Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/ead277-84c9-4b8e-879e-5f73267102a6/1/5DaTcyKG5K3r1YbLFHSRsm3Zsvo.roa
File: 5DaTcyKG5K3r1YbLFHSRsm3Zsvo.roa (raw, json)
Hash identifier: KlB2IVQKgfs6f8ebohaEBIXofnEvIIPeI1V7bILQL/E=
Subject key identifier: E4:36:93:73:22:86:E4:AD:EB:D5:86:CB:14:74:91:B2:6D:D9:B2:FA
Certificate issuer: /CN=d48551e26169b3b3e124f6964e2702e95768253e
Certificate serial: 018C8BD4F3B477990500B6456B0C3B957465
Authority key identifier: D4:85:51:E2:61:69:B3:B3:E1:24:F6:96:4E:27:02:E9:57:68:25:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1IVR4mFps7PhJPaWTicC6VdoJT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/ead277-84c9-4b8e-879e-5f73267102a6/1/5DaTcyKG5K3r1YbLFHSRsm3Zsvo.roa
Signing time: Thu 21 Dec 2023 10:03:58 +0000
ROA not before: Thu 21 Dec 2023 10:03:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9031
IP address blocks: 213.211.160.0/20 maxlen: 20
213.211.176.0/21 maxlen: 21
213.211.184.0/22 maxlen: 22
213.211.188.0/24 maxlen: 24
213.211.188.0/23 maxlen: 23
213.211.189.0/24 maxlen: 24
185.95.72.0/22 maxlen: 22
213.211.128.0/19 maxlen: 19
79.132.224.0/20 maxlen: 20
77.109.96.0/21 maxlen: 21
79.132.240.0/21 maxlen: 21
77.109.104.0/22 maxlen: 22
79.132.252.0/23 maxlen: 23
79.132.248.0/22 maxlen: 22
77.109.108.0/23 maxlen: 23
79.132.254.0/24 maxlen: 24
77.109.112.0/20 maxlen: 20
77.109.64.0/19 maxlen: 19
212.71.0.0/19 maxlen: 19
85.234.192.0/19 maxlen: 19
212.233.32.0/19 maxlen: 19
109.236.128.0/20 maxlen: 20
213.219.128.0/18 maxlen: 18
2a02:578:2000::/38 maxlen: 38
2a02:578:1400::/38 maxlen: 38
2a02:578:8000::/38 maxlen: 38
2a02:578:6c00::/38 maxlen: 38
2a02:578::/38 maxlen: 38
2a02:578:800::/38 maxlen: 38
2a02:578:8800::/38 maxlen: 38
2a02:578:7400::/38 maxlen: 38
2a02:578:e000::/36 maxlen: 36
2a02:578:1c00::/38 maxlen: 38
2a02:578:5c00::/38 maxlen: 38
2a02:578:3400::/38 maxlen: 38
2a02:578:a000::/38 maxlen: 38
2a02:578:8c00::/38 maxlen: 38
2a02:578:3c00::/38 maxlen: 38
2a02:578:6400::/38 maxlen: 38
2a02:578:2400::/38 maxlen: 38
2a02:578:1000::/38 maxlen: 38
2a02:578:2c00::/38 maxlen: 38
2a02:578:400::/38 maxlen: 38
2a02:578:4000::/36 maxlen: 36
2a02:578:8400::/38 maxlen: 38
2a02:578:7c00::/38 maxlen: 38
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8b:d4:f3:b4:77:99:05:00:b6:45:6b:0c:3b:95:74:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48551e26169b3b3e124f6964e2702e95768253e
Validity
Not Before: Dec 21 10:03:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e43693732286e4adebd586cb147491b26dd9b2fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:02:59:8c:34:70:e9:0e:bc:11:c4:a4:c1:53:
1c:1b:57:98:50:6d:63:f6:a0:f5:07:e0:7c:15:42:
d7:1a:04:a6:49:a8:9a:76:69:bb:69:7e:56:e7:89:
dc:66:74:6a:f9:c8:f8:a6:4d:4b:af:86:1d:90:7d:
c8:69:bc:d3:d6:13:a1:a2:99:c3:be:21:eb:fc:1a:
b1:49:ad:60:e8:ab:d2:32:4f:cd:04:8d:0f:5a:20:
d2:2d:85:e7:28:7c:f6:ba:16:14:ce:d9:66:ca:8e:
ce:0c:a8:5c:74:4f:35:70:b6:29:9b:67:45:91:69:
63:a1:5b:b1:a8:d3:f5:7e:ee:4e:d2:f7:8a:d2:8f:
49:5b:41:a8:8c:a6:d8:e7:a0:61:d6:41:d4:a5:bc:
db:90:f1:1c:2b:19:b3:f6:86:ff:cc:a7:97:27:47:
65:3b:02:af:52:a3:8a:a1:5f:e6:c3:b2:2b:38:c7:
3b:c5:c8:4f:51:9a:2e:ac:05:ec:78:46:80:21:2f:
ac:0f:63:ed:1c:47:c2:09:35:7e:67:3b:e3:7f:15:
ce:62:f7:bf:ae:89:28:12:57:41:e4:b4:19:fc:3f:
1e:6c:af:93:f3:92:2d:d4:7f:fb:8d:96:c9:ad:b2:
e8:c6:1d:06:5f:f9:de:ec:f9:30:b3:e6:32:4e:e6:
77:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:36:93:73:22:86:E4:AD:EB:D5:86:CB:14:74:91:B2:6D:D9:B2:FA
X509v3 Authority Key Identifier:
keyid:D4:85:51:E2:61:69:B3:B3:E1:24:F6:96:4E:27:02:E9:57:68:25:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1IVR4mFps7PhJPaWTicC6VdoJT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/ead277-84c9-4b8e-879e-5f73267102a6/1/5DaTcyKG5K3r1YbLFHSRsm3Zsvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/ead277-84c9-4b8e-879e-5f73267102a6/1/1IVR4mFps7PhJPaWTicC6VdoJT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.109.64.0-77.109.109.255
77.109.112.0/20
79.132.224.0-79.132.254.255
85.234.192.0/19
109.236.128.0/20
185.95.72.0/22
212.71.0.0/19
212.233.32.0/19
213.211.128.0-213.211.189.255
213.219.128.0/18
IPv6:
2a02:578::-2a02:578:bff:ffff:ffff:ffff:ffff:ffff
2a02:578:1000::/37
2a02:578:1c00::-2a02:578:27ff:ffff:ffff:ffff:ffff:ffff
2a02:578:2c00::/38
2a02:578:3400::/38
2a02:578:3c00::-2a02:578:4fff:ffff:ffff:ffff:ffff:ffff
2a02:578:5c00::/38
2a02:578:6400::/38
2a02:578:6c00::/38
2a02:578:7400::/38
2a02:578:7c00::-2a02:578:8fff:ffff:ffff:ffff:ffff:ffff
2a02:578:a000::/38
2a02:578:e000::/36
Signature Algorithm: sha256WithRSAEncryption
13:f8:a4:88:58:af:54:d0:0c:67:f1:51:6e:d2:29:6b:6b:63:
6e:4d:4c:93:db:06:70:e8:a0:bb:23:6d:4c:6f:b5:5e:6f:c9:
be:68:ed:78:fe:92:80:60:d6:66:87:89:a7:ab:58:4f:f3:81:
4d:92:b0:c0:ec:72:08:90:82:a5:39:7d:11:97:24:99:85:c0:
0c:c1:ea:f9:e0:8b:1e:1a:3c:06:b2:2f:4d:ad:a5:43:b2:24:
5c:c1:be:19:c8:91:55:8a:35:10:92:e4:e6:8f:c8:35:92:24:
bd:00:0d:b1:b0:bd:0f:ba:44:dd:a3:f2:ef:61:45:ac:93:47:
c4:26:61:7c:af:e9:84:1c:db:0c:53:5c:97:cc:13:3a:91:00:
a4:b0:62:9b:69:b0:c4:fd:d7:0c:26:a2:bb:16:b2:2c:a7:b8:
6c:ca:30:69:91:e2:09:02:94:57:1b:eb:c5:0a:d9:1a:a9:2d:
56:d0:53:f0:b6:ed:c0:c3:0b:76:ae:60:b7:6c:84:e1:71:0f:
95:23:b1:31:13:9d:34:06:38:67:66:37:77:4f:95:4e:f9:db:
b2:00:d7:db:02:90:76:98:e3:bc:41:2f:4f:42:f9:1e:9b:a7:
26:fa:b8:4e:09:e7:a7:c5:5f:52:82:82:31:6f:57:be:1d:e4:
8a:2c:75:25
-----BEGIN CERTIFICATE-----
MIIF6DCCBNCgAwIBAgISAYyL1PO0d5kFALZFaww7lXRlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ODU1MWUyNjE2OWIzYjNlMTI0ZjY5NjRlMjcwMmU5NTc2
ODI1M2UwHhcNMjMxMjIxMTAwMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDM2OTM3MzIyODZlNGFkZWJkNTg2Y2IxNDc0OTFiMjZkZDliMmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAJZjDRw6Q68EcSkwVMcG1eYUG1j
9qD1B+B8FULXGgSmSaiadmm7aX5W54ncZnRq+cj4pk1Lr4YdkH3IabzT1hOhopnD
viHr/BqxSa1g6KvSMk/NBI0PWiDSLYXnKHz2uhYUztlmyo7ODKhcdE81cLYpm2dF
kWljoVuxqNP1fu5O0veK0o9JW0GojKbY56Bh1kHUpbzbkPEcKxmz9ob/zKeXJ0dl
OwKvUqOKoV/mw7IrOMc7xchPUZourAXseEaAIS+sD2PtHEfCCTV+ZzvjfxXOYve/
rokoEldB5LQZ/D8ebK+T85It1H/7jZbJrbLoxh0GX/ne7Pkws+YyTuZ3dQIDAQAB
o4IC9DCCAvAwHQYDVR0OBBYEFOQ2k3MihuSt69WGyxR0kbJt2bL6MB8GA1UdIwQY
MBaAFNSFUeJhabOz4ST2lk4nAulXaCU+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlWUjRtRnBzN1BoSlBhV1RpY0M2VmRvSlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lYWQyNzctODRjOS00YjhlLTg3OWUt
NWY3MzI2NzEwMmE2LzEvNURhVGN5S0c1SzNyMVliTEZIU1JzbTNac3ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9lYWQyNzctODRjOS00YjhlLTg3OWUtNWY3MzI2NzEwMmE2
LzEvMUlWUjRtRnBzN1BoSlBhV1RpY0M2VmRvSlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCAYIKwYBBQUHAQcBAf8EgfgwgfUwWgQCAAEwVDAMAwQG
TW1AAwQBTW1sAwQETW1wMAwDBAVPhOADBABPhP4DBAVV6sADBARt7IADBAK5X0gD
BAXURwADBAXU6SAwDAMEB9XTgAMEAdXTvAMEBtXbgDCBlgQCAAIwgY8wDwMFAyoC
BXgDBgIqAgV4CAMGAyoCBXgQMBADBgIqAgV4HAMGAyoCBXggAwYCKgIFeCwDBgIq
AgV4NDAQAwYCKgIFeDwDBgQqAgV4QAMGAioCBXhcAwYCKgIFeGQDBgIqAgV4bAMG
AioCBXh0MBADBgIqAgV4fAMGBCoCBXiAAwYCKgIFeKADBgQqAgV44DANBgkqhkiG
9w0BAQsFAAOCAQEAE/ikiFivVNAMZ/FRbtIpa2tjbk1Mk9sGcOiguyNtTG+1Xm/J
vmjteP6SgGDWZoeJp6tYT/OBTZKwwOxyCJCCpTl9EZckmYXADMHq+eCLHho8BrIv
Ta2lQ7IkXMG+GciRVYo1EJLk5o/INZIkvQANsbC9D7pE3aPy72FFrJNHxCZhfK/p
hBzbDFNcl8wTOpEApLBim2mwxP3XDCaiuxayLKe4bMowaZHiCQKUVxvrxQrZGqkt
VtBT8LbtwMMLdq5gt2yE4XEPlSOxMROdNAY4Z2Y3d0+VTvnbsgDX2wKQdpjjvEEv
T0L5HpunJvq4Tgnnp8VfUoKCMW9Xvh3kiix1JQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:52 2024 by rpki-client on console-fra.rpki-client.org