Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/sErlHW2IGZxSxaT3dwuhHhQuhKI.roa
File: sErlHW2IGZxSxaT3dwuhHhQuhKI.roa (raw, json)
Hash identifier: XPRtWEqoOQHR5NouMZVP+3A6AHvonISvAVPkjEpUCgY=
Subject key identifier: B0:4A:E5:1D:6D:88:19:9C:52:C5:A4:F7:77:0B:A1:1E:14:2E:84:A2
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 01900798D36285D13BBF83355196A8A51D1E
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/sErlHW2IGZxSxaT3dwuhHhQuhKI.roa
Signing time: Tue 11 Jun 2024 13:59:34 +0000
ROA not before: Tue 11 Jun 2024 13:59:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3301
IP address blocks: 2.248.0.0/14 maxlen: 14
2.252.0.0/15 maxlen: 15
2.254.0.0/16 maxlen: 16
2.255.0.0/17 maxlen: 17
2.255.128.0/18 maxlen: 18
2.255.190.0/24 maxlen: 24
2.255.191.0/24 maxlen: 24
62.20.0.0/16 maxlen: 16
77.110.0.0/18 maxlen: 18
78.64.0.0/12 maxlen: 12
81.224.0.0/12 maxlen: 12
81.228.4.0/23 maxlen: 23
81.228.4.0/24 maxlen: 24
81.228.5.0/24 maxlen: 24
82.214.0.0/18 maxlen: 18
90.224.0.0/12 maxlen: 12
92.254.128.0/17 maxlen: 17
95.109.0.0/17 maxlen: 17
95.192.0.0/12 maxlen: 12
185.103.208.0/22 maxlen: 22
185.103.208.0/24 maxlen: 24
188.126.224.0/19 maxlen: 19
188.126.233.0/24 maxlen: 24
188.126.240.0/23 maxlen: 23
192.16.152.0/23 maxlen: 23
192.16.153.0/24 maxlen: 24
192.150.58.0/23 maxlen: 23
192.150.60.0/22 maxlen: 22
192.150.64.0/22 maxlen: 22
192.150.68.0/23 maxlen: 23
192.150.78.0/23 maxlen: 23
192.150.80.0/23 maxlen: 23
193.44.0.0/15 maxlen: 15
194.16.0.0/15 maxlen: 15
194.18.0.0/16 maxlen: 16
194.22.0.0/15 maxlen: 15
194.218.0.0/16 maxlen: 16
194.236.0.0/15 maxlen: 15
195.67.0.0/16 maxlen: 16
195.198.0.0/16 maxlen: 16
195.252.32.0/19 maxlen: 19
212.28.192.0/19 maxlen: 19
212.181.0.0/16 maxlen: 16
213.64.0.0/14 maxlen: 14
217.208.0.0/13 maxlen: 13
Validation: Failed, certificate revoked on Mon 16 Sep 2024 11:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:07:98:d3:62:85:d1:3b:bf:83:35:51:96:a8:a5:1d:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: Jun 11 13:59:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b04ae51d6d88199c52c5a4f7770ba11e142e84a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8a:a3:fe:81:76:bd:a7:0f:16:ec:6f:83:cb:
51:54:b2:f0:5a:09:b6:f3:07:0e:bd:36:38:77:c7:
19:9c:ff:3c:4a:df:83:59:9b:55:0d:ef:3e:6b:d1:
cd:d7:95:b3:4d:6a:25:52:f2:24:1f:3e:17:51:e7:
a0:08:bf:b4:4e:99:b5:f0:3e:b0:00:b9:14:c1:cb:
31:cc:b2:e3:7b:3f:ce:1d:7d:84:d6:df:83:25:37:
22:88:da:90:13:a3:de:09:d5:9f:6b:2e:8c:95:a8:
a3:0a:0b:ff:e0:d6:f1:e0:dd:f4:0e:ee:79:ca:6d:
55:da:d8:03:b4:d2:9e:e3:01:ec:8c:55:e7:0d:42:
56:c3:41:cd:53:40:57:ed:0c:72:1e:82:12:74:9e:
24:da:75:07:50:15:b8:52:06:06:36:6c:a7:2a:f2:
a9:67:93:be:72:71:36:48:ea:47:a1:2c:8d:ba:e6:
01:3a:89:62:f0:a6:46:1a:38:94:5c:06:e7:ba:54:
6e:df:b0:6b:dc:51:3e:5f:ec:e8:5c:13:67:29:5d:
fa:85:5c:fc:81:a4:8c:88:b9:84:48:92:d0:b5:4c:
50:b8:c8:f0:a0:ff:6b:5d:55:63:50:59:b0:e3:cd:
d2:37:22:ec:53:90:25:9c:22:ee:7c:12:0c:f3:37:
20:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:4A:E5:1D:6D:88:19:9C:52:C5:A4:F7:77:0B:A1:1E:14:2E:84:A2
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/sErlHW2IGZxSxaT3dwuhHhQuhKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.248.0.0-2.255.191.255
62.20.0.0/16
77.110.0.0/18
78.64.0.0/12
81.224.0.0/12
82.214.0.0/18
90.224.0.0/12
92.254.128.0/17
95.109.0.0/17
95.192.0.0/12
185.103.208.0/22
188.126.224.0/19
192.16.152.0/23
192.150.58.0-192.150.69.255
192.150.78.0-192.150.81.255
193.44.0.0/15
194.16.0.0-194.18.255.255
194.22.0.0/15
194.218.0.0/16
194.236.0.0/15
195.67.0.0/16
195.198.0.0/16
195.252.32.0/19
212.28.192.0/19
212.181.0.0/16
213.64.0.0/14
217.208.0.0/13
Signature Algorithm: sha256WithRSAEncryption
82:dd:0e:5d:e8:97:4f:5a:8e:26:5d:4a:ec:8d:a3:15:ef:f3:
2e:e0:fb:84:20:28:7f:b5:a6:12:72:e9:1b:28:8c:9c:d2:b9:
84:68:84:16:fe:78:d2:82:db:1c:1d:15:7e:7e:58:74:1d:2e:
5d:a9:93:e3:cb:c9:47:97:a9:88:ec:eb:ae:08:cd:e3:c0:6e:
2b:a3:2b:e0:6a:3a:91:a1:02:ac:42:d8:91:f4:29:91:bc:f7:
a0:e4:23:8c:94:dc:b9:53:68:e6:1a:ce:18:f5:20:4b:c3:12:
52:09:cc:9e:e6:00:f3:95:96:1e:38:f0:cb:b0:43:01:fe:05:
2c:86:66:0c:3d:42:1c:24:34:64:d7:30:94:c0:2d:de:03:ae:
26:9e:0d:e8:fd:66:d7:04:fd:5b:5a:d3:4d:23:b5:90:ad:2c:
a7:5c:f6:c6:88:2c:e8:11:ce:e8:41:97:5f:85:f6:5c:34:5d:
3c:b1:8a:57:15:92:f6:0a:84:05:5f:c9:c5:28:09:6f:84:6e:
4c:ed:cb:4b:18:0f:a9:f3:ec:2e:d8:a4:68:5e:10:37:dc:1e:
7a:4b:e2:8b:5a:1b:5c:ed:ea:50:d2:e6:a6:fe:7b:a3:2c:ef:
4c:5b:b4:1f:a5:c6:6d:9c:00:83:1d:38:b3:a3:fa:e3:51:79:
75:5d:38:e1
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAZAHmNNihdE7v4M1UZaopR0eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjgxMzhkNGVjMmVhNTFjYWNlZjA5ZmYxMDU4YTM3MGE1
YmUxOTAwHhcNMjQwNjExMTM1OTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDRhZTUxZDZkODgxOTljNTJjNWE0Zjc3NzBiYTExZTE0MmU4NGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIqj/oF2vacPFuxvg8tRVLLwWgm2
8wcOvTY4d8cZnP88St+DWZtVDe8+a9HN15WzTWolUvIkHz4XUeegCL+0Tpm18D6w
ALkUwcsxzLLjez/OHX2E1t+DJTciiNqQE6PeCdWfay6MlaijCgv/4Nbx4N30Du55
ym1V2tgDtNKe4wHsjFXnDUJWw0HNU0BX7QxyHoISdJ4k2nUHUBW4UgYGNmynKvKp
Z5O+cnE2SOpHoSyNuuYBOoli8KZGGjiUXAbnulRu37Br3FE+X+zoXBNnKV36hVz8
gaSMiLmESJLQtUxQuMjwoP9rXVVjUFmw483SNyLsU5AlnCLufBIM8zcg8QIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFLBK5R1tiBmcUsWk93cLoR4ULoSiMB8GA1UdIwQY
MBaAFB9oE41OwupRys7wn/EFijcKW+GQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgt
NjA4NTY0ODM5ZmQwLzEvc0VybEhXMklHWnhTeGFUM2R3dWhIaFF1aEtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgtNjA4NTY0ODM5ZmQw
LzEvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBuAQCAAEwgbEwCwMD
AwL4AwQGAv+AAwMAPhQDBAZNbgADAwROQAMDBFHgAwQGUtYAAwMEWuADBAdc/oAD
BAdfbQADAwRfwAMEArln0AMEBbx+4AMEAcAQmDAMAwQBwJY6AwQBwJZEMAwDBAHA
lk4DBAHAllADAwHBLDAKAwMEwhADAwDCEgMDAcIWAwMAwtoDAwHC7AMDAMNDAwMA
w8YDBAXD/CADBAXUHMADAwDUtQMDAtVAAwMD2dAwDQYJKoZIhvcNAQELBQADggEB
AILdDl3ol09ajiZdSuyNoxXv8y7g+4QgKH+1phJy6RsojJzSuYRohBb+eNKC2xwd
FX5+WHQdLl2pk+PLyUeXqYjs664IzePAbiujK+BqOpGhAqxC2JH0KZG896DkI4yU
3LlTaOYazhj1IEvDElIJzJ7mAPOVlh448MuwQwH+BSyGZgw9QhwkNGTXMJTALd4D
riaeDej9ZtcE/Vta000jtZCtLKdc9saILOgRzuhBl1+F9lw0XTyxilcVkvYKhAVf
ycUoCW+Ebkzty0sYD6nz7C7YpGheEDfcHnpL4otaG1zt6lDS5qb+e6Ms70xbtB+l
xm2cAIMdOLOj+uNReXVdOOE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:36 2025 by rpki-client