Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/iFWazE8bAYSEBu47XxyUxr5aJck.roa
File: iFWazE8bAYSEBu47XxyUxr5aJck.roa (raw, json)
Hash identifier: FnSmFc0bPuZZU2/0iPkuKscf9V8ktH8Uzs4M5ep3qvs=
Subject key identifier: 88:55:9A:CC:4F:1B:01:84:84:06:EE:3B:5F:1C:94:C6:BE:5A:25:C9
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 01870825CBE60E4B2F59D4BF9E407A4FF4F6
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/iFWazE8bAYSEBu47XxyUxr5aJck.roa
Signing time: Wed 22 Mar 2023 07:08:27 +0000
ROA not before: Wed 22 Mar 2023 07:08:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21286
IP address blocks: 80.79.96.0/20 maxlen: 20
192.33.239.0/24 maxlen: 24
192.33.235.0/24 maxlen: 24
192.33.238.0/24 maxlen: 24
192.101.111.0/24 maxlen: 24
192.101.112.0/24 maxlen: 24
199.88.208.0/24 maxlen: 24
192.101.113.0/24 maxlen: 24
199.88.209.0/24 maxlen: 24
145.13.0.0/16 maxlen: 16
193.202.32.0/23 maxlen: 23
192.35.133.0/24 maxlen: 24
194.104.59.0/24 maxlen: 24
192.58.226.0/24 maxlen: 24
192.58.227.0/24 maxlen: 24
192.58.228.0/24 maxlen: 24
145.222.0.0/16 maxlen: 16
194.104.32.0/24 maxlen: 24
2a03:4800:100::/40 maxlen: 40
2a03:4800::/40 maxlen: 40
2a02:2b50:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:08:25:cb:e6:0e:4b:2f:59:d4:bf:9e:40:7a:4f:f4:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Mar 22 07:08:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88559acc4f1b01848406ee3b5f1c94c6be5a25c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:24:b6:6e:26:64:ee:6f:a8:10:e7:2e:94:67:
b0:49:91:43:d3:34:37:25:1a:5b:15:bf:d3:7c:1d:
6a:d9:46:1c:8e:25:41:31:a1:07:f6:dd:b1:75:bb:
91:30:15:94:45:79:dc:24:fa:37:ff:b9:8a:31:a3:
be:a2:a5:97:f6:8e:c5:b8:59:2a:a6:9f:92:63:85:
a9:8c:56:62:7f:c6:08:8b:a6:ff:64:fd:1a:3f:82:
c9:76:07:5e:88:bc:55:e0:e6:b9:5f:85:13:73:1a:
8a:84:ac:6c:8c:05:f2:c9:c7:4e:3f:4e:5a:98:61:
b0:8c:9b:4a:aa:68:11:d1:ec:41:4c:71:62:1b:e5:
fb:c2:66:5f:40:21:4b:60:98:78:02:01:f1:8e:e4:
ec:08:ad:51:3c:32:cf:16:3c:2e:8d:82:51:35:2a:
cf:01:ee:09:7a:74:80:be:66:29:39:6c:b7:ec:ae:
87:19:ac:e7:c3:af:3c:df:a7:3c:55:82:8a:6b:37:
9b:b8:12:a5:cf:09:fd:b6:cd:1e:e7:30:a5:75:88:
fc:f6:e0:d6:8f:f2:5f:2b:b1:c7:66:42:36:20:fc:
81:96:52:c8:0f:18:f5:e9:a3:f9:1d:87:e9:99:6f:
6a:ff:64:df:e5:7c:78:76:4f:bd:63:4f:35:a3:ae:
f9:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:55:9A:CC:4F:1B:01:84:84:06:EE:3B:5F:1C:94:C6:BE:5A:25:C9
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/iFWazE8bAYSEBu47XxyUxr5aJck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.79.96.0/20
145.13.0.0/16
145.222.0.0/16
192.33.235.0/24
192.33.238.0/23
192.35.133.0/24
192.58.226.0-192.58.228.255
192.101.111.0-192.101.113.255
193.202.32.0/23
194.104.32.0/24
194.104.59.0/24
199.88.208.0/23
IPv6:
2a02:2b50:ffff::/48
2a03:4800::/39
Signature Algorithm: sha256WithRSAEncryption
86:5c:da:2f:6d:35:16:2a:7c:23:f5:c4:b2:9e:c6:95:23:35:
45:31:75:29:e8:09:16:e2:66:2c:a8:c5:fa:d6:94:4c:bd:37:
9f:d5:e8:91:63:b9:73:da:b4:87:98:c9:61:96:38:c1:60:1f:
c0:85:c8:28:7d:4b:3b:8c:49:b4:c8:a7:74:f4:e3:23:ef:5f:
e3:65:67:8e:d7:35:6a:b5:bc:ec:2c:63:65:50:b8:07:a8:83:
f9:c4:77:fd:40:a8:1f:76:96:c6:ec:b1:02:67:ce:43:dd:61:
f1:fa:79:4f:70:33:1c:a6:95:02:14:57:6d:99:ee:cd:29:e0:
78:ae:f4:83:2c:8c:cc:9c:51:db:31:aa:92:bf:1c:71:06:91:
9c:d8:0c:17:e5:f6:67:f0:f5:16:21:8e:b8:a8:3a:a1:ea:8b:
62:04:bd:29:a2:2a:20:72:6c:bb:bb:2d:1c:60:1d:3c:4a:86:
d2:f3:c0:70:dc:f5:89:e0:8f:f5:19:41:86:a7:09:69:85:4f:
03:d0:fe:2e:dc:5e:2d:69:f4:c4:42:b2:6e:f0:39:53:7f:b8:
42:6e:ac:46:f3:39:46:62:5b:30:26:69:e8:13:b1:e5:8d:11:
89:2c:9e:20:3b:34:c4:50:c6:9d:35:14:e3:4b:4e:e5:42:31:
25:78:51:be
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAYcIJcvmDksvWdS/nkB6T/T2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjMwMzIyMDcwODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODU1OWFjYzRmMWIwMTg0ODQwNmVlM2I1ZjFjOTRjNmJlNWEyNWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyS2biZk7m+oEOculGewSZFD0zQ3
JRpbFb/TfB1q2UYcjiVBMaEH9t2xdbuRMBWURXncJPo3/7mKMaO+oqWX9o7FuFkq
pp+SY4WpjFZif8YIi6b/ZP0aP4LJdgdeiLxV4Oa5X4UTcxqKhKxsjAXyycdOP05a
mGGwjJtKqmgR0exBTHFiG+X7wmZfQCFLYJh4AgHxjuTsCK1RPDLPFjwujYJRNSrP
Ae4JenSAvmYpOWy37K6HGaznw68836c8VYKKazebuBKlzwn9ts0e5zCldYj89uDW
j/JfK7HHZkI2IPyBllLIDxj16aP5HYfpmW9q/2Tf5Xx4dk+9Y081o675NwIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFIhVmsxPGwGEhAbuO18clMa+WiXJMB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEvaUZXYXpFOGJBWVNFQnU0N1h4eVV4cjVhSmNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwXAQCAAEwVgMEBFBPYAMD
AJENAwMAkd4DBADAIesDBAHAIe4DBADAI4UwDAMEAcA64gMEAMA65DAMAwQAwGVv
AwQBwGVwAwQBwcogAwQAwmggAwQAwmg7AwQBx1jQMBcEAgACMBEDBwAqAitQ//8D
BgEqA0gAADANBgkqhkiG9w0BAQsFAAOCAQEAhlzaL201Fip8I/XEsp7GlSM1RTF1
KegJFuJmLKjF+taUTL03n9XokWO5c9q0h5jJYZY4wWAfwIXIKH1LO4xJtMindPTj
I+9f42Vnjtc1arW87CxjZVC4B6iD+cR3/UCoH3aWxuyxAmfOQ91h8fp5T3AzHKaV
AhRXbZnuzSngeK70gyyMzJxR2zGqkr8ccQaRnNgMF+X2Z/D1FiGOuKg6oeqLYgS9
KaIqIHJsu7stHGAdPEqG0vPAcNz1ieCP9RlBhqcJaYVPA9D+LtxeLWn0xEKybvA5
U3+4Qm6sRvM5RmJbMCZp6BOx5Y0RiSyeIDs0xFDGnTUU40tO5UIxJXhRvg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:51 2024 by rpki-client on console-ams.rpki-client.org