Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/7DYh75JTPWAw8V18T1yKA_XdCdE.roa
File: 7DYh75JTPWAw8V18T1yKA_XdCdE.roa (raw, json)
Hash identifier: 0E+pAqQCGVPWRkssFMYnppbJHOlSXasPtGSFjYm1o2Y=
Subject key identifier: EC:36:21:EF:92:53:3D:60:30:F1:5D:7C:4F:5C:8A:03:F5:DD:09:D1
Certificate issuer: /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Certificate serial: 018CC86F49C03A3EAD0E0396A87DB0BB2622
Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/7DYh75JTPWAw8V18T1yKA_XdCdE.roa
Signing time: Tue 02 Jan 2024 04:29:45 +0000
ROA not before: Tue 02 Jan 2024 04:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29075
IP address blocks: 91.109.176.0/20 maxlen: 20
85.118.32.0/19 maxlen: 19
128.204.224.0/20 maxlen: 20
141.255.144.0/20 maxlen: 20
185.177.180.0/22 maxlen: 22
185.118.0.0/22 maxlen: 22
185.123.24.0/22 maxlen: 22
45.94.124.0/22 maxlen: 22
45.10.224.0/22 maxlen: 22
178.20.48.0/21 maxlen: 21
212.85.144.0/20 maxlen: 20
188.121.224.0/19 maxlen: 19
2a02:2178::/29 maxlen: 29
2a00:1b88::/32 maxlen: 32
2a02:2178::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 22 Mar 2024 10:43:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:49:c0:3a:3e:ad:0e:03:96:a8:7d:b0:bb:26:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Validity
Not Before: Jan 2 04:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec3621ef92533d6030f15d7c4f5c8a03f5dd09d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:81:be:1a:8b:58:0a:32:5d:21:91:7a:de:97:
04:52:64:35:3c:8c:dc:78:74:7f:21:86:a8:29:f7:
57:ee:fb:9f:04:6c:a5:55:8a:a2:0b:62:b9:c2:fe:
e1:e0:54:67:25:78:3c:d6:e5:33:c5:69:88:a6:c2:
c7:16:ca:04:26:60:d5:7d:e6:ea:b2:03:36:39:ee:
5a:f9:a6:2e:99:15:69:fd:55:1e:92:70:54:48:04:
3a:f9:25:fb:08:ab:12:f7:8f:a7:ab:a8:8c:00:9b:
50:19:26:2d:97:20:d4:b2:f0:d0:80:0f:ec:de:6b:
b7:1d:27:3a:72:a6:33:eb:ed:1f:fa:17:af:af:a6:
93:45:25:31:75:67:d8:8d:d5:5c:b9:b2:4a:8b:5a:
11:7b:ef:3e:80:e8:0f:07:ab:bf:c2:7a:f8:f6:fa:
3b:21:3c:42:5c:36:d1:cf:85:00:88:fd:67:3f:b1:
19:32:ac:be:19:5e:7a:ff:b6:8e:ec:3a:83:a9:42:
59:60:e0:3b:65:c8:5b:c7:1c:a0:c6:c9:a8:50:d8:
08:1e:2a:41:46:68:dd:2e:6c:7f:6e:c2:60:6f:c5:
3c:25:a6:c3:9a:f4:63:27:98:1d:f5:a9:d2:56:bb:
ff:82:ab:cd:64:90:4f:ff:34:ef:c4:75:61:33:1f:
b3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:36:21:EF:92:53:3D:60:30:F1:5D:7C:4F:5C:8A:03:F5:DD:09:D1
X509v3 Authority Key Identifier:
keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/7DYh75JTPWAw8V18T1yKA_XdCdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.224.0/22
45.94.124.0/22
85.118.32.0/19
91.109.176.0/20
128.204.224.0/20
141.255.144.0/20
178.20.48.0/21
185.118.0.0/22
185.123.24.0/22
185.177.180.0/22
188.121.224.0/19
212.85.144.0/20
IPv6:
2a00:1b88::/32
2a02:2178::/29
Signature Algorithm: sha256WithRSAEncryption
90:0d:61:05:43:d8:31:6a:e1:e9:7e:f3:12:ca:03:5f:f1:f4:
41:e9:79:2a:d9:3e:e3:6a:01:25:98:b3:5e:9a:c3:04:95:d5:
d4:82:e4:1c:bf:5b:a6:a8:09:6a:84:6c:22:78:c8:fb:1c:ee:
26:a9:34:9d:5f:4d:88:d9:ab:46:94:5c:e6:4d:32:5b:4f:4c:
23:a5:ff:07:f7:f3:c6:aa:d3:0d:ac:22:b5:26:3d:62:c7:72:
a2:d2:7a:95:55:fb:52:40:c2:bc:93:b3:40:8a:66:88:b7:2a:
8d:0b:f0:e3:31:6c:2f:62:e4:da:f8:bc:42:96:f7:22:ad:62:
09:43:3f:bd:66:17:16:21:d6:f8:84:eb:8f:05:2d:ea:b7:1a:
3f:c1:ba:56:a0:8d:d4:d9:15:13:2b:1a:a9:e7:28:89:67:a6:
dc:67:b9:58:eb:f7:08:ce:54:3d:df:fb:b4:09:b5:0d:d3:c8:
1e:1e:17:43:57:39:67:68:4e:0e:17:25:56:db:90:de:99:6e:
b1:b7:f1:92:c9:b3:17:93:af:9d:5d:27:78:c2:d0:b9:a2:67:
da:3e:1d:75:f5:c7:a6:35:b3:57:2c:fc:61:f1:27:94:ec:78:
cc:75:3d:3f:bb:cd:cd:73:0a:e3:e3:ec:36:b8:a9:84:76:8e:
aa:e0:55:af
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYzIb0nAOj6tDgOWqH2wuyYiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGUxZDlkY2RiMjVjMWU1MzJjNWM5YjY5ZGZhNzU3ZTMw
NjIxMGUwHhcNMjQwMTAyMDQyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzM2MjFlZjkyNTMzZDYwMzBmMTVkN2M0ZjVjOGEwM2Y1ZGQwOWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIG+GotYCjJdIZF63pcEUmQ1PIzc
eHR/IYaoKfdX7vufBGylVYqiC2K5wv7h4FRnJXg81uUzxWmIpsLHFsoEJmDVfebq
sgM2Oe5a+aYumRVp/VUeknBUSAQ6+SX7CKsS94+nq6iMAJtQGSYtlyDUsvDQgA/s
3mu3HSc6cqYz6+0f+hevr6aTRSUxdWfYjdVcubJKi1oRe+8+gOgPB6u/wnr49vo7
ITxCXDbRz4UAiP1nP7EZMqy+GV56/7aO7DqDqUJZYOA7ZchbxxygxsmoUNgIHipB
RmjdLmx/bsJgb8U8JabDmvRjJ5gd9anSVrv/gqvNZJBP/zTvxHVhMx+ziQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFOw2Ie+SUz1gMPFdfE9cigP13QnRMB8GA1UdIwQY
MBaAFGbeHZ3NslweUyxcm2nfp1fjBiEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYt
NDA0Nzk4NzA5NzZlLzEvN0RZaDc1SlRQV0F3OFYxOFQxeUtBX1hkQ2RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYtNDA0Nzk4NzA5NzZl
LzEvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBOBAIAATBIAwQCLQrgAwQC
LV58AwQFVXYgAwQEW22wAwQEgMzgAwQEjf+QAwQDshQwAwQCuXYAAwQCuXsYAwQC
ubG0AwQFvHngAwQE1FWQMBQEAgACMA4DBQAqABuIAwUDKgIheDANBgkqhkiG9w0B
AQsFAAOCAQEAkA1hBUPYMWrh6X7zEsoDX/H0Qel5Ktk+42oBJZizXprDBJXV1ILk
HL9bpqgJaoRsInjI+xzuJqk0nV9NiNmrRpRc5k0yW09MI6X/B/fzxqrTDawitSY9
YsdyotJ6lVX7UkDCvJOzQIpmiLcqjQvw4zFsL2Lk2vi8Qpb3Iq1iCUM/vWYXFiHW
+ITrjwUt6rcaP8G6VqCN1NkVEysaqecoiWem3Ge5WOv3CM5UPd/7tAm1DdPIHh4X
Q1c5Z2hODhclVtuQ3plusbfxksmzF5OvnV0neMLQuaJn2j4ddfXHpjWzVyz8YfEn
lOx4zHU9P7vNzXMK4+PsNriphHaOquBVrw==
-----END CERTIFICATE-----
Generated at Fri Mar 22 13:35:24 2024 by rpki-client on console-ams.rpki-client.org