Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/eDCYS8z9M1IbM0fzKk9_I9yXakk.roa
File: eDCYS8z9M1IbM0fzKk9_I9yXakk.roa (raw, json)
Hash identifier: rl/iGwjq1feB0mio+Z7gcSUrPJORFSWQ52Ds/9/wuqI=
Subject key identifier: 78:30:98:4B:CC:FD:33:52:1B:33:47:F3:2A:4F:7F:23:DC:97:6A:49
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 018C9CEC41E6FFC176F711CFEBF54C39A13E
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/eDCYS8z9M1IbM0fzKk9_I9yXakk.roa
Signing time: Sun 24 Dec 2023 17:42:58 +0000
ROA not before: Sun 24 Dec 2023 17:42:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 185.236.232.0/22 maxlen: 24
45.120.176.0/22 maxlen: 24
195.149.87.0/24 maxlen: 24
89.221.225.0/24 maxlen: 24
89.221.224.0/24 maxlen: 24
91.194.161.0/24 maxlen: 24
185.242.84.0/24 maxlen: 24
185.242.85.0/24 maxlen: 24
185.242.87.0/24 maxlen: 24
185.242.86.0/24 maxlen: 24
103.106.0.0/22 maxlen: 24
185.250.150.0/24 maxlen: 24
185.250.149.0/24 maxlen: 24
185.250.148.0/24 maxlen: 24
185.250.151.0/24 maxlen: 24
103.35.188.0/22 maxlen: 24
193.203.202.0/24 maxlen: 24
80.92.205.0/24 maxlen: 24
80.92.204.0/24 maxlen: 24
74.119.192.0/24 maxlen: 24
80.92.206.0/24 maxlen: 24
91.225.218.0/24 maxlen: 24
91.225.217.0/24 maxlen: 24
91.225.219.0/24 maxlen: 24
74.119.195.0/24 maxlen: 24
74.119.194.0/24 maxlen: 24
74.119.193.0/24 maxlen: 24
176.120.64.0/22 maxlen: 24
176.120.64.0/24 maxlen: 24
176.120.72.0/22 maxlen: 24
103.113.68.0/22 maxlen: 24
45.67.231.0/24 maxlen: 24
45.67.230.0/24 maxlen: 24
45.67.229.0/24 maxlen: 24
45.67.228.0/24 maxlen: 24
194.246.115.0/24 maxlen: 24
194.246.114.0/24 maxlen: 24
2a09:7c44::/32 maxlen: 32
2a09:7c45::/32 maxlen: 32
2a09:7c47::/32 maxlen: 32
2a09:7c41::/32 maxlen: 32
2a09:7c42::/32 maxlen: 32
2a09:7c43::/32 maxlen: 32
2a09:7c40::/32 maxlen: 32
2a09:7c46::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9c:ec:41:e6:ff:c1:76:f7:11:cf:eb:f5:4c:39:a1:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Dec 24 17:42:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7830984bccfd33521b3347f32a4f7f23dc976a49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:3d:5d:15:7d:66:c7:b6:6a:0a:79:6d:8b:a5:
0a:99:27:bb:72:5c:77:6e:82:7f:c4:7d:e9:37:2f:
a7:e1:48:81:0e:01:7d:ea:27:06:99:75:f6:0c:d4:
2f:b7:3c:83:67:af:41:70:4f:96:e5:96:3d:23:9b:
eb:62:87:36:20:39:e7:59:3f:e4:cb:09:74:6a:f8:
b1:fb:b5:42:35:ed:e1:a0:ee:4c:4a:f1:8f:e7:cc:
cf:f2:6b:eb:c3:73:08:09:1d:c3:72:91:b4:d4:95:
9f:62:8a:0f:84:2b:b7:2e:5c:05:ae:3d:cc:b4:c1:
bd:33:d0:6f:b0:9a:46:9e:25:47:0b:af:ef:f2:f7:
73:75:a4:e9:49:de:3a:97:c1:67:c5:b2:16:c7:ca:
2c:ad:36:11:9e:83:4f:1a:0c:d9:7e:bf:ff:47:3e:
23:f9:5c:56:31:5f:b7:2c:e3:f1:48:54:51:87:1d:
57:df:50:79:e4:b2:ef:ed:e9:90:ae:c0:67:c3:9a:
6c:23:29:bd:57:bb:23:d1:58:f0:9a:9e:81:36:17:
a1:ae:e5:7b:b6:14:2e:9b:98:fe:2a:db:03:6e:dd:
b3:30:2c:b5:48:7c:7a:f7:e4:77:a4:8a:b1:30:98:
92:bc:67:6a:b8:32:49:6b:6f:aa:41:b2:3b:bd:61:
23:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:30:98:4B:CC:FD:33:52:1B:33:47:F3:2A:4F:7F:23:DC:97:6A:49
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/eDCYS8z9M1IbM0fzKk9_I9yXakk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.228.0/22
45.120.176.0/22
74.119.192.0/22
80.92.204.0-80.92.206.255
89.221.224.0/23
91.194.161.0/24
91.225.217.0-91.225.219.255
103.35.188.0/22
103.106.0.0/22
103.113.68.0/22
176.120.64.0/22
176.120.72.0/22
185.236.232.0/22
185.242.84.0/22
185.250.148.0/22
193.203.202.0/24
194.246.114.0/23
195.149.87.0/24
IPv6:
2a09:7c40::/29
Signature Algorithm: sha256WithRSAEncryption
3b:9e:e8:9a:30:0f:7a:bb:76:18:12:09:5d:39:66:fc:43:af:
a6:05:8a:13:dd:58:8f:ed:a8:38:7f:95:72:9e:8f:00:9d:66:
5b:25:a0:88:04:01:88:00:54:46:f8:df:cd:5f:e6:94:62:6f:
f1:12:6d:81:0d:b8:de:40:71:0f:ff:56:06:ae:b9:88:80:72:
a4:20:7a:f3:75:41:b4:a0:28:0b:f0:ea:14:10:00:b8:01:5e:
d9:55:ab:29:f7:40:87:f6:5f:5d:b9:5d:ca:1c:c3:7b:1f:a3:
c9:e0:22:88:91:84:35:1f:f4:de:c7:ac:0e:a7:b5:5f:7b:5b:
61:a6:8b:e4:8d:c9:87:7d:02:8f:4b:99:a0:93:ae:90:89:79:
6e:93:9d:13:f5:9e:45:75:af:46:fc:13:f2:50:8a:c2:b1:f6:
19:85:09:40:91:8b:d7:65:a4:5e:65:71:85:b4:78:af:e7:17:
ff:87:f3:42:50:c0:6e:f2:ec:85:70:99:17:e5:9b:c7:1c:f3:
da:53:6f:a2:4f:6b:4e:d2:3a:b9:49:19:9f:db:42:7b:fd:0d:
a0:62:f0:39:87:f5:94:05:3e:a9:69:f9:7c:e0:da:d0:1d:fa:
de:e9:61:14:92:df:76:33:44:33:04:50:cb:1b:15:c6:6b:fd:
f2:96:39:f1
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYyc7EHm/8F29xHP6/VMOaE+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjMxMjI0MTc0MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODMwOTg0YmNjZmQzMzUyMWIzMzQ3ZjMyYTRmN2YyM2RjOTc2YTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6T1dFX1mx7ZqCnlti6UKmSe7clx3
boJ/xH3pNy+n4UiBDgF96icGmXX2DNQvtzyDZ69BcE+W5ZY9I5vrYoc2IDnnWT/k
ywl0avix+7VCNe3hoO5MSvGP58zP8mvrw3MICR3DcpG01JWfYooPhCu3LlwFrj3M
tMG9M9BvsJpGniVHC6/v8vdzdaTpSd46l8FnxbIWx8osrTYRnoNPGgzZfr//Rz4j
+VxWMV+3LOPxSFRRhx1X31B55LLv7emQrsBnw5psIym9V7sj0Vjwmp6BNhehruV7
thQum5j+KtsDbt2zMCy1SHx69+R3pIqxMJiSvGdquDJJa2+qQbI7vWEjAwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFHgwmEvM/TNSGzNH8ypPfyPcl2pJMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvZURDWVM4ejlNMUliTTBmektrOV9JOXlYYWtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBggQCAAEwfAMEAi1D
5AMEAi14sAMEAkp3wDAMAwQCUFzMAwQAUFzOAwQBWd3gAwQAW8KhMAwDBABb4dkD
BAJb4dgDBAJnI7wDBAJnagADBAJncUQDBAKweEADBAKweEgDBAK57OgDBAK58lQD
BAK5+pQDBADBy8oDBAHC9nIDBADDlVcwDQQCAAIwBwMFAyoJfEAwDQYJKoZIhvcN
AQELBQADggEBADue6JowD3q7dhgSCV05ZvxDr6YFihPdWI/tqDh/lXKejwCdZlsl
oIgEAYgAVEb4381f5pRib/ESbYENuN5AcQ//VgauuYiAcqQgevN1QbSgKAvw6hQQ
ALgBXtlVqyn3QIf2X125Xcocw3sfo8ngIoiRhDUf9N7HrA6ntV97W2Gmi+SNyYd9
Ao9LmaCTrpCJeW6TnRP1nkV1r0b8E/JQisKx9hmFCUCRi9dlpF5lcYW0eK/nF/+H
80JQwG7y7IVwmRflm8cc89pTb6JPa07SOrlJGZ/bQnv9DaBi8DmH9ZQFPqlp+Xzg
2tAd+t7pYRSS33YzRDMEUMsbFcZr/fKWOfE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:06 2024 by rpki-client on console-fra.rpki-client.org