Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/pC30l2iI7VayZ5mPzFbk_3JY7l0.roa
File: pC30l2iI7VayZ5mPzFbk_3JY7l0.roa (raw, json)
Hash identifier: 0snVjoaOJ0NQ/qbW9hxzsqFEhTgY/zzve3ycd6zjSn8=
Subject key identifier: A4:2D:F4:97:68:88:ED:56:B2:67:99:8F:CC:56:E4:FF:72:58:EE:5D
Certificate issuer: /CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Certificate serial: 01857169CB9F558FFA72F86310C3D9349FE3
Authority key identifier: 99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/pC30l2iI7VayZ5mPzFbk_3JY7l0.roa
Signing time: Mon 02 Jan 2023 07:37:16 +0000
ROA not before: Mon 02 Jan 2023 07:37:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44407
IP address blocks: 37.140.224.0/21 maxlen: 21
185.204.252.0/22 maxlen: 22
79.132.144.0/20 maxlen: 20
86.105.88.0/21 maxlen: 21
185.243.120.0/22 maxlen: 22
185.16.48.0/22 maxlen: 22
80.240.160.0/20 maxlen: 20
89.43.152.0/21 maxlen: 21
217.26.192.0/20 maxlen: 20
185.176.176.0/22 maxlen: 22
85.112.192.0/19 maxlen: 19
185.223.148.0/22 maxlen: 22
45.87.56.0/22 maxlen: 22
185.183.60.0/22 maxlen: 22
185.183.64.0/22 maxlen: 22
185.181.152.0/22 maxlen: 22
194.36.192.0/22 maxlen: 22
45.148.108.0/22 maxlen: 22
45.156.228.0/22 maxlen: 22
46.247.224.0/19 maxlen: 19
185.183.252.0/22 maxlen: 22
195.123.7.0/24 maxlen: 24
185.198.224.0/22 maxlen: 22
86.107.248.0/21 maxlen: 21
185.209.140.0/22 maxlen: 22
185.184.4.0/22 maxlen: 22
89.35.208.0/21 maxlen: 21
45.81.80.0/22 maxlen: 22
195.177.108.0/22 maxlen: 22
2a0a:1c80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 09 Jan 2023 16:04:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:cb:9f:55:8f:fa:72:f8:63:10:c3:d9:34:9f:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Validity
Not Before: Jan 2 07:37:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a42df4976888ed56b267998fcc56e4ff7258ee5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:13:c4:5b:75:30:a2:dd:c7:92:d8:40:66:60:
0e:d2:8b:b5:8f:ff:48:fa:dd:a2:0b:cc:a8:6b:72:
a1:e2:33:09:fd:ac:19:a9:1b:e2:35:71:a7:c3:39:
11:5f:b9:49:f8:90:c6:24:96:82:3e:c0:24:62:d5:
44:88:8d:d6:88:36:a8:1e:6e:e1:be:7f:ec:9f:b6:
df:69:c0:60:ba:36:51:1e:62:c5:1f:4d:b3:83:e4:
9d:2d:bd:9c:07:51:e4:e5:54:48:15:81:cc:4d:53:
82:40:06:8c:9e:a3:78:71:0a:37:25:a1:c2:3c:78:
87:35:63:6e:d9:4c:ab:80:88:ff:e5:c6:6e:d0:8c:
39:57:90:ee:13:29:ca:1e:81:e2:a9:fd:76:36:6d:
b8:ec:22:5e:7c:a5:d0:d7:f7:b3:e7:db:70:04:10:
3c:7c:84:72:9e:47:d3:27:6a:90:0f:5e:6e:b6:08:
16:c3:ca:30:4b:bf:ed:c0:71:2e:57:1b:6d:6e:40:
07:23:5b:c2:5d:c3:a2:8a:5c:d8:f6:af:98:ba:f7:
68:13:bf:68:e8:a3:48:ad:b6:c0:8f:af:dd:e7:f8:
30:66:5f:0c:1c:96:97:d9:61:96:04:f1:38:ac:a6:
23:a5:48:f4:3c:1f:e7:50:5b:72:c3:f9:97:99:13:
7a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:2D:F4:97:68:88:ED:56:B2:67:99:8F:CC:56:E4:FF:72:58:EE:5D
X509v3 Authority Key Identifier:
keyid:99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/pC30l2iI7VayZ5mPzFbk_3JY7l0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.224.0/21
45.81.80.0/22
45.87.56.0/22
45.148.108.0/22
45.156.228.0/22
46.247.224.0/19
79.132.144.0/20
80.240.160.0/20
85.112.192.0/19
86.105.88.0/21
86.107.248.0/21
89.35.208.0/21
89.43.152.0/21
185.16.48.0/22
185.176.176.0/22
185.181.152.0/22
185.183.60.0-185.183.67.255
185.183.252.0/22
185.184.4.0/22
185.198.224.0/22
185.204.252.0/22
185.209.140.0/22
185.223.148.0/22
185.243.120.0/22
194.36.192.0/22
195.123.7.0/24
195.177.108.0/22
217.26.192.0/20
IPv6:
2a0a:1c80::/29
Signature Algorithm: sha256WithRSAEncryption
96:d3:c2:af:d5:4b:6f:67:eb:18:f4:93:2e:e7:7a:7f:75:15:
fd:7a:3f:7c:9c:2a:49:e2:09:a6:e3:3e:92:20:22:a5:48:f9:
25:b2:5f:5c:15:f6:83:c0:b4:81:5a:a6:2e:18:7d:2e:4e:a4:
e9:28:49:29:5f:ab:6e:02:a5:b4:30:15:da:5d:3d:28:52:97:
08:07:b5:a8:dd:10:2c:50:ca:e0:17:77:be:68:e1:3f:24:14:
27:ab:ec:e5:5c:f7:11:f5:ee:66:1c:4f:9f:37:51:c7:95:9c:
43:18:69:f7:02:bb:e2:bc:9d:4d:75:84:b0:2c:2e:d1:8c:7f:
0c:e0:c7:db:a5:42:e3:d0:b1:62:49:8c:89:a7:55:eb:17:a8:
7d:f6:d6:9e:57:0a:a2:65:d4:36:90:1a:7e:1d:7f:ae:67:ce:
13:c2:f7:8f:ae:b3:2e:00:3a:90:c0:a6:f2:32:64:8a:b5:0c:
48:4d:1f:1f:db:ea:eb:ec:d1:33:04:02:b7:3e:dd:43:6d:da:
03:e5:ab:e7:da:ce:de:e6:ae:8b:a5:7a:e8:74:24:01:73:cb:
40:26:21:e4:6b:b1:00:66:45:73:5d:ec:eb:eb:0c:1a:c6:bf:
c9:b1:3d:23:2b:cc:f9:2c:a9:fd:23:cc:57:eb:46:5e:ea:fb:
7c:98:1b:59
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAYVxacufVY/6cvhjEMPZNJ/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NjcyMTgzMWFmYjhiMzgzMDdiNDlmNWI5ZWU2MjkyYWQx
ZTU4NTAwHhcNMjMwMTAyMDczNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDJkZjQ5NzY4ODhlZDU2YjI2Nzk5OGZjYzU2ZTRmZjcyNThlZTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxPEW3Uwot3HkthAZmAO0ou1j/9I
+t2iC8yoa3Kh4jMJ/awZqRviNXGnwzkRX7lJ+JDGJJaCPsAkYtVEiI3WiDaoHm7h
vn/sn7bfacBgujZRHmLFH02zg+SdLb2cB1Hk5VRIFYHMTVOCQAaMnqN4cQo3JaHC
PHiHNWNu2UyrgIj/5cZu0Iw5V5DuEynKHoHiqf12Nm247CJefKXQ1/ez59twBBA8
fIRynkfTJ2qQD15utggWw8owS7/twHEuVxttbkAHI1vCXcOiilzY9q+YuvdoE79o
6KNIrbbAj6/d5/gwZl8MHJaX2WGWBPE4rKYjpUj0PB/nUFtyw/mXmRN6vwIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFKQt9JdoiO1WsmeZj8xW5P9yWO5dMB8GA1UdIwQY
MBaAFJlnIYMa+4s4MHtJ9bnuYpKtHlhQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzIt
YjRiZmU0NTZkZGUwLzEvcEMzMGwyaUk3VmF5WjVtUHpGYmtfM0pZN2wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzItYjRiZmU0NTZkZGUw
LzEvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBtwQCAAEwgbADBAMl
jOADBAItUVADBAItVzgDBAItlGwDBAItnOQDBAUu9+ADBARPhJADBARQ8KADBAVV
cMADBANWaVgDBANWa/gDBANZI9ADBANZK5gDBAK5EDADBAK5sLADBAK5tZgwDAME
Arm3PAMEArm3QAMEArm3/AMEArm4BAMEArnG4AMEArnM/AMEArnRjAMEArnflAME
ArnzeAMEAsIkwAMEAMN7BwMEAsOxbAMEBNkawDANBAIAAjAHAwUDKgocgDANBgkq
hkiG9w0BAQsFAAOCAQEAltPCr9VLb2frGPSTLud6f3UV/Xo/fJwqSeIJpuM+kiAi
pUj5JbJfXBX2g8C0gVqmLhh9Lk6k6ShJKV+rbgKltDAV2l09KFKXCAe1qN0QLFDK
4Bd3vmjhPyQUJ6vs5Vz3EfXuZhxPnzdRx5WcQxhp9wK74rydTXWEsCwu0Yx/DODH
26VC49CxYkmMiadV6xeoffbWnlcKomXUNpAafh1/rmfOE8L3j66zLgA6kMCm8jJk
irUMSE0fH9vq6+zRMwQCtz7dQ23aA+Wr59rO3uaui6V66HQkAXPLQCYh5GuxAGZF
c13s6+sMGsa/ybE9IyvM+Syp/SPMV+tGXur7fJgbWQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:46 2024 by rpki-client on console-ams.rpki-client.org