Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/p4kPbrnn-wPn1Ay_eo_rkN-Y9qw.roa
File: p4kPbrnn-wPn1Ay_eo_rkN-Y9qw.roa (raw, json)
Hash identifier: QyU6Lkd6Y2QRH6Zq0ei3c7+Jy/o9mXdoxEPVTz30Vk0=
Subject key identifier: A7:89:0F:6E:B9:E7:FB:03:E7:D4:0C:BF:7A:8F:EB:90:DF:98:F6:AC
Certificate issuer: /CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Certificate serial: 018E2CC23A6636DB6C47231869D044E58AA3
Authority key identifier: C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/p4kPbrnn-wPn1Ay_eo_rkN-Y9qw.roa
Signing time: Mon 11 Mar 2024 09:05:10 +0000
ROA not before: Mon 11 Mar 2024 09:05:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35625
IP address blocks: 37.16.78.0/24 maxlen: 24
37.235.88.0/21 maxlen: 24
45.15.204.0/22 maxlen: 24
45.138.192.0/22 maxlen: 24
46.29.120.0/21 maxlen: 24
85.208.216.0/22 maxlen: 24
91.212.236.0/24 maxlen: 24
91.229.136.0/24 maxlen: 24
94.158.180.0/22 maxlen: 24
109.197.240.0/21 maxlen: 24
185.31.148.0/22 maxlen: 24
185.39.168.0/22 maxlen: 24
185.75.140.0/22 maxlen: 24
185.117.18.0/24 maxlen: 24
185.161.44.0/22 maxlen: 24
185.167.76.0/24 maxlen: 24
185.181.4.0/22 maxlen: 24
185.218.212.0/22 maxlen: 24
185.252.156.0/22 maxlen: 24
194.126.178.0/24 maxlen: 24
195.90.116.0/22 maxlen: 24
195.190.27.0/24 maxlen: 24
2a00:ba60::/32 maxlen: 32
2a00:ba61::/32 maxlen: 32
2a00:ba62::/32 maxlen: 32
2a00:ba67::/32 maxlen: 32
2a01:6600:2e00::/40 maxlen: 40
2a02:21c8::/32 maxlen: 32
2a09:8c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 28 May 2024 16:28:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2c:c2:3a:66:36:db:6c:47:23:18:69:d0:44:e5:8a:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Validity
Not Before: Mar 11 09:05:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7890f6eb9e7fb03e7d40cbf7a8feb90df98f6ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:23:03:6a:b4:6f:7b:cc:85:57:33:7b:d0:43:
be:ed:ff:c5:70:d3:d5:a6:d1:f0:9f:3d:a4:66:d3:
27:34:a5:63:99:ff:31:6d:26:26:e7:0b:52:8a:b4:
a8:4f:25:fb:a3:db:9f:8d:3e:0f:66:e3:17:22:e0:
fd:14:b6:bb:2e:50:80:97:a8:29:9a:db:38:47:aa:
32:65:1b:bf:41:17:38:69:5e:2b:98:1a:fc:76:46:
1e:c0:80:df:a8:d5:15:4b:56:2d:42:8c:2d:f0:de:
18:1d:18:1b:59:97:9a:2e:ee:f8:6d:56:1f:bc:28:
76:4f:90:3f:a2:31:7c:b9:76:fb:ae:a2:f3:82:d7:
41:4f:99:82:6e:7c:93:88:40:d2:44:25:3c:89:2f:
76:f3:02:51:c1:f4:a0:2b:04:25:25:77:d5:9e:d5:
93:45:4a:c9:14:b6:26:12:c5:db:cc:02:61:f6:61:
3a:c9:55:8f:02:00:d7:c7:b4:a5:cf:d8:f4:6d:da:
e0:81:e2:3f:de:0a:fa:af:02:1f:99:4b:fd:1f:e7:
e4:e3:4c:d9:e7:b0:76:46:61:47:58:13:63:2f:99:
db:b7:3b:d7:86:d5:16:0c:90:de:7c:7b:ea:cf:2e:
62:3e:14:57:51:84:4a:29:f0:0a:ba:ec:6e:81:fa:
aa:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:89:0F:6E:B9:E7:FB:03:E7:D4:0C:BF:7A:8F:EB:90:DF:98:F6:AC
X509v3 Authority Key Identifier:
keyid:C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/p4kPbrnn-wPn1Ay_eo_rkN-Y9qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.78.0/24
37.235.88.0/21
45.15.204.0/22
45.138.192.0/22
46.29.120.0/21
85.208.216.0/22
91.212.236.0/24
91.229.136.0/24
94.158.180.0/22
109.197.240.0/21
185.31.148.0/22
185.39.168.0/22
185.75.140.0/22
185.117.18.0/24
185.161.44.0/22
185.167.76.0/24
185.181.4.0/22
185.218.212.0/22
185.252.156.0/22
194.126.178.0/24
195.90.116.0/22
195.190.27.0/24
IPv6:
2a00:ba60::-2a00:ba62:ffff:ffff:ffff:ffff:ffff:ffff
2a00:ba67::/32
2a01:6600:2e00::/40
2a02:21c8::/32
2a09:8c40::/29
Signature Algorithm: sha256WithRSAEncryption
a0:79:95:f4:91:0c:f7:bd:b7:d4:b1:e8:6d:6e:f1:23:7c:3d:
71:62:9a:98:d7:96:97:ab:75:6d:73:45:b3:27:f5:f7:a2:38:
6f:73:3c:f3:ae:d9:84:ea:07:6b:22:f9:a7:28:48:df:94:c7:
29:05:ad:73:e9:94:3a:1a:82:03:9b:8d:24:dd:8b:6f:f0:58:
67:69:27:11:44:70:68:30:84:50:26:ff:7d:54:38:d6:d6:4c:
54:94:5c:36:53:05:41:fb:6b:65:0a:ef:12:b0:6b:35:d8:53:
0d:64:9e:60:a9:1e:df:53:b7:14:aa:05:24:38:12:78:b9:6d:
2c:58:25:b2:e4:47:3f:5d:7f:93:52:5c:aa:02:ac:1a:7e:3c:
c1:1d:66:31:dc:4a:3c:6c:08:bd:65:0b:2a:92:db:dd:3f:5c:
4f:31:75:25:5e:eb:6b:8c:bf:a7:d5:28:4d:a2:ed:ee:a7:44:
f6:9a:e4:5e:46:62:45:9d:45:87:da:f1:5a:ae:16:4d:29:13:
e9:bb:eb:0d:45:8a:20:7b:4a:ae:40:d1:a3:a6:20:9c:40:5a:
bb:84:4c:ea:fd:f2:0e:dd:07:81:96:6a:ff:d6:b8:a9:62:8e:
72:64:62:ae:21:a3:31:cc:2d:03:9b:69:48:be:4b:03:d9:bc:
58:57:3e:73
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAY4swjpmNttsRyMYadBE5YqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YWNmNTlhYmQ0YWJiZmJmODMwYTA2MDIyNWE5NmEyMTc5
YTI2OTQwHhcNMjQwMzExMDkwNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzg5MGY2ZWI5ZTdmYjAzZTdkNDBjYmY3YThmZWI5MGRmOThmNmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyMDarRve8yFVzN70EO+7f/FcNPV
ptHwnz2kZtMnNKVjmf8xbSYm5wtSirSoTyX7o9ufjT4PZuMXIuD9FLa7LlCAl6gp
mts4R6oyZRu/QRc4aV4rmBr8dkYewIDfqNUVS1YtQowt8N4YHRgbWZeaLu74bVYf
vCh2T5A/ojF8uXb7rqLzgtdBT5mCbnyTiEDSRCU8iS928wJRwfSgKwQlJXfVntWT
RUrJFLYmEsXbzAJh9mE6yVWPAgDXx7Slz9j0bdrggeI/3gr6rwIfmUv9H+fk40zZ
57B2RmFHWBNjL5nbtzvXhtUWDJDefHvqzy5iPhRXUYRKKfAKuuxugfqqPwIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFKeJD2655/sD59QMv3qP65DfmPasMB8GA1UdIwQY
MBaAFMis9Zq9Srv7+DCgYCJalqIXmiaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvcDRrUGJybm4td1BuMUF5X2VvX3JrTi1ZOXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHWBggrBgEFBQcBBwEB/wSBxjCBwzCBiwQCAAEwgYQDBAAl
EE4DBAMl61gDBAItD8wDBAItisADBAMuHXgDBAJV0NgDBABb1OwDBABb5YgDBAJe
nrQDBANtxfADBAK5H5QDBAK5J6gDBAK5S4wDBAC5dRIDBAK5oSwDBAC5p0wDBAK5
tQQDBAK52tQDBAK5/JwDBADCfrIDBALDWnQDBADDvhswMwQCAAIwLTAOAwUFKgC6
YAMFACoAumIDBQAqALpnAwYAKgFmAC4DBQAqAiHIAwUDKgmMQDANBgkqhkiG9w0B
AQsFAAOCAQEAoHmV9JEM97231LHobW7xI3w9cWKamNeWl6t1bXNFsyf196I4b3M8
867ZhOoHayL5pyhI35THKQWtc+mUOhqCA5uNJN2Lb/BYZ2knEURwaDCEUCb/fVQ4
1tZMVJRcNlMFQftrZQrvErBrNdhTDWSeYKke31O3FKoFJDgSeLltLFglsuRHP11/
k1JcqgKsGn48wR1mMdxKPGwIvWULKpLb3T9cTzF1JV7ra4y/p9UoTaLt7qdE9prk
XkZiRZ1Fh9rxWq4WTSkT6bvrDUWKIHtKrkDRo6YgnEBau4RM6v3yDt0HgZZq/9a4
qWKOcmRiriGjMcwtA5tpSL5LA9m8WFc+cw==
-----END CERTIFICATE-----
Generated at Tue May 28 19:13:13 2024 by rpki-client on console-fra.rpki-client.org