Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4b6cc9-09d3-4678-b0a7-950c180596d0/1/0ENmodCsaHm4R_7YUSsqdBiMCRo.roa
File: 0ENmodCsaHm4R_7YUSsqdBiMCRo.roa (raw, json)
Hash identifier: SRRd4lDBtrpfIviqqJcofzmlgr593yyvDlnOnfkQMB8=
Subject key identifier: D0:43:66:A1:D0:AC:68:79:B8:47:FE:D8:51:2B:2A:74:18:8C:09:1A
Certificate issuer: /CN=ab882cd6d196ae1f96872acae78321be7a92b8eb
Certificate serial: 01857227D6446CE8603890B97601BD65EE68
Authority key identifier: AB:88:2C:D6:D1:96:AE:1F:96:87:2A:CA:E7:83:21:BE:7A:92:B8:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4gs1tGWrh-WhyrK54MhvnqSuOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4b6cc9-09d3-4678-b0a7-950c180596d0/1/0ENmodCsaHm4R_7YUSsqdBiMCRo.roa
Signing time: Mon 02 Jan 2023 11:04:51 +0000
ROA not before: Mon 02 Jan 2023 11:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6697
IP address blocks: 178.120.0.0/13 maxlen: 24
86.57.128.0/17 maxlen: 24
93.84.0.0/15 maxlen: 24
37.212.0.0/14 maxlen: 23
37.45.0.0/16 maxlen: 21
194.158.192.0/19 maxlen: 24
37.44.64.0/18 maxlen: 21
82.209.192.0/18 maxlen: 24
185.152.136.0/22 maxlen: 24
2a02:2208::/29 maxlen: 44
2001:7f8:5a::/48 maxlen: 48
2a02:2208::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:d6:44:6c:e8:60:38:90:b9:76:01:bd:65:ee:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab882cd6d196ae1f96872acae78321be7a92b8eb
Validity
Not Before: Jan 2 11:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d04366a1d0ac6879b847fed8512b2a74188c091a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a0:83:8a:03:b0:28:e6:29:93:96:33:21:62:
cb:4d:aa:a5:f0:61:45:82:39:9d:de:88:a2:18:a4:
69:3d:dd:58:6d:ab:29:8b:a6:c6:2f:fd:2a:cb:bf:
18:38:19:14:33:c2:3c:3a:3a:26:80:2c:40:fe:5b:
b2:a1:e8:3e:0f:31:01:08:ff:b0:95:de:b8:69:91:
57:9f:5f:10:b6:82:a8:fd:57:4a:2e:cd:b7:7e:21:
db:fd:d8:55:13:f4:0f:a3:8d:2a:4a:ee:ed:d6:ef:
79:44:ce:b2:87:eb:41:7a:b3:00:8d:ef:77:30:34:
40:31:ea:70:39:6c:01:54:40:3e:f3:92:1c:3f:d2:
92:47:ed:b1:e4:f3:3b:b8:ff:29:b5:a7:10:ae:7f:
65:44:7d:87:c3:e4:cc:e6:12:9c:f1:10:4f:eb:7a:
30:01:37:d6:22:8a:26:23:45:ab:23:5c:5d:90:dd:
8b:f7:12:3d:cd:87:d6:49:74:d4:23:74:b0:26:ca:
0c:72:43:ba:c9:3e:4c:1b:05:fb:4c:a6:b8:77:c0:
81:54:3c:32:77:82:af:55:28:44:01:d6:1f:3d:5f:
d8:40:f5:01:8f:0c:79:8a:01:e2:d6:5d:c1:18:ba:
3f:c0:84:7f:cc:9d:bb:88:90:cc:f6:41:d2:e7:49:
89:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:43:66:A1:D0:AC:68:79:B8:47:FE:D8:51:2B:2A:74:18:8C:09:1A
X509v3 Authority Key Identifier:
keyid:AB:88:2C:D6:D1:96:AE:1F:96:87:2A:CA:E7:83:21:BE:7A:92:B8:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4gs1tGWrh-WhyrK54MhvnqSuOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4b6cc9-09d3-4678-b0a7-950c180596d0/1/0ENmodCsaHm4R_7YUSsqdBiMCRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4b6cc9-09d3-4678-b0a7-950c180596d0/1/q4gs1tGWrh-WhyrK54MhvnqSuOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.64.0/18
37.45.0.0/16
37.212.0.0/14
82.209.192.0/18
86.57.128.0/17
93.84.0.0/15
178.120.0.0/13
185.152.136.0/22
194.158.192.0/19
IPv6:
2001:7f8:5a::/48
2a02:2208::/29
Signature Algorithm: sha256WithRSAEncryption
37:58:14:f4:45:8b:7c:5a:28:22:3b:3e:18:8e:99:3a:34:44:
c0:39:8c:9e:67:f7:9c:4d:51:23:dd:65:62:1e:6d:81:59:7d:
f5:c0:95:1b:36:95:35:2f:c8:8d:08:4e:58:02:65:57:75:47:
2a:cc:22:90:9e:c0:6f:26:0d:73:c6:cf:52:9e:55:79:c6:c0:
37:fe:d0:92:df:2c:db:de:84:74:f1:e6:4d:fb:b5:fe:0e:ae:
d5:b2:35:15:89:1c:67:9e:ef:2e:f6:7e:00:1d:53:22:3f:f6:
9c:80:e4:28:58:cc:3e:1f:71:f6:2d:57:38:23:4a:18:74:be:
7c:b4:f0:78:54:2a:fc:be:f4:14:5a:4d:5f:17:2b:4d:de:40:
e2:8a:a4:d6:45:87:ad:1c:e0:42:09:d2:08:30:68:3b:fa:e1:
bd:3b:be:a4:33:fb:bc:48:49:df:4c:d0:51:e6:0d:c4:7c:7a:
ce:2c:4c:49:ca:a4:54:3c:b1:3a:50:fc:1a:fe:67:06:bc:2d:
8e:49:85:24:c0:f4:f8:01:c2:ee:f9:82:e1:ba:45:fd:fc:c6:
02:2c:a0:8d:5c:08:a7:b2:dd:1e:0a:b7:55:dc:0f:84:c6:fa:
24:e7:9d:d1:c2:b2:51:3e:12:56:c5:29:59:10:b4:c6:e0:2a:
f1:76:3d:64
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYVyJ9ZEbOhgOJC5dgG9Ze5oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiODgyY2Q2ZDE5NmFlMWY5Njg3MmFjYWU3ODMyMWJlN2E5
MmI4ZWIwHhcNMjMwMTAyMTEwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDQzNjZhMWQwYWM2ODc5Yjg0N2ZlZDg1MTJiMmE3NDE4OGMwOTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaCDigOwKOYpk5YzIWLLTaql8GFF
gjmd3oiiGKRpPd1Ybaspi6bGL/0qy78YOBkUM8I8OjomgCxA/luyoeg+DzEBCP+w
ld64aZFXn18QtoKo/VdKLs23fiHb/dhVE/QPo40qSu7t1u95RM6yh+tBerMAje93
MDRAMepwOWwBVEA+85IcP9KSR+2x5PM7uP8ptacQrn9lRH2Hw+TM5hKc8RBP63ow
ATfWIoomI0WrI1xdkN2L9xI9zYfWSXTUI3SwJsoMckO6yT5MGwX7TKa4d8CBVDwy
d4KvVShEAdYfPV/YQPUBjwx5igHi1l3BGLo/wIR/zJ27iJDM9kHS50mJjQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFNBDZqHQrGh5uEf+2FErKnQYjAkaMB8GA1UdIwQY
MBaAFKuILNbRlq4flocqyueDIb56krjrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTRnczF0R1dyaC1XaHlySzU0TWh2bnFTdU9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80YjZjYzktMDlkMy00Njc4LWIwYTct
OTUwYzE4MDU5NmQwLzEvMEVObW9kQ3NhSG00Ul83WVVTc3FkQmlNQ1JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80YjZjYzktMDlkMy00Njc4LWIwYTctOTUwYzE4MDU5NmQw
LzEvcTRnczF0R1dyaC1XaHlySzU0TWh2bnFTdU9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjA4BAIAATAyAwQGJSxAAwMA
JS0DAwIl1AMEBlLRwAMEB1Y5gAMDAV1UAwMDsngDBAK5mIgDBAXCnsAwFgQCAAIw
EAMHACABB/gAWgMFAyoCIggwDQYJKoZIhvcNAQELBQADggEBADdYFPRFi3xaKCI7
PhiOmTo0RMA5jJ5n95xNUSPdZWIebYFZffXAlRs2lTUvyI0ITlgCZVd1RyrMIpCe
wG8mDXPGz1KeVXnGwDf+0JLfLNvehHTx5k37tf4OrtWyNRWJHGee7y72fgAdUyI/
9pyA5ChYzD4fcfYtVzgjShh0vny08HhUKvy+9BRaTV8XK03eQOKKpNZFh60c4EIJ
0ggwaDv64b07vqQz+7xISd9M0FHmDcR8es4sTEnKpFQ8sTpQ/Br+Zwa8LY5JhSTA
9PgBwu75guG6Rf38xgIsoI1cCKey3R4Kt1XcD4TG+iTnndHCslE+ElbFKVkQtMbg
KvF2PWQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:04 2024 by rpki-client on console-ams.rpki-client.org