Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/2d36ab-dee5-469d-9216-6663faba1dd0/1/01nvIOgZrKJtYux_panav4_z3xk.roa
File: 01nvIOgZrKJtYux_panav4_z3xk.roa (raw, json)
Hash identifier: GPD8wz4wseJW7vyKuIikMUzgLYFaNX/lbqekMywQqyk=
Subject key identifier: D3:59:EF:20:E8:19:AC:A2:6D:62:EC:7F:A5:A9:DA:BF:8F:F3:DF:19
Certificate issuer: /CN=6749aeda8a8ace7ec596fc187a2fe10582a6704d
Certificate serial: 018D45241EDE1BF59CC5A537889A32E5B0E3
Authority key identifier: 67:49:AE:DA:8A:8A:CE:7E:C5:96:FC:18:7A:2F:E1:05:82:A6:70:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mu2oqKzn7FlvwYei_hBYKmcE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/2d36ab-dee5-469d-9216-6663faba1dd0/1/01nvIOgZrKJtYux_panav4_z3xk.roa
Signing time: Fri 26 Jan 2024 09:40:11 +0000
ROA not before: Fri 26 Jan 2024 09:40:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6805
IP address blocks: 62.109.64.0/18 maxlen: 18
78.48.0.0/13 maxlen: 13
78.48.0.0/18 maxlen: 18
78.48.64.0/18 maxlen: 18
78.48.128.0/18 maxlen: 18
78.48.192.0/18 maxlen: 18
78.49.0.0/18 maxlen: 18
78.49.64.0/18 maxlen: 18
78.49.128.0/18 maxlen: 18
78.49.192.0/18 maxlen: 18
78.50.0.0/16 maxlen: 16
78.50.0.0/17 maxlen: 17
78.50.128.0/17 maxlen: 17
78.51.0.0/19 maxlen: 19
78.51.32.0/19 maxlen: 19
78.51.64.0/19 maxlen: 19
78.51.96.0/19 maxlen: 19
78.51.128.0/18 maxlen: 18
78.51.192.0/18 maxlen: 18
78.54.0.0/18 maxlen: 18
78.54.64.0/18 maxlen: 18
78.54.128.0/18 maxlen: 18
78.54.192.0/18 maxlen: 18
78.55.0.0/18 maxlen: 18
78.55.64.0/18 maxlen: 18
78.55.128.0/18 maxlen: 18
78.55.192.0/18 maxlen: 18
80.171.0.0/16 maxlen: 16
85.176.0.0/13 maxlen: 13
85.183.16.0/23 maxlen: 23
85.183.18.0/23 maxlen: 23
89.12.0.0/14 maxlen: 14
89.12.0.0/18 maxlen: 18
89.12.64.0/18 maxlen: 18
89.12.128.0/18 maxlen: 18
89.12.192.0/18 maxlen: 18
89.13.0.0/16 maxlen: 16
89.13.0.0/17 maxlen: 17
89.13.128.0/17 maxlen: 17
89.14.0.0/18 maxlen: 18
89.14.64.0/18 maxlen: 18
89.14.128.0/18 maxlen: 18
89.14.192.0/18 maxlen: 18
89.15.232.0/21 maxlen: 21
92.224.0.0/13 maxlen: 13
92.224.0.0/16 maxlen: 16
92.225.0.0/16 maxlen: 16
92.227.194.0/23 maxlen: 23
92.228.72.0/23 maxlen: 23
92.228.74.0/23 maxlen: 23
92.228.76.0/23 maxlen: 23
92.228.78.0/23 maxlen: 23
92.228.80.0/23 maxlen: 23
92.228.82.0/23 maxlen: 23
92.228.84.0/23 maxlen: 23
92.228.86.0/23 maxlen: 23
92.229.0.0/16 maxlen: 16
92.230.20.0/23 maxlen: 23
92.230.22.0/23 maxlen: 23
185.93.236.0/22 maxlen: 22
213.39.128.0/17 maxlen: 17
213.191.64.0/19 maxlen: 19
2a01:c00::/26 maxlen: 39
2a01:c08::/47 maxlen: 47
2a01:c20:7000::/39 maxlen: 39
2a01:c20:7200::/47 maxlen: 47
2a01:c22:1c00::/47 maxlen: 47
2a01:c22:1e00::/39 maxlen: 39
2a01:c22:3400::/39 maxlen: 39
2a01:c22:3600::/47 maxlen: 47
2a01:c22:6c00::/47 maxlen: 47
2a01:c22:6e00::/39 maxlen: 39
2a01:c22:7000::/47 maxlen: 47
2a01:c22:7200::/39 maxlen: 39
2a01:c22:7400::/47 maxlen: 47
2a01:c22:7600::/39 maxlen: 39
2a01:c22:7800::/47 maxlen: 47
2a01:c22:7a00::/39 maxlen: 39
2a01:c22:8400::/39 maxlen: 39
2a01:c22:8600::/47 maxlen: 47
2a01:c22:8800::/39 maxlen: 39
2a01:c22:8a00::/47 maxlen: 47
2a01:c22:8c00::/39 maxlen: 39
2a01:c22:8e00::/47 maxlen: 47
2a01:c22:a600::/47 maxlen: 47
2a01:c22:aa00::/47 maxlen: 47
2a01:c22:ae00::/47 maxlen: 47
2a01:c22:b200::/47 maxlen: 47
2a01:c22:b600::/47 maxlen: 47
2a01:c22:ba00::/47 maxlen: 47
2a01:c22:be00::/47 maxlen: 47
2a01:c22:c200::/47 maxlen: 47
2a01:c22:ca00::/47 maxlen: 47
2a01:c22:ce00::/47 maxlen: 47
2a01:c22:d200::/47 maxlen: 47
2a01:c22:d600::/47 maxlen: 47
2a01:c23:5e00::/47 maxlen: 47
2a01:c23:6200::/47 maxlen: 47
2a01:c23:6600::/47 maxlen: 47
2a01:c23:6a00::/47 maxlen: 47
2a01:c23:6e00::/47 maxlen: 47
2a01:c23:7200::/47 maxlen: 47
2a01:c23:7600::/47 maxlen: 47
2a01:c23:8a00::/47 maxlen: 47
2a01:c23:8e00::/47 maxlen: 47
2a01:c23:9200::/47 maxlen: 47
2a01:c23:9600::/47 maxlen: 47
2a01:c23:ba00::/47 maxlen: 47
2a01:c23:be00::/47 maxlen: 47
2a01:c23:c200::/47 maxlen: 47
2a01:c23:c600::/47 maxlen: 47
Validation: Failed, certificate revoked on Tue 20 Feb 2024 12:07:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:45:24:1e:de:1b:f5:9c:c5:a5:37:88:9a:32:e5:b0:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6749aeda8a8ace7ec596fc187a2fe10582a6704d
Validity
Not Before: Jan 26 09:40:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d359ef20e819aca26d62ec7fa5a9dabf8ff3df19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d9:58:64:39:60:fa:ce:3a:61:25:43:1c:66:
13:89:27:de:e5:fe:8a:ba:e5:89:92:a5:2d:0f:a8:
69:82:bf:da:fe:ae:bf:48:45:7b:d6:0d:7d:7c:16:
ab:3f:b2:78:5e:8a:99:47:37:5b:6b:48:20:60:0b:
c1:69:ca:56:8c:b4:2a:a3:69:5c:76:4e:de:0b:03:
5e:a7:9e:ec:6f:ba:e6:76:8a:1b:b6:0d:b7:0a:e8:
b6:6c:64:48:90:87:18:31:1d:24:0e:9b:8b:63:83:
2d:8b:da:26:36:07:a6:e5:45:20:ed:a8:e2:55:0d:
d5:f6:36:3b:e0:fe:51:ae:cb:2b:ff:c0:2f:2e:d2:
d9:8c:ff:c7:b6:c4:f1:7c:d0:fb:ff:49:cc:aa:74:
92:4a:b9:ab:22:76:34:76:4c:3f:96:9e:0c:dd:c5:
50:e0:6a:93:cb:bb:75:c8:d0:83:78:f2:9b:a0:e0:
03:7f:2d:e5:86:30:d6:3d:bd:bb:d7:19:91:4a:58:
d1:26:e0:77:ec:f0:bf:99:03:12:70:4c:b8:6a:5b:
de:1b:ac:53:c2:2d:67:9d:41:b8:e7:29:21:10:83:
fe:db:d7:1d:21:84:32:46:81:50:6a:fe:34:1f:c5:
1d:0e:2f:de:1f:6c:34:5a:60:4c:f4:c1:3a:be:5f:
e9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:59:EF:20:E8:19:AC:A2:6D:62:EC:7F:A5:A9:DA:BF:8F:F3:DF:19
X509v3 Authority Key Identifier:
keyid:67:49:AE:DA:8A:8A:CE:7E:C5:96:FC:18:7A:2F:E1:05:82:A6:70:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mu2oqKzn7FlvwYei_hBYKmcE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2d36ab-dee5-469d-9216-6663faba1dd0/1/01nvIOgZrKJtYux_panav4_z3xk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2d36ab-dee5-469d-9216-6663faba1dd0/1/Z0mu2oqKzn7FlvwYei_hBYKmcE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.109.64.0/18
78.48.0.0/13
80.171.0.0/16
85.176.0.0/13
89.12.0.0/14
92.224.0.0/13
185.93.236.0/22
213.39.128.0/17
213.191.64.0/19
IPv6:
2a01:c00::/26
Signature Algorithm: sha256WithRSAEncryption
b2:df:1c:16:bc:f5:98:00:9b:2a:d4:ed:fb:a1:c8:a0:7c:96:
05:01:5c:28:1e:e2:4d:64:e3:78:00:92:9f:d8:97:ac:c8:47:
bd:23:d6:1c:8e:23:c3:5e:a2:d8:eb:97:88:d1:77:85:3c:9d:
a7:1d:0d:09:6a:83:f2:75:00:1b:6d:93:32:1c:8b:7f:17:4b:
0d:39:fe:7e:f7:c8:18:2d:57:bc:57:8c:ca:24:ce:1b:d1:01:
e3:6a:87:f8:c2:a5:71:3f:94:79:fe:4a:c6:4c:23:63:16:e3:
54:af:57:92:1e:e9:78:4d:7d:ad:eb:57:62:4f:8f:76:6e:9c:
4f:3f:eb:f8:6d:27:f7:91:23:c7:87:1b:f7:6e:01:ce:0b:5d:
4b:0d:2b:a7:e0:b6:19:d3:82:11:ef:1f:06:e6:29:70:a8:ef:
db:56:8f:bd:63:fc:58:21:6b:47:9c:98:7b:d7:83:71:66:28:
a5:2d:7e:fa:5c:82:12:74:a2:8a:3e:a9:52:b9:8b:44:d2:78:
c5:8d:72:c1:61:d8:c5:ad:18:28:ed:d5:4e:8c:9d:80:6c:47:
77:e0:c4:99:29:3b:bd:73:27:85:9c:1f:35:fc:13:33:b1:a8:
6d:39:a0:b5:43:c3:21:03:17:bb:e7:b0:48:d2:18:ca:00:9d:
c2:58:87:a2
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAY1FJB7eG/WcxaU3iJoy5bDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDlhZWRhOGE4YWNlN2VjNTk2ZmMxODdhMmZlMTA1ODJh
NjcwNGQwHhcNMjQwMTI2MDk0MDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzU5ZWYyMGU4MTlhY2EyNmQ2MmVjN2ZhNWE5ZGFiZjhmZjNkZjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNlYZDlg+s46YSVDHGYTiSfe5f6K
uuWJkqUtD6hpgr/a/q6/SEV71g19fBarP7J4XoqZRzdba0ggYAvBacpWjLQqo2lc
dk7eCwNep57sb7rmdoobtg23Cui2bGRIkIcYMR0kDpuLY4Mti9omNgem5UUg7aji
VQ3V9jY74P5Rrssr/8AvLtLZjP/HtsTxfND7/0nMqnSSSrmrInY0dkw/lp4M3cVQ
4GqTy7t1yNCDePKboOADfy3lhjDWPb271xmRSljRJuB37PC/mQMScEy4alveG6xT
wi1nnUG45ykhEIP+29cdIYQyRoFQav40H8UdDi/eH2w0WmBM9ME6vl/p+QIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFNNZ7yDoGayibWLsf6Wp2r+P898ZMB8GA1UdIwQY
MBaAFGdJrtqKis5+xZb8GHov4QWCpnBNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtdTJvcUt6bjdGbHZ3WWVpX2hCWUttY0UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yZDM2YWItZGVlNS00NjlkLTkyMTYt
NjY2M2ZhYmExZGQwLzEvMDFudklPZ1pyS0p0WXV4X3BhbmF2NF96M3hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yZDM2YWItZGVlNS00NjlkLTkyMTYtNjY2M2ZhYmExZGQw
LzEvWjBtdTJvcUt6bjdGbHZ3WWVpX2hCWUttY0UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDA3BAIAATAxAwQGPm1AAwMD
TjADAwBQqwMDA1WwAwMCWQwDAwNc4AMEArld7AMEB9UngAMEBdW/QDANBAIAAjAH
AwUGKgEMADANBgkqhkiG9w0BAQsFAAOCAQEAst8cFrz1mACbKtTt+6HIoHyWBQFc
KB7iTWTjeACSn9iXrMhHvSPWHI4jw16i2OuXiNF3hTydpx0NCWqD8nUAG22TMhyL
fxdLDTn+fvfIGC1XvFeMyiTOG9EB42qH+MKlcT+Uef5KxkwjYxbjVK9Xkh7peE19
retXYk+Pdm6cTz/r+G0n95Ejx4cb924BzgtdSw0rp+C2GdOCEe8fBuYpcKjv21aP
vWP8WCFrR5yYe9eDcWYopS1++lyCEnSiij6pUrmLRNJ4xY1ywWHYxa0YKO3VToyd
gGxHd+DEmSk7vXMnhZwfNfwTM7GobTmgtUPDIQMXu+ewSNIYygCdwliHog==
-----END CERTIFICATE-----
Generated at Tue Feb 20 15:08:29 2024 by rpki-client on console-ams.rpki-client.org