Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/db3303-7879-4b69-8848-115f15b20de7/1/s2ZFBGhm6gkHrAl5r9u8DXhFsZM.roa
File: s2ZFBGhm6gkHrAl5r9u8DXhFsZM.roa (raw, json)
Hash identifier: YgEaLZBv/ZPbCrdItwO8fEWAF6sJJ6qRW7r1Qt/T5s4=
Subject key identifier: B3:66:45:04:68:66:EA:09:07:AC:09:79:AF:DB:BC:0D:78:45:B1:93
Certificate issuer: /CN=c1d710d8ac31b1f6daf7046c45374ae8e405f18e
Certificate serial: 01856B0A1A1BCA3EF77DE832002D2BCBD4D4
Authority key identifier: C1:D7:10:D8:AC:31:B1:F6:DA:F7:04:6C:45:37:4A:E8:E4:05:F1:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wdcQ2Kwxsfba9wRsRTdK6OQF8Y4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/db3303-7879-4b69-8848-115f15b20de7/1/s2ZFBGhm6gkHrAl5r9u8DXhFsZM.roa
Signing time: Sun 01 Jan 2023 01:55:02 +0000
ROA not before: Sun 01 Jan 2023 01:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3249
IP address blocks: 83.166.32.0/19 maxlen: 19
91.236.222.0/24 maxlen: 24
85.29.192.0/18 maxlen: 18
62.65.32.0/19 maxlen: 19
217.159.128.0/17 maxlen: 17
84.50.0.0/16 maxlen: 16
94.246.192.0/20 maxlen: 20
80.235.0.0/17 maxlen: 17
94.246.208.0/21 maxlen: 21
213.180.0.0/19 maxlen: 19
213.168.0.0/19 maxlen: 19
185.43.104.0/22 maxlen: 22
46.131.0.0/16 maxlen: 16
195.250.160.0/19 maxlen: 19
90.190.0.0/15 maxlen: 15
195.50.192.0/19 maxlen: 19
194.106.96.0/19 maxlen: 19
213.219.64.0/18 maxlen: 18
195.50.224.0/19 maxlen: 19
81.20.144.0/20 maxlen: 20
217.71.32.0/20 maxlen: 20
185.20.56.0/22 maxlen: 22
194.126.96.0/19 maxlen: 19
213.35.128.0/17 maxlen: 17
37.157.64.0/18 maxlen: 18
78.110.36.0/22 maxlen: 22
88.196.0.0/16 maxlen: 16
78.110.40.0/22 maxlen: 22
185.40.236.0/22 maxlen: 22
176.46.0.0/17 maxlen: 17
89.221.64.0/21 maxlen: 21
2001:7d0::/32 maxlen: 32
2a01:158::/32 maxlen: 32
2a00:16e0::/32 maxlen: 32
2a01:6da0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:0a:1a:1b:ca:3e:f7:7d:e8:32:00:2d:2b:cb:d4:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1d710d8ac31b1f6daf7046c45374ae8e405f18e
Validity
Not Before: Jan 1 01:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b36645046866ea0907ac0979afdbbc0d7845b193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:78:56:03:8f:ed:c5:f3:78:35:d3:de:48:4a:
f3:72:e4:5c:e8:e0:cd:7a:29:e4:95:68:34:ba:6e:
57:9a:f4:a5:b9:5e:1e:90:36:e7:4c:18:53:8f:2a:
1b:3b:de:aa:6d:93:40:28:03:da:57:29:0c:9b:62:
eb:3b:a8:c3:bf:d9:f9:a0:1b:de:7f:90:f4:c8:a8:
25:9b:42:8f:d2:f7:fd:43:10:a3:18:c8:e6:6e:11:
21:33:93:65:a1:9e:56:a3:44:4d:27:89:da:ef:32:
31:cd:27:a5:c0:a0:2d:1c:3a:4c:d2:d8:b1:45:a2:
54:43:2b:a1:2a:a2:4d:34:e6:fc:99:dc:71:b4:33:
67:43:0e:57:84:05:30:7f:38:6f:b5:3f:ee:cc:20:
43:3e:bd:da:76:78:7b:9a:63:47:df:98:de:77:89:
1c:9d:64:ad:7d:7d:a9:26:ec:64:2b:3b:66:ed:d8:
24:00:f3:67:b0:d9:33:72:24:5e:78:41:d3:82:9c:
8d:08:14:4c:6c:55:bd:e4:fc:50:88:26:11:66:5f:
0c:49:bc:39:33:3e:b2:a6:72:82:3c:1b:01:17:dc:
a1:23:53:32:ab:f0:33:b0:b0:5f:e1:f4:ce:48:f7:
35:de:46:4b:60:6a:37:56:dc:7a:f4:49:75:7e:b9:
9d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:66:45:04:68:66:EA:09:07:AC:09:79:AF:DB:BC:0D:78:45:B1:93
X509v3 Authority Key Identifier:
keyid:C1:D7:10:D8:AC:31:B1:F6:DA:F7:04:6C:45:37:4A:E8:E4:05:F1:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wdcQ2Kwxsfba9wRsRTdK6OQF8Y4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/db3303-7879-4b69-8848-115f15b20de7/1/s2ZFBGhm6gkHrAl5r9u8DXhFsZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/db3303-7879-4b69-8848-115f15b20de7/1/wdcQ2Kwxsfba9wRsRTdK6OQF8Y4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.64.0/18
46.131.0.0/16
62.65.32.0/19
78.110.36.0-78.110.43.255
80.235.0.0/17
81.20.144.0/20
83.166.32.0/19
84.50.0.0/16
85.29.192.0/18
88.196.0.0/16
89.221.64.0/21
90.190.0.0/15
91.236.222.0/24
94.246.192.0-94.246.215.255
176.46.0.0/17
185.20.56.0/22
185.40.236.0/22
185.43.104.0/22
194.106.96.0/19
194.126.96.0/19
195.50.192.0/18
195.250.160.0/19
213.35.128.0/17
213.168.0.0/19
213.180.0.0/19
213.219.64.0/18
217.71.32.0/20
217.159.128.0/17
IPv6:
2001:7d0::/32
2a00:16e0::/32
2a01:158::/32
2a01:6da0::/32
Signature Algorithm: sha256WithRSAEncryption
38:4c:64:62:29:1a:72:4e:17:18:8b:69:c5:df:ed:41:4e:c7:
be:f1:c6:b5:2b:3f:78:8a:72:00:5d:db:e1:82:c0:18:51:f3:
8d:63:bf:f5:3d:6c:4a:e3:d0:f6:31:5c:97:3a:db:d6:a1:8b:
ec:d8:c0:81:33:66:e6:fd:48:62:8d:4a:dd:72:97:a2:79:e5:
70:3a:81:a5:71:d7:3b:ba:fb:94:16:fe:5c:d5:74:e7:87:1f:
57:f7:28:a2:d8:59:de:50:78:1c:53:09:90:29:7b:1e:ab:3c:
80:3d:aa:d7:82:6f:b9:b5:b1:85:16:58:aa:cd:33:25:50:88:
e8:fc:e6:6e:09:e8:c4:54:65:73:75:cc:46:09:de:90:61:f5:
72:60:fd:40:2f:0e:86:47:67:0c:44:57:90:72:47:45:1f:1a:
05:38:a6:a1:d7:99:99:8d:ae:c2:a6:4a:91:5d:e5:41:f6:4d:
f5:df:84:05:bc:22:b0:56:6d:07:5a:22:5d:44:a0:ee:fa:3e:
83:64:ea:b8:36:90:f1:67:6c:d6:02:db:ab:fb:44:a0:87:cf:
ba:7a:c7:47:74:39:d5:61:f7:f1:70:59:d1:8f:2c:df:73:0d:
80:e5:28:ca:54:5b:3c:50:f6:61:0c:66:10:b3:4e:95:ef:83:
63:24:8d:ee
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAYVrChobyj73fegyAC0ry9TUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZDcxMGQ4YWMzMWIxZjZkYWY3MDQ2YzQ1Mzc0YWU4ZTQw
NWYxOGUwHhcNMjMwMTAxMDE1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzY2NDUwNDY4NjZlYTA5MDdhYzA5NzlhZmRiYmMwZDc4NDViMTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnhWA4/txfN4NdPeSErzcuRc6ODN
einklWg0um5XmvSluV4ekDbnTBhTjyobO96qbZNAKAPaVykMm2LrO6jDv9n5oBve
f5D0yKglm0KP0vf9QxCjGMjmbhEhM5NloZ5Wo0RNJ4na7zIxzSelwKAtHDpM0tix
RaJUQyuhKqJNNOb8mdxxtDNnQw5XhAUwfzhvtT/uzCBDPr3adnh7mmNH35jed4kc
nWStfX2pJuxkKztm7dgkAPNnsNkzciReeEHTgpyNCBRMbFW95PxQiCYRZl8MSbw5
Mz6ypnKCPBsBF9yhI1Myq/AzsLBf4fTOSPc13kZLYGo3Vtx69El1frmdOQIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFLNmRQRoZuoJB6wJea/bvA14RbGTMB8GA1UdIwQY
MBaAFMHXENisMbH22vcEbEU3SujkBfGOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2RjUTJLd3hzZmJhOXdSc1JUZEs2T1FGOFk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9kYjMzMDMtNzg3OS00YjY5LTg4NDgt
MTE1ZjE1YjIwZGU3LzEvczJaRkJHaG02Z2tIckFsNXI5dThEWGhGc1pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9kYjMzMDMtNzg3OS00YjY5LTg4NDgtMTE1ZjE1YjIwZGU3
LzEvd2RjUTJLd3hzZmJhOXdSc1JUZEs2T1FGOFk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jCBuwQCAAEwgbQDBAYl
nUADAwAugwMEBT5BIDAMAwQCTm4kAwQCTm4oAwQHUOsAAwQEURSQAwQFU6YgAwMA
VDIDBAZVHcADAwBYxAMEA1ndQAMDAVq+AwQAW+zeMAwDBAZe9sADBANe9tADBAew
LgADBAK5FDgDBAK5KOwDBAK5K2gDBAXCamADBAXCfmADBAbDMsADBAXD+qADBAfV
I4ADBAXVqAADBAXVtAADBAbV20ADBATZRyADBAfZn4AwIgQCAAIwHAMFACABB9AD
BQAqABbgAwUAKgEBWAMFACoBbaAwDQYJKoZIhvcNAQELBQADggEBADhMZGIpGnJO
FxiLacXf7UFOx77xxrUrP3iKcgBd2+GCwBhR841jv/U9bErj0PYxXJc629ahi+zY
wIEzZub9SGKNSt1yl6J55XA6gaVx1zu6+5QW/lzVdOeHH1f3KKLYWd5QeBxTCZAp
ex6rPIA9qteCb7m1sYUWWKrNMyVQiOj85m4J6MRUZXN1zEYJ3pBh9XJg/UAvDoZH
ZwxEV5ByR0UfGgU4pqHXmZmNrsKmSpFd5UH2TfXfhAW8IrBWbQdaIl1EoO76PoNk
6rg2kPFnbNYC26v7RKCHz7p6x0d0OdVh9/FwWdGPLN9zDYDlKMpUWzxQ9mEMZhCz
TpXvg2Mkje4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:42 2024 by rpki-client on console-fra.rpki-client.org