Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/szrxjQ_ceoW7iHdsaXS5Lrr7pEg.roa
File: szrxjQ_ceoW7iHdsaXS5Lrr7pEg.roa (raw, json)
Hash identifier: a+tMwYYXZ+jzXLrWPdT1PW7tXsu18ppEWLzs0wpycNc=
Subject key identifier: B3:3A:F1:8D:0F:DC:7A:85:BB:88:77:6C:69:74:B9:2E:BA:FB:A4:48
Certificate issuer: /CN=598fa4201344d4107f792eee2566c62d65714e2d
Certificate serial: 018CC86EF849B01F66A4E6952E19B26AE564
Authority key identifier: 59:8F:A4:20:13:44:D4:10:7F:79:2E:EE:25:66:C6:2D:65:71:4E:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WY-kIBNE1BB_eS7uJWbGLWVxTi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/szrxjQ_ceoW7iHdsaXS5Lrr7pEg.roa
Signing time: Tue 02 Jan 2024 04:29:24 +0000
ROA not before: Tue 02 Jan 2024 04:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39020
IP address blocks: 93.93.70.0/24 maxlen: 24
93.93.68.0/24 maxlen: 24
93.93.69.0/24 maxlen: 24
93.93.66.0/24 maxlen: 24
93.93.67.0/24 maxlen: 24
93.93.65.0/24 maxlen: 24
93.93.71.0/24 maxlen: 24
93.113.162.0/24 maxlen: 24
93.113.163.0/24 maxlen: 24
93.113.160.0/24 maxlen: 24
93.113.161.0/24 maxlen: 24
93.93.64.0/24 maxlen: 24
5.145.174.0/24 maxlen: 24
5.145.175.0/24 maxlen: 24
5.145.173.0/24 maxlen: 24
217.61.131.0/24 maxlen: 24
217.61.129.0/24 maxlen: 24
217.61.130.0/24 maxlen: 24
217.61.128.0/24 maxlen: 24
217.61.139.0/24 maxlen: 24
217.61.137.0/24 maxlen: 24
217.61.138.0/24 maxlen: 24
217.61.136.0/24 maxlen: 24
217.61.134.0/24 maxlen: 24
217.61.135.0/24 maxlen: 24
217.61.133.0/24 maxlen: 24
217.61.140.0/24 maxlen: 24
217.61.143.0/24 maxlen: 24
217.61.141.0/24 maxlen: 24
217.61.142.0/24 maxlen: 24
195.78.231.0/24 maxlen: 24
195.78.229.0/24 maxlen: 24
195.78.230.0/24 maxlen: 24
195.78.228.0/24 maxlen: 24
185.50.198.0/24 maxlen: 24
185.50.199.0/24 maxlen: 24
185.50.196.0/24 maxlen: 24
185.50.196.0/22 maxlen: 22
185.50.197.0/24 maxlen: 24
77.81.119.0/24 maxlen: 24
5.145.172.0/24 maxlen: 24
5.145.170.0/24 maxlen: 24
5.145.171.0/24 maxlen: 24
5.145.169.0/24 maxlen: 24
5.145.168.0/24 maxlen: 24
91.192.110.0/24 maxlen: 24
91.192.111.0/24 maxlen: 24
91.192.108.0/24 maxlen: 24
91.192.109.0/24 maxlen: 24
77.81.112.0/24 maxlen: 24
77.81.118.0/24 maxlen: 24
77.81.117.0/24 maxlen: 24
77.81.115.0/24 maxlen: 24
77.81.116.0/24 maxlen: 24
77.81.113.0/24 maxlen: 24
77.81.114.0/24 maxlen: 24
2a00:1d70:1ac1::/48 maxlen: 48
2a00:1d70::/33 maxlen: 33
2a00:1d70:8000::/33 maxlen: 33
Validation: Failed, certificate revoked on Thu 29 Feb 2024 10:49:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:f8:49:b0:1f:66:a4:e6:95:2e:19:b2:6a:e5:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=598fa4201344d4107f792eee2566c62d65714e2d
Validity
Not Before: Jan 2 04:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b33af18d0fdc7a85bb88776c6974b92ebafba448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:3b:88:f4:ba:9e:fb:ba:5c:83:8e:db:31:84:
c5:27:b2:5f:ea:ff:e9:87:d3:1e:05:66:4c:e4:ed:
e7:81:64:59:b3:30:d7:7d:8b:93:2b:69:86:04:47:
52:36:14:21:3d:84:c9:4a:53:a0:47:1e:ba:45:75:
8d:eb:25:b5:c0:a5:39:61:78:2f:e5:8b:ca:ec:36:
32:cf:24:76:01:67:a4:78:3b:1b:15:87:dc:34:1d:
81:d6:4a:19:33:0f:98:49:80:7e:66:4c:79:3e:ca:
6a:d1:16:06:c6:b5:4b:6e:70:45:99:99:b7:94:b1:
1a:79:32:6d:16:8d:3a:2a:8c:4d:4b:0c:0b:2f:a0:
d7:9e:63:84:01:75:7c:ad:42:09:c9:66:b8:54:78:
a9:a5:00:a3:5e:0c:5d:94:74:83:31:63:f1:93:e9:
ef:c9:14:61:50:df:21:95:d0:9a:a7:84:ad:51:fc:
cf:1b:1a:f9:dc:57:ac:35:bd:2e:1e:f1:fd:8c:ca:
72:53:50:66:2f:42:f1:ce:ee:6c:6c:9a:ef:1c:ed:
b5:06:aa:a6:55:0f:cd:a8:96:e9:f1:40:c0:ea:4c:
03:b9:bb:89:9f:0a:17:47:97:2e:3e:d8:d8:26:91:
bf:1b:ea:55:2e:00:d9:91:a2:d0:80:70:c0:c6:cf:
5b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:3A:F1:8D:0F:DC:7A:85:BB:88:77:6C:69:74:B9:2E:BA:FB:A4:48
X509v3 Authority Key Identifier:
keyid:59:8F:A4:20:13:44:D4:10:7F:79:2E:EE:25:66:C6:2D:65:71:4E:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WY-kIBNE1BB_eS7uJWbGLWVxTi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/szrxjQ_ceoW7iHdsaXS5Lrr7pEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/WY-kIBNE1BB_eS7uJWbGLWVxTi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.168.0/21
77.81.112.0/21
91.192.108.0/22
93.93.64.0/21
93.113.160.0/22
185.50.196.0/22
195.78.228.0/22
217.61.128.0/22
217.61.133.0-217.61.143.255
IPv6:
2a00:1d70::/32
Signature Algorithm: sha256WithRSAEncryption
17:21:bf:ed:76:38:0a:0c:85:f9:f7:82:63:5f:32:bf:64:9a:
8c:27:b0:70:e9:c9:9d:8c:f9:d9:af:f4:ed:05:bb:04:09:f0:
3b:e0:47:c2:d3:18:50:58:06:8b:d7:32:5d:17:4e:df:4e:c7:
f4:e6:b7:f6:64:09:18:73:05:c3:69:85:65:a9:3b:1f:ef:af:
a5:6e:22:47:df:74:75:5b:b1:03:cc:39:88:09:20:b3:bc:39:
89:cb:71:8d:a3:dd:18:fb:bb:45:2e:ec:ad:1e:51:a3:c7:0a:
bf:b4:26:d8:85:2b:12:d5:9c:63:69:7f:b7:eb:ee:eb:e6:ac:
6b:9b:ad:66:a7:30:b9:38:41:60:5e:92:92:3e:de:58:1e:16:
26:89:56:5b:4b:28:f0:e9:9a:c0:0c:d6:a8:38:8c:25:8a:23:
3c:ff:ed:b5:be:a9:b4:de:7f:e1:be:c1:24:f1:c5:b6:f5:cb:
65:f0:81:03:c2:00:95:d3:c3:b6:05:66:8b:b3:69:3d:e2:14:
6e:d3:a3:9f:eb:58:59:64:cf:ed:ed:fe:9b:d1:ba:bc:77:8c:
d3:20:37:53:11:46:01:e8:aa:80:69:85:d6:c4:0d:ca:34:2b:
8e:43:5c:2a:c5:79:a3:89:89:2c:75:f3:fa:b1:1d:3d:20:ce:
ab:1b:8a:b7
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYzIbvhJsB9mpOaVLhmyauVkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5OGZhNDIwMTM0NGQ0MTA3Zjc5MmVlZTI1NjZjNjJkNjU3
MTRlMmQwHhcNMjQwMTAyMDQyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzNhZjE4ZDBmZGM3YTg1YmI4ODc3NmM2OTc0YjkyZWJhZmJhNDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTuI9Lqe+7pcg47bMYTFJ7Jf6v/p
h9MeBWZM5O3ngWRZszDXfYuTK2mGBEdSNhQhPYTJSlOgRx66RXWN6yW1wKU5YXgv
5YvK7DYyzyR2AWekeDsbFYfcNB2B1koZMw+YSYB+Zkx5Pspq0RYGxrVLbnBFmZm3
lLEaeTJtFo06KoxNSwwLL6DXnmOEAXV8rUIJyWa4VHippQCjXgxdlHSDMWPxk+nv
yRRhUN8hldCap4StUfzPGxr53FesNb0uHvH9jMpyU1BmL0Lxzu5sbJrvHO21Bqqm
VQ/NqJbp8UDA6kwDubuJnwoXR5cuPtjYJpG/G+pVLgDZkaLQgHDAxs9bJwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFLM68Y0P3HqFu4h3bGl0uS66+6RIMB8GA1UdIwQY
MBaAFFmPpCATRNQQf3ku7iVmxi1lcU4tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1kta0lCTkUxQkJfZVM3dUpXYkdMV1Z4VGkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84MzhlZjEtNzM5My00ZmJkLWI2N2It
NjY0YjhmMDNkMTgwLzEvc3pyeGpRX2Nlb1c3aUhkc2FYUzVMcnI3cEVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84MzhlZjEtNzM5My00ZmJkLWI2N2ItNjY0YjhmMDNkMTgw
LzEvV1kta0lCTkUxQkJfZVM3dUpXYkdMV1Z4VGkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQDBZGoAwQD
TVFwAwQCW8BsAwQDXV1AAwQCXXGgAwQCuTLEAwQCw07kAwQC2T2AMAwDBADZPYUD
BATZPYAwDQQCAAIwBwMFACoAHXAwDQYJKoZIhvcNAQELBQADggEBABchv+12OAoM
hfn3gmNfMr9kmownsHDpyZ2M+dmv9O0FuwQJ8DvgR8LTGFBYBovXMl0XTt9Ox/Tm
t/ZkCRhzBcNphWWpOx/vr6VuIkffdHVbsQPMOYgJILO8OYnLcY2j3Rj7u0Uu7K0e
UaPHCr+0JtiFKxLVnGNpf7fr7uvmrGubrWanMLk4QWBekpI+3lgeFiaJVltLKPDp
msAM1qg4jCWKIzz/7bW+qbTef+G+wSTxxbb1y2XwgQPCAJXTw7YFZouzaT3iFG7T
o5/rWFlkz+3t/pvRurx3jNMgN1MRRgHoqoBphdbEDco0K45DXCrFeaOJiSx18/qx
HT0gzqsbirc=
-----END CERTIFICATE-----
Generated at Thu Feb 29 14:02:46 2024 by rpki-client on console-ams.rpki-client.org