Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/sPGRfAUewTgYhazZBnH2b0XDcaY.roa
File: sPGRfAUewTgYhazZBnH2b0XDcaY.roa (raw, json)
Hash identifier: desvxC21LqJ2ZG7U2D5DdMBT59hhEoZFTNdD7+3iyAI=
Subject key identifier: B0:F1:91:7C:05:1E:C1:38:18:85:AC:D9:06:71:F6:6F:45:C3:71:A6
Certificate issuer: /CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Certificate serial: 018CE8B31C7D792BB594203BDBEB8F6A5E82
Authority key identifier: 99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/sPGRfAUewTgYhazZBnH2b0XDcaY.roa
Signing time: Mon 08 Jan 2024 10:51:41 +0000
ROA not before: Mon 08 Jan 2024 10:51:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44407
IP address blocks: 37.140.224.0/21 maxlen: 21
185.204.252.0/22 maxlen: 22
79.132.144.0/20 maxlen: 20
86.105.88.0/21 maxlen: 21
185.243.120.0/22 maxlen: 22
185.16.48.0/22 maxlen: 22
80.240.160.0/20 maxlen: 20
217.26.192.0/20 maxlen: 20
89.43.156.0/22 maxlen: 24
185.176.176.0/22 maxlen: 22
85.112.192.0/19 maxlen: 19
45.132.248.0/22 maxlen: 24
185.223.148.0/22 maxlen: 22
45.87.56.0/22 maxlen: 22
185.183.60.0/22 maxlen: 22
185.183.64.0/22 maxlen: 22
185.181.152.0/22 maxlen: 22
194.36.192.0/22 maxlen: 22
45.148.108.0/22 maxlen: 22
45.156.228.0/22 maxlen: 22
46.247.224.0/19 maxlen: 19
185.183.252.0/22 maxlen: 22
195.123.7.0/24 maxlen: 24
185.198.224.0/22 maxlen: 22
86.107.248.0/21 maxlen: 21
185.209.140.0/22 maxlen: 22
185.184.4.0/22 maxlen: 22
89.35.208.0/21 maxlen: 21
45.81.80.0/22 maxlen: 22
195.177.108.0/22 maxlen: 22
2a0a:1c80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 28 Feb 2024 09:27:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e8:b3:1c:7d:79:2b:b5:94:20:3b:db:eb:8f:6a:5e:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Validity
Not Before: Jan 8 10:51:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0f1917c051ec1381885acd90671f66f45c371a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:df:bf:c5:35:31:9d:bf:d5:bc:34:a5:96:b8:
7c:15:ee:13:d6:fc:f5:30:55:db:f9:59:f4:00:8b:
52:71:df:13:c5:f2:c4:1e:75:6d:08:d0:80:3d:d9:
bc:00:0e:78:7f:30:21:5d:6d:66:9c:f8:98:b9:17:
18:86:11:8d:62:1c:78:91:87:08:28:7d:6d:30:aa:
3d:33:d0:47:be:dc:0a:58:c7:72:6e:da:34:f0:9b:
85:b9:bb:90:e7:7c:93:d6:22:ab:f2:87:27:10:91:
5b:36:17:8d:81:3d:fb:7d:cb:a2:d1:c1:29:93:09:
f4:4a:43:6e:f6:5b:6a:a0:91:e5:87:cb:11:3b:44:
8b:50:cc:c3:5d:48:cb:cf:db:d1:14:f8:1c:d7:19:
7a:05:a5:5a:1f:8a:03:9d:9f:32:61:9d:39:ca:2d:
e1:0a:04:9d:6d:05:75:8d:64:50:fe:b0:b2:aa:a7:
eb:ad:ba:03:b9:61:11:ac:b6:ba:e2:ab:11:71:b4:
ff:c8:04:d9:90:ae:a4:a6:a2:65:17:49:7e:51:27:
83:3d:b4:8e:7a:74:d9:85:e7:cd:03:35:85:af:eb:
1b:bb:7b:e4:7d:66:59:2b:a0:1b:ce:1e:5b:ce:5d:
83:ca:be:f9:eb:39:3c:0d:67:94:c1:de:b2:06:18:
59:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:F1:91:7C:05:1E:C1:38:18:85:AC:D9:06:71:F6:6F:45:C3:71:A6
X509v3 Authority Key Identifier:
keyid:99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/sPGRfAUewTgYhazZBnH2b0XDcaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.224.0/21
45.81.80.0/22
45.87.56.0/22
45.132.248.0/22
45.148.108.0/22
45.156.228.0/22
46.247.224.0/19
79.132.144.0/20
80.240.160.0/20
85.112.192.0/19
86.105.88.0/21
86.107.248.0/21
89.35.208.0/21
89.43.156.0/22
185.16.48.0/22
185.176.176.0/22
185.181.152.0/22
185.183.60.0-185.183.67.255
185.183.252.0/22
185.184.4.0/22
185.198.224.0/22
185.204.252.0/22
185.209.140.0/22
185.223.148.0/22
185.243.120.0/22
194.36.192.0/22
195.123.7.0/24
195.177.108.0/22
217.26.192.0/20
IPv6:
2a0a:1c80::/29
Signature Algorithm: sha256WithRSAEncryption
32:2b:39:fb:02:0e:06:39:e5:c9:4b:11:d9:59:51:dd:2a:21:
4d:2a:9d:24:1d:4d:d3:1b:3a:7a:73:a0:60:2f:02:26:b6:ec:
69:f9:4c:35:7f:46:5e:d7:88:aa:96:8d:4e:af:c0:0a:cf:77:
6e:11:f2:fd:7b:7f:9d:ed:e4:24:30:6a:62:f3:66:c1:4e:51:
23:78:a6:ee:17:ed:57:95:9d:f6:ff:87:64:88:c0:26:ff:8b:
48:ad:68:f0:48:57:fc:ee:c9:d5:d4:85:dc:56:d6:56:00:f0:
4a:9e:93:5c:1d:1f:a0:31:83:b8:25:ce:90:e3:e3:bf:2a:03:
8d:7e:5b:6a:e9:40:15:b6:8a:55:12:00:7e:f6:dd:5f:27:9b:
53:a3:d4:bc:6b:a7:2f:de:13:f9:b5:fb:23:36:fb:81:14:ac:
1d:c5:1a:3c:a3:51:d2:7f:e1:fe:a0:ba:99:f0:2c:e9:30:be:
ae:21:fd:0a:13:ca:ba:e2:c7:05:bd:29:bd:52:11:9b:ae:1e:
e7:42:a0:a4:eb:ae:0e:74:3c:29:bd:20:bb:d7:d3:ed:27:ce:
18:48:88:db:34:cf:06:38:26:0e:e1:5a:50:0b:38:e0:7f:1d:
33:df:73:d2:a7:80:94:c1:30:01:14:e4:6c:de:f6:b6:52:ee:
e4:2d:3a:a9
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgISAYzosxx9eSu1lCA72+uPal6CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NjcyMTgzMWFmYjhiMzgzMDdiNDlmNWI5ZWU2MjkyYWQx
ZTU4NTAwHhcNMjQwMTA4MTA1MTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGYxOTE3YzA1MWVjMTM4MTg4NWFjZDkwNjcxZjY2ZjQ1YzM3MWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyt+/xTUxnb/VvDSllrh8Fe4T1vz1
MFXb+Vn0AItScd8TxfLEHnVtCNCAPdm8AA54fzAhXW1mnPiYuRcYhhGNYhx4kYcI
KH1tMKo9M9BHvtwKWMdybto08JuFubuQ53yT1iKr8ocnEJFbNheNgT37fcui0cEp
kwn0SkNu9ltqoJHlh8sRO0SLUMzDXUjLz9vRFPgc1xl6BaVaH4oDnZ8yYZ05yi3h
CgSdbQV1jWRQ/rCyqqfrrboDuWERrLa64qsRcbT/yATZkK6kpqJlF0l+USeDPbSO
enTZhefNAzWFr+sbu3vkfWZZK6Abzh5bzl2Dyr756zk8DWeUwd6yBhhZTQIDAQAB
o4ICzTCCAskwHQYDVR0OBBYEFLDxkXwFHsE4GIWs2QZx9m9Fw3GmMB8GA1UdIwQY
MBaAFJlnIYMa+4s4MHtJ9bnuYpKtHlhQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzIt
YjRiZmU0NTZkZGUwLzEvc1BHUmZBVWV3VGdZaGF6WkJuSDJiMFhEY2FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzItYjRiZmU0NTZkZGUw
LzEvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHiBggrBgEFBQcBBwEB/wSB0jCBzzCBvQQCAAEwgbYDBAMl
jOADBAItUVADBAItVzgDBAIthPgDBAItlGwDBAItnOQDBAUu9+ADBARPhJADBARQ
8KADBAVVcMADBANWaVgDBANWa/gDBANZI9ADBAJZK5wDBAK5EDADBAK5sLADBAK5
tZgwDAMEArm3PAMEArm3QAMEArm3/AMEArm4BAMEArnG4AMEArnM/AMEArnRjAME
ArnflAMEArnzeAMEAsIkwAMEAMN7BwMEAsOxbAMEBNkawDANBAIAAjAHAwUDKgoc
gDANBgkqhkiG9w0BAQsFAAOCAQEAMis5+wIOBjnlyUsR2VlR3SohTSqdJB1N0xs6
enOgYC8CJrbsaflMNX9GXteIqpaNTq/ACs93bhHy/Xt/ne3kJDBqYvNmwU5RI3im
7hftV5Wd9v+HZIjAJv+LSK1o8EhX/O7J1dSF3FbWVgDwSp6TXB0foDGDuCXOkOPj
vyoDjX5baulAFbaKVRIAfvbdXyebU6PUvGunL94T+bX7Izb7gRSsHcUaPKNR0n/h
/qC6mfAs6TC+riH9ChPKuuLHBb0pvVIRm64e50KgpOuuDnQ8Kb0gu9fT7SfOGEiI
2zTPBjgmDuFaUAs44H8dM99z0qeAlMEwARTkbN72tlLu5C06qQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:46 2024 by rpki-client on console-ams.rpki-client.org