Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/S-tdKT5-ztTkgHjvqaceR6c0XGY.roa
File: S-tdKT5-ztTkgHjvqaceR6c0XGY.roa (raw, json)
Hash identifier: biLTLiYjmrnvSkBwtqgMUkKtgAA1J9K21rjsnkCPJxk=
Subject key identifier: 4B:EB:5D:29:3E:7E:CE:D4:E4:80:78:EF:A9:A7:1E:47:A7:34:5C:66
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 018CCA29D6DD6C369D9095DAD2993E8A6D8F
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/S-tdKT5-ztTkgHjvqaceR6c0XGY.roa
Signing time: Tue 02 Jan 2024 12:33:08 +0000
ROA not before: Tue 02 Jan 2024 12:33:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207713
IP address blocks: 185.71.214.0/24 maxlen: 24
185.71.215.0/24 maxlen: 24
45.93.213.0/24 maxlen: 24
45.93.214.0/24 maxlen: 24
185.100.156.0/24 maxlen: 24
185.95.228.0/24 maxlen: 24
185.111.24.0/24 maxlen: 24
185.73.180.0/24 maxlen: 24
185.73.181.0/24 maxlen: 24
185.68.186.0/24 maxlen: 24
185.68.187.0/24 maxlen: 24
185.75.132.0/24 maxlen: 24
185.102.114.0/24 maxlen: 24
77.83.246.0/24 maxlen: 24
45.151.234.0/24 maxlen: 24
185.79.132.0/24 maxlen: 24
45.151.235.0/24 maxlen: 24
185.79.133.0/24 maxlen: 24
160.20.156.0/24 maxlen: 24
160.20.157.0/24 maxlen: 24
185.77.138.0/24 maxlen: 24
185.77.139.0/24 maxlen: 24
193.38.231.0/24 maxlen: 24
193.38.228.0/24 maxlen: 24
193.38.229.0/24 maxlen: 24
193.38.230.0/24 maxlen: 24
185.105.47.0/24 maxlen: 24
185.88.98.0/24 maxlen: 24
185.88.99.0/24 maxlen: 24
185.182.130.0/24 maxlen: 24
185.182.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 08:09:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:d6:dd:6c:36:9d:90:95:da:d2:99:3e:8a:6d:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jan 2 12:33:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4beb5d293e7eced4e48078efa9a71e47a7345c66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:34:85:83:82:35:4c:4e:1f:f9:4f:72:ef:76:
9f:53:bb:93:31:b9:a3:2b:79:8b:4f:ab:da:a3:83:
f0:ec:df:4a:39:ba:f1:42:e7:57:ec:11:f7:0c:78:
3f:22:d8:55:48:7e:f8:cc:52:d9:f4:bf:fd:7c:d3:
3a:e4:44:f6:8d:b5:b4:0a:98:0d:0a:7f:de:b5:31:
ea:6e:1f:f6:e4:4f:b5:1b:b3:33:52:4b:c4:0c:2f:
19:e3:42:b0:64:43:da:90:f3:b1:eb:78:aa:02:60:
8b:f7:02:ba:36:71:aa:75:77:26:e9:0e:48:89:fe:
76:dd:70:62:53:af:7f:c4:58:cd:8b:83:36:a1:d0:
69:6e:cd:39:8a:72:f5:ee:f3:41:6c:47:86:f4:ba:
ad:7c:d2:0d:f0:5c:88:86:84:b9:36:54:69:aa:57:
f3:60:75:1d:db:4c:5e:1f:37:4e:3b:9e:7f:47:94:
a4:8f:be:f8:55:52:d3:6b:95:ff:74:b3:22:f6:67:
67:5c:4e:6e:7f:3a:eb:90:1e:a1:e0:a2:d7:e5:97:
f5:32:41:64:8f:d5:bb:83:56:54:4e:9f:60:6c:87:
95:d4:98:2f:41:8b:1f:35:51:d3:b4:15:2e:f0:c8:
cf:b4:b3:59:13:10:3c:d2:09:5b:93:26:75:9d:9f:
07:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:EB:5D:29:3E:7E:CE:D4:E4:80:78:EF:A9:A7:1E:47:A7:34:5C:66
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/S-tdKT5-ztTkgHjvqaceR6c0XGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.213.0-45.93.214.255
45.151.234.0/23
77.83.246.0/24
160.20.156.0/23
185.68.186.0/23
185.71.214.0/23
185.73.180.0/23
185.75.132.0/24
185.77.138.0/23
185.79.132.0/23
185.88.98.0/23
185.95.228.0/24
185.100.156.0/24
185.102.114.0/24
185.105.47.0/24
185.111.24.0/24
185.182.130.0/23
193.38.228.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:e1:9d:97:a8:a1:06:51:d7:c7:12:13:d2:f6:80:73:2d:1e:
63:c3:51:94:12:6a:bb:0c:ca:90:cb:a1:ef:e8:9c:5b:d0:24:
79:d8:77:63:ae:ee:37:b5:41:9a:ae:4b:ae:78:9d:a0:b8:35:
44:4d:c5:51:f5:ca:51:5f:ce:19:28:7b:5f:ed:fc:50:7c:19:
9b:ea:7c:c3:40:e0:70:5e:c6:42:d9:8a:e9:ae:f6:69:a4:3a:
15:35:34:b8:bb:1f:e9:09:b5:33:bf:bc:3b:b1:c4:0b:43:fe:
c6:89:c7:6d:47:46:3e:71:ff:d3:3e:01:0e:3d:c9:bb:b5:23:
e9:bd:9d:21:00:ac:7b:58:a3:75:20:23:0f:1a:e3:1f:a2:a6:
ba:cc:b0:f9:88:31:ce:95:af:2f:44:d6:56:d9:f7:f0:a2:4f:
94:d0:73:09:50:e4:63:05:2b:0e:11:14:4e:d9:31:47:17:4f:
d8:93:b9:43:9a:2f:2b:d1:80:71:4e:55:d0:19:25:b3:fa:ff:
5c:a3:d6:1e:8f:9c:c4:df:7d:25:bf:59:f5:6b:84:ab:1c:eb:
e9:5b:24:41:56:ff:47:a1:25:0d:82:3d:9a:c4:48:8c:bb:7b:
f6:4c:c5:16:e3:08:44:71:90:84:f9:37:99:03:55:94:5e:7d:
e4:b2:cb:2d
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAYzKKdbdbDadkJXa0pk+im2PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjQwMTAyMTIzMzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmViNWQyOTNlN2VjZWQ0ZTQ4MDc4ZWZhOWE3MWU0N2E3MzQ1YzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTSFg4I1TE4f+U9y73afU7uTMbmj
K3mLT6vao4Pw7N9KObrxQudX7BH3DHg/IthVSH74zFLZ9L/9fNM65ET2jbW0CpgN
Cn/etTHqbh/25E+1G7MzUkvEDC8Z40KwZEPakPOx63iqAmCL9wK6NnGqdXcm6Q5I
if523XBiU69/xFjNi4M2odBpbs05inL17vNBbEeG9LqtfNIN8FyIhoS5NlRpqlfz
YHUd20xeHzdOO55/R5Skj774VVLTa5X/dLMi9mdnXE5ufzrrkB6h4KLX5Zf1MkFk
j9W7g1ZUTp9gbIeV1JgvQYsfNVHTtBUu8MjPtLNZExA80glbkyZ1nZ8H3QIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFEvrXSk+fs7U5IB476mnHkenNFxmMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvUy10ZEtUNS16dFRrZ0hqdnFhY2VSNmMwWEdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdDAMAwQALV3V
AwQALV3WAwQBLZfqAwQATVP2AwQBoBScAwQBuUS6AwQBuUfWAwQBuUm0AwQAuUuE
AwQBuU2KAwQBuU+EAwQBuVhiAwQAuV/kAwQAuWScAwQAuWZyAwQAuWkvAwQAuW8Y
AwQBubaCAwQCwSbkMA0GCSqGSIb3DQEBCwUAA4IBAQBO4Z2XqKEGUdfHEhPS9oBz
LR5jw1GUEmq7DMqQy6Hv6Jxb0CR52Hdjru43tUGarkuueJ2guDVETcVR9cpRX84Z
KHtf7fxQfBmb6nzDQOBwXsZC2YrprvZppDoVNTS4ux/pCbUzv7w7scQLQ/7Gicdt
R0Y+cf/TPgEOPcm7tSPpvZ0hAKx7WKN1ICMPGuMfoqa6zLD5iDHOla8vRNZW2ffw
ok+U0HMJUORjBSsOERRO2TFHF0/Yk7lDmi8r0YBxTlXQGSWz+v9co9Yej5zE330l
v1n1a4SrHOvpWyRBVv9HoSUNgj2axEiMu3v2TMUW4whEcZCE+TeZA1WUXn3kssst
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:59 2024 by rpki-client on console-fra.rpki-client.org