Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/68Oj1T-yfQau7WubQdGF8jthzxs.roa
File: 68Oj1T-yfQau7WubQdGF8jthzxs.roa (raw, json)
Hash identifier: 01XUzP58x4EzZtf2bEIAQZnFyNecXqGw5pbcxyh2S24=
Subject key identifier: EB:C3:A3:D5:3F:B2:7D:06:AE:ED:6B:9B:41:D1:85:F2:3B:61:CF:1B
Certificate issuer: /CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Certificate serial: 018ED1472E4F2EBB35073888EB3108F479B0
Authority key identifier: 94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/68Oj1T-yfQau7WubQdGF8jthzxs.roa
Signing time: Fri 12 Apr 2024 07:48:06 +0000
ROA not before: Fri 12 Apr 2024 07:48:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62005
IP address blocks: 45.86.228.0/24 maxlen: 24
45.86.229.0/24 maxlen: 24
45.86.231.0/24 maxlen: 24
45.129.199.0/24 maxlen: 24
77.72.85.0/24 maxlen: 24
91.235.234.0/24 maxlen: 24
91.242.241.0/24 maxlen: 24
146.19.143.0/24 maxlen: 24
146.19.254.0/24 maxlen: 24
176.124.32.0/24 maxlen: 24
176.124.33.0/24 maxlen: 24
185.39.18.0/24 maxlen: 24
185.123.53.0/24 maxlen: 24
193.109.120.0/24 maxlen: 24
193.200.16.0/24 maxlen: 24
193.200.17.0/24 maxlen: 24
194.61.120.0/24 maxlen: 24
194.61.121.0/24 maxlen: 24
195.54.160.0/24 maxlen: 24
213.109.192.0/24 maxlen: 24
2a10:1fc0:1::/48 maxlen: 48
2a10:1fc0:2::/48 maxlen: 48
2a10:1fc0:3::/48 maxlen: 48
2a10:1fc0:4::/48 maxlen: 48
2a10:1fc0:5::/48 maxlen: 48
2a10:1fc0:6::/48 maxlen: 48
2a10:1fc0:8::/48 maxlen: 48
2a10:1fc0:b::/48 maxlen: 48
2a10:1fc0:c::/48 maxlen: 48
2a10:1fc0:d::/48 maxlen: 48
2a10:1fc0:e::/48 maxlen: 48
2a10:1fc0:f::/48 maxlen: 48
2a10:1fc0:10::/48 maxlen: 48
2a10:1fc0:11::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 25 Apr 2024 08:57:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d1:47:2e:4f:2e:bb:35:07:38:88:eb:31:08:f4:79:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Validity
Not Before: Apr 12 07:48:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ebc3a3d53fb27d06aeed6b9b41d185f23b61cf1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:26:95:a7:5e:d7:8a:3f:7e:04:02:d3:0f:65:
c5:2e:94:87:44:78:1a:0e:c8:cf:34:f4:75:d0:d9:
c6:a2:be:27:19:5c:a8:1a:09:20:ac:1c:9c:8a:3f:
21:3a:ce:60:e9:9a:f6:dc:1c:15:e6:7a:95:09:3d:
97:50:3c:f0:ac:73:a0:3a:4d:57:8f:01:15:00:be:
3e:c5:1f:38:5e:0c:84:8c:7d:2b:f2:eb:8c:9b:91:
bb:3e:1d:b7:fd:1e:38:68:fd:08:df:17:90:c6:b9:
20:3c:e6:63:fb:70:ed:8f:47:65:4b:a6:de:e8:8a:
f0:c5:79:0b:9f:52:25:02:a5:88:ba:66:ea:fd:61:
c0:2c:b3:f9:f5:1a:10:8d:1e:f3:54:72:6f:57:38:
17:fe:f6:b1:0e:2c:f6:fe:eb:11:53:17:4b:5f:b0:
d2:2e:e7:59:b6:18:e6:c9:31:b7:a3:c6:fd:14:5b:
f5:41:34:26:e4:22:6b:4a:82:85:e2:9b:b7:a1:3f:
b3:64:66:93:3b:82:51:df:31:02:81:06:b6:83:c2:
4d:31:bd:c7:27:e8:c0:bd:61:0a:98:6a:b9:7e:14:
1f:f2:7c:f0:7f:8a:b7:25:03:9c:68:b1:df:aa:d2:
5e:f3:53:c0:7d:09:2e:87:67:65:1c:29:2f:37:64:
5a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:C3:A3:D5:3F:B2:7D:06:AE:ED:6B:9B:41:D1:85:F2:3B:61:CF:1B
X509v3 Authority Key Identifier:
keyid:94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/68Oj1T-yfQau7WubQdGF8jthzxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.228.0/23
45.86.231.0/24
45.129.199.0/24
77.72.85.0/24
91.235.234.0/24
91.242.241.0/24
146.19.143.0/24
146.19.254.0/24
176.124.32.0/23
185.39.18.0/24
185.123.53.0/24
193.109.120.0/24
193.200.16.0/23
194.61.120.0/23
195.54.160.0/24
213.109.192.0/24
IPv6:
2a10:1fc0:1::-2a10:1fc0:6:ffff:ffff:ffff:ffff:ffff
2a10:1fc0:8::/48
2a10:1fc0:b::-2a10:1fc0:11:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
00:8a:9c:a7:03:24:eb:f5:7f:34:26:12:b9:cc:b1:e3:92:b7:
94:d6:e0:83:6b:93:80:4e:4a:04:ca:d6:99:ee:c5:b4:43:37:
8f:15:37:76:a4:bc:98:8c:88:a0:6b:ee:7f:68:57:f2:fc:ac:
71:49:7d:fd:ec:ce:b5:88:fc:bf:f4:c6:a0:db:0b:cf:44:df:
f6:78:71:c2:e3:7b:82:da:cc:d5:43:fd:c4:c8:03:98:07:58:
9c:f3:d2:d1:bf:f4:96:2a:e8:cb:f3:1a:1d:b4:62:68:6d:8c:
72:b1:06:c2:a7:d3:44:a1:3f:00:df:7d:0f:bc:91:4d:97:f5:
95:ef:92:b9:41:4f:65:b9:e2:c2:d5:10:00:cc:b6:fc:3d:af:
4f:59:78:21:6e:3e:8d:6c:45:fa:72:c8:3d:04:67:62:24:c5:
e0:6c:3b:98:58:4e:c8:7f:3c:df:a9:73:d8:66:09:6c:71:dd:
02:a7:ea:3a:11:ed:1b:54:6a:5d:c6:dc:e1:24:89:08:5d:76:
2e:8b:38:ec:95:f0:5e:08:c7:5e:6f:a0:94:a2:d6:70:42:a6:
d4:e4:91:5a:d7:86:ca:61:95:4c:3b:3f:79:61:d0:ba:f1:bc:
8d:07:43:52:9c:c7:68:48:e5:b5:b5:67:f1:13:c2:f4:e7:27:
dd:29:8b:36
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAY7RRy5PLrs1BziI6zEI9HmwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzMyMGQwMzA5MzAxNzhlNmY3Y2VlZjkxZDJhYjg3ODRk
M2RjMTYwHhcNMjQwNDEyMDc0ODA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmMzYTNkNTNmYjI3ZDA2YWVlZDZiOWI0MWQxODVmMjNiNjFjZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiaVp17Xij9+BALTD2XFLpSHRHga
DsjPNPR10NnGor4nGVyoGgkgrBycij8hOs5g6Zr23BwV5nqVCT2XUDzwrHOgOk1X
jwEVAL4+xR84XgyEjH0r8uuMm5G7Ph23/R44aP0I3xeQxrkgPOZj+3Dtj0dlS6be
6IrwxXkLn1IlAqWIumbq/WHALLP59RoQjR7zVHJvVzgX/vaxDiz2/usRUxdLX7DS
LudZthjmyTG3o8b9FFv1QTQm5CJrSoKF4pu3oT+zZGaTO4JR3zECgQa2g8JNMb3H
J+jAvWEKmGq5fhQf8nzwf4q3JQOcaLHfqtJe81PAfQkuh2dlHCkvN2RaDwIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFOvDo9U/sn0Gru1rm0HRhfI7Yc8bMB8GA1UdIwQY
MBaAFJRzINAwkwF45vfO75HSq4eE09wWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEt
OGFjNGEyMTkzOGI0LzEvNjhPajFULXlmUWF1N1d1YlFkR0Y4anRoenhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEtOGFjNGEyMTkzOGI0
LzEvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTBmBAIAATBgAwQBLVbk
AwQALVbnAwQALYHHAwQATUhVAwQAW+vqAwQAW/LxAwQAkhOPAwQAkhP+AwQBsHwg
AwQAuScSAwQAuXs1AwQAwW14AwQBwcgQAwQBwj14AwQAwzagAwQA1W3AMDcEAgAC
MDEwEgMHACoQH8AAAQMHACoQH8AABgMHACoQH8AACDASAwcAKhAfwAALAwcBKhAf
wAAQMA0GCSqGSIb3DQEBCwUAA4IBAQAAipynAyTr9X80JhK5zLHjkreU1uCDa5OA
TkoEytaZ7sW0QzePFTd2pLyYjIiga+5/aFfy/KxxSX397M61iPy/9Mag2wvPRN/2
eHHC43uC2szVQ/3EyAOYB1ic89LRv/SWKujL8xodtGJobYxysQbCp9NEoT8A330P
vJFNl/WV75K5QU9lueLC1RAAzLb8Pa9PWXghbj6NbEX6csg9BGdiJMXgbDuYWE7I
fzzfqXPYZglscd0Cp+o6Ee0bVGpdxtzhJIkIXXYuizjslfBeCMdeb6CUotZwQqbU
5JFa14bKYZVMOz95YdC68byNB0NSnMdoSOW1tWfxE8L05yfdKYs2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:23 2024 by rpki-client on console-fra.rpki-client.org