Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/84ceBgWqGMGNBkB8ecdVxIG7fcE.roa
File: 84ceBgWqGMGNBkB8ecdVxIG7fcE.roa (raw, json)
Hash identifier: uU14U6nXh5AEv1sh0+dnlBF8T+TP5nghvYJ1FQJjORg=
Subject key identifier: F3:87:1E:06:05:AA:18:C1:8D:06:40:7C:79:C7:55:C4:81:BB:7D:C1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01901180D8116435D5B2039A9E9230D08D96
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/84ceBgWqGMGNBkB8ecdVxIG7fcE.roa
Signing time: Thu 13 Jun 2024 12:09:34 +0000
ROA not before: Thu 13 Jun 2024 12:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58057
IP address blocks: 31.42.183.0/24 maxlen: 24
45.12.68.0/22 maxlen: 24
45.136.136.0/22 maxlen: 24
77.81.50.0/23 maxlen: 24
94.177.122.0/24 maxlen: 24
109.61.104.0/21 maxlen: 24
139.28.96.0/22 maxlen: 24
185.232.117.0/24 maxlen: 24
193.33.94.0/23 maxlen: 24
193.163.86.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
2a04:ccc0:ffff::/48 maxlen: 48
2a04:ccc1::/32 maxlen: 48
2a04:ccc3::/32 maxlen: 48
2a04:ccc4::/32 maxlen: 48
2a04:ccc5::/32 maxlen: 48
2a04:ccc6::/32 maxlen: 48
2a04:ccc7::/32 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0c:3b80::/32 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a0c:3b83::/32 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2a0e:97c0:1d0::/44 maxlen: 44
2a0e:97c0:260::/44 maxlen: 44
2a0e:97c1:200::/40 maxlen: 48
2a0e:97c3:110::/44 maxlen: 48
2a0e:97c4:120::/44 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a0e:b107:1165::/48 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a0e:b107:21c0::/45 maxlen: 48
2a0e:b107:2220::/45 maxlen: 48
2a0e:b107:2228::/45 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a10:2f00:193::/48 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a10:cc45:130::/44 maxlen: 44
Validation: Failed, certificate revoked on Fri 12 Jul 2024 20:16:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:11:80:d8:11:64:35:d5:b2:03:9a:9e:92:30:d0:8d:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 13 12:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3871e0605aa18c18d06407c79c755c481bb7dc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3e:f7:80:f5:18:c8:16:8b:59:5a:13:87:f4:
9c:54:73:86:98:57:a6:bb:16:e7:7b:3a:88:e9:ea:
67:09:88:5d:03:43:0c:65:48:0c:96:03:77:d7:da:
2a:f7:19:2b:ee:13:34:ef:f2:d5:72:f0:e7:47:f5:
5e:ce:0f:b5:f3:30:b9:f9:e6:ba:e7:3f:ad:06:1b:
2c:25:c0:f8:05:6f:69:77:20:3e:55:ab:59:78:32:
a1:9a:9e:4e:3f:d4:54:8d:37:45:c3:ff:f5:17:53:
49:70:dc:da:8d:69:05:49:b5:87:0c:6c:1f:d0:e9:
69:8c:f4:b4:f5:c9:6d:20:0c:8c:1a:91:cb:83:db:
85:98:6b:48:a2:70:ab:d8:ee:c0:39:1c:1f:23:b1:
85:31:d4:ae:c7:e3:f8:92:d0:09:53:c1:0a:fe:30:
48:d6:6c:37:f8:ab:c9:bc:30:89:e0:44:c2:05:34:
3f:b1:59:b9:ad:ab:98:16:42:ba:0a:85:90:a5:80:
a8:bd:51:d4:fa:62:1c:47:31:c9:73:5b:e4:d8:fb:
95:8c:84:f1:6e:3e:ba:31:1f:1b:8f:fb:8f:ea:50:
2e:b1:11:f3:53:94:d2:a4:ae:85:20:8f:e0:74:52:
1a:dc:e0:95:a4:35:25:1a:c7:76:41:a2:ab:94:ec:
ea:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:87:1E:06:05:AA:18:C1:8D:06:40:7C:79:C7:55:C4:81:BB:7D:C1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/84ceBgWqGMGNBkB8ecdVxIG7fcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.12.68.0/22
45.136.136.0/22
77.81.50.0/23
94.177.122.0/24
109.61.104.0/21
139.28.96.0/22
185.232.117.0/24
193.33.94.0/23
193.163.86.0/24
194.50.92.0/24
194.50.94.0/24
IPv6:
2a04:ccc0:ffff::-2a04:ccc1:ffff:ffff:ffff:ffff:ffff:ffff
2a04:ccc3::-2a04:ccc7:ffff:ffff:ffff:ffff:ffff:ffff
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:1d0::/44
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c3:110::/44
2a0e:97c4:120::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0e:b107:21c0::/45
2a0e:b107:2220::/44
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:2f00:193::/48
2a10:cc40:250::/44
2a10:cc45:130::/44
Signature Algorithm: sha256WithRSAEncryption
b9:77:d7:f7:b3:e2:e6:2e:b9:bb:88:e4:0d:50:69:b3:97:7b:
01:df:af:f0:b5:84:05:73:69:8f:8d:dd:52:37:34:2b:81:ca:
63:16:2d:e4:d3:4d:96:54:4a:1f:21:b3:c1:e6:10:42:3c:2e:
ca:67:d4:11:aa:ff:e4:57:bf:ba:1b:67:26:c9:db:94:d9:0b:
75:04:ea:20:4a:37:3e:02:6d:61:87:53:ff:7d:5b:81:98:48:
2a:ff:f0:8d:c4:b0:c6:c4:3c:04:53:9e:95:89:28:54:8d:59:
d3:56:33:48:41:51:bc:6e:b3:3f:fa:6f:f7:5b:99:06:e4:89:
f0:91:e5:ad:fb:05:23:1d:34:a6:de:71:bb:37:77:f2:1a:88:
31:fa:af:94:f8:cc:7b:0c:fe:98:0a:f2:ab:12:59:73:71:5c:
02:64:cf:22:70:35:ac:56:0c:50:83:8c:63:ec:5a:9c:a0:28:
98:56:99:c1:62:77:76:56:f6:95:b2:1b:69:42:b3:b6:0d:51:
19:d3:9a:ae:fc:1c:a6:96:89:2c:27:5d:2c:f5:b3:55:30:83:
79:6d:d9:f5:72:60:15:25:99:42:23:ba:e2:d6:bb:fa:e6:b5:
d0:c4:9b:c6:81:dc:45:e0:51:11:5d:da:e4:5c:9d:a8:06:85:
63:41:00:c7
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgISAZARgNgRZDXVsgOanpIw0I2WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNjEzMTIwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzg3MWUwNjA1YWExOGMxOGQwNjQwN2M3OWM3NTVjNDgxYmI3ZGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwj73gPUYyBaLWVoTh/ScVHOGmFem
uxbnezqI6epnCYhdA0MMZUgMlgN319oq9xkr7hM07/LVcvDnR/Vezg+18zC5+ea6
5z+tBhssJcD4BW9pdyA+VatZeDKhmp5OP9RUjTdFw//1F1NJcNzajWkFSbWHDGwf
0OlpjPS09cltIAyMGpHLg9uFmGtIonCr2O7AORwfI7GFMdSux+P4ktAJU8EK/jBI
1mw3+KvJvDCJ4ETCBTQ/sVm5rauYFkK6CoWQpYCovVHU+mIcRzHJc1vk2PuVjITx
bj66MR8bj/uP6lAusRHzU5TSpK6FII/gdFIa3OCVpDUlGsd2QaKrlOzqJwIDAQAB
o4IDIzCCAx8wHQYDVR0OBBYEFPOHHgYFqhjBjQZAfHnHVcSBu33BMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvODRjZUJnV3FHTUdOQmtCOGVjZFZ4SUc3ZmNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNwYIKwYBBQUHAQcBAf8EggEmMIIBIjBOBAIAATBIAwQA
Hyq3AwQCLQxEAwQCLYiIAwQBTVEyAwQAXrF6AwQDbT1oAwQCixxgAwQAueh1AwQB
wSFeAwQAwaNWAwQAwjJcAwQAwjJeMIHPBAIAAjCByDAQAwcAKgTMwP//AwUBKgTM
wDAOAwUAKgTMwwMFAyoEzMADBQMqCQTAMA4DBQcqDDuAAwUAKgw7hgMHBCoOl8AB
0AMHBCoOl8ACYAMGACoOl8ECAwcEKg6XwwEQAwcEKg6XxAEgAwcAKg6xBwnyAwcA
Kg6xBxFlAwcAKg6xBxeGAwcDKg6xByHAAwcEKg6xByIgAwcAKg/kBAECAwcAKhAv
AAGNAwcAKhAvAAGPAwcAKhAvAAGTAwcEKhDMQAJQAwcEKhDMRQEwMA0GCSqGSIb3
DQEBCwUAA4IBAQC5d9f3s+LmLrm7iOQNUGmzl3sB36/wtYQFc2mPjd1SNzQrgcpj
Fi3k002WVEofIbPB5hBCPC7KZ9QRqv/kV7+6G2cmyduU2Qt1BOogSjc+Am1hh1P/
fVuBmEgq//CNxLDGxDwEU56ViShUjVnTVjNIQVG8brM/+m/3W5kG5InwkeWt+wUj
HTSm3nG7N3fyGogx+q+U+Mx7DP6YCvKrEllzcVwCZM8icDWsVgxQg4xj7FqcoCiY
VpnBYnd2VvaVshtpQrO2DVEZ05qu/BymloksJ10s9bNVMIN5bdn1cmAVJZlCI7ri
1rv65rXQxJvGgdxF4FERXdrkXJ2oBoVjQQDH
-----END CERTIFICATE-----
Generated at Fri Jul 12 21:39:45 2024 by rpki-client on console-ams.rpki-client.org