Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/t8yPaFHXRevwBzR_6xRcGo2PQ5Q.roa
File: t8yPaFHXRevwBzR_6xRcGo2PQ5Q.roa (raw, json)
Hash identifier: 8P3hVs+YIFlHAVwwIeQK1nIt9j/5/N49ML6/wne1F3I=
Subject key identifier: B7:CC:8F:68:51:D7:45:EB:F0:07:34:7F:EB:14:5C:1A:8D:8F:43:94
Certificate issuer: /CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593
Certificate serial: 01857255879095303DC493BB44D4E91DDE4B
Authority key identifier: 4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/t8yPaFHXRevwBzR_6xRcGo2PQ5Q.roa
Signing time: Mon 02 Jan 2023 11:54:45 +0000
ROA not before: Mon 02 Jan 2023 11:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31200
IP address blocks: 178.49.248.0/22 maxlen: 22
178.49.200.0/22 maxlen: 22
5.129.0.0/17 maxlen: 17
37.193.0.0/16 maxlen: 16
5.129.128.0/19 maxlen: 19
5.131.0.0/16 maxlen: 16
37.195.0.0/16 maxlen: 16
178.49.12.0/22 maxlen: 22
37.194.0.0/16 maxlen: 16
5.130.0.0/16 maxlen: 16
178.49.56.0/22 maxlen: 22
5.128.0.0/16 maxlen: 16
37.192.0.0/16 maxlen: 16
5.129.186.0/24 maxlen: 24
5.129.181.0/24 maxlen: 24
5.129.184.0/23 maxlen: 23
37.192.0.0/14 maxlen: 14
178.49.0.0/17 maxlen: 17
178.49.0.0/16 maxlen: 24
178.49.132.0/24 maxlen: 24
178.49.128.0/17 maxlen: 24
178.49.133.0/24 maxlen: 24
178.49.145.0/24 maxlen: 24
178.49.144.0/24 maxlen: 24
178.49.142.0/24 maxlen: 24
178.49.141.0/24 maxlen: 24
178.49.146.0/24 maxlen: 24
178.49.148.0/24 maxlen: 24
178.49.147.0/24 maxlen: 24
178.49.152.0/23 maxlen: 23
178.49.152.0/24 maxlen: 24
178.49.152.0/22 maxlen: 22
178.49.150.0/23 maxlen: 23
178.49.159.0/24 maxlen: 24
178.49.158.0/24 maxlen: 24
178.49.156.0/23 maxlen: 23
178.49.154.0/24 maxlen: 24
178.49.154.0/23 maxlen: 23
5.128.119.0/24 maxlen: 24
5.131.240.0/20 maxlen: 20
5.131.251.0/24 maxlen: 24
2a00:7700::/32 maxlen: 32
2a00:7700:8a02::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 18 Oct 2023 10:17:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:87:90:95:30:3d:c4:93:bb:44:d4:e9:1d:de:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593
Validity
Not Before: Jan 2 11:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7cc8f6851d745ebf007347feb145c1a8d8f4394
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fb:3a:c5:d5:35:5d:56:7b:c3:d5:25:e7:dd:
20:cc:98:cb:64:19:2e:b4:9a:c8:55:b1:01:3b:27:
34:f6:00:8e:54:29:1c:7a:7d:4d:d2:bd:15:d6:4e:
d0:1f:91:74:43:f3:a3:ac:80:aa:e1:bb:47:40:23:
d8:c1:6c:82:5a:bf:0d:54:a9:b3:43:86:ae:26:c2:
6c:94:0c:e9:34:95:66:f3:78:e3:dd:2e:7a:4a:99:
fb:1e:bb:83:c3:b8:02:79:55:37:34:0a:4b:67:82:
51:63:12:f4:90:6f:0e:7c:db:bd:eb:c6:ea:e0:f9:
f0:80:fd:26:ac:d2:33:54:23:b8:5b:8a:2a:4e:cc:
34:78:a9:25:1b:07:ab:98:14:9c:a3:5f:b3:81:e1:
7c:d0:c5:d3:a7:ab:79:3a:8a:43:70:40:76:1b:59:
02:d8:4b:6f:c3:bd:94:ee:c1:4d:76:8a:d0:c4:20:
0f:af:7a:bf:6d:c3:ff:f7:47:e1:cd:43:4a:bf:44:
ec:c7:2b:fe:5b:bf:81:fb:92:6a:96:6e:49:eb:bd:
7a:49:59:8e:64:17:3d:a2:59:98:d2:5e:96:dc:ee:
3d:64:36:24:8c:d3:a8:e8:ff:4c:3f:fe:c2:02:fc:
84:71:10:d3:65:39:a2:ee:3e:6f:46:9f:dd:96:c9:
91:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:CC:8F:68:51:D7:45:EB:F0:07:34:7F:EB:14:5C:1A:8D:8F:43:94
X509v3 Authority Key Identifier:
keyid:4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/t8yPaFHXRevwBzR_6xRcGo2PQ5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Tds9zfXmvuCYJcN787i98otvtZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.128.0.0-5.129.159.255
5.129.181.0/24
5.129.184.0-5.129.186.255
5.130.0.0/15
37.192.0.0/14
178.49.0.0/16
IPv6:
2a00:7700::/32
Signature Algorithm: sha256WithRSAEncryption
96:61:50:9b:d7:00:88:cb:d3:e2:57:bd:e2:94:16:31:04:f6:
64:c8:cb:36:77:fa:b2:0b:dc:19:37:99:df:2d:82:5d:1e:0f:
dc:3d:cc:c5:34:5e:76:c4:19:c4:49:3b:e2:8f:44:a1:df:fe:
bf:c2:00:70:2d:77:6b:6e:bd:b1:d6:70:09:3e:3b:8b:11:36:
4c:3f:71:e9:85:55:4b:08:6a:17:72:cd:5b:df:8a:b4:d3:99:
7f:58:77:29:93:8a:83:ba:f6:c2:d4:95:b6:93:41:54:58:61:
5f:a8:0d:f6:00:7a:dd:26:38:c3:9a:a5:6d:2e:ba:da:fd:34:
6d:56:59:e6:6d:4a:ac:ea:6d:64:57:71:91:fd:1a:96:c5:63:
42:dd:7f:48:19:e4:ba:f4:8e:a8:44:ef:7a:12:68:57:f4:df:
6a:0a:92:da:e2:f5:49:9c:13:39:35:8e:fa:00:77:e3:3a:e6:
b8:b2:22:14:6f:5d:0f:57:e9:ea:33:60:bf:af:7d:11:07:17:
6c:e9:a0:ed:a9:ff:26:15:dd:77:c2:c4:45:d8:15:34:15:9c:
56:aa:41:88:ba:b7:bf:1a:e1:74:d2:36:f2:3d:81:28:85:ef:
4a:83:c1:45:ad:b4:a9:fc:96:a2:30:69:30:99:4a:33:22:1a:
b0:2a:3c:18
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVyVYeQlTA9xJO7RNTpHd5LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZGIzZGNkZjVlNmJlZTA5ODI1YzM3YmYzYjhiZGYyOGI2
ZmI1OTMwHhcNMjMwMTAyMTE1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2NjOGY2ODUxZDc0NWViZjAwNzM0N2ZlYjE0NWMxYThkOGY0Mzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvs6xdU1XVZ7w9Ul590gzJjLZBku
tJrIVbEBOyc09gCOVCkcen1N0r0V1k7QH5F0Q/OjrICq4btHQCPYwWyCWr8NVKmz
Q4auJsJslAzpNJVm83jj3S56Spn7HruDw7gCeVU3NApLZ4JRYxL0kG8OfNu968bq
4PnwgP0mrNIzVCO4W4oqTsw0eKklGwermBSco1+zgeF80MXTp6t5OopDcEB2G1kC
2Etvw72U7sFNdorQxCAPr3q/bcP/90fhzUNKv0Tsxyv+W7+B+5Jqlm5J6716SVmO
ZBc9olmY0l6W3O49ZDYkjNOo6P9MP/7CAvyEcRDTZTmi7j5vRp/dlsmRbQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFLfMj2hR10Xr8Ac0f+sUXBqNj0OUMB8GA1UdIwQY
MBaAFE3bPc315r7gmCXDe/O4vfKLb7WTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRzOXpmWG12dUNZSmNONzg3aTk4b3R2dFpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83OTBjZWUtZDU0ZS00NTk4LThiYzEt
MjE3MGM1YzFkM2VkLzEvdDh5UGFGSFhSZXZ3QnpSXzZ4UmNHbzJQUTVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83OTBjZWUtZDU0ZS00NTk4LThiYzEtMjE3MGM1YzFkM2Vk
LzEvVGRzOXpmWG12dUNZSmNONzg3aTk4b3R2dFpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwMAsDAwcFgAME
BQWBgAMEAAWBtTAMAwQDBYG4AwQABYG6AwMBBYIDAwIlwAMDALIxMA0EAgACMAcD
BQAqAHcAMA0GCSqGSIb3DQEBCwUAA4IBAQCWYVCb1wCIy9PiV73ilBYxBPZkyMs2
d/qyC9wZN5nfLYJdHg/cPczFNF52xBnESTvij0Sh3/6/wgBwLXdrbr2x1nAJPjuL
ETZMP3HphVVLCGoXcs1b34q005l/WHcpk4qDuvbC1JW2k0FUWGFfqA32AHrdJjjD
mqVtLrra/TRtVlnmbUqs6m1kV3GR/RqWxWNC3X9IGeS69I6oRO96EmhX9N9qCpLa
4vVJnBM5NY76AHfjOua4siIUb10PV+nqM2C/r30RBxds6aDtqf8mFd13wsRF2BU0
FZxWqkGIure/GuF00jbyPYEohe9Kg8FFrbSp/JaiMGkwmUozIhqwKjwY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:37 2024 by rpki-client on console-fra.rpki-client.org