Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/6ETK8gTbeBkNjPhB9VgF4xHj87c.roa
File: 6ETK8gTbeBkNjPhB9VgF4xHj87c.roa (raw, json)
Hash identifier: b8GhnO8eIeSrlEkxghoX2nDs0EraENhMsjPwNovEj5Q=
Subject key identifier: E8:44:CA:F2:04:DB:78:19:0D:8C:F8:41:F5:58:05:E3:11:E3:F3:B7
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 01869C90E4CE7E51E94D75C8E43ADFC7274E
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/6ETK8gTbeBkNjPhB9VgF4xHj87c.roa
Signing time: Wed 01 Mar 2023 09:46:26 +0000
ROA not before: Wed 01 Mar 2023 09:46:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45012
IP address blocks: 193.22.255.0/24 maxlen: 24
185.80.92.0/24 maxlen: 24
185.80.93.0/24 maxlen: 24
185.80.94.0/23 maxlen: 23
91.220.49.0/24 maxlen: 24
185.137.168.0/22 maxlen: 24
128.127.65.0/24 maxlen: 24
128.127.66.0/24 maxlen: 24
194.145.226.0/24 maxlen: 24
91.203.108.0/22 maxlen: 24
178.250.170.0/24 maxlen: 24
93.90.178.0/24 maxlen: 24
178.250.174.0/24 maxlen: 24
37.218.252.0/24 maxlen: 24
37.218.248.0/22 maxlen: 22
37.218.254.0/24 maxlen: 24
178.20.96.0/21 maxlen: 24
5.44.108.0/22 maxlen: 24
192.162.87.0/24 maxlen: 24
185.207.230.0/24 maxlen: 24
185.207.228.0/22 maxlen: 24
185.207.228.0/24 maxlen: 24
31.47.240.0/20 maxlen: 24
81.88.16.0/24 maxlen: 24
89.22.100.0/22 maxlen: 24
89.22.106.0/24 maxlen: 24
89.22.108.0/24 maxlen: 24
89.22.110.0/23 maxlen: 24
89.22.112.0/22 maxlen: 24
89.22.116.0/22 maxlen: 24
89.22.122.0/23 maxlen: 24
89.22.124.0/22 maxlen: 24
5.44.100.0/23 maxlen: 24
5.44.102.0/24 maxlen: 24
5.44.104.0/22 maxlen: 24
2a00:fa40:4000::/36 maxlen: 36
2a00:fa40:3000::/36 maxlen: 36
2a01:64c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 28 Mar 2023 09:36:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9c:90:e4:ce:7e:51:e9:4d:75:c8:e4:3a:df:c7:27:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Mar 1 09:46:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e844caf204db78190d8cf841f55805e311e3f3b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:31:76:7c:fa:af:15:a1:e7:17:e3:0b:fd:f9:
67:be:0f:3b:e9:71:7b:b0:10:d8:53:a0:2a:45:4e:
bd:97:a5:fd:24:d1:0e:81:d4:c8:75:4b:2e:22:ad:
34:7f:ed:3d:fc:70:dd:12:9d:ca:04:bd:4f:a6:df:
5e:82:d9:bc:b6:b0:3e:60:90:ad:e2:4d:e2:be:54:
90:45:9b:46:80:b6:9b:7d:66:74:cf:53:ea:dc:3e:
67:cb:a9:cd:ba:dc:6a:d5:b7:69:de:2a:c9:55:08:
5d:df:47:fe:97:3c:81:b1:2f:c0:1a:35:3d:d5:88:
b8:c3:dd:df:54:67:c1:b5:93:85:62:94:c1:da:d8:
7f:4d:4f:ce:f7:1c:9e:72:65:2f:13:48:39:80:4c:
ad:b0:2b:1a:65:8b:0b:86:22:f5:7d:71:bc:29:df:
a7:32:c0:1d:5b:3e:f8:5f:e4:b2:81:be:b9:d3:b9:
de:4d:77:20:17:ae:c1:ee:cc:6c:61:4d:43:4c:f8:
f3:a9:50:ec:ff:13:27:b2:8e:14:13:91:3d:3a:bd:
f0:4f:91:a9:cb:90:1e:b9:52:d3:33:52:18:86:01:
e0:63:24:1d:d8:16:ee:85:d9:f1:23:39:89:39:fc:
37:58:9e:41:9f:04:64:77:8e:06:f5:c1:bf:2c:da:
aa:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:44:CA:F2:04:DB:78:19:0D:8C:F8:41:F5:58:05:E3:11:E3:F3:B7
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/6ETK8gTbeBkNjPhB9VgF4xHj87c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.100.0-5.44.102.255
5.44.104.0/21
31.47.240.0/20
37.218.248.0-37.218.252.255
37.218.254.0/24
81.88.16.0/24
89.22.100.0/22
89.22.106.0/24
89.22.108.0/24
89.22.110.0-89.22.119.255
89.22.122.0-89.22.127.255
91.203.108.0/22
91.220.49.0/24
93.90.178.0/24
128.127.65.0-128.127.66.255
178.20.96.0/21
178.250.170.0/24
178.250.174.0/24
185.80.92.0/22
185.137.168.0/22
185.207.228.0/22
192.162.87.0/24
193.22.255.0/24
194.145.226.0/24
IPv6:
2a00:fa40:3000::-2a00:fa40:4fff:ffff:ffff:ffff:ffff:ffff
2a01:64c0::/32
Signature Algorithm: sha256WithRSAEncryption
22:60:f4:67:dd:08:f5:6f:e4:c3:72:fd:fc:e8:61:b8:7c:33:
50:b7:70:f1:c4:01:a4:f9:d7:73:67:99:f6:d9:cf:1c:21:29:
17:5f:c1:88:9d:e7:b2:4f:69:c0:6d:76:c3:e6:6b:1b:b2:75:
37:60:15:0f:62:51:d7:37:2a:be:e7:f5:68:df:2d:37:6c:99:
9a:65:f1:ed:28:c1:5f:b0:49:30:a3:2b:9f:ed:2a:f1:9c:bf:
c9:e6:7d:31:25:e8:bc:95:aa:4d:02:66:63:1c:eb:e9:51:04:
f9:a4:d5:55:75:bc:90:22:5a:85:92:27:4d:bb:5b:10:62:ab:
0a:07:89:1c:67:33:a1:b1:84:57:d2:35:e7:26:25:de:97:ef:
2b:86:0a:cf:6a:ae:78:97:9d:6d:d3:06:86:e2:55:51:74:27:
69:40:ec:b4:cc:fa:e9:89:5e:8b:28:02:c2:80:3d:e3:88:f3:
15:1e:82:8d:11:3e:65:b9:8a:cf:ab:61:83:93:74:34:76:96:
db:7b:3a:35:c3:fe:c7:bf:5c:c7:fb:6a:8c:04:3f:44:fa:8d:
56:59:02:0b:b6:49:48:64:8c:99:a8:bc:d9:bd:62:14:32:d8:
8f:3e:10:42:2c:3a:b1:1e:bd:ce:40:12:51:60:62:ce:87:a9:
f3:20:07:c7
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgISAYackOTOflHpTXXI5DrfxydOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjMwMzAxMDk0NjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODQ0Y2FmMjA0ZGI3ODE5MGQ4Y2Y4NDFmNTU4MDVlMzExZTNmM2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTF2fPqvFaHnF+ML/flnvg876XF7
sBDYU6AqRU69l6X9JNEOgdTIdUsuIq00f+09/HDdEp3KBL1Ppt9egtm8trA+YJCt
4k3ivlSQRZtGgLabfWZ0z1Pq3D5ny6nNutxq1bdp3irJVQhd30f+lzyBsS/AGjU9
1Yi4w93fVGfBtZOFYpTB2th/TU/O9xyecmUvE0g5gEytsCsaZYsLhiL1fXG8Kd+n
MsAdWz74X+Sygb6507neTXcgF67B7sxsYU1DTPjzqVDs/xMnso4UE5E9Or3wT5Gp
y5AeuVLTM1IYhgHgYyQd2BbuhdnxIzmJOfw3WJ5BnwRkd44G9cG/LNqqEQIDAQAB
o4IC4TCCAt0wHQYDVR0OBBYEFOhEyvIE23gZDYz4QfVYBeMR4/O3MB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvNkVUSzhnVGJlQmtOalBoQjlWZ0Y0eEhqODdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH2BggrBgEFBQcBBwEB/wSB5jCB4zCBvwQCAAEwgbgwDAME
AgUsZAMEAAUsZgMEAwUsaAMEBB8v8DAMAwQDJdr4AwQAJdr8AwQAJdr+AwQAUVgQ
AwQCWRZkAwQAWRZqAwQAWRZsMAwDBAFZFm4DBANZFnAwDAMEAVkWegMEB1kWAAME
AlvLbAMEAFvcMQMEAF1asjAMAwQAgH9BAwQAgH9CAwQDshRgAwQAsvqqAwQAsvqu
AwQCuVBcAwQCuYmoAwQCuc/kAwQAwKJXAwQAwRb/AwQAwpHiMB8EAgACMBkwEAMG
BCoA+kAwAwYEKgD6QEADBQAqAWTAMA0GCSqGSIb3DQEBCwUAA4IBAQAiYPRn3Qj1
b+TDcv386GG4fDNQt3DxxAGk+ddzZ5n22c8cISkXX8GIneeyT2nAbXbD5msbsnU3
YBUPYlHXNyq+5/Vo3y03bJmaZfHtKMFfsEkwoyuf7SrxnL/J5n0xJei8lapNAmZj
HOvpUQT5pNVVdbyQIlqFkidNu1sQYqsKB4kcZzOhsYRX0jXnJiXel+8rhgrPaq54
l51t0waG4lVRdCdpQOy0zPrpiV6LKALCgD3jiPMVHoKNET5luYrPq2GDk3Q0dpbb
ezo1w/7Hv1zH+2qMBD9E+o1WWQILtklIZIyZqLzZvWIUMtiPPhBCLDqxHr3OQBJR
YGLOh6nzIAfH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:44 2024 by rpki-client on console-fra.rpki-client.org