235.188.0/24 maxlen: 24
46.235.188.0/23 maxlen: 23
46.235.187.0/24 maxlen: 24
46.235.190.0/23 maxlen: 23
37.220.162.0/23 maxlen: 24
37.220.161.0/24 maxlen: 24
37.220.160.0/24 maxlen: 24
37.220.166.0/24 maxlen: 24
37.220.165.0/24 maxlen: 24
37.220.167.0/24 maxlen: 24
93.93.91.0/24 maxlen: 24
93.93.90.0/24 maxlen: 24
93.93.88.0/23 maxlen: 24
93.93.94.0/24 maxlen: 24
93.93.92.0/23 maxlen: 24
93.93.95.0/24 maxlen: 24
185.17.169.0/24 maxlen: 24
185.17.168.0/24 maxlen: 24
185.17.170.0/23 maxlen: 24
2a03:e040:10::/48 maxlen: 48
2a03:e040::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1b:40:c7:40:49:7b:87:12:0c:bd:34:7f:d1:e3:40:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba1782b6afba7c6bcf070b93fed4cc84af41352
Validity
Not Before: Jul 3 10:16:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86fee2e574bcaedb5ce4b6cb3613f37d37cf4122
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:dc:34:63:e0:15:6c:50:66:2e:cc:db:b7:72:
87:16:69:62:08:d2:c1:fd:76:37:d2:c1:ad:ce:e5:
b9:ca:ea:8e:d4:cb:d5:75:d0:c5:d1:26:78:2e:3b:
fc:41:ad:fc:3e:38:93:72:8f:6d:5b:21:b4:f7:bc:
6a:f7:e3:05:33:79:36:08:b1:a9:be:89:a5:0a:4e:
65:3e:2e:60:6d:5d:d2:22:11:ac:5e:d0:22:64:33:
98:85:ce:e8:cb:03:ae:c7:17:a1:19:1a:68:a9:04:
a9:ad:85:0e:a8:0b:90:32:69:80:e2:9e:00:22:ad:
b9:48:f1:d7:d3:02:5f:fd:af:0c:0a:e4:06:a3:b3:
9b:63:34:cc:d6:59:de:69:f0:20:4a:d6:5b:60:5d:
f2:3b:29:51:3a:09:b1:8d:80:0a:83:b8:b6:c1:42:
bb:64:06:a1:81:50:14:64:f9:0f:67:97:38:a7:a1:
5a:1d:ab:be:c1:ae:60:3b:66:38:5d:5b:d4:65:4d:
6c:21:17:4e:07:b6:a1:b6:70:67:5d:75:75:c0:02:
e3:90:c9:53:4a:82:38:85:5a:99:8c:19:2e:60:f1:
57:67:68:a5:55:18:3e:a7:18:36:2d:5e:a1:8d:07:
52:f2:2e:1e:29:06:e5:5a:80:15:a4:ff:84:6f:58:
0c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:FE:E2:E5:74:BC:AE:DB:5C:E4:B6:CB:36:13:F3:7D:37:CF:41:22
X509v3 Authority Key Identifier:
keyid:3B:A1:78:2B:6A:FB:A7:C6:BC:F0:70:B9:3F:ED:4C:C8:4A:F4:13:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6F4K2r7p8a88HC5P-1MyEr0E1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/ad7ac3-b8ad-42b0-ad2a-ae967d739dd3/1/hv7i5XS8rttc5LbLNhPzfTfPQSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/ad7ac3-b8ad-42b0-ad2a-ae967d739dd3/1/O6F4K2r7p8a88HC5P-1MyEr0E1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.160.0/22
37.220.165.0-37.220.167.255
46.235.184.0/21
78.41.104.0/21
93.93.88.0/21
185.17.168.0/22
IPv6:
2a03:e040::/48
2a03:e040:10::/48
Signature Algorithm: sha256WithRSAEncryption
09:3d:da:db:4d:09:12:6d:e9:3f:af:08:41:fc:dc:bf:36:92:
50:09:b2:b7:9b:a1:93:5c:4d:0f:13:32:d7:21:09:ae:a8:93:
6e:d3:9d:70:0c:42:a8:0f:c4:8b:ac:ec:02:46:07:9a:b5:dd:
2b:da:f8:01:43:99:dd:67:5e:62:c2:4f:a4:1a:dd:15:74:74:
df:27:c4:0e:33:f3:44:5c:1f:e1:a2:e5:97:93:47:34:56:a3:
da:75:70:9b:57:27:eb:08:69:44:df:09:19:83:c6:69:c2:d1:
85:c6:49:50:a1:fb:29:5b:39:55:4b:4f:74:d4:e7:7e:e9:3f:
6d:fc:b1:59:d5:a8:2b:51:65:1b:c2:6f:6c:50:82:20:d8:47:
a9:40:61:61:c9:b8:0e:bb:6b:53:f6:e0:1b:09:f2:d2:13:80:
36:e0:9e:9a:b4:9a:b5:0f:1a:4b:5e:57:ec:0a:29:c4:a6:c5:
18:61:bb:e7:03:04:df:b8:a7:76:ea:df:0d:6e:c5:f8:8e:6f:
4f:b9:5c:a8:27:e3:8e:7a:ee:43:83:aa:f0:50:e8:9d:ec:f0:
f7:a9:c7:05:a6:b0:e3:95:c1:e8:14:a7:fc:d8:66:1c:e5:c3:
e3:dd:e2:6a:39:07:69:21:81:07:00:90:28:a6:bd:57:c2:a7:
5a:bd:76:5b
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYkbQMdASXuHEgy9NH/R40AiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYTE3ODJiNmFmYmE3YzZiY2YwNzBiOTNmZWQ0Y2M4NGFm
NDEzNTIwHhcNMjMwNzAzMTAxNjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmZlZTJlNTc0YmNhZWRiNWNlNGI2Y2IzNjEzZjM3ZDM3Y2Y0MTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA59w0Y+AVbFBmLszbt3KHFmliCNLB
/XY30sGtzuW5yuqO1MvVddDF0SZ4Ljv8Qa38PjiTco9tWyG097xq9+MFM3k2CLGp
vomlCk5lPi5gbV3SIhGsXtAiZDOYhc7oywOuxxehGRpoqQSprYUOqAuQMmmA4p4A
Iq25SPHX0wJf/a8MCuQGo7ObYzTM1lneafAgStZbYF3yOylROgmxjYAKg7i2wUK7
ZAahgVAUZPkPZ5c4p6FaHau+wa5gO2Y4XVvUZU1sIRdOB7ahtnBnXXV1wALjkMlT
SoI4hVqZjBkuYPFXZ2ilVRg+pxg2LV6hjQdS8i4eKQblWoAVpP+Eb1gMswIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFIb+4uV0vK7bXOS2yzYT8303z0EiMB8GA1UdIwQY
MBaAFDuheCtq+6fGvPBwuT/tTMhK9BNSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzZGNEsycjdwOGE4OEhDNVAtMU15RXIwRTFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9hZDdhYzMtYjhhZC00MmIwLWFkMmEt
YWU5NjdkNzM5ZGQzLzEvaHY3aTVYUzhydHRjNUxiTE5oUHpmVGZQUVNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9hZDdhYzMtYjhhZC00MmIwLWFkMmEtYWU5NjdkNzM5ZGQz
LzEvTzZGNEsycjdwOGE4OEhDNVAtMU15RXIwRTFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAyBAIAATAsAwQCJdygMAwD
BAAl3KUDBAMl3KADBAMu67gDBANOKWgDBANdXVgDBAK5EagwGAQCAAIwEgMHACoD
4EAAAAMHACoD4EAAEDANBgkqhkiG9w0BAQsFAAOCAQEACT3a200JEm3pP68IQfzc
vzaSUAmyt5uhk1xNDxMy1yEJrqiTbtOdcAxCqA/Ei6zsAkYHmrXdK9r4AUOZ3Wde
YsJPpBrdFXR03yfEDjPzRFwf4aLll5NHNFaj2nVwm1cn6whpRN8JGYPGacLRhcZJ
UKH7KVs5VUtPdNTnfuk/bfyxWdWoK1FlG8JvbFCCINhHqUBhYcm4DrtrU/bgGwny
0hOANuCemrSatQ8aS15X7AopxKbFGGG75wME37indurfDW7F+I5vT7lcqCfjjnru
Q4Oq8FDonezw96nHBaaw45XB6BSn/NhmHOXD493iajkHaSGBBwCQKKa9V8KnWr12
Ww==
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:19 2024 by rpki-client on console-ams.rpki-client.org