Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/7ea195-2fbe-4806-a82d-16b44c4935ea/1/rrjJ8GuCZ_gxs3IO0JnFkME71Hk.roa
File: rrjJ8GuCZ_gxs3IO0JnFkME71Hk.roa (raw, json)
Hash identifier: kGkNKK3oJJhNEOQZB4NSRHsx92tr+docYDxP6gbXHes=
Subject key identifier: AE:B8:C9:F0:6B:82:67:F8:31:B3:72:0E:D0:99:C5:90:C1:3B:D4:79
Certificate issuer: /CN=2fc438cd8aaeb1ad242ed49b4ff287c9d0f43b0e
Certificate serial: 018570F0ACCCA2A17D366FA2900B65EE4ACE
Authority key identifier: 2F:C4:38:CD:8A:AE:B1:AD:24:2E:D4:9B:4F:F2:87:C9:D0:F4:3B:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L8Q4zYqusa0kLtSbT_KHydD0Ow4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/7ea195-2fbe-4806-a82d-16b44c4935ea/1/rrjJ8GuCZ_gxs3IO0JnFkME71Hk.roa
Signing time: Mon 02 Jan 2023 05:24:59 +0000
ROA not before: Mon 02 Jan 2023 05:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35665
IP address blocks: 213.108.232.0/23 maxlen: 23
213.108.238.0/23 maxlen: 23
213.108.236.0/23 maxlen: 23
213.108.234.0/23 maxlen: 23
185.177.224.0/22 maxlen: 22
46.18.96.0/24 maxlen: 24
46.18.97.0/24 maxlen: 24
46.18.98.0/24 maxlen: 24
46.18.103.0/24 maxlen: 24
46.18.99.0/24 maxlen: 24
46.18.100.0/24 maxlen: 24
46.18.101.0/24 maxlen: 24
46.18.102.0/24 maxlen: 24
195.160.188.0/24 maxlen: 24
195.160.189.0/24 maxlen: 24
2a02:2778::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:ac:cc:a2:a1:7d:36:6f:a2:90:0b:65:ee:4a:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fc438cd8aaeb1ad242ed49b4ff287c9d0f43b0e
Validity
Not Before: Jan 2 05:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aeb8c9f06b8267f831b3720ed099c590c13bd479
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:69:e6:c1:f8:c8:69:11:11:b0:50:d9:5a:01:
75:d5:73:64:c9:3e:b3:43:06:7f:5d:56:ea:58:97:
1c:d0:9d:64:6e:39:60:2e:72:ec:a3:f4:12:c3:72:
40:c2:86:68:8f:34:69:88:b8:30:8c:8b:64:e6:e7:
b0:98:6c:d1:74:77:89:fa:18:1a:5c:5a:9c:75:e8:
72:79:b4:14:1c:fc:8f:ae:e4:2a:4a:2e:e0:84:13:
6b:5c:69:6e:7a:c8:93:10:91:15:7a:0a:12:47:6d:
23:c7:63:8d:b4:c6:59:25:8e:5b:52:74:10:59:8a:
20:19:8f:37:14:c2:0c:09:1a:f1:e1:4d:88:62:6a:
5f:f2:b0:5c:cd:11:2b:e4:91:23:b5:b0:11:43:b1:
a6:3c:44:34:13:ab:0c:01:a9:e3:07:c0:09:ff:02:
3b:37:de:ad:de:5e:79:96:96:d1:bf:58:ab:3c:c9:
0a:1f:0e:20:fc:5f:ca:19:36:44:5b:5e:32:c9:e0:
02:7e:10:5e:30:d4:f2:01:ac:b5:ff:61:04:c9:5c:
a9:99:26:d0:ab:ce:33:f7:54:47:f7:8e:28:6a:45:
94:e5:23:b5:60:7f:9b:8f:9e:58:d3:7a:ee:52:e5:
62:31:98:35:0f:30:7f:7f:e3:a9:25:ba:56:f8:c2:
73:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:B8:C9:F0:6B:82:67:F8:31:B3:72:0E:D0:99:C5:90:C1:3B:D4:79
X509v3 Authority Key Identifier:
keyid:2F:C4:38:CD:8A:AE:B1:AD:24:2E:D4:9B:4F:F2:87:C9:D0:F4:3B:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L8Q4zYqusa0kLtSbT_KHydD0Ow4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/7ea195-2fbe-4806-a82d-16b44c4935ea/1/rrjJ8GuCZ_gxs3IO0JnFkME71Hk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/7ea195-2fbe-4806-a82d-16b44c4935ea/1/L8Q4zYqusa0kLtSbT_KHydD0Ow4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.96.0/21
185.177.224.0/22
195.160.188.0/23
213.108.232.0/21
IPv6:
2a02:2778::/32
Signature Algorithm: sha256WithRSAEncryption
a8:47:f5:59:ab:d7:b6:b1:0b:7b:d7:08:dc:f2:60:3c:28:aa:
3e:73:1c:6a:f6:8c:bf:13:da:ee:b3:8a:4d:91:00:8a:60:ba:
cd:b8:7f:09:f1:1a:1c:f5:49:1c:c0:03:a8:83:4a:dc:2b:e3:
2c:03:0f:a6:8b:ee:4f:15:50:f7:fc:35:22:b0:b4:52:70:b6:
48:c5:05:8f:70:19:76:64:e6:7a:17:71:71:3d:20:46:0d:eb:
93:10:b1:f4:06:e4:64:1c:9a:3a:83:e6:0c:cb:b7:ad:d7:31:
3a:4c:95:b0:8e:21:b0:fa:95:60:d1:16:cc:3e:27:58:60:3a:
c1:1f:46:86:e8:27:2d:96:ee:34:79:5f:da:18:91:13:12:b3:
b8:c2:64:d7:2f:59:79:db:55:ab:cf:ad:fc:00:8a:6c:da:db:
a5:a9:02:13:15:a9:ee:ab:5d:d8:07:53:49:2f:70:dd:af:84:
37:9f:65:4a:71:ba:5d:9d:e9:9b:7c:8b:be:5a:e9:86:a4:52:
1f:e4:b9:ac:52:39:1c:0d:e7:13:3b:86:6e:ac:9e:49:37:b5:
dd:31:3d:ba:b9:02:a9:48:87:cd:5e:a3:d3:6b:c9:16:d6:21:
71:95:c7:8b:75:ce:0f:3f:d3:3b:be:17:f9:c4:1d:7d:de:06:
f0:5a:c2:91
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVw8KzMoqF9Nm+ikAtl7krOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYzQzOGNkOGFhZWIxYWQyNDJlZDQ5YjRmZjI4N2M5ZDBm
NDNiMGUwHhcNMjMwMTAyMDUyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWI4YzlmMDZiODI2N2Y4MzFiMzcyMGVkMDk5YzU5MGMxM2JkNDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGnmwfjIaRERsFDZWgF11XNkyT6z
QwZ/XVbqWJcc0J1kbjlgLnLso/QSw3JAwoZojzRpiLgwjItk5uewmGzRdHeJ+hga
XFqcdehyebQUHPyPruQqSi7ghBNrXGluesiTEJEVegoSR20jx2ONtMZZJY5bUnQQ
WYogGY83FMIMCRrx4U2IYmpf8rBczREr5JEjtbARQ7GmPEQ0E6sMAanjB8AJ/wI7
N96t3l55lpbRv1irPMkKHw4g/F/KGTZEW14yyeACfhBeMNTyAay1/2EEyVypmSbQ
q84z91RH944oakWU5SO1YH+bj55Y03ruUuViMZg1DzB/f+OpJbpW+MJzfQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFK64yfBrgmf4MbNyDtCZxZDBO9R5MB8GA1UdIwQY
MBaAFC/EOM2KrrGtJC7Um0/yh8nQ9DsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDhRNHpZcXVzYTBrTHRTYlRfS0h5ZEQwT3c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi83ZWExOTUtMmZiZS00ODA2LWE4MmQt
MTZiNDRjNDkzNWVhLzEvcnJqSjhHdUNaX2d4czNJTzBKbkZrTUU3MUhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi83ZWExOTUtMmZiZS00ODA2LWE4MmQtMTZiNDRjNDkzNWVh
LzEvTDhRNHpZcXVzYTBrTHRTYlRfS0h5ZEQwT3c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDLhJgAwQC
ubHgAwQBw6C8AwQD1WzoMA0EAgACMAcDBQAqAid4MA0GCSqGSIb3DQEBCwUAA4IB
AQCoR/VZq9e2sQt71wjc8mA8KKo+cxxq9oy/E9rus4pNkQCKYLrNuH8J8Roc9Ukc
wAOog0rcK+MsAw+mi+5PFVD3/DUisLRScLZIxQWPcBl2ZOZ6F3FxPSBGDeuTELH0
BuRkHJo6g+YMy7et1zE6TJWwjiGw+pVg0RbMPidYYDrBH0aG6Cctlu40eV/aGJET
ErO4wmTXL1l521Wrz638AIps2tulqQITFanuq13YB1NJL3Ddr4Q3n2VKcbpdnemb
fIu+WumGpFIf5LmsUjkcDecTO4ZurJ5JN7XdMT26uQKpSIfNXqPTa8kW1iFxlceL
dc4PP9M7vhf5xB193gbwWsKR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:41 2024 by rpki-client on console-fra.rpki-client.org