Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/0_DUVB6R9gMCL1o4H_6AnUMZTaA.roa
File: 0_DUVB6R9gMCL1o4H_6AnUMZTaA.roa (raw, json)
Hash identifier: A4uJRkaEZXv6cRv1VUsX27PfGTpAtqy549A4qBZsFrg=
Subject key identifier: D3:F0:D4:54:1E:91:F6:03:02:2F:5A:38:1F:FE:80:9D:43:19:4D:A0
Certificate issuer: /CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Certificate serial: 018DF06CF4347F7F4CCCEBC0C3E1E4BB85E0
Authority key identifier: 99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/0_DUVB6R9gMCL1o4H_6AnUMZTaA.roa
Signing time: Wed 28 Feb 2024 15:54:48 +0000
ROA not before: Wed 28 Feb 2024 15:54:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44407
IP address blocks: 37.140.224.0/21 maxlen: 21
45.81.80.0/22 maxlen: 22
45.87.56.0/22 maxlen: 22
45.132.248.0/22 maxlen: 24
45.148.108.0/22 maxlen: 22
45.156.228.0/22 maxlen: 22
46.247.224.0/19 maxlen: 19
79.132.144.0/20 maxlen: 20
80.240.160.0/20 maxlen: 20
85.112.192.0/19 maxlen: 19
86.105.88.0/21 maxlen: 21
86.107.248.0/21 maxlen: 21
89.35.208.0/21 maxlen: 21
89.43.156.0/22 maxlen: 24
185.16.48.0/22 maxlen: 22
185.176.176.0/22 maxlen: 22
185.181.152.0/22 maxlen: 22
185.183.60.0/22 maxlen: 22
185.183.64.0/22 maxlen: 22
185.183.252.0/22 maxlen: 22
185.184.4.0/22 maxlen: 22
185.198.224.0/22 maxlen: 22
185.204.252.0/22 maxlen: 22
185.209.140.0/22 maxlen: 22
185.223.148.0/22 maxlen: 22
185.243.120.0/22 maxlen: 22
194.36.192.0/22 maxlen: 22
195.123.7.0/24 maxlen: 24
195.177.108.0/22 maxlen: 22
217.26.192.0/20 maxlen: 20
2a0a:1c80::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 29 Oct 2024 08:46:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f0:6c:f4:34:7f:7f:4c:cc:eb:c0:c3:e1:e4:bb:85:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Validity
Not Before: Feb 28 15:54:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3f0d4541e91f603022f5a381ffe809d43194da0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:84:c0:c0:aa:52:8f:9c:7c:f9:c6:2b:cf:e8:
b0:c9:2f:8d:29:0c:f5:c5:17:a3:18:9b:2c:dd:32:
8d:cc:0b:c7:2c:9c:cf:22:2b:2a:c8:11:76:79:7e:
3b:79:39:12:0e:cf:49:93:6c:8f:a3:ca:ff:da:34:
cf:2e:f1:dd:d1:69:4d:c1:cf:7c:3f:a0:0b:05:98:
1a:cb:fa:7b:3c:d1:9a:90:0b:89:49:e1:0b:51:9e:
9c:59:d7:e4:0c:7e:e5:11:e6:c7:01:ae:18:0c:09:
3e:9f:e9:e6:a5:cc:46:b9:d3:09:47:f6:a8:22:88:
62:13:c5:9d:04:37:6a:13:99:81:4c:70:2a:7c:37:
67:90:ea:b1:59:03:0d:91:c7:6f:c9:da:5f:fb:ec:
ff:e0:49:c2:8a:6e:d9:7e:37:80:73:81:60:3d:d3:
2f:78:df:00:d4:9c:5b:49:35:bf:af:93:78:fb:52:
7e:83:7d:f2:5f:39:e0:0d:8d:4f:84:74:86:ff:ae:
09:e9:ed:01:dc:83:2a:ed:58:ee:a8:74:93:cb:bf:
77:c0:66:3a:e8:6a:25:63:15:30:1e:95:af:64:84:
22:de:c7:df:ee:eb:14:e4:68:22:81:be:aa:9e:a2:
fc:e7:0d:e6:8a:c3:93:8f:ec:2b:39:3b:cb:f7:e8:
f0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:F0:D4:54:1E:91:F6:03:02:2F:5A:38:1F:FE:80:9D:43:19:4D:A0
X509v3 Authority Key Identifier:
keyid:99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/0_DUVB6R9gMCL1o4H_6AnUMZTaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.224.0/21
45.81.80.0/22
45.87.56.0/22
45.132.248.0/22
45.148.108.0/22
45.156.228.0/22
46.247.224.0/19
79.132.144.0/20
80.240.160.0/20
85.112.192.0/19
86.105.88.0/21
86.107.248.0/21
89.35.208.0/21
89.43.156.0/22
185.16.48.0/22
185.176.176.0/22
185.181.152.0/22
185.183.60.0-185.183.67.255
185.183.252.0/22
185.184.4.0/22
185.198.224.0/22
185.204.252.0/22
185.209.140.0/22
185.223.148.0/22
185.243.120.0/22
194.36.192.0/22
195.123.7.0/24
195.177.108.0/22
217.26.192.0/20
IPv6:
2a0a:1c80::/29
Signature Algorithm: sha256WithRSAEncryption
5c:56:28:9a:49:be:b4:19:04:47:94:2d:64:ee:27:7a:70:c0:
9f:b5:35:4b:65:78:6a:b4:cd:26:c6:b0:0a:e3:99:93:17:eb:
ba:36:cb:3d:64:8d:de:73:4d:ee:3d:17:f4:d5:1e:2d:f1:90:
2d:df:00:5d:92:c4:4b:7e:5c:90:df:0e:9f:26:db:3a:d4:2d:
fd:bc:2c:12:d0:34:c2:b8:fa:59:21:a1:ab:07:0c:78:42:69:
a2:80:f8:6e:ba:af:1c:16:c4:94:e4:48:14:21:e9:aa:23:c9:
4c:0d:de:ef:0c:5f:32:63:3e:70:f7:04:59:e9:9b:3e:a0:e4:
9d:e4:b2:db:db:09:09:df:b9:cd:26:3a:16:6a:07:5c:79:15:
58:77:78:a2:4e:47:56:cf:e8:33:96:59:92:51:cd:98:ce:09:
f1:c5:ab:4b:ec:cb:d9:4b:e9:7e:1e:9c:18:6c:43:dc:0d:81:
b7:45:57:7e:4f:03:95:b4:cf:16:cd:08:85:75:c8:e0:02:4b:
2e:27:64:d7:81:6e:ac:65:d2:dd:3c:8e:44:77:5b:9b:21:37:
19:29:69:2c:1d:d7:7f:73:48:0a:23:d4:ca:42:65:98:13:52:
49:c1:5c:78:c1:ed:ff:a7:ba:d0:23:35:15:3f:e1:cc:08:d9:
d0:82:44:d1
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgISAY3wbPQ0f39MzOvAw+Hku4XgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NjcyMTgzMWFmYjhiMzgzMDdiNDlmNWI5ZWU2MjkyYWQx
ZTU4NTAwHhcNMjQwMjI4MTU1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2YwZDQ1NDFlOTFmNjAzMDIyZjVhMzgxZmZlODA5ZDQzMTk0ZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYTAwKpSj5x8+cYrz+iwyS+NKQz1
xRejGJss3TKNzAvHLJzPIisqyBF2eX47eTkSDs9Jk2yPo8r/2jTPLvHd0WlNwc98
P6ALBZgay/p7PNGakAuJSeELUZ6cWdfkDH7lEebHAa4YDAk+n+nmpcxGudMJR/ao
IohiE8WdBDdqE5mBTHAqfDdnkOqxWQMNkcdvydpf++z/4EnCim7ZfjeAc4FgPdMv
eN8A1JxbSTW/r5N4+1J+g33yXzngDY1PhHSG/64J6e0B3IMq7VjuqHSTy793wGY6
6GolYxUwHpWvZIQi3sff7usU5Ggigb6qnqL85w3misOTj+wrOTvL9+jwsQIDAQAB
o4ICzTCCAskwHQYDVR0OBBYEFNPw1FQekfYDAi9aOB/+gJ1DGU2gMB8GA1UdIwQY
MBaAFJlnIYMa+4s4MHtJ9bnuYpKtHlhQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzIt
YjRiZmU0NTZkZGUwLzEvMF9EVVZCNlI5Z01DTDFvNEhfNkFuVU1aVGFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzItYjRiZmU0NTZkZGUw
LzEvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHiBggrBgEFBQcBBwEB/wSB0jCBzzCBvQQCAAEwgbYDBAMl
jOADBAItUVADBAItVzgDBAIthPgDBAItlGwDBAItnOQDBAUu9+ADBARPhJADBARQ
8KADBAVVcMADBANWaVgDBANWa/gDBANZI9ADBAJZK5wDBAK5EDADBAK5sLADBAK5
tZgwDAMEArm3PAMEArm3QAMEArm3/AMEArm4BAMEArnG4AMEArnM/AMEArnRjAME
ArnflAMEArnzeAMEAsIkwAMEAMN7BwMEAsOxbAMEBNkawDANBAIAAjAHAwUDKgoc
gDANBgkqhkiG9w0BAQsFAAOCAQEAXFYomkm+tBkER5QtZO4nenDAn7U1S2V4arTN
JsawCuOZkxfrujbLPWSN3nNN7j0X9NUeLfGQLd8AXZLES35ckN8OnybbOtQt/bws
EtA0wrj6WSGhqwcMeEJpooD4brqvHBbElORIFCHpqiPJTA3e7wxfMmM+cPcEWemb
PqDkneSy29sJCd+5zSY6FmoHXHkVWHd4ok5HVs/oM5ZZklHNmM4J8cWrS+zL2Uvp
fh6cGGxD3A2Bt0VXfk8DlbTPFs0IhXXI4AJLLidk14FurGXS3TyORHdbmyE3GSlp
LB3Xf3NICiPUykJlmBNSScFceMHt/6e60CM1FT/hzAjZ0IJE0Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:27 2025 by rpki-client