Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/3pWYNLuh0QCJvVFYgNV1FaNDOEk.roa
File: 3pWYNLuh0QCJvVFYgNV1FaNDOEk.roa (raw, json)
Hash identifier: d6r/So1lX70rihI/KqTnMHP+hY2DkAqBLwhY5bzO63w=
Subject key identifier: DE:95:98:34:BB:A1:D1:00:89:BD:51:58:80:D5:75:15:A3:43:38:49
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 018F724C2CE3FF9747A72072389256E8B44F
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/3pWYNLuh0QCJvVFYgNV1FaNDOEk.roa
Signing time: Mon 13 May 2024 14:12:25 +0000
ROA not before: Mon 13 May 2024 14:12:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209854
IP address blocks: 46.102.177.0/24 maxlen: 24
46.102.178.0/24 maxlen: 24
77.81.90.0/24 maxlen: 24
77.81.91.0/24 maxlen: 24
86.104.2.0/24 maxlen: 24
86.104.213.0/24 maxlen: 24
86.106.116.0/24 maxlen: 24
89.37.93.0/24 maxlen: 24
89.37.94.0/24 maxlen: 24
89.41.27.0/24 maxlen: 24
89.42.154.0/24 maxlen: 24
93.119.125.0/24 maxlen: 24
176.223.160.0/24 maxlen: 24
188.208.220.0/24 maxlen: 24
188.208.221.0/24 maxlen: 24
188.208.223.0/24 maxlen: 24
188.209.124.0/24 maxlen: 24
188.209.125.0/24 maxlen: 24
193.30.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Jul 2024 08:39:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:72:4c:2c:e3:ff:97:47:a7:20:72:38:92:56:e8:b4:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: May 13 14:12:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de959834bba1d10089bd515880d57515a3433849
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0c:d4:b7:53:6b:78:cf:87:d8:4c:ce:5c:9c:
7a:88:d2:0f:14:55:48:f2:b1:b0:38:bf:45:80:a6:
7a:57:93:37:cc:94:c4:1d:2c:ef:57:c9:00:af:00:
6b:4b:4d:9d:3b:34:d7:b6:e6:97:a8:ae:1d:63:85:
95:c3:5d:a5:a0:f9:4d:c7:cb:6a:87:5a:1d:89:59:
10:fe:ff:f9:4c:eb:b2:ad:35:3e:2d:4e:00:10:3d:
88:eb:94:1a:8c:7e:86:a7:81:7e:89:c0:b5:49:75:
c4:0e:4f:0d:d1:61:6f:f5:81:dd:cb:f6:a5:36:a9:
0f:ab:a3:a9:98:ad:91:3a:e5:0e:15:53:b4:0f:45:
c9:00:4d:75:18:2c:97:06:ee:85:9e:df:cf:40:1d:
dd:22:11:80:2b:af:bd:40:13:b0:c1:29:07:9a:9b:
42:98:1e:82:5a:c4:96:34:cf:63:83:a3:d3:71:b1:
cc:db:15:81:d6:e1:82:3a:cc:f5:51:82:ba:bd:4e:
07:8d:a3:55:91:31:ed:17:f9:ba:97:2d:ff:e4:f7:
96:ca:59:7a:e2:8c:7b:10:fe:57:db:5f:8c:f1:19:
5e:80:fe:bd:64:57:7c:2b:91:d8:dd:71:91:e7:c5:
b2:9f:bd:42:b2:6d:f2:80:66:d5:cf:6c:ae:3f:28:
21:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:95:98:34:BB:A1:D1:00:89:BD:51:58:80:D5:75:15:A3:43:38:49
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/3pWYNLuh0QCJvVFYgNV1FaNDOEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.177.0-46.102.178.255
77.81.90.0/23
86.104.2.0/24
86.104.213.0/24
86.106.116.0/24
89.37.93.0-89.37.94.255
89.41.27.0/24
89.42.154.0/24
93.119.125.0/24
176.223.160.0/24
188.208.220.0/23
188.208.223.0/24
188.209.124.0/23
193.30.255.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:0e:ce:99:2c:53:ad:fd:a0:38:be:7f:dd:52:f1:76:ff:0c:
89:32:ee:a1:c6:39:71:4d:a6:2a:99:68:34:c3:50:f9:3b:bf:
21:f3:c1:d1:87:a5:73:d3:ad:5f:44:f5:fe:a5:53:1f:aa:1c:
c9:8a:a6:39:42:f8:2f:36:ed:6c:2f:d2:25:6b:b3:3e:a5:5c:
21:d4:a4:68:af:88:ad:5c:ba:af:b6:c6:18:65:7e:b8:1e:21:
d9:7c:69:c4:3a:70:6e:d1:86:2d:5b:18:1f:13:f0:be:fe:9c:
f7:5f:4c:a0:b1:84:fc:69:35:dc:42:d0:47:f4:60:ae:f7:ac:
25:12:1b:b6:54:98:3e:45:cf:e0:b3:a0:ff:60:f3:a1:29:61:
c8:81:f4:68:27:6a:0f:67:55:85:1e:f9:33:a9:d3:ee:72:5d:
99:c0:b0:da:7a:2c:fd:96:d9:cb:c3:17:25:b3:de:f1:f6:2d:
a7:05:26:be:aa:90:a7:15:cb:55:f9:71:b9:ca:43:a1:09:13:
65:2b:f8:b1:02:81:9d:4e:e8:f3:44:30:0a:b1:59:38:c5:7e:
2f:5b:e2:c3:e3:c3:a7:b1:d4:bb:2a:69:5f:49:4a:27:74:5f:
58:8b:50:94:ea:a9:9f:cb:cb:96:ef:f5:f3:ea:c8:a7:02:7e:
b0:c8:f8:5a
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAY9yTCzj/5dHpyByOJJW6LRPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjQwNTEzMTQxMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTk1OTgzNGJiYTFkMTAwODliZDUxNTg4MGQ1NzUxNWEzNDMzODQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQzUt1NreM+H2EzOXJx6iNIPFFVI
8rGwOL9FgKZ6V5M3zJTEHSzvV8kArwBrS02dOzTXtuaXqK4dY4WVw12loPlNx8tq
h1odiVkQ/v/5TOuyrTU+LU4AED2I65QajH6Gp4F+icC1SXXEDk8N0WFv9YHdy/al
NqkPq6OpmK2ROuUOFVO0D0XJAE11GCyXBu6Fnt/PQB3dIhGAK6+9QBOwwSkHmptC
mB6CWsSWNM9jg6PTcbHM2xWB1uGCOsz1UYK6vU4HjaNVkTHtF/m6ly3/5PeWyll6
4ox7EP5X21+M8RlegP69ZFd8K5HY3XGR58Wyn71Csm3ygGbVz2yuPyghRQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFN6VmDS7odEAib1RWIDVdRWjQzhJMB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEvM3BXWU5MdWgwUUNKdlZGWWdOVjFGYU5ET0VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy
LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkMAwDBAAuZrED
BAAuZrIDBAFNUVoDBABWaAIDBABWaNUDBABWanQwDAMEAFklXQMEAFklXgMEAFkp
GwMEAFkqmgMEAF13fQMEALDfoAMEAbzQ3AMEALzQ3wMEAbzRfAMEAMEe/zANBgkq
hkiG9w0BAQsFAAOCAQEAfg7OmSxTrf2gOL5/3VLxdv8MiTLuocY5cU2mKploNMNQ
+Tu/IfPB0Yelc9OtX0T1/qVTH6ocyYqmOUL4LzbtbC/SJWuzPqVcIdSkaK+IrVy6
r7bGGGV+uB4h2XxpxDpwbtGGLVsYHxPwvv6c919MoLGE/Gk13ELQR/RgrvesJRIb
tlSYPkXP4LOg/2DzoSlhyIH0aCdqD2dVhR75M6nT7nJdmcCw2nos/ZbZy8MXJbPe
8fYtpwUmvqqQpxXLVflxucpDoQkTZSv4sQKBnU7o80QwCrFZOMV+L1viw+PDp7HU
uyppX0lKJ3RfWItQlOqpn8vLlu/18+rIpwJ+sMj4Wg==
-----END CERTIFICATE-----
Generated at Fri Jul 19 12:04:50 2024 by rpki-client on console-ams.rpki-client.org