Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/uSD4JaSLx2DqsEiUkQunXDiAIRs.roa
File: uSD4JaSLx2DqsEiUkQunXDiAIRs.roa (raw, json)
Hash identifier: CfMdxDP6diIzHsBYyjXENe53CT8Qd5I4m501gWUvQmA=
Subject key identifier: B9:20:F8:25:A4:8B:C7:60:EA:B0:48:94:91:0B:A7:5C:38:80:21:1B
Certificate issuer: /CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Certificate serial: 019092D8B6965E101D77A4D128D8F01A419E
Authority key identifier: C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/uSD4JaSLx2DqsEiUkQunXDiAIRs.roa
Signing time: Mon 08 Jul 2024 14:56:34 +0000
ROA not before: Mon 08 Jul 2024 14:56:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35625
IP address blocks: 37.16.78.0/24 maxlen: 24
37.235.88.0/21 maxlen: 24
45.15.204.0/22 maxlen: 24
45.138.192.0/22 maxlen: 24
46.29.120.0/21 maxlen: 24
85.208.216.0/22 maxlen: 24
91.212.236.0/24 maxlen: 24
91.229.136.0/24 maxlen: 24
94.158.180.0/22 maxlen: 24
109.197.240.0/21 maxlen: 24
185.31.148.0/22 maxlen: 24
185.39.168.0/22 maxlen: 24
185.71.148.0/22 maxlen: 24
185.75.140.0/22 maxlen: 24
185.117.18.0/24 maxlen: 24
185.161.44.0/22 maxlen: 24
185.167.76.0/24 maxlen: 24
185.181.4.0/22 maxlen: 24
185.218.212.0/22 maxlen: 24
185.227.0.0/22 maxlen: 24
185.246.26.0/24 maxlen: 24
185.246.96.0/22 maxlen: 24
185.252.156.0/22 maxlen: 24
194.126.178.0/24 maxlen: 24
195.90.116.0/22 maxlen: 24
195.190.27.0/24 maxlen: 24
2a00:ba60::/32 maxlen: 32
2a00:ba61::/32 maxlen: 32
2a00:ba62::/32 maxlen: 32
2a00:ba67::/32 maxlen: 32
2a01:6600:2e00::/40 maxlen: 40
2a02:21c8::/32 maxlen: 32
2a09:8c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 09 Jul 2024 13:07:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:92:d8:b6:96:5e:10:1d:77:a4:d1:28:d8:f0:1a:41:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Validity
Not Before: Jul 8 14:56:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b920f825a48bc760eab04894910ba75c3880211b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:46:82:fa:5a:27:2c:35:b1:e8:65:0b:78:db:
2c:91:92:2a:43:eb:a7:23:cd:24:6e:b8:c2:8c:21:
16:bb:87:d6:c9:2a:cb:40:9d:36:c2:99:9e:09:d9:
a4:31:2e:5f:64:d2:86:54:14:56:b2:dd:74:53:f1:
76:cf:1f:08:c9:31:57:66:04:d4:6e:0d:f6:2b:94:
7d:5d:30:d1:45:4b:eb:ae:2e:90:7b:68:cd:ba:fe:
e6:82:5e:f1:02:8b:7a:5e:fc:58:8d:09:0b:33:89:
a4:c1:9f:09:69:53:ae:71:f4:ae:74:bc:a2:23:b8:
d9:64:d8:22:9c:75:8a:7e:4e:71:6c:90:a5:6a:eb:
7c:7f:2d:d0:d6:6d:c0:7f:b7:07:b6:ed:db:60:ef:
e7:d2:57:46:44:82:9f:76:09:90:ff:03:eb:a5:5f:
12:6e:f9:b3:0b:72:ba:8a:ee:78:13:07:e6:81:63:
91:94:a7:ae:2b:ac:25:ac:82:dd:51:48:73:1e:79:
d4:34:f4:b8:9b:8b:8d:a3:64:6a:ab:4e:f0:16:62:
8a:01:2c:7e:28:a6:93:9e:fe:76:f8:75:26:f9:73:
a0:be:04:05:cd:1b:0e:5e:e0:ed:07:a9:20:41:4a:
4d:ba:4e:ce:38:61:d8:92:17:cd:84:98:15:54:08:
91:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:20:F8:25:A4:8B:C7:60:EA:B0:48:94:91:0B:A7:5C:38:80:21:1B
X509v3 Authority Key Identifier:
keyid:C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/uSD4JaSLx2DqsEiUkQunXDiAIRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.78.0/24
37.235.88.0/21
45.15.204.0/22
45.138.192.0/22
46.29.120.0/21
85.208.216.0/22
91.212.236.0/24
91.229.136.0/24
94.158.180.0/22
109.197.240.0/21
185.31.148.0/22
185.39.168.0/22
185.71.148.0/22
185.75.140.0/22
185.117.18.0/24
185.161.44.0/22
185.167.76.0/24
185.181.4.0/22
185.218.212.0/22
185.227.0.0/22
185.246.26.0/24
185.246.96.0/22
185.252.156.0/22
194.126.178.0/24
195.90.116.0/22
195.190.27.0/24
IPv6:
2a00:ba60::-2a00:ba62:ffff:ffff:ffff:ffff:ffff:ffff
2a00:ba67::/32
2a01:6600:2e00::/40
2a02:21c8::/32
2a09:8c40::/29
Signature Algorithm: sha256WithRSAEncryption
44:91:08:1d:d8:da:93:38:59:37:6c:85:78:d9:cf:5b:da:ec:
77:7f:53:bf:63:27:5a:03:8a:c4:ce:d5:c5:a7:db:11:50:ec:
91:ca:65:b9:98:80:47:ef:21:fa:55:c4:6a:d2:f1:95:45:45:
cc:0f:86:25:12:71:b1:bf:c6:80:78:2d:9b:c4:86:12:bf:2e:
1f:8d:fe:1c:33:59:14:59:7e:87:a7:6e:60:17:27:5b:65:01:
11:81:b1:31:1d:b0:e4:5d:1d:5b:87:9a:4d:f4:16:93:07:39:
fe:c1:45:33:41:5f:f3:ff:2f:2a:0d:8d:92:f0:1e:3f:69:0c:
33:f7:5e:92:52:6e:77:3e:b1:27:be:ef:47:e1:ca:31:ab:12:
bf:24:2e:13:f5:b8:3d:14:0d:70:91:46:13:97:4d:97:02:de:
69:4b:b0:e2:62:61:97:ed:f5:98:a5:cd:58:d9:86:92:80:4a:
19:d6:57:94:a7:39:12:58:7d:1c:ad:97:a9:7f:ba:e6:fc:8d:
35:c2:50:09:bf:8f:24:23:da:3a:25:5a:ef:3a:7e:f7:0c:b3:
ff:ff:42:a6:30:86:a4:00:41:06:e3:80:b2:7f:d6:ee:6f:cb:
c4:25:00:73:5a:57:56:7b:32:e2:66:cc:2f:a7:1d:fb:e3:1b:
34:27:bd:f7
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgISAZCS2LaWXhAdd6TRKNjwGkGeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YWNmNTlhYmQ0YWJiZmJmODMwYTA2MDIyNWE5NmEyMTc5
YTI2OTQwHhcNMjQwNzA4MTQ1NjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTIwZjgyNWE0OGJjNzYwZWFiMDQ4OTQ5MTBiYTc1YzM4ODAyMTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kaC+lonLDWx6GULeNsskZIqQ+un
I80kbrjCjCEWu4fWySrLQJ02wpmeCdmkMS5fZNKGVBRWst10U/F2zx8IyTFXZgTU
bg32K5R9XTDRRUvrri6Qe2jNuv7mgl7xAot6XvxYjQkLM4mkwZ8JaVOucfSudLyi
I7jZZNginHWKfk5xbJClaut8fy3Q1m3Af7cHtu3bYO/n0ldGRIKfdgmQ/wPrpV8S
bvmzC3K6iu54EwfmgWORlKeuK6wlrILdUUhzHnnUNPS4m4uNo2Rqq07wFmKKASx+
KKaTnv52+HUm+XOgvgQFzRsOXuDtB6kgQUpNuk7OOGHYkhfNhJgVVAiR3QIDAQAB
o4IC2TCCAtUwHQYDVR0OBBYEFLkg+CWki8dg6rBIlJELp1w4gCEbMB8GA1UdIwQY
MBaAFMis9Zq9Srv7+DCgYCJalqIXmiaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvdVNENEphU0x4MkRxc0VpVWtRdW5YRGlBSVJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHuBggrBgEFBQcBBwEB/wSB3jCB2zCBowQCAAEwgZwDBAAl
EE4DBAMl61gDBAItD8wDBAItisADBAMuHXgDBAJV0NgDBABb1OwDBABb5YgDBAJe
nrQDBANtxfADBAK5H5QDBAK5J6gDBAK5R5QDBAK5S4wDBAC5dRIDBAK5oSwDBAC5
p0wDBAK5tQQDBAK52tQDBAK54wADBAC59hoDBAK59mADBAK5/JwDBADCfrIDBALD
WnQDBADDvhswMwQCAAIwLTAOAwUFKgC6YAMFACoAumIDBQAqALpnAwYAKgFmAC4D
BQAqAiHIAwUDKgmMQDANBgkqhkiG9w0BAQsFAAOCAQEARJEIHdjakzhZN2yFeNnP
W9rsd39Tv2MnWgOKxM7VxafbEVDskcpluZiAR+8h+lXEatLxlUVFzA+GJRJxsb/G
gHgtm8SGEr8uH43+HDNZFFl+h6duYBcnW2UBEYGxMR2w5F0dW4eaTfQWkwc5/sFF
M0Ff8/8vKg2NkvAeP2kMM/deklJudz6xJ77vR+HKMasSvyQuE/W4PRQNcJFGE5dN
lwLeaUuw4mJhl+31mKXNWNmGkoBKGdZXlKc5Elh9HK2XqX+65vyNNcJQCb+PJCPa
OiVa7zp+9wyz//9CpjCGpABBBuOAsn/W7m/LxCUAc1pXVnsy4mbML6cd++MbNCe9
9w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:00 2025 by rpki-client