Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cdIUlZ66yuWPeeIx-l2WbvVK6N0.roa
File: cdIUlZ66yuWPeeIx-l2WbvVK6N0.roa (raw, json)
Hash identifier: aQ10sAap2M4ZPGinaSDpRY9XVFi1ttAz/9YydMCVbaI=
Subject key identifier: 71:D2:14:95:9E:BA:CA:E5:8F:79:E2:31:FA:5D:96:6E:F5:4A:E8:DD
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F5331649F71B6195EA42D6BA2D9D20728
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cdIUlZ66yuWPeeIx-l2WbvVK6N0.roa
Signing time: Tue 07 May 2024 13:14:56 +0000
ROA not before: Tue 07 May 2024 13:14:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.252.27.0/24 maxlen: 24
79.99.76.0/24 maxlen: 24
81.168.126.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.50.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.163.0.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.180.0/24 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.193.0/24 maxlen: 24
109.176.244.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.79.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 May 2024 19:04:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:53:31:64:9f:71:b6:19:5e:a4:2d:6b:a2:d9:d2:07:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 7 13:14:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71d214959ebacae58f79e231fa5d966ef54ae8dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:0b:75:22:e6:29:94:49:39:9e:de:58:46:31:
df:b6:1e:26:fa:31:92:a1:91:df:19:a2:51:47:78:
60:0a:8b:73:fa:1e:e2:b3:8a:99:a1:34:97:11:29:
3d:09:d3:13:b0:10:25:41:f0:fe:85:71:86:b7:27:
43:bf:5a:5b:76:13:c1:9f:e1:4c:63:12:6d:cf:43:
67:2c:7f:00:72:d7:25:40:9a:e7:30:80:c4:f1:d5:
b4:e6:28:d0:62:1d:97:06:35:b7:cd:58:e0:08:6a:
f1:a3:a4:fe:3b:ef:72:7b:2b:90:33:b3:90:7c:17:
ea:e9:40:23:b9:e5:0d:24:65:3c:c5:75:0b:0a:cd:
f6:41:f7:f7:dc:db:e3:7e:9a:04:57:6d:52:63:83:
36:7f:26:f1:cf:3e:90:53:6f:97:0b:d3:5c:c9:66:
d5:5d:38:1d:ac:04:31:a2:cc:0a:0d:02:5e:cf:c4:
46:14:38:90:e7:ac:cb:93:4c:e1:47:cb:13:3c:57:
07:10:c5:7d:a5:fd:40:e0:7b:38:69:2f:e7:0f:a0:
8b:da:d3:84:e4:24:cb:4d:4f:92:60:f9:bc:97:20:
cc:9a:c3:e5:35:c6:c6:23:a7:76:e5:84:81:07:63:
ea:94:2b:08:ef:c7:90:2a:c1:87:0c:43:fb:f6:09:
cf:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D2:14:95:9E:BA:CA:E5:8F:79:E2:31:FA:5D:96:6E:F5:4A:E8:DD
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cdIUlZ66yuWPeeIx-l2WbvVK6N0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.27.0/24
79.99.76.0/24
81.168.126.0/24
82.152.176.0/23
82.153.50.0/24
82.153.136.0/22
82.163.0.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.180.0/24
109.176.16.0/21
109.176.193.0/24
109.176.244.0/24
185.49.126.0/23
194.105.80.0/20
212.38.79.0/24
213.130.149.0/24
213.218.210.0/23
213.218.213.0/24
Signature Algorithm: sha256WithRSAEncryption
63:bf:1f:e6:a3:e6:65:c6:b7:88:90:84:4d:f5:73:c0:4c:4e:
21:8a:64:78:00:4f:ae:fb:52:19:c3:41:a7:43:ea:66:6c:30:
4e:18:b8:61:4d:ce:ad:86:e9:60:35:46:b4:5c:56:62:b4:89:
ad:65:29:c3:77:a1:86:39:e7:69:7e:98:e4:11:82:8c:8b:88:
ef:38:9e:6c:a2:09:db:56:94:5c:95:04:65:6f:4d:c9:2c:e2:
1d:ea:d8:cd:a9:71:04:06:a9:57:3e:32:14:3f:5c:fa:39:39:
27:59:5a:b7:a7:92:98:bd:86:88:d2:57:72:82:7f:9f:2f:f2:
85:29:86:7b:d8:e8:1d:40:84:99:f2:c0:c2:bb:d2:44:dc:ea:
d3:58:02:35:03:54:02:7b:ef:61:57:89:d9:84:68:ec:47:80:
b9:3b:c4:19:b5:c4:59:b1:b1:15:1d:e8:bc:03:27:39:6f:e0:
83:7f:b1:78:4c:f2:c3:a3:56:b2:f4:48:43:1e:44:81:a4:a2:
02:15:75:17:65:bb:6f:ac:f7:3e:88:bb:5a:96:14:a7:85:2d:
b4:c2:5e:f8:bb:ec:8a:9b:78:4f:b0:28:aa:2f:35:a8:ae:5b:
22:49:3c:e0:57:2e:ce:a1:de:42:01:c6:9a:f1:66:2f:9f:0b:
97:f1:6b:d7
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAY9TMWSfcbYZXqQta6LZ0gcoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTA3MTMxNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQyMTQ5NTllYmFjYWU1OGY3OWUyMzFmYTVkOTY2ZWY1NGFlOGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwt1IuYplEk5nt5YRjHfth4m+jGS
oZHfGaJRR3hgCotz+h7is4qZoTSXESk9CdMTsBAlQfD+hXGGtydDv1pbdhPBn+FM
YxJtz0NnLH8ActclQJrnMIDE8dW05ijQYh2XBjW3zVjgCGrxo6T+O+9yeyuQM7OQ
fBfq6UAjueUNJGU8xXULCs32Qff33NvjfpoEV21SY4M2fybxzz6QU2+XC9NcyWbV
XTgdrAQxoswKDQJez8RGFDiQ56zLk0zhR8sTPFcHEMV9pf1A4Hs4aS/nD6CL2tOE
5CTLTU+SYPm8lyDMmsPlNcbGI6d25YSBB2PqlCsI78eQKsGHDEP79gnP0wIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFHHSFJWeusrlj3niMfpdlm71SujdMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvY2RJVWxaNjZ5dVdQZWVJeC1sMldidlZLNk4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEACX8
GwMEAE9jTAMEAFGofgMEAVKYsAMEAFKZMgMEAlKZiAMEAFKjADAMAwQCWdWUAwQF
WdWAAwQCWdWsAwQAWdW0AwQDbbAQAwQAbbDBAwQAbbD0AwQBuTF+AwQEwmlQAwQA
1CZPAwQA1YKVAwQB1drSAwQA1drVMA0GCSqGSIb3DQEBCwUAA4IBAQBjvx/mo+Zl
xreIkIRN9XPATE4himR4AE+u+1IZw0GnQ+pmbDBOGLhhTc6thulgNUa0XFZitImt
ZSnDd6GGOedpfpjkEYKMi4jvOJ5sognbVpRclQRlb03JLOId6tjNqXEEBqlXPjIU
P1z6OTknWVq3p5KYvYaI0ldygn+fL/KFKYZ72OgdQISZ8sDCu9JE3OrTWAI1A1QC
e+9hV4nZhGjsR4C5O8QZtcRZsbEVHei8Ayc5b+CDf7F4TPLDo1ay9EhDHkSBpKIC
FXUXZbtvrPc+iLtalhSnhS20wl74u+yKm3hPsCiqLzWorlsiSTzgVy7Ood5CAcaa
8WYvnwuX8WvX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org