Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/CwyqVLOoN_hHYCwyPxVbSFe--KA.roa
File: CwyqVLOoN_hHYCwyPxVbSFe--KA.roa (raw, json)
Hash identifier: 1Lw0O0XUYj5HgBw19nAHjjbyUDexsyjDmllan4XN03g=
Subject key identifier: 0B:0C:AA:54:B3:A8:37:F8:47:60:2C:32:3F:15:5B:48:57:BE:F8:A0
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 018DA7D1831EDE4D7BD80EBCF3E82C9866CE
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/CwyqVLOoN_hHYCwyPxVbSFe--KA.roa
Signing time: Wed 14 Feb 2024 13:32:22 +0000
ROA not before: Wed 14 Feb 2024 13:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205209
IP address blocks: 80.74.96.0/24 maxlen: 24
80.74.97.0/24 maxlen: 24
80.74.99.0/24 maxlen: 24
80.74.123.0/24 maxlen: 24
92.61.224.0/24 maxlen: 24
92.61.225.0/24 maxlen: 24
92.61.226.0/24 maxlen: 24
92.61.230.0/24 maxlen: 24
92.61.231.0/24 maxlen: 24
94.188.136.0/24 maxlen: 24
94.188.138.0/24 maxlen: 24
94.188.140.0/24 maxlen: 24
94.188.142.0/24 maxlen: 24
94.188.161.0/24 maxlen: 24
94.188.162.0/24 maxlen: 24
94.188.165.0/24 maxlen: 24
94.188.166.0/24 maxlen: 24
94.188.167.0/24 maxlen: 24
94.188.169.0/24 maxlen: 24
94.188.175.0/24 maxlen: 24
94.188.178.0/24 maxlen: 24
94.188.179.0/24 maxlen: 24
94.188.186.0/23 maxlen: 23
94.188.188.0/23 maxlen: 23
94.188.191.0/24 maxlen: 24
94.188.196.0/24 maxlen: 24
94.188.197.0/24 maxlen: 24
94.188.200.0/24 maxlen: 24
94.188.242.0/24 maxlen: 24
94.188.243.0/24 maxlen: 24
2a02:23b8:2::/52 maxlen: 52
2a02:23b8:1a00::/56 maxlen: 56
Validation: Failed, certificate revoked on Mon 11 Mar 2024 03:40:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a7:d1:83:1e:de:4d:7b:d8:0e:bc:f3:e8:2c:98:66:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Feb 14 13:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b0caa54b3a837f847602c323f155b4857bef8a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:65:19:73:81:d0:16:c8:b6:07:7c:b4:6f:35:
97:62:51:fb:9e:0f:8c:6d:b2:96:c6:d3:34:e1:13:
7f:96:1a:48:c8:a8:52:62:3a:d5:7c:18:4f:ec:c1:
03:d6:60:c5:b7:33:0d:dc:f1:85:15:97:1a:e9:33:
c2:ed:cb:fd:e1:e3:a0:b9:02:91:cd:e2:2b:b6:c7:
6e:3b:91:24:50:96:31:f2:2f:f6:da:41:2f:4d:95:
78:27:82:ac:1b:e4:86:72:a1:ef:10:f1:02:f4:61:
25:e5:c7:e8:ef:16:37:9b:ab:a4:29:41:a6:a5:8f:
97:be:91:1c:d3:ae:ec:db:c5:bf:3c:05:96:cb:02:
61:f9:15:b3:e3:ab:e2:e5:16:27:95:37:a3:71:c6:
94:77:18:98:db:c2:25:2e:b9:0b:cd:af:f3:a8:97:
38:f5:48:36:45:b3:bf:2b:f1:09:cf:cd:82:a6:0d:
6c:34:42:dc:8d:46:d9:62:04:5f:d2:a1:3a:04:b8:
97:b8:f5:d8:06:03:a9:72:10:96:e9:3c:d6:dd:79:
d1:c6:50:1c:93:e7:20:0c:49:cc:19:35:ca:51:45:
2c:df:51:9a:da:66:2a:e7:39:33:c5:f5:d4:68:f7:
b3:1d:fc:0b:4c:94:a8:90:05:6f:25:5e:4d:8d:48:
44:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:0C:AA:54:B3:A8:37:F8:47:60:2C:32:3F:15:5B:48:57:BE:F8:A0
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/CwyqVLOoN_hHYCwyPxVbSFe--KA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.74.96.0/23
80.74.99.0/24
80.74.123.0/24
92.61.224.0-92.61.226.255
92.61.230.0/23
94.188.136.0/24
94.188.138.0/24
94.188.140.0/24
94.188.142.0/24
94.188.161.0-94.188.162.255
94.188.165.0-94.188.167.255
94.188.169.0/24
94.188.175.0/24
94.188.178.0/23
94.188.186.0-94.188.189.255
94.188.191.0/24
94.188.196.0/23
94.188.200.0/24
94.188.242.0/23
IPv6:
2a02:23b8:2::/52
2a02:23b8:1a00::/56
Signature Algorithm: sha256WithRSAEncryption
47:d0:20:45:93:35:9e:01:67:06:50:1d:1e:02:24:a7:29:93:
39:d1:5a:1a:d0:a9:fa:e8:c9:7e:d1:c2:71:eb:a8:46:70:5e:
4d:d7:c0:c6:4c:cd:15:4a:b5:28:ef:a1:23:60:da:34:97:80:
db:fe:91:d5:52:a4:07:6a:53:54:ee:ea:68:e8:da:28:df:b7:
ea:a2:1e:4a:de:bb:b8:b8:e2:a8:6a:4e:61:40:9b:87:1d:99:
e3:83:97:36:48:e2:2a:c7:ca:6a:51:34:d3:bd:cb:b9:89:5b:
cc:cf:dc:bf:03:fb:8a:ae:fc:a1:3c:b6:a9:68:45:dd:22:b1:
e3:7b:d5:92:41:41:44:e5:19:8f:43:fe:9b:33:f8:c3:87:9c:
f4:e2:94:32:88:5a:77:bb:10:b8:8a:de:91:96:f0:47:09:15:
86:dc:16:c9:8c:85:a9:36:98:87:79:42:15:d1:f3:8c:4f:64:
0b:35:5b:61:30:6a:71:18:aa:a2:b6:52:48:30:df:2e:25:d4:
f7:12:ea:c2:28:0b:e8:d3:e7:2a:03:56:ac:7d:d2:0c:f6:ab:
17:e3:1b:45:0f:5e:ce:cd:a8:21:a0:50:18:7c:6e:84:bd:a0:
9a:94:f8:7b:c0:b4:31:12:5e:38:85:c9:00:75:d8:21:8d:7e:
ab:cb:58:85
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAY2n0YMe3k172A688+gsmGbOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjQwMjE0MTMzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjBjYWE1NGIzYTgzN2Y4NDc2MDJjMzIzZjE1NWI0ODU3YmVmOGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2UZc4HQFsi2B3y0bzWXYlH7ng+M
bbKWxtM04RN/lhpIyKhSYjrVfBhP7MED1mDFtzMN3PGFFZca6TPC7cv94eOguQKR
zeIrtsduO5EkUJYx8i/22kEvTZV4J4KsG+SGcqHvEPEC9GEl5cfo7xY3m6ukKUGm
pY+XvpEc067s28W/PAWWywJh+RWz46vi5RYnlTejccaUdxiY28IlLrkLza/zqJc4
9Ug2RbO/K/EJz82Cpg1sNELcjUbZYgRf0qE6BLiXuPXYBgOpchCW6TzW3XnRxlAc
k+cgDEnMGTXKUUUs31Ga2mYq5zkzxfXUaPezHfwLTJSokAVvJV5NjUhEwwIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFAsMqlSzqDf4R2AsMj8VW0hXvvigMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvQ3d5cVZMT29OX2hIWUN3eVB4VmJTRmUtLUtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBmQQCAAEwgZIDBAFQ
SmADBABQSmMDBABQSnswDAMEBVw94AMEAFw94gMEAVw95gMEAF68iAMEAF68igME
AF68jAMEAF68jjAMAwQAXryhAwQAXryiMAwDBABevKUDBANevKADBABevKkDBABe
vK8DBAFevLIwDAMEAV68ugMEAV68vAMEAF68vwMEAV68xAMEAF68yAMEAV688jAa
BAIAAjAUAwgEKgIjuAACAAMIACoCI7gaAAAwDQYJKoZIhvcNAQELBQADggEBAEfQ
IEWTNZ4BZwZQHR4CJKcpkznRWhrQqfroyX7RwnHrqEZwXk3XwMZMzRVKtSjvoSNg
2jSXgNv+kdVSpAdqU1Tu6mjo2ijft+qiHkreu7i44qhqTmFAm4cdmeODlzZI4irH
ympRNNO9y7mJW8zP3L8D+4qu/KE8tqloRd0iseN71ZJBQUTlGY9D/psz+MOHnPTi
lDKIWne7ELiK3pGW8EcJFYbcFsmMhak2mId5QhXR84xPZAs1W2EwanEYqqK2Ukgw
3y4l1PcS6sIoC+jT5yoDVqx90gz2qxfjG0UPXs7NqCGgUBh8boS9oJqU+HvAtDES
XjiFyQB12CGNfqvLWIU=
-----END CERTIFICATE-----
Generated at Mon Mar 11 05:07:22 2024 by rpki-client on console-fra.rpki-client.org