Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/SD4TGnWe4oyN_qPZD8kMiBgtf8A.roa
File: SD4TGnWe4oyN_qPZD8kMiBgtf8A.roa (raw, json)
Hash identifier: KPyW69kfkdY3x1CcDTPauJ2qi11JmuqTQD/x32SUFlc=
Subject key identifier: 48:3E:13:1A:75:9E:E2:8C:8D:FE:A3:D9:0F:C9:0C:88:18:2D:7F:C0
Certificate issuer: /CN=623526ad9fbec574fa4ec3d9badb5433fdaaca7b
Certificate serial: 0189CB3D97F4028492A1DECE7BF9C891579B
Authority key identifier: 62:35:26:AD:9F:BE:C5:74:FA:4E:C3:D9:BA:DB:54:33:FD:AA:CA:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YjUmrZ--xXT6TsPZuttUM_2qyns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/SD4TGnWe4oyN_qPZD8kMiBgtf8A.roa
Signing time: Sun 06 Aug 2023 14:25:58 +0000
ROA not before: Sun 06 Aug 2023 14:25:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61333
IP address blocks: 94.228.108.0/24 maxlen: 24
94.228.107.0/24 maxlen: 24
94.228.110.0/24 maxlen: 24
94.228.96.0/24 maxlen: 24
94.228.96.0/20 maxlen: 24
94.228.98.0/24 maxlen: 24
94.228.100.0/24 maxlen: 24
94.228.104.0/24 maxlen: 24
94.228.105.0/24 maxlen: 24
149.126.64.0/24 maxlen: 24
149.126.64.0/21 maxlen: 24
149.126.65.0/24 maxlen: 24
149.126.67.0/24 maxlen: 24
149.126.66.0/24 maxlen: 24
149.126.70.0/24 maxlen: 24
194.169.198.0/24 maxlen: 24
185.251.52.0/24 maxlen: 24
185.251.54.0/24 maxlen: 24
185.251.53.0/24 maxlen: 24
193.200.249.0/24 maxlen: 24
2a00:e30:64::/64 maxlen: 64
2a00:e30:ed00::/41 maxlen: 48
2a00:e30:a00::/40 maxlen: 48
2a00:e30::/41 maxlen: 41
2a00:e30:280::/41 maxlen: 41
2a00:e30:2100::/41 maxlen: 41
2a00:e30:3000::/41 maxlen: 41
2a00:e30:6900::/41 maxlen: 41
Validation: Failed, certificate revoked on Mon 09 Oct 2023 21:28:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cb:3d:97:f4:02:84:92:a1:de:ce:7b:f9:c8:91:57:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=623526ad9fbec574fa4ec3d9badb5433fdaaca7b
Validity
Not Before: Aug 6 14:25:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=483e131a759ee28c8dfea3d90fc90c88182d7fc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:bb:36:4b:4c:f5:f4:60:87:89:16:77:3b:3c:
8a:52:e1:b1:ff:fe:46:0c:07:74:53:3c:0f:f1:34:
c3:7f:47:9f:a7:c6:a1:32:af:d6:94:8e:d2:66:70:
9f:d3:b9:47:db:ee:61:ae:02:4c:e8:bb:41:72:28:
6a:f0:02:59:95:19:fa:20:61:70:85:d7:8b:b4:58:
d3:ec:5d:cc:c7:dd:2e:b4:4a:98:b1:53:9b:fb:00:
c7:9e:5b:39:a0:24:af:55:fe:7b:ac:46:26:79:6f:
83:47:25:63:bc:09:e0:fb:93:19:06:b9:4f:cb:ae:
f0:b0:38:f5:66:6a:2c:bd:42:96:68:f4:e9:e0:c4:
92:20:c2:2a:f0:45:24:74:58:2e:ed:17:cc:e6:16:
0b:69:9e:1d:2b:1d:a5:6d:7d:30:0d:ff:32:01:01:
49:4a:93:e1:7d:5b:f8:71:ba:9b:b1:b2:2f:00:8e:
95:5d:02:02:3c:8a:40:3c:2c:5a:61:de:59:b9:98:
0f:ab:78:0b:f1:95:ef:d7:22:42:aa:1e:b4:36:31:
f9:b0:3e:4b:61:45:58:b0:95:0d:6a:ba:f4:6a:1c:
3c:85:f8:65:5c:95:9c:dc:51:d5:b5:d3:5b:5e:19:
74:81:d5:8e:69:38:5b:00:15:31:86:4f:fe:4a:df:
ff:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:3E:13:1A:75:9E:E2:8C:8D:FE:A3:D9:0F:C9:0C:88:18:2D:7F:C0
X509v3 Authority Key Identifier:
keyid:62:35:26:AD:9F:BE:C5:74:FA:4E:C3:D9:BA:DB:54:33:FD:AA:CA:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YjUmrZ--xXT6TsPZuttUM_2qyns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/SD4TGnWe4oyN_qPZD8kMiBgtf8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/YjUmrZ--xXT6TsPZuttUM_2qyns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.228.96.0/20
149.126.64.0/21
185.251.52.0-185.251.54.255
193.200.249.0/24
194.169.198.0/24
IPv6:
2a00:e30::/41
2a00:e30:280::/41
2a00:e30:a00::/40
2a00:e30:2100::/41
2a00:e30:3000::/41
2a00:e30:6900::/41
2a00:e30:ed00::/41
Signature Algorithm: sha256WithRSAEncryption
60:9b:0c:9a:4f:7c:d5:fc:96:aa:ae:03:cc:98:65:33:6a:d8:
df:b9:45:b5:93:f4:4c:30:af:c0:da:2f:cb:53:51:54:17:91:
a8:0e:0f:75:9c:2c:f8:fd:22:d0:a1:4b:46:82:8c:6a:ed:a7:
4a:e3:ca:2a:3f:03:7a:f1:2c:b3:66:65:0d:00:4f:db:4b:ed:
1b:9b:bc:23:ac:d4:9c:e0:17:17:b1:a1:57:3c:1b:30:41:b9:
46:0b:36:62:91:fa:a8:2d:f3:6d:14:eb:bf:a6:8e:4a:bc:8b:
a2:5c:5b:d4:04:68:84:83:18:f4:df:45:50:84:de:fc:16:e7:
ef:fb:82:cf:b3:10:cb:8e:5b:44:b3:bb:0e:b5:b2:c0:12:c5:
da:c9:22:40:cf:5c:92:ee:b3:07:f1:59:3c:ea:be:ee:cd:40:
f2:28:0a:6d:3d:fe:e2:f7:08:50:27:4a:bd:ee:08:f2:38:13:
17:59:d5:86:a8:fe:1c:c2:3e:07:7c:cb:f1:5f:07:25:d9:4f:
aa:03:15:e4:e4:76:18:93:cd:ae:d8:5c:bf:4c:87:9b:1d:47:
b5:36:4f:c6:89:21:99:92:2f:cf:10:09:62:53:72:c3:10:58:
47:d0:9c:ca:91:82:9b:29:e7:7c:ca:af:15:3e:3c:16:06:32:
cb:82:1e:3c
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYnLPZf0AoSSod7Oe/nIkVebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMzUyNmFkOWZiZWM1NzRmYTRlYzNkOWJhZGI1NDMzZmRh
YWNhN2IwHhcNMjMwODA2MTQyNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODNlMTMxYTc1OWVlMjhjOGRmZWEzZDkwZmM5MGM4ODE4MmQ3ZmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbs2S0z19GCHiRZ3OzyKUuGx//5G
DAd0UzwP8TTDf0efp8ahMq/WlI7SZnCf07lH2+5hrgJM6LtBcihq8AJZlRn6IGFw
hdeLtFjT7F3Mx90utEqYsVOb+wDHnls5oCSvVf57rEYmeW+DRyVjvAng+5MZBrlP
y67wsDj1ZmosvUKWaPTp4MSSIMIq8EUkdFgu7RfM5hYLaZ4dKx2lbX0wDf8yAQFJ
SpPhfVv4cbqbsbIvAI6VXQICPIpAPCxaYd5ZuZgPq3gL8ZXv1yJCqh60NjH5sD5L
YUVYsJUNarr0ahw8hfhlXJWc3FHVtdNbXhl0gdWOaThbABUxhk/+St//lQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFEg+Exp1nuKMjf6j2Q/JDIgYLX/AMB8GA1UdIwQY
MBaAFGI1Jq2fvsV0+k7D2brbVDP9qsp7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWpVbXJaLS14WFQ2VHNQWnV0dFVNXzJxeW5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8xZDhmYzktYjIxYi00ZGI1LTk1Y2Yt
ODFjOGNlNzUwMTI0LzEvU0Q0VEduV2U0b3lOX3FQWkQ4a01pQmd0ZjhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8xZDhmYzktYjIxYi00ZGI1LTk1Y2YtODFjOGNlNzUwMTI0
LzEvWWpVbXJaLS14WFQ2VHNQWnV0dFVNXzJxeW5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwLAQCAAEwJgMEBF7kYAME
A5V+QDAMAwQCufs0AwQAufs2AwQAwcj5AwQAwqnGMEQEAgACMD4DBwcqAA4wAAAD
BwcqAA4wAoADBgAqAA4wCgMHByoADjAhAAMHByoADjAwAAMHByoADjBpAAMHByoA
DjDtADANBgkqhkiG9w0BAQsFAAOCAQEAYJsMmk981fyWqq4DzJhlM2rY37lFtZP0
TDCvwNovy1NRVBeRqA4PdZws+P0i0KFLRoKMau2nSuPKKj8DevEss2ZlDQBP20vt
G5u8I6zUnOAXF7GhVzwbMEG5Rgs2YpH6qC3zbRTrv6aOSryLolxb1ARohIMY9N9F
UITe/Bbn7/uCz7MQy45bRLO7DrWywBLF2skiQM9cku6zB/FZPOq+7s1A8igKbT3+
4vcIUCdKve4I8jgTF1nVhqj+HMI+B3zL8V8HJdlPqgMV5OR2GJPNrthcv0yHmx1H
tTZPxokhmZIvzxAJYlNywxBYR9CcypGCmynnfMqvFT48FgYyy4IePA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:03 2024 by rpki-client on console-fra.rpki-client.org