Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/m21qSYjJY-6QZCcaEgzDg9sZCBY.roa
File: m21qSYjJY-6QZCcaEgzDg9sZCBY.roa (raw, json)
Hash identifier: k6RkMdDvJXO7N29zMRrPu9dYAz/uMUe21xB+6HPsssU=
Subject key identifier: 9B:6D:6A:49:88:C9:63:EE:90:64:27:1A:12:0C:C3:83:DB:19:08:16
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 01894F352A42826936A8DF308DC371A3955E
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/m21qSYjJY-6QZCcaEgzDg9sZCBY.roa
Signing time: Thu 13 Jul 2023 12:23:51 +0000
ROA not before: Thu 13 Jul 2023 12:23:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45012
IP address blocks: 193.22.255.0/24 maxlen: 24
185.80.92.0/24 maxlen: 24
185.80.93.0/24 maxlen: 24
185.80.94.0/23 maxlen: 23
91.220.49.0/24 maxlen: 24
185.137.168.0/22 maxlen: 24
128.127.65.0/24 maxlen: 24
128.127.66.0/24 maxlen: 24
194.145.226.0/24 maxlen: 24
91.203.108.0/22 maxlen: 24
178.250.170.0/24 maxlen: 24
93.90.178.0/24 maxlen: 24
178.250.174.0/24 maxlen: 24
93.90.180.0/23 maxlen: 24
37.218.252.0/24 maxlen: 24
37.218.248.0/22 maxlen: 22
91.203.212.0/22 maxlen: 24
37.218.254.0/24 maxlen: 24
195.82.152.0/23 maxlen: 24
178.20.96.0/21 maxlen: 24
188.64.46.0/23 maxlen: 24
5.44.108.0/22 maxlen: 24
192.162.87.0/24 maxlen: 24
185.207.230.0/24 maxlen: 24
185.207.228.0/22 maxlen: 24
185.207.228.0/24 maxlen: 24
31.47.240.0/20 maxlen: 24
195.5.120.0/23 maxlen: 24
81.88.16.0/24 maxlen: 24
89.22.100.0/22 maxlen: 24
89.22.106.0/24 maxlen: 24
89.22.108.0/24 maxlen: 24
89.22.110.0/23 maxlen: 24
89.22.112.0/22 maxlen: 24
81.88.28.0/22 maxlen: 24
89.22.116.0/22 maxlen: 24
89.22.122.0/23 maxlen: 24
89.22.124.0/22 maxlen: 24
5.44.100.0/23 maxlen: 24
5.44.102.0/23 maxlen: 24
5.44.104.0/22 maxlen: 24
2a00:fa40:2000::/36 maxlen: 64
2a00:fa40:4000::/36 maxlen: 36
2a00:fa40:3000::/36 maxlen: 36
2a01:64c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 28 Sep 2023 13:25:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4f:35:2a:42:82:69:36:a8:df:30:8d:c3:71:a3:95:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Jul 13 12:23:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b6d6a4988c963ee9064271a120cc383db190816
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:3e:7a:c8:a1:83:c9:ee:0e:0f:28:a4:0d:0e:
b3:80:58:d5:5f:89:82:03:d1:65:dc:0e:9b:c1:e3:
32:c3:1f:cb:ba:bb:df:99:8b:58:ca:3c:d3:8f:80:
9d:21:8f:c9:ea:25:82:b5:71:7e:64:da:6c:34:48:
81:34:de:3e:43:ed:3e:44:9d:28:d7:32:7b:a2:51:
f6:09:10:14:48:e4:17:ec:25:1b:70:2c:42:bd:66:
f5:28:02:97:7f:71:cc:73:ff:7c:c9:44:cf:a1:5a:
7e:47:c8:28:aa:58:57:4b:41:f6:c6:1f:62:e0:af:
15:f0:d5:56:84:d5:c6:78:87:90:0c:b4:46:70:d2:
94:58:7e:5a:fc:28:6c:7d:58:bb:fb:60:41:eb:ff:
1d:5a:e4:07:24:1e:13:aa:95:1f:e5:df:ba:ba:2c:
e9:34:30:4c:3c:fa:cb:78:a1:dd:3b:1d:50:11:4f:
69:da:2c:f4:0e:ce:de:03:58:6f:3e:2a:02:3a:db:
ee:e3:47:98:6e:7f:91:0a:6e:00:ff:72:6c:10:99:
a3:31:d6:a4:e8:45:a4:89:e8:9d:c3:78:2a:bd:de:
76:26:0b:93:84:64:fa:11:c9:6b:91:4d:c8:6a:28:
74:d5:c3:59:64:7b:cc:ba:23:12:c3:8e:ef:63:c0:
da:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:6D:6A:49:88:C9:63:EE:90:64:27:1A:12:0C:C3:83:DB:19:08:16
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/m21qSYjJY-6QZCcaEgzDg9sZCBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.100.0-5.44.111.255
31.47.240.0/20
37.218.248.0-37.218.252.255
37.218.254.0/24
81.88.16.0/24
81.88.28.0/22
89.22.100.0/22
89.22.106.0/24
89.22.108.0/24
89.22.110.0-89.22.119.255
89.22.122.0-89.22.127.255
91.203.108.0/22
91.203.212.0/22
91.220.49.0/24
93.90.178.0/24
93.90.180.0/23
128.127.65.0-128.127.66.255
178.20.96.0/21
178.250.170.0/24
178.250.174.0/24
185.80.92.0/22
185.137.168.0/22
185.207.228.0/22
188.64.46.0/23
192.162.87.0/24
193.22.255.0/24
194.145.226.0/24
195.5.120.0/23
195.82.152.0/23
IPv6:
2a00:fa40:2000::-2a00:fa40:4fff:ffff:ffff:ffff:ffff:ffff
2a01:64c0::/32
Signature Algorithm: sha256WithRSAEncryption
02:3c:5c:7b:3f:2d:69:61:95:0c:f6:7f:12:14:69:c7:a4:a3:
5d:78:37:76:a9:16:a1:9d:86:3a:43:5d:e0:14:94:95:c4:77:
77:75:e7:03:07:32:34:f8:82:80:90:f7:c4:3e:f6:41:ec:b7:
f6:95:51:d0:79:40:a2:ac:39:c6:12:4f:93:ee:88:57:7f:fe:
d0:bf:3f:6c:0f:98:df:82:e6:54:51:92:fb:87:8a:c2:e9:5a:
66:c9:31:11:08:37:fe:3e:00:77:f1:a9:1f:d8:9d:af:65:f7:
91:7f:65:d3:73:fc:51:a0:70:46:b4:79:bc:f9:2e:11:7e:22:
9e:f3:e6:b2:67:fd:79:9c:0c:81:bc:f4:34:f7:72:8e:35:57:
a6:e3:8b:c9:09:bd:d0:dc:e6:ed:b2:2b:04:90:f8:e0:cc:8d:
f0:f9:cf:fe:98:33:ce:f1:3a:b1:34:d9:10:f4:cb:6f:af:7b:
6c:0c:90:36:d1:ff:b8:d6:4a:d9:ca:32:63:dc:37:e3:10:ee:
ca:e2:fb:69:33:f7:3c:ab:b5:a5:55:ac:0a:c1:2f:28:08:62:
d3:8a:e2:ea:1a:12:4f:06:82:1e:f5:75:42:3c:77:81:5d:eb:
bc:cc:5e:63:b2:e4:4e:10:c2:e2:4f:93:9f:b0:0b:e5:30:ad:
c2:57:bb:66
-----BEGIN CERTIFICATE-----
MIIF9jCCBN6gAwIBAgISAYlPNSpCgmk2qN8wjcNxo5VeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjMwNzEzMTIyMzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjZkNmE0OTg4Yzk2M2VlOTA2NDI3MWExMjBjYzM4M2RiMTkwODE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6j56yKGDye4ODyikDQ6zgFjVX4mC
A9Fl3A6bweMywx/LurvfmYtYyjzTj4CdIY/J6iWCtXF+ZNpsNEiBNN4+Q+0+RJ0o
1zJ7olH2CRAUSOQX7CUbcCxCvWb1KAKXf3HMc/98yUTPoVp+R8goqlhXS0H2xh9i
4K8V8NVWhNXGeIeQDLRGcNKUWH5a/ChsfVi7+2BB6/8dWuQHJB4TqpUf5d+6uizp
NDBMPPrLeKHdOx1QEU9p2iz0Ds7eA1hvPioCOtvu40eYbn+RCm4A/3JsEJmjMdak
6EWkieidw3gqvd52JguThGT6EclrkU3Iaih01cNZZHvMuiMSw47vY8DakwIDAQAB
o4IDAjCCAv4wHQYDVR0OBBYEFJttakmIyWPukGQnGhIMw4PbGQgWMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvbTIxcVNZakpZLTZRWkNjYUVnekRnOXNaQ0JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFgYIKwYBBQUHAQcBAf8EggEFMIIBATCB3QQCAAEwgdYw
DAMEAgUsZAMEBAUsYAMEBB8v8DAMAwQDJdr4AwQAJdr8AwQAJdr+AwQAUVgQAwQC
UVgcAwQCWRZkAwQAWRZqAwQAWRZsMAwDBAFZFm4DBANZFnAwDAMEAVkWegMEB1kW
AAMEAlvLbAMEAlvL1AMEAFvcMQMEAF1asgMEAV1atDAMAwQAgH9BAwQAgH9CAwQD
shRgAwQAsvqqAwQAsvquAwQCuVBcAwQCuYmoAwQCuc/kAwQBvEAuAwQAwKJXAwQA
wRb/AwQAwpHiAwQBwwV4AwQBw1KYMB8EAgACMBkwEAMGBSoA+kAgAwYEKgD6QEAD
BQAqAWTAMA0GCSqGSIb3DQEBCwUAA4IBAQACPFx7Py1pYZUM9n8SFGnHpKNdeDd2
qRahnYY6Q13gFJSVxHd3decDBzI0+IKAkPfEPvZB7Lf2lVHQeUCirDnGEk+T7ohX
f/7Qvz9sD5jfguZUUZL7h4rC6VpmyTERCDf+PgB38akf2J2vZfeRf2XTc/xRoHBG
tHm8+S4RfiKe8+ayZ/15nAyBvPQ093KONVem44vJCb3Q3ObtsisEkPjgzI3w+c/+
mDPO8TqxNNkQ9Mtvr3tsDJA20f+41krZyjJj3DfjEO7K4vtpM/c8q7WlVawKwS8o
CGLTiuLqGhJPBoIe9XVCPHeBXeu8zF5jsuROEMLiT5OfsAvlMK3CV7tm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:44 2024 by rpki-client on console-fra.rpki-client.org