Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/cc9UbHAeh97Gav3n-RfoXEwS19U.roa
File: cc9UbHAeh97Gav3n-RfoXEwS19U.roa (raw, json)
Hash identifier: vgV3xz6an4jxGdnZawlrJw8uHtODRWfGJFtYGZjhm8s=
Subject key identifier: 71:CF:54:6C:70:1E:87:DE:C6:6A:FD:E7:F9:17:E8:5C:4C:12:D7:D5
Certificate issuer: /CN=237f7db033314c473cda194e0df79f1c375da3f4
Certificate serial: 018A928DA1C40C63215C80CFF22152D176CF
Authority key identifier: 23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/cc9UbHAeh97Gav3n-RfoXEwS19U.roa
Signing time: Thu 14 Sep 2023 07:17:50 +0000
ROA not before: Thu 14 Sep 2023 07:17:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3225
IP address blocks: 91.140.216.0/22 maxlen: 24
91.140.221.0/24 maxlen: 24
91.140.220.0/24 maxlen: 24
91.140.224.0/22 maxlen: 24
91.140.224.0/24 maxlen: 24
91.140.222.0/24 maxlen: 24
91.140.223.0/24 maxlen: 24
91.140.226.0/24 maxlen: 24
91.140.233.0/24 maxlen: 24
91.140.228.0/22 maxlen: 24
91.140.232.0/24 maxlen: 24
91.140.240.0/24 maxlen: 24
91.140.235.0/24 maxlen: 24
91.140.234.0/24 maxlen: 24
91.140.238.0/24 maxlen: 24
91.140.239.0/24 maxlen: 24
91.140.236.0/24 maxlen: 24
91.140.237.0/24 maxlen: 24
91.140.242.0/24 maxlen: 24
91.140.241.0/24 maxlen: 24
91.140.246.0/24 maxlen: 24
91.140.244.0/22 maxlen: 24
91.140.248.0/22 maxlen: 24
91.140.248.0/24 maxlen: 24
91.140.249.0/24 maxlen: 24
91.140.252.0/22 maxlen: 24
91.140.252.0/24 maxlen: 24
91.140.253.0/24 maxlen: 24
91.140.250.0/24 maxlen: 24
91.140.251.0/24 maxlen: 24
91.140.255.0/24 maxlen: 24
91.140.254.0/24 maxlen: 24
185.16.4.0/22 maxlen: 24
91.140.164.0/22 maxlen: 24
91.140.160.0/22 maxlen: 24
91.140.172.0/22 maxlen: 24
94.187.224.0/19 maxlen: 24
91.140.180.0/22 maxlen: 24
94.187.232.0/22 maxlen: 24
91.140.192.0/22 maxlen: 24
94.187.228.0/22 maxlen: 24
91.140.188.0/22 maxlen: 24
91.140.196.0/22 maxlen: 24
94.187.236.0/22 maxlen: 24
94.187.240.0/22 maxlen: 24
91.140.200.0/22 maxlen: 24
91.140.201.0/24 maxlen: 24
91.140.203.0/24 maxlen: 24
94.187.244.0/22 maxlen: 24
91.140.204.0/22 maxlen: 24
91.140.202.0/24 maxlen: 24
94.187.252.0/22 maxlen: 24
91.140.212.0/22 maxlen: 24
91.140.207.0/24 maxlen: 24
94.187.248.0/22 maxlen: 24
91.140.208.0/22 maxlen: 24
91.140.128.0/17 maxlen: 24
91.140.128.0/22 maxlen: 24
91.140.132.0/22 maxlen: 24
91.140.140.0/22 maxlen: 24
91.140.152.0/22 maxlen: 24
91.140.148.0/22 maxlen: 24
194.54.241.0/24 maxlen: 24
194.54.244.0/22 maxlen: 24
194.54.243.0/24 maxlen: 24
194.54.248.0/22 maxlen: 24
194.54.252.0/22 maxlen: 24
194.54.192.0/19 maxlen: 24
194.54.196.0/22 maxlen: 24
194.54.192.0/18 maxlen: 24
194.54.194.0/23 maxlen: 24
194.54.204.0/22 maxlen: 24
194.54.200.0/22 maxlen: 24
194.54.202.0/24 maxlen: 24
194.54.209.0/24 maxlen: 24
194.54.208.0/24 maxlen: 24
194.54.208.0/22 maxlen: 24
194.54.212.0/22 maxlen: 24
194.54.216.0/22 maxlen: 24
194.54.224.0/19 maxlen: 24
194.54.220.0/24 maxlen: 24
194.54.220.0/22 maxlen: 24
194.54.224.0/22 maxlen: 24
194.54.232.0/22 maxlen: 24
194.54.228.0/22 maxlen: 24
194.54.234.0/24 maxlen: 24
194.54.236.0/22 maxlen: 24
194.54.240.0/22 maxlen: 24
2a01:7780::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:92:8d:a1:c4:0c:63:21:5c:80:cf:f2:21:52:d1:76:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=237f7db033314c473cda194e0df79f1c375da3f4
Validity
Not Before: Sep 14 07:17:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71cf546c701e87dec66afde7f917e85c4c12d7d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:33:11:fe:c6:96:9b:2a:77:ed:5d:33:49:1d:
19:8b:cd:60:5c:6b:66:94:9f:22:ba:03:2f:7f:e5:
18:eb:59:27:08:0a:38:b9:35:31:70:e4:28:4c:b4:
35:65:76:25:f1:3b:e4:ce:a4:20:5d:dd:25:37:ed:
42:b9:99:82:41:43:8f:c5:3e:07:fa:32:ab:52:56:
fc:cf:76:81:90:8f:a5:94:58:97:16:10:0a:4b:9c:
1b:62:de:b2:c9:83:16:42:25:2d:c7:bb:fa:0d:36:
34:50:a4:c1:56:af:a7:10:21:2a:1e:3e:39:e0:0e:
06:17:96:44:65:5e:5a:5b:7e:b5:60:09:80:85:99:
be:74:27:b7:9a:86:74:70:1c:19:28:98:71:e1:05:
df:fc:a0:db:2a:df:ca:b5:ad:32:e5:d8:9c:46:7d:
1f:16:92:c1:56:2f:0b:ce:97:68:60:95:1d:56:f5:
4a:3e:3e:13:50:4a:af:15:1f:56:5c:35:74:ab:b3:
b4:39:0e:0f:17:65:3c:82:2c:9b:96:c6:cf:4d:a9:
c2:8f:7c:51:5e:db:b2:85:fb:26:10:64:4f:7f:24:
b6:70:65:7d:67:e3:ec:03:68:61:81:7b:e5:a3:80:
01:95:d8:d6:be:86:15:56:57:59:ef:be:03:39:12:
63:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:CF:54:6C:70:1E:87:DE:C6:6A:FD:E7:F9:17:E8:5C:4C:12:D7:D5
X509v3 Authority Key Identifier:
keyid:23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/cc9UbHAeh97Gav3n-RfoXEwS19U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/I399sDMxTEc82hlODfefHDddo_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.140.128.0/17
94.187.224.0/19
185.16.4.0/22
194.54.192.0/18
IPv6:
2a01:7780::/32
Signature Algorithm: sha256WithRSAEncryption
69:ce:8a:08:aa:17:a6:af:cd:9e:70:dd:69:e2:f7:5e:58:1c:
6a:24:82:27:81:9d:ef:f9:ab:22:a6:ef:95:77:25:c8:db:eb:
0a:89:dd:38:e1:74:f0:1f:be:d0:fc:20:78:d0:1c:f2:ee:b1:
c9:72:0a:0b:3d:a9:91:68:65:7e:46:4b:82:e9:8b:5e:bb:a1:
f6:1c:60:f5:cd:b4:2b:b7:f1:d6:4e:38:27:ba:4a:8a:f3:02:
32:36:c7:2f:93:f6:86:ad:b3:c0:28:ce:af:41:52:51:31:52:
98:a8:89:1d:d9:42:07:70:9c:83:b6:3e:a7:c4:0b:65:b2:03:
5c:35:71:e0:1d:29:e2:3b:68:01:e0:95:af:91:43:59:7a:c3:
8d:67:98:33:02:4e:b6:89:2a:95:d0:0c:fb:43:13:de:20:bc:
ae:9c:c1:eb:08:fa:37:87:61:c4:f0:40:25:cb:ef:02:fc:4a:
d4:6a:96:62:74:3c:dc:88:62:09:a1:03:32:78:be:a9:d3:ca:
c7:97:6f:83:68:5a:cc:03:5f:6d:ce:3f:97:6f:11:15:9d:6e:
96:20:9b:d7:56:e6:ce:78:82:e6:cd:3e:00:e0:c0:8d:74:cf:
73:4c:d3:7f:fa:63:1a:10:fd:d4:32:16:16:82:26:0e:ab:a2:
4f:0a:2e:92
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYqSjaHEDGMhXIDP8iFS0XbPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzN2Y3ZGIwMzMzMTRjNDczY2RhMTk0ZTBkZjc5ZjFjMzc1
ZGEzZjQwHhcNMjMwOTE0MDcxNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWNmNTQ2YzcwMWU4N2RlYzY2YWZkZTdmOTE3ZTg1YzRjMTJkN2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszMR/saWmyp37V0zSR0Zi81gXGtm
lJ8iugMvf+UY61knCAo4uTUxcOQoTLQ1ZXYl8TvkzqQgXd0lN+1CuZmCQUOPxT4H
+jKrUlb8z3aBkI+llFiXFhAKS5wbYt6yyYMWQiUtx7v6DTY0UKTBVq+nECEqHj45
4A4GF5ZEZV5aW361YAmAhZm+dCe3moZ0cBwZKJhx4QXf/KDbKt/Kta0y5dicRn0f
FpLBVi8LzpdoYJUdVvVKPj4TUEqvFR9WXDV0q7O0OQ4PF2U8giyblsbPTanCj3xR
XtuyhfsmEGRPfyS2cGV9Z+PsA2hhgXvlo4ABldjWvoYVVldZ774DORJjSwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHHPVGxwHofexmr95/kX6FxMEtfVMB8GA1UdIwQY
MBaAFCN/fbAzMUxHPNoZTg33nxw3XaP0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTM5OXNETXhURWM4MmhsT0RmZWZIRGRkb19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9lZWY1NTctMGUxMC00MGNlLWE0OGYt
ZWUwNjAzOTQ5ZjkzLzEvY2M5VWJIQWVoOTdHYXYzbi1SZm9YRXdTMTlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9lZWY1NTctMGUxMC00MGNlLWE0OGYtZWUwNjAzOTQ5Zjkz
LzEvSTM5OXNETXhURWM4MmhsT0RmZWZIRGRkb19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQHW4yAAwQF
XrvgAwQCuRAEAwQGwjbAMA0EAgACMAcDBQAqAXeAMA0GCSqGSIb3DQEBCwUAA4IB
AQBpzooIqhemr82ecN1p4vdeWBxqJIIngZ3v+asipu+VdyXI2+sKid044XTwH77Q
/CB40Bzy7rHJcgoLPamRaGV+RkuC6Yteu6H2HGD1zbQrt/HWTjgnukqK8wIyNscv
k/aGrbPAKM6vQVJRMVKYqIkd2UIHcJyDtj6nxAtlsgNcNXHgHSniO2gB4JWvkUNZ
esONZ5gzAk62iSqV0Az7QxPeILyunMHrCPo3h2HE8EAly+8C/ErUapZidDzciGIJ
oQMyeL6p08rHl2+DaFrMA19tzj+XbxEVnW6WIJvXVubOeILmzT4A4MCNdM9zTNN/
+mMaEP3UMhYWgiYOq6JPCi6S
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:58 2024 by rpki-client on console-ams.rpki-client.org