Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/Ym_IUDPrDL8NfXP0UgD_-S8vUPs.roa
File: Ym_IUDPrDL8NfXP0UgD_-S8vUPs.roa (raw, json)
Hash identifier: 8VmChZkdDUJwe/TvHenwFeVkrjY4o7QzrJSUD01QQ3M=
Subject key identifier: 62:6F:C8:50:33:EB:0C:BF:0D:7D:73:F4:52:00:FF:F9:2F:2F:50:FB
Certificate issuer: /CN=a7e2ce3109480aee7b3fd2846ec8f8646885cdba
Certificate serial: 018925584B383021A453D076056489882DB5
Authority key identifier: A7:E2:CE:31:09:48:0A:EE:7B:3F:D2:84:6E:C8:F8:64:68:85:CD:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/Ym_IUDPrDL8NfXP0UgD_-S8vUPs.roa
Signing time: Wed 05 Jul 2023 09:18:10 +0000
ROA not before: Wed 05 Jul 2023 09:18:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34659
IP address blocks: 83.136.160.0/21 maxlen: 25
5.104.192.0/21 maxlen: 24
193.36.52.0/22 maxlen: 24
185.153.96.0/22 maxlen: 24
178.21.176.0/21 maxlen: 24
77.247.104.0/22 maxlen: 24
213.41.240.0/21 maxlen: 24
185.45.228.0/22 maxlen: 24
194.169.176.0/22 maxlen: 24
194.104.16.0/22 maxlen: 24
85.31.168.0/22 maxlen: 24
185.83.236.0/22 maxlen: 24
185.185.4.0/22 maxlen: 24
185.185.8.0/22 maxlen: 24
185.96.156.0/22 maxlen: 24
2a07:8580::/29 maxlen: 48
2a00:1db8::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:25:58:4b:38:30:21:a4:53:d0:76:05:64:89:88:2d:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7e2ce3109480aee7b3fd2846ec8f8646885cdba
Validity
Not Before: Jul 5 09:18:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=626fc85033eb0cbf0d7d73f45200fff92f2f50fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:6a:1c:4c:81:34:ba:b3:d4:4d:0a:1e:d8:ed:
4b:1b:1f:3e:cb:35:e3:35:c6:95:f1:2f:d6:6a:8f:
ce:ee:ec:83:62:67:18:c7:2d:c1:8c:56:e1:30:9f:
8b:e7:70:1b:42:55:32:06:94:e7:dc:f3:e5:4b:49:
48:5c:13:2e:f0:e5:a6:db:38:3f:d1:9b:34:8b:17:
a8:3f:8d:c0:10:fd:07:2f:7b:85:f3:b2:13:2f:6f:
a0:b6:b2:b5:fb:09:35:eb:dd:69:06:24:5f:23:ff:
42:b4:3b:8e:e7:d2:34:bc:62:35:44:24:44:a9:f1:
65:b4:bb:1c:55:40:a4:9a:83:80:32:c1:1f:86:c6:
5e:2e:57:84:e5:5d:bc:10:1e:ae:05:77:d0:3e:07:
f9:c5:f8:02:c2:e9:4f:2c:38:08:a9:7f:03:d3:bb:
1d:76:77:a5:58:e9:40:1f:11:1f:be:db:31:d4:ee:
00:94:ad:1f:6e:54:3c:1b:ee:02:6d:fe:64:4c:3b:
03:d7:ba:4d:be:18:1c:5b:fe:74:ee:32:0c:b7:d5:
0c:6a:e1:d8:6b:f0:d5:be:3a:a1:3b:0d:21:6b:93:
ef:81:f7:c1:fc:f2:37:43:39:6f:77:95:40:81:13:
c8:53:82:f4:86:57:28:ed:95:b2:72:cb:e8:7c:f7:
62:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:6F:C8:50:33:EB:0C:BF:0D:7D:73:F4:52:00:FF:F9:2F:2F:50:FB
X509v3 Authority Key Identifier:
keyid:A7:E2:CE:31:09:48:0A:EE:7B:3F:D2:84:6E:C8:F8:64:68:85:CD:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/Ym_IUDPrDL8NfXP0UgD_-S8vUPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/p-LOMQlICu57P9KEbsj4ZGiFzbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.192.0/21
77.247.104.0/22
83.136.160.0/21
85.31.168.0/22
178.21.176.0/21
185.45.228.0/22
185.83.236.0/22
185.96.156.0/22
185.153.96.0/22
185.185.4.0-185.185.11.255
193.36.52.0/22
194.104.16.0/22
194.169.176.0/22
213.41.240.0/21
IPv6:
2a00:1db8::/29
2a07:8580::/29
Signature Algorithm: sha256WithRSAEncryption
71:77:64:4d:6a:fd:24:82:b7:03:55:4a:75:8c:6c:22:26:e9:
b7:c9:5c:c4:36:b9:e4:41:a7:8a:b2:e9:21:d5:ee:45:28:30:
fb:3b:fa:41:66:8b:1c:3f:4c:2c:de:d7:8d:b6:53:5d:3a:73:
aa:64:ad:27:1e:e0:ee:02:0c:3d:7c:25:25:66:06:b9:78:5f:
98:b2:eb:d5:9b:16:ef:f7:fa:bc:ea:81:af:46:bb:0e:17:6a:
7d:07:6e:87:e0:24:4e:34:2f:36:47:fa:19:3d:c2:c0:44:98:
53:a9:2d:31:bf:2d:8f:5d:46:55:07:bd:c7:94:1d:ab:0b:0c:
20:b4:e3:4c:f3:b8:a6:4b:d9:a3:40:34:61:5c:01:57:c5:76:
ec:92:b2:ff:ed:c0:70:52:8a:b2:c1:92:a3:85:99:b4:a2:4d:
f4:1a:c9:87:e3:e8:30:d7:07:c3:c3:bf:21:f2:b4:53:f2:9e:
77:62:fc:7a:fd:1b:35:9d:22:ff:1c:9b:b4:bf:fa:cb:6c:23:
5c:dc:20:87:1d:27:ef:47:75:1f:68:9a:4a:c7:41:49:24:51:
7d:bd:ff:d3:b0:da:dc:c0:69:e1:a7:60:92:3f:4b:aa:8f:6f:
84:71:d9:c8:ff:fe:32:a0:28:f3:9d:43:0d:55:e4:67:9e:9e:
02:dd:7b:09
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYklWEs4MCGkU9B2BWSJiC21MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZTJjZTMxMDk0ODBhZWU3YjNmZDI4NDZlYzhmODY0Njg4
NWNkYmEwHhcNMjMwNzA1MDkxODEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjZmYzg1MDMzZWIwY2JmMGQ3ZDczZjQ1MjAwZmZmOTJmMmY1MGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2ocTIE0urPUTQoe2O1LGx8+yzXj
NcaV8S/Wao/O7uyDYmcYxy3BjFbhMJ+L53AbQlUyBpTn3PPlS0lIXBMu8OWm2zg/
0Zs0ixeoP43AEP0HL3uF87ITL2+gtrK1+wk1691pBiRfI/9CtDuO59I0vGI1RCRE
qfFltLscVUCkmoOAMsEfhsZeLleE5V28EB6uBXfQPgf5xfgCwulPLDgIqX8D07sd
dnelWOlAHxEfvtsx1O4AlK0fblQ8G+4Cbf5kTDsD17pNvhgcW/507jIMt9UMauHY
a/DVvjqhOw0ha5PvgffB/PI3Qzlvd5VAgRPIU4L0hlco7ZWycsvofPdiFQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFGJvyFAz6wy/DX1z9FIA//kvL1D7MB8GA1UdIwQY
MBaAFKfizjEJSAruez/ShG7I+GRohc26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcC1MT01RbElDdTU3UDlLRWJzajRaR2lGemJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9iNjFhZGQtMzJmMC00MmY0LWEzMDEt
NzgxOGE4OTQ1NmNiLzEvWW1fSVVEUHJETDhOZlhQMFVnRF8tUzh2VVBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9iNjFhZGQtMzJmMC00MmY0LWEzMDEtNzgxOGE4OTQ1NmNi
LzEvcC1MT01RbElDdTU3UDlLRWJzajRaR2lGemJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowYgQCAAEwXAMEAwVowAME
Ak33aAMEA1OIoAMEAlUfqAMEA7IVsAMEArkt5AMEArlT7AMEArlgnAMEArmZYDAM
AwQCubkEAwQCubkIAwQCwSQ0AwQCwmgQAwQCwqmwAwQD1SnwMBQEAgACMA4DBQMq
AB24AwUDKgeFgDANBgkqhkiG9w0BAQsFAAOCAQEAcXdkTWr9JIK3A1VKdYxsIibp
t8lcxDa55EGnirLpIdXuRSgw+zv6QWaLHD9MLN7XjbZTXTpzqmStJx7g7gIMPXwl
JWYGuXhfmLLr1ZsW7/f6vOqBr0a7DhdqfQduh+AkTjQvNkf6GT3CwESYU6ktMb8t
j11GVQe9x5QdqwsMILTjTPO4pkvZo0A0YVwBV8V27JKy/+3AcFKKssGSo4WZtKJN
9BrJh+PoMNcHw8O/IfK0U/Ked2L8ev0bNZ0i/xybtL/6y2wjXNwghx0n70d1H2ia
SsdBSSRRfb3/07Da3MBp4adgkj9Lqo9vhHHZyP/+MqAo851DDVXkZ56eAt17CQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:23 2024 by rpki-client on console-ams.rpki-client.org