Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/3vZ8zjkY7Yuk3acylF1AcQfLMcA.roa
File: 3vZ8zjkY7Yuk3acylF1AcQfLMcA.roa (raw, json)
Hash identifier: IGyC2IUVgmaOZ7pbGxW86ytPE3GbInVqbKImNzNNDtI=
Subject key identifier: DE:F6:7C:CE:39:18:ED:8B:A4:DD:A7:32:94:5D:40:71:07:CB:31:C0
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 018DB01E7272504C935B5D28A956D7A6046A
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/3vZ8zjkY7Yuk3acylF1AcQfLMcA.roa
Signing time: Fri 16 Feb 2024 04:13:21 +0000
ROA not before: Fri 16 Feb 2024 04:13:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 92.61.228.0/24 maxlen: 24
92.61.230.0/24 maxlen: 24
92.61.231.0/24 maxlen: 24
92.61.232.0/24 maxlen: 24
92.61.236.0/24 maxlen: 24
92.61.237.0/24 maxlen: 24
92.61.238.0/24 maxlen: 24
94.188.137.0/24 maxlen: 24
94.188.201.0/24 maxlen: 24
94.188.202.0/24 maxlen: 24
94.188.203.0/24 maxlen: 24
94.188.205.0/24 maxlen: 24
94.188.206.0/24 maxlen: 24
94.188.207.0/24 maxlen: 24
94.188.208.0/24 maxlen: 24
94.188.209.0/24 maxlen: 24
94.188.210.0/24 maxlen: 24
94.188.211.0/24 maxlen: 24
94.188.212.0/24 maxlen: 24
94.188.214.0/24 maxlen: 24
94.188.215.0/24 maxlen: 24
94.188.216.0/24 maxlen: 24
94.188.224.0/24 maxlen: 24
94.188.225.0/24 maxlen: 24
94.188.226.0/24 maxlen: 24
94.188.227.0/24 maxlen: 24
94.188.228.0/24 maxlen: 24
94.188.229.0/24 maxlen: 24
94.188.230.0/24 maxlen: 24
94.188.231.0/24 maxlen: 24
94.188.239.0/24 maxlen: 24
94.188.240.0/24 maxlen: 24
94.188.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Mar 2024 10:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b0:1e:72:72:50:4c:93:5b:5d:28:a9:56:d7:a6:04:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Feb 16 04:13:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=def67cce3918ed8ba4dda732945d407107cb31c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:05:3f:84:85:3a:51:99:c8:84:67:4b:2e:a8:
26:03:24:dc:94:6c:2f:7e:13:32:9b:1e:c7:a5:d8:
00:74:3f:bb:72:b8:8b:a0:ad:93:14:54:67:0b:cd:
91:55:3c:d4:3a:c1:eb:9d:98:71:f6:7a:e9:86:96:
50:1f:a6:88:3d:bd:1a:72:1c:dc:5c:30:5f:a2:26:
42:f3:2a:65:22:82:83:e4:7c:6b:16:a4:13:1f:e1:
cd:78:e6:ef:ba:6d:bf:f2:2d:9f:a8:01:90:2e:4b:
38:11:7e:91:61:b5:fe:28:58:49:9f:ae:e8:7b:be:
01:74:83:68:b1:a4:8e:4a:92:04:98:a8:ca:25:ee:
10:dc:df:85:bd:f5:7e:26:24:68:88:e1:9b:c0:55:
34:73:6a:0d:cc:37:55:17:06:e8:48:eb:21:66:3e:
53:cc:e5:cc:bf:a8:59:04:f2:4c:5d:10:f3:61:29:
e5:5b:f4:21:da:d8:13:a4:a6:38:d9:8a:74:ff:ee:
3e:1e:21:b1:bb:59:84:ec:71:cc:5d:d1:b5:d4:dd:
82:79:f0:b6:2b:1d:0f:0b:3f:04:3d:c0:bb:15:4f:
90:b1:b1:b3:85:0e:56:57:94:14:c9:eb:66:5d:53:
38:41:13:02:d5:81:25:be:df:4c:7a:87:cd:06:2c:
47:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:F6:7C:CE:39:18:ED:8B:A4:DD:A7:32:94:5D:40:71:07:CB:31:C0
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/3vZ8zjkY7Yuk3acylF1AcQfLMcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.61.228.0/24
92.61.230.0-92.61.232.255
92.61.236.0-92.61.238.255
94.188.137.0/24
94.188.201.0-94.188.203.255
94.188.205.0-94.188.212.255
94.188.214.0-94.188.216.255
94.188.224.0/21
94.188.239.0-94.188.241.255
Signature Algorithm: sha256WithRSAEncryption
97:93:a5:c3:04:75:46:8b:2e:97:f3:41:ff:d4:88:87:66:14:
de:0b:c0:82:be:c3:17:9a:3e:a2:40:96:75:b3:64:7c:77:d4:
7e:bc:ef:69:a6:2b:61:fe:13:89:81:3a:5f:bc:cd:0a:2d:ea:
9f:b9:8c:81:8f:c1:d1:2d:98:7b:7a:5c:48:9b:bb:e9:e6:fa:
b5:71:52:f8:24:d1:16:e6:99:9e:0f:09:c9:12:3b:3a:8d:9c:
d5:a1:c4:2b:c6:ab:21:5e:06:a9:c4:a6:e2:f1:7a:37:82:f0:
0e:cf:86:21:38:9a:8c:08:d0:2f:ae:1c:b2:cd:59:89:9a:37:
56:f2:8f:db:d9:1e:91:63:cb:f6:d7:b5:7f:00:67:4f:ca:63:
40:04:e6:73:27:8d:47:de:9a:a2:d0:a3:47:ec:b0:d6:23:4f:
b0:17:6b:6e:54:58:30:81:52:eb:8a:4c:78:5c:bd:a3:d7:bd:
dd:b3:77:1d:e4:b3:99:f3:64:be:bb:b5:51:78:5d:6e:ea:89:
a9:3e:4b:d4:6a:81:b0:93:90:b1:56:85:5c:c4:57:7a:dd:79:
c0:23:d0:5c:cf:fd:8c:f1:9b:82:47:e3:52:fa:cf:3c:2a:9a:
c3:24:da:07:41:14:45:0b:f0:2e:29:b3:41:15:62:91:45:c9:
d7:57:7d:07
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAY2wHnJyUEyTW10oqVbXpgRqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjQwMjE2MDQxMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWY2N2NjZTM5MThlZDhiYTRkZGE3MzI5NDVkNDA3MTA3Y2IzMWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAU/hIU6UZnIhGdLLqgmAyTclGwv
fhMymx7HpdgAdD+7criLoK2TFFRnC82RVTzUOsHrnZhx9nrphpZQH6aIPb0achzc
XDBfoiZC8yplIoKD5HxrFqQTH+HNeObvum2/8i2fqAGQLks4EX6RYbX+KFhJn67o
e74BdINosaSOSpIEmKjKJe4Q3N+FvfV+JiRoiOGbwFU0c2oNzDdVFwboSOshZj5T
zOXMv6hZBPJMXRDzYSnlW/Qh2tgTpKY42Yp0/+4+HiGxu1mE7HHMXdG11N2CefC2
Kx0PCz8EPcC7FU+QsbGzhQ5WV5QUyetmXVM4QRMC1YElvt9MeofNBixHAQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFN72fM45GO2LpN2nMpRdQHEHyzHAMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvM3ZaOHpqa1k3WXVrM2FjeWxGMUFjUWZMTWNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAXD3kMAwD
BAFcPeYDBABcPegwDAMEAlw97AMEAFw97gMEAF68iTAMAwQAXrzJAwQCXrzIMAwD
BABevM0DBABevNQwDAMEAV681gMEAF682AMEA1684DAMAwQAXrzvAwQBXrzwMA0G
CSqGSIb3DQEBCwUAA4IBAQCXk6XDBHVGiy6X80H/1IiHZhTeC8CCvsMXmj6iQJZ1
s2R8d9R+vO9ppith/hOJgTpfvM0KLeqfuYyBj8HRLZh7elxIm7vp5vq1cVL4JNEW
5pmeDwnJEjs6jZzVocQrxqshXgapxKbi8Xo3gvAOz4YhOJqMCNAvrhyyzVmJmjdW
8o/b2R6RY8v217V/AGdPymNABOZzJ41H3pqi0KNH7LDWI0+wF2tuVFgwgVLrikx4
XL2j173ds3cd5LOZ82S+u7VReF1u6ompPkvUaoGwk5CxVoVcxFd63XnAI9Bcz/2M
8ZuCR+NS+s88KprDJNoHQRRFC/AuKbNBFWKRRcnXV30H
-----END CERTIFICATE-----
Generated at Wed Mar 20 14:30:35 2024 by rpki-client on console-ams.rpki-client.org