Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/3yaXQ74Cc3dxhQe8h1IeeQyTtvo.roa
File: 3yaXQ74Cc3dxhQe8h1IeeQyTtvo.roa (raw, json)
Hash identifier: a5fN8kg9NxJt0QDY+kCmQp+1H7u6+Y7bW35AY2vCop8=
Subject key identifier: DF:26:97:43:BE:02:73:77:71:85:07:BC:87:52:1E:79:0C:93:B6:FA
Certificate issuer: /CN=351a14ce9d25239b92fe5abce532515044c1aba4
Certificate serial: 0185C5F5D2228D1EE313BB91C18B6426A4A3
Authority key identifier: 35:1A:14:CE:9D:25:23:9B:92:FE:5A:BC:E5:32:51:50:44:C1:AB:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRoUzp0lI5uS_lq85TJRUETBq6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/3yaXQ74Cc3dxhQe8h1IeeQyTtvo.roa
Signing time: Wed 18 Jan 2023 17:38:19 +0000
ROA not before: Wed 18 Jan 2023 17:38:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56430
IP address blocks: 188.241.13.0/24 maxlen: 24
86.105.152.0/23 maxlen: 23
86.105.155.0/24 maxlen: 24
77.81.64.0/24 maxlen: 24
89.42.42.0/24 maxlen: 24
193.33.200.0/23 maxlen: 23
185.82.172.0/22 maxlen: 22
89.36.93.0/24 maxlen: 24
89.36.18.0/24 maxlen: 24
89.43.174.0/24 maxlen: 24
188.212.250.0/24 maxlen: 24
89.40.214.0/24 maxlen: 24
2a05:91c4::/32 maxlen: 32
2a05:91c0::/32 maxlen: 32
2a09:1340::/29 maxlen: 29
2a0f:8b80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c5:f5:d2:22:8d:1e:e3:13:bb:91:c1:8b:64:26:a4:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a14ce9d25239b92fe5abce532515044c1aba4
Validity
Not Before: Jan 18 17:38:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df269743be027377718507bc87521e790c93b6fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:8f:cc:c0:ae:0d:ce:92:a0:54:98:98:32:e4:
96:d2:e6:c9:62:50:51:a2:a1:c6:4f:15:02:49:8d:
c8:3c:a6:b1:b2:31:03:51:73:5e:f4:c2:b0:a6:ef:
f7:f6:42:2d:1c:b1:82:be:31:57:32:e5:41:ee:9c:
f0:c4:b9:e9:a7:7c:91:dd:8a:a9:ce:2a:91:d0:b0:
65:17:31:cb:1a:cb:bf:ef:79:6f:76:35:2d:17:12:
a2:83:e2:88:5e:fd:09:1c:ed:2d:26:f0:dc:d5:4f:
5e:30:5e:2b:fc:f8:d4:49:45:e0:7c:2d:39:92:45:
bd:9f:a7:e1:10:22:9a:5e:6f:cb:ff:d8:dd:96:7b:
bb:18:5b:14:17:37:ae:6b:6f:57:16:6e:f2:4f:6b:
04:45:f5:eb:78:d5:39:b2:bd:26:65:8e:82:34:f4:
11:02:d7:60:45:29:9f:d0:8a:6e:df:86:94:08:97:
c7:c5:92:14:03:4b:2d:84:27:04:cd:0f:a5:c1:8e:
17:91:04:49:d9:17:d2:70:c7:20:28:89:71:5b:6b:
db:b1:76:e4:77:26:9f:76:e9:af:fb:a8:35:34:e9:
2a:e8:77:37:40:75:66:fb:d5:05:58:64:8f:cb:30:
b8:1d:d3:1e:c5:93:69:c1:0b:a4:f0:66:1a:18:44:
f4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:26:97:43:BE:02:73:77:71:85:07:BC:87:52:1E:79:0C:93:B6:FA
X509v3 Authority Key Identifier:
keyid:35:1A:14:CE:9D:25:23:9B:92:FE:5A:BC:E5:32:51:50:44:C1:AB:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRoUzp0lI5uS_lq85TJRUETBq6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/3yaXQ74Cc3dxhQe8h1IeeQyTtvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/NRoUzp0lI5uS_lq85TJRUETBq6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.64.0/24
86.105.152.0/23
86.105.155.0/24
89.36.18.0/24
89.36.93.0/24
89.40.214.0/24
89.42.42.0/24
89.43.174.0/24
185.82.172.0/22
188.212.250.0/24
188.241.13.0/24
193.33.200.0/23
IPv6:
2a05:91c0::/32
2a05:91c4::/32
2a09:1340::/29
2a0f:8b80::/29
Signature Algorithm: sha256WithRSAEncryption
c0:c7:41:21:22:a0:65:1d:90:62:a9:f3:c2:f7:75:45:24:ed:
5b:3b:de:68:ad:09:a7:9c:c0:46:2e:f9:3d:2d:87:3c:52:bc:
bb:ff:7f:c5:54:09:67:73:6b:5c:7a:1a:1d:da:d8:5a:7e:fe:
46:2f:12:d5:6d:fa:1f:7f:00:9c:95:5e:b6:9d:25:6c:e9:79:
37:fb:41:0a:f2:47:73:29:8d:c0:eb:d1:c4:e3:80:dd:8c:55:
1e:2e:a4:7a:b2:77:91:f3:21:ee:ef:de:1e:5e:ff:d6:b9:7d:
ae:ee:2d:5a:73:87:17:81:d1:24:39:1e:75:dc:d4:2a:67:09:
bd:99:fc:b8:4a:80:59:7c:87:12:90:e0:10:6b:ec:5b:5b:fd:
24:96:a2:da:39:a4:b2:12:48:bd:ac:55:99:9d:2a:6a:86:69:
b4:8a:2b:fe:a3:15:de:ab:9e:8c:c6:f7:73:57:3c:3f:61:05:
86:f7:d2:78:07:84:47:1f:3a:b3:a7:eb:28:23:4b:8d:b0:a4:
c1:56:71:97:c1:6b:95:0c:be:1d:db:eb:17:0b:93:da:2c:17:
38:e1:a1:8e:43:34:6a:c8:6f:ca:09:93:d2:1e:1f:7c:86:11:
7c:6c:5f:79:fc:12:e6:e9:dc:88:e6:59:0b:12:e3:a9:bc:89:
bb:30:08:8e
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYXF9dIijR7jE7uRwYtkJqSjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWExNGNlOWQyNTIzOWI5MmZlNWFiY2U1MzI1MTUwNDRj
MWFiYTQwHhcNMjMwMTE4MTczODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjI2OTc0M2JlMDI3Mzc3NzE4NTA3YmM4NzUyMWU3OTBjOTNiNmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxI/MwK4NzpKgVJiYMuSW0ubJYlBR
oqHGTxUCSY3IPKaxsjEDUXNe9MKwpu/39kItHLGCvjFXMuVB7pzwxLnpp3yR3Yqp
ziqR0LBlFzHLGsu/73lvdjUtFxKig+KIXv0JHO0tJvDc1U9eMF4r/PjUSUXgfC05
kkW9n6fhECKaXm/L/9jdlnu7GFsUFzeua29XFm7yT2sERfXreNU5sr0mZY6CNPQR
AtdgRSmf0Ipu34aUCJfHxZIUA0sthCcEzQ+lwY4XkQRJ2RfScMcgKIlxW2vbsXbk
dyafdumv+6g1NOkq6Hc3QHVm+9UFWGSPyzC4HdMexZNpwQuk8GYaGET0QQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFN8ml0O+AnN3cYUHvIdSHnkMk7b6MB8GA1UdIwQY
MBaAFDUaFM6dJSObkv5avOUyUVBEwaukMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvVXpwMGxJNXVTX2xxODVUSlJVRVRCcTZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zZTIxNjUtM2JiNS00NWMzLTk4OWEt
Mjk1Mzg5NGIxZjZkLzEvM3lhWFE3NENjM2R4aFFlOGgxSWVlUXlUdHZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zZTIxNjUtM2JiNS00NWMzLTk4OWEtMjk1Mzg5NGIxZjZk
LzEvTlJvVXpwMGxJNXVTX2xxODVUSlJVRVRCcTZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwTgQCAAEwSAMEAE1RQAME
AVZpmAMEAFZpmwMEAFkkEgMEAFkkXQMEAFko1gMEAFkqKgMEAFkrrgMEArlSrAME
ALzU+gMEALzxDQMEAcEhyDAiBAIAAjAcAwUAKgWRwAMFACoFkcQDBQMqCRNAAwUD
Kg+LgDANBgkqhkiG9w0BAQsFAAOCAQEAwMdBISKgZR2QYqnzwvd1RSTtWzveaK0J
p5zARi75PS2HPFK8u/9/xVQJZ3NrXHoaHdrYWn7+Ri8S1W36H38AnJVetp0lbOl5
N/tBCvJHcymNwOvRxOOA3YxVHi6kerJ3kfMh7u/eHl7/1rl9ru4tWnOHF4HRJDke
ddzUKmcJvZn8uEqAWXyHEpDgEGvsW1v9JJai2jmkshJIvaxVmZ0qaoZptIor/qMV
3quejMb3c1c8P2EFhvfSeAeERx86s6frKCNLjbCkwVZxl8FrlQy+HdvrFwuT2iwX
OOGhjkM0ashvygmT0h4ffIYRfGxfefwS5unciOZZCxLjqbyJuzAIjg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:01 2024 by rpki-client on console-ams.rpki-client.org