Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/sIaZqBuki0r66h3ZghI3-YXutrE.roa
File: sIaZqBuki0r66h3ZghI3-YXutrE.roa (raw, json)
Hash identifier: AluwYq+a/5SV3EYJNcmwNsfX7iBpdYu4q2SY60tSXxY=
Subject key identifier: B0:86:99:A8:1B:A4:8B:4A:FA:EA:1D:D9:82:12:37:F9:85:EE:B6:B1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0187B34E3EC85CE6F9A5FE95418D376E5FBC
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/sIaZqBuki0r66h3ZghI3-YXutrE.roa
Signing time: Mon 24 Apr 2023 12:47:42 +0000
ROA not before: Mon 24 Apr 2023 12:47:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58057
IP address blocks: 194.50.94.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
45.131.184.0/22 maxlen: 24
77.81.50.0/23 maxlen: 24
185.232.117.0/24 maxlen: 24
45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
45.12.68.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0e:97c3:110::/44 maxlen: 48
2a0c:3b80::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a10:cc45:130::/44 maxlen: 44
2a0c:3b83::/32 maxlen: 48
2a0e:97c0:1d0::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a0e:97c4:120::/44 maxlen: 48
2a0e:97c4:100::/44 maxlen: 48
Validation: Failed, certificate revoked on Sun 30 Apr 2023 03:47:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b3:4e:3e:c8:5c:e6:f9:a5:fe:95:41:8d:37:6e:5f:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 24 12:47:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b08699a81ba48b4afaea1dd9821237f985eeb6b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d5:c7:77:ff:ba:62:2c:65:50:41:c7:01:c2:
93:7b:e4:d0:5b:3e:a1:15:5a:bf:67:6c:b6:ed:bb:
60:3a:8c:38:66:0d:a0:cf:2c:78:41:ed:67:35:a3:
5a:08:16:c2:35:96:0c:09:4f:db:d7:d3:05:5b:5b:
63:d0:b3:03:2e:db:88:df:c5:44:db:a5:f0:ea:5a:
c7:b1:54:97:4d:ec:ff:27:56:8d:92:9a:37:62:15:
b3:d7:52:b9:db:0b:38:c6:99:2c:fe:40:c9:44:f5:
a2:75:7d:40:ca:d2:ba:a1:96:7d:16:75:9b:e8:b1:
95:90:e1:c3:bf:84:f5:4a:5a:f7:f0:1a:46:a4:4a:
b9:9c:c9:fd:13:bd:9f:a4:0c:7a:df:d9:21:33:d9:
b7:46:7e:ca:b7:55:c6:80:e8:85:66:74:fa:6d:d1:
c4:7d:1d:a9:02:2d:29:b4:e6:a1:04:c0:b2:24:11:
99:50:de:2f:43:83:1c:58:8a:26:6e:bf:2f:d4:d0:
65:33:09:7c:2f:1e:36:90:25:4a:05:75:bd:37:66:
bd:f7:ef:22:6d:fc:98:84:b2:d4:6a:ec:a2:d1:31:
2f:bf:19:23:e0:fb:ab:2f:87:c0:89:c9:41:b0:dd:
61:5b:78:cb:b4:44:9e:93:91:15:29:56:5b:a4:f5:
f5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:86:99:A8:1B:A4:8B:4A:FA:EA:1D:D9:82:12:37:F9:85:EE:B6:B1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/sIaZqBuki0r66h3ZghI3-YXutrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.12.68.0/22
45.131.184.0/22
45.136.136.0/22
77.81.50.0/23
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
185.232.117.0/24
194.50.92.0/24
194.50.94.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:170::/48
2a0e:97c0:1d0::/44
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c3:110::/44
2a0e:97c4:100::/44
2a0e:97c4:120::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:cc40:250::/44
2a10:cc45:130::/44
Signature Algorithm: sha256WithRSAEncryption
3c:98:ce:44:85:1a:79:56:d1:28:aa:28:06:92:c6:46:ae:4c:
27:56:e1:4f:15:f5:76:3a:82:d5:56:40:49:a7:e7:d5:d9:a7:
8c:7b:35:2c:2a:09:32:3f:63:14:fe:5e:53:7e:f9:51:de:71:
c5:d9:b6:a2:73:f7:d6:47:2d:29:1f:0f:11:e9:ae:0c:90:cd:
54:af:a6:79:33:43:60:fa:92:bd:d4:3f:ab:f9:70:a0:10:dc:
a5:52:3c:43:68:fe:d1:59:44:ad:70:38:b9:f1:24:ce:f5:6a:
15:99:7a:c4:38:7e:54:f2:17:b0:e8:c2:45:5b:25:4e:e3:be:
b5:fe:4c:8c:96:a2:95:50:ad:92:47:42:58:11:85:76:28:66:
2e:5e:85:6a:fc:2e:8f:69:44:ae:d4:b0:41:48:21:ee:8a:55:
f4:cf:69:d9:92:51:90:2c:a3:a8:81:a6:d9:b8:3b:a5:12:81:
b8:3a:c8:f0:81:c4:31:f6:76:94:77:3a:0d:4b:a3:04:5c:fe:
2a:38:ed:72:53:b5:98:44:eb:ea:02:db:6f:46:aa:21:ba:5d:
ef:ce:ee:bb:6d:04:6e:4c:a3:8a:0e:5f:8d:cc:de:a5:f6:09:
11:14:0c:97:2a:50:36:9d:30:80:87:e5:81:2b:9c:72:df:8b:
1d:75:b6:2e
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAYezTj7IXOb5pf6VQY03bl+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNDI0MTI0NzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDg2OTlhODFiYTQ4YjRhZmFlYTFkZDk4MjEyMzdmOTg1ZWViNmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNXHd/+6YixlUEHHAcKTe+TQWz6h
FVq/Z2y27btgOow4Zg2gzyx4Qe1nNaNaCBbCNZYMCU/b19MFW1tj0LMDLtuI38VE
26Xw6lrHsVSXTez/J1aNkpo3YhWz11K52ws4xpks/kDJRPWidX1AytK6oZZ9FnWb
6LGVkOHDv4T1Slr38BpGpEq5nMn9E72fpAx639khM9m3Rn7Kt1XGgOiFZnT6bdHE
fR2pAi0ptOahBMCyJBGZUN4vQ4McWIombr8v1NBlMwl8Lx42kCVKBXW9N2a99+8i
bfyYhLLUauyi0TEvvxkj4PurL4fAiclBsN1hW3jLtESek5EVKVZbpPX19wIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFLCGmagbpItK+uod2YISN/mF7raxMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvc0lhWnFCdWtpMHI2NmgzWmdoSTMtWVh1dHJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDQYIKwYBBQUHAQcBAf8Egf0wgfowSAQCAAEwQgMEAB8q
twMEAi0MRAMEAi2DuAMEAi2IiAMEAU1RMgMEAFXKywMEAF6xegMEAoscYAMEALno
dQMEAMIyXAMEAMIyXjCBrQQCAAIwgaYDBwAgAQf4ARkDBQMqCQTAMA4DBQcqDDuA
AwUAKgw7hgMHACoOl8ABcAMHBCoOl8AB0AMHBCoOl8ACYAMGACoOl8ECAwcEKg6X
wwEQAwcEKg6XxAEAAwcEKg6XxAEgAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeG
AwcAKg/kBAECAwcAKhAvAAGNAwcAKhAvAAGPAwcEKhDMQAJQAwcEKhDMRQEwMA0G
CSqGSIb3DQEBCwUAA4IBAQA8mM5EhRp5VtEoqigGksZGrkwnVuFPFfV2OoLVVkBJ
p+fV2aeMezUsKgkyP2MU/l5TfvlR3nHF2baic/fWRy0pHw8R6a4MkM1Ur6Z5M0Ng
+pK91D+r+XCgENylUjxDaP7RWUStcDi58STO9WoVmXrEOH5U8hew6MJFWyVO4761
/kyMlqKVUK2SR0JYEYV2KGYuXoVq/C6PaUSu1LBBSCHuilX0z2nZklGQLKOogabZ
uDulEoG4OsjwgcQx9naUdzoNS6MEXP4qOO1yU7WYROvqAttvRqohul3vzu67bQRu
TKOKDl+NzN6l9gkRFAyXKlA2nTCAh+WBK5xy34sddbYu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:39 2024 by rpki-client on console-fra.rpki-client.org