Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/DQAht5Av_PdXD6oZWM8cP65CTEk.roa
File: DQAht5Av_PdXD6oZWM8cP65CTEk.roa (raw, json)
Hash identifier: SQUBoLqahM1B1+EmUnf8tA6GDkdXEaY7El9+nRKehj4=
Subject key identifier: 0D:00:21:B7:90:2F:FC:F7:57:0F:AA:19:58:CF:1C:3F:AE:42:4C:49
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018C34BB3C4EAED3A91B3F83E93A3C680A9C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/DQAht5Av_PdXD6oZWM8cP65CTEk.roa
Signing time: Mon 04 Dec 2023 12:08:54 +0000
ROA not before: Mon 04 Dec 2023 12:08:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8851
IP address blocks: 89.213.64.0/18 maxlen: 24
37.252.24.0/21 maxlen: 24
80.240.80.0/20 maxlen: 20
77.107.64.0/18 maxlen: 24
213.210.0.0/18 maxlen: 24
85.159.128.0/21 maxlen: 24
212.38.64.0/19 maxlen: 24
37.98.144.0/22 maxlen: 24
37.98.144.0/21 maxlen: 24
109.176.0.0/16 maxlen: 16
89.213.48.0/20 maxlen: 24
89.213.192.0/24 maxlen: 24
89.213.192.0/18 maxlen: 24
213.218.208.0/20 maxlen: 24
89.31.232.0/21 maxlen: 24
185.20.34.0/24 maxlen: 24
185.20.35.0/24 maxlen: 24
79.99.72.0/21 maxlen: 24
185.20.32.0/22 maxlen: 24
213.218.224.0/19 maxlen: 24
81.168.0.0/17 maxlen: 17
82.163.0.0/19 maxlen: 24
217.144.144.0/20 maxlen: 24
217.145.64.0/20 maxlen: 24
185.24.84.0/22 maxlen: 24
194.105.64.0/19 maxlen: 24
213.130.128.0/19 maxlen: 24
82.152.0.0/16 maxlen: 16
81.5.128.0/18 maxlen: 18
82.152.0.0/15 maxlen: 15
195.128.138.0/24 maxlen: 24
213.152.32.0/19 maxlen: 19
2a02:21f8::/32 maxlen: 32
2a00:c60::/32 maxlen: 32
2001:1a90::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:bb:3c:4e:ae:d3:a9:1b:3f:83:e9:3a:3c:68:0a:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 4 12:08:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d0021b7902ffcf7570faa1958cf1c3fae424c49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:64:4d:ac:a6:aa:6a:56:77:a5:ad:76:c0:ec:
0a:3d:2c:ab:a5:bc:2e:1d:51:17:98:ca:9b:44:fe:
5a:f2:35:27:14:2b:2a:65:0f:32:c3:5a:f9:e4:44:
02:0e:b7:1d:06:d8:04:8c:7c:42:e3:6d:54:4a:7e:
ed:ab:ac:9f:e1:09:20:c5:69:5a:15:54:51:f8:0c:
bd:b6:a9:9e:a3:12:62:fa:d1:26:91:f3:ef:0b:a7:
4e:f5:52:4a:ae:4d:e5:ad:54:2a:ea:65:33:ad:93:
94:10:e7:75:c7:c4:7e:0b:e3:ad:7e:ce:03:a4:be:
6f:2d:c4:f8:ad:cc:cb:7a:49:c1:65:89:cd:95:f3:
14:a4:5b:3f:15:40:49:9d:43:1f:b0:b1:ab:d1:1d:
ba:04:4d:04:29:6a:a3:a7:a7:ec:68:d9:b6:b2:a8:
1a:e4:aa:20:ad:dd:63:4c:d8:2d:ae:67:a4:12:35:
de:17:5e:51:39:19:9d:08:89:07:f3:6a:53:00:af:
10:b4:87:ed:b7:ff:18:84:7a:f2:79:97:3f:e7:10:
88:99:c1:5b:6c:44:f0:e4:19:49:73:bf:8c:02:dc:
69:dd:d9:8c:32:9c:45:89:c6:73:b6:ad:f2:67:e9:
fb:d6:27:8e:7c:6e:0d:69:ea:d7:77:e2:10:49:35:
ad:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:00:21:B7:90:2F:FC:F7:57:0F:AA:19:58:CF:1C:3F:AE:42:4C:49
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/DQAht5Av_PdXD6oZWM8cP65CTEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.144.0/21
37.252.24.0/21
77.107.64.0/18
79.99.72.0/21
80.240.80.0/20
81.5.128.0/18
81.168.0.0/17
82.152.0.0/15
82.163.0.0/19
85.159.128.0/21
89.31.232.0/21
89.213.48.0-89.213.127.255
89.213.192.0/18
109.176.0.0/16
185.20.32.0/22
185.24.84.0/22
194.105.64.0/19
195.128.138.0/24
212.38.64.0/19
213.130.128.0/19
213.152.32.0/19
213.210.0.0/18
213.218.208.0-213.218.255.255
217.144.144.0/20
217.145.64.0/20
IPv6:
2001:1a90::/32
2a00:c60::/32
2a02:21f8::/32
Signature Algorithm: sha256WithRSAEncryption
9e:5a:db:0f:a0:77:b0:68:5c:30:06:a6:f6:ed:53:e0:ba:87:
3b:bd:de:05:bf:39:5a:35:97:64:61:02:d9:4f:20:72:c7:12:
cf:bb:d0:b8:54:dd:54:c6:04:3c:74:e6:c1:60:0b:97:c1:d4:
d6:65:23:bd:76:85:dd:46:d9:08:8d:cc:00:b6:53:d9:06:6d:
94:e6:78:12:88:b1:a1:e1:f8:33:f8:0a:8d:b5:69:1a:cb:68:
1d:80:13:76:0c:32:7d:e4:82:33:16:b5:99:7c:e9:07:39:bc:
c8:ce:da:e3:1d:00:69:2f:a1:65:d4:e7:46:0a:84:37:43:4c:
66:7c:e0:be:41:a7:2e:d4:40:cc:75:80:34:cf:6e:ae:06:f3:
22:b6:28:2d:e6:9e:7e:0d:98:3e:76:ff:39:10:be:a1:97:8f:
4b:00:03:36:d6:43:b4:c2:43:b5:1e:c5:1e:8b:e8:15:96:6e:
da:99:ec:77:19:84:99:4c:01:3a:aa:ce:21:a2:1b:d2:eb:78:
43:75:a2:4b:24:ce:ac:50:5d:76:36:07:e1:7f:41:11:5f:62:
8f:b5:61:97:81:f4:69:c7:54:5c:bf:84:9e:90:93:d9:e2:c2:
43:23:32:97:34:ae:0b:ad:22:81:4f:2f:8b:79:d6:4a:29:8d:
0c:8e:69:66
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAYw0uzxOrtOpGz+D6To8aAqcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjA0MTIwODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDAwMjFiNzkwMmZmY2Y3NTcwZmFhMTk1OGNmMWMzZmFlNDI0YzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWRNrKaqalZ3pa12wOwKPSyrpbwu
HVEXmMqbRP5a8jUnFCsqZQ8yw1r55EQCDrcdBtgEjHxC421USn7tq6yf4QkgxWla
FVRR+Ay9tqmeoxJi+tEmkfPvC6dO9VJKrk3lrVQq6mUzrZOUEOd1x8R+C+Otfs4D
pL5vLcT4rczLeknBZYnNlfMUpFs/FUBJnUMfsLGr0R26BE0EKWqjp6fsaNm2sqga
5Kogrd1jTNgtrmekEjXeF15RORmdCIkH82pTAK8QtIftt/8YhHryeZc/5xCImcFb
bETw5BlJc7+MAtxp3dmMMpxFicZztq3yZ+n71ieOfG4NaerXd+IQSTWtyQIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFA0AIbeQL/z3Vw+qGVjPHD+uQkxJMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRFFBaHQ1QXZfUGRYRDZvWldNOGNQNjVDVEVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBqgQCAAEwgaMDBAMl
YpADBAMl/BgDBAZNa0ADBANPY0gDBARQ8FADBAZRBYADBAdRqAADAwFSmAMEBVKj
AAMEA1WfgAMEA1kf6DAMAwQEWdUwAwQHWdUAAwQGWdXAAwMAbbADBAK5FCADBAK5
GFQDBAXCaUADBADDgIoDBAXUJkADBAXVgoADBAXVmCADBAbV0gAwCwMEBNXa0AMD
ANXaAwQE2ZCQAwQE2ZFAMBsEAgACMBUDBQAgARqQAwUAKgAMYAMFACoCIfgwDQYJ
KoZIhvcNAQELBQADggEBAJ5a2w+gd7BoXDAGpvbtU+C6hzu93gW/OVo1l2RhAtlP
IHLHEs+70LhU3VTGBDx05sFgC5fB1NZlI712hd1G2QiNzAC2U9kGbZTmeBKIsaHh
+DP4Co21aRrLaB2AE3YMMn3kgjMWtZl86Qc5vMjO2uMdAGkvoWXU50YKhDdDTGZ8
4L5Bpy7UQMx1gDTPbq4G8yK2KC3mnn4NmD52/zkQvqGXj0sAAzbWQ7TCQ7UexR6L
6BWWbtqZ7HcZhJlMATqqziGiG9LreEN1okskzqxQXXY2B+F/QRFfYo+1YZeB9GnH
VFy/hJ6Qk9niwkMjMpc0rgutIoFPL4t51kopjQyOaWY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:21 2024 by rpki-client on console-ams.rpki-client.org