Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/AMm1NUHP2YbSrtdmjYLXi88rF6g.roa
File: AMm1NUHP2YbSrtdmjYLXi88rF6g.roa (raw, json)
Hash identifier: I9uMhhHl88AHXVGKC935g4b3SqMHL/Oxmp6Bj9AL0lw=
Subject key identifier: 00:C9:B5:35:41:CF:D9:86:D2:AE:D7:66:8D:82:D7:8B:CF:2B:17:A8
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 018D448EE3FFDAF61E7CDAD8C70BB5AF7D77
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/AMm1NUHP2YbSrtdmjYLXi88rF6g.roa
Signing time: Fri 26 Jan 2024 06:57:11 +0000
ROA not before: Fri 26 Jan 2024 06:57:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3352
IP address blocks: 2.136.0.0/16 maxlen: 16
2.137.0.0/16 maxlen: 16
2.138.0.0/16 maxlen: 16
79.144.0.0/16 maxlen: 16
79.145.0.0/16 maxlen: 16
79.146.0.0/16 maxlen: 16
79.147.0.0/16 maxlen: 16
80.30.0.0/16 maxlen: 16
80.31.0.0/16 maxlen: 16
81.32.0.0/16 maxlen: 16
81.34.0.0/16 maxlen: 16
81.35.0.0/16 maxlen: 16
81.36.0.0/16 maxlen: 16
81.37.0.0/16 maxlen: 16
81.38.0.0/16 maxlen: 16
81.39.0.0/16 maxlen: 16
81.40.0.0/16 maxlen: 16
81.41.0.0/16 maxlen: 16
81.42.0.0/16 maxlen: 16
81.43.0.0/16 maxlen: 16
83.32.0.0/16 maxlen: 16
83.33.0.0/16 maxlen: 16
83.34.0.0/16 maxlen: 16
83.35.0.0/16 maxlen: 16
83.37.0.0/16 maxlen: 16
83.38.0.0/16 maxlen: 16
83.39.0.0/16 maxlen: 16
83.47.0.0/16 maxlen: 16
83.52.0.0/16 maxlen: 16
83.53.0.0/16 maxlen: 16
83.54.0.0/16 maxlen: 16
83.55.0.0/16 maxlen: 16
83.57.0.0/16 maxlen: 16
83.58.0.0/16 maxlen: 16
83.59.0.0/16 maxlen: 16
83.60.0.0/16 maxlen: 16
83.63.0.0/16 maxlen: 16
88.0.0.0/16 maxlen: 16
88.1.0.0/16 maxlen: 16
88.8.0.0/16 maxlen: 16
88.9.0.0/16 maxlen: 16
88.10.0.0/16 maxlen: 16
88.11.0.0/16 maxlen: 16
88.13.0.0/16 maxlen: 16
88.14.0.0/16 maxlen: 16
88.15.0.0/16 maxlen: 16
88.16.0.0/16 maxlen: 16
88.24.0.0/16 maxlen: 16
88.25.0.0/16 maxlen: 16
88.30.0.0/16 maxlen: 16
192.101.1.0/24 maxlen: 24
194.69.225.0/24 maxlen: 24
194.179.34.0/24 maxlen: 24
194.179.112.0/24 maxlen: 24
194.224.157.0/24 maxlen: 24
195.53.0.0/16 maxlen: 16
195.53.193.0/24 maxlen: 24
195.53.218.0/23 maxlen: 23
195.55.78.0/24 maxlen: 24
195.55.79.0/24 maxlen: 24
195.55.110.0/24 maxlen: 24
195.57.5.0/24 maxlen: 24
195.57.27.0/24 maxlen: 24
195.76.141.0/24 maxlen: 24
195.76.164.0/24 maxlen: 24
195.77.57.0/24 maxlen: 24
195.235.95.0/24 maxlen: 24
195.235.188.0/24 maxlen: 24
195.235.225.0/24 maxlen: 24
212.170.156.0/24 maxlen: 24
212.170.159.0/24 maxlen: 24
213.99.44.0/24 maxlen: 24
213.99.59.0/24 maxlen: 24
217.124.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jan 2024 08:58:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:44:8e:e3:ff:da:f6:1e:7c:da:d8:c7:0b:b5:af:7d:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Jan 26 06:57:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00c9b53541cfd986d2aed7668d82d78bcf2b17a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:be:40:76:65:43:6b:9a:e4:35:05:d0:3e:a9:
3b:6d:e7:59:aa:63:ab:1d:99:f1:f9:d9:0d:83:92:
58:4a:b9:0a:53:64:72:99:e5:fb:fc:85:5e:b9:5e:
eb:de:d8:15:3e:6e:d7:85:b4:7e:23:09:b4:94:a5:
7e:5c:96:d7:63:b4:4f:f7:3b:2b:6c:1c:45:ae:c8:
c7:15:46:7f:c0:62:71:18:98:36:c7:c7:ae:6e:93:
75:0f:9d:93:fb:1a:ce:c2:04:4d:3f:21:90:a8:8b:
4b:f8:62:b0:69:96:99:09:ee:e0:7e:39:10:04:a3:
48:5d:6e:9b:2f:79:df:30:18:23:72:5d:4c:a0:b4:
78:3d:b1:0d:21:45:57:c3:bc:0a:4e:95:18:a4:c1:
3e:bc:32:f8:76:33:71:b3:73:12:e3:85:e6:b4:80:
59:2c:7c:98:d7:e5:33:41:b8:76:8e:a5:11:ea:10:
9f:47:07:90:d8:93:3f:51:53:6d:82:0d:38:b4:61:
0f:07:cc:ad:75:03:ff:7e:d8:d2:0d:d9:4d:27:27:
8f:51:d5:f0:6f:43:54:54:62:04:3e:a2:79:2e:2e:
c7:98:bf:cb:db:35:c5:61:c1:f1:2b:b6:b5:ce:22:
f1:f6:4c:06:22:17:f3:5b:68:70:57:32:cd:90:1f:
a1:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:C9:B5:35:41:CF:D9:86:D2:AE:D7:66:8D:82:D7:8B:CF:2B:17:A8
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/AMm1NUHP2YbSrtdmjYLXi88rF6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.136.0.0-2.138.255.255
79.144.0.0/14
80.30.0.0/15
81.32.0.0/16
81.34.0.0-81.43.255.255
83.32.0.0/14
83.37.0.0-83.39.255.255
83.47.0.0/16
83.52.0.0/14
83.57.0.0-83.60.255.255
83.63.0.0/16
88.0.0.0/15
88.8.0.0/14
88.13.0.0-88.16.255.255
88.24.0.0/15
88.30.0.0/16
192.101.1.0/24
194.69.225.0/24
194.179.34.0/24
194.179.112.0/24
194.224.157.0/24
195.53.0.0/16
195.55.78.0/23
195.55.110.0/24
195.57.5.0/24
195.57.27.0/24
195.76.141.0/24
195.76.164.0/24
195.77.57.0/24
195.235.95.0/24
195.235.188.0/24
195.235.225.0/24
212.170.156.0/24
212.170.159.0/24
213.99.44.0/24
213.99.59.0/24
217.124.182.0/24
Signature Algorithm: sha256WithRSAEncryption
20:21:b1:79:12:e2:3b:b9:30:8c:9d:c7:67:5d:45:dc:4a:ab:
22:b4:84:e0:5e:25:12:a8:39:2d:6b:fb:8b:46:87:b6:d9:b4:
91:0c:2a:56:54:97:d9:1f:e1:d5:a9:f5:20:b0:89:1b:8f:dc:
51:d4:4f:04:05:f1:71:25:be:f4:56:f9:6b:b7:23:0b:74:24:
ed:ed:57:38:fb:be:23:75:99:87:40:87:20:b9:e3:13:eb:21:
3a:2f:af:d9:ea:df:26:56:ad:73:0f:ca:45:1e:3d:32:9c:cf:
02:60:19:3b:02:62:7e:c4:d9:25:62:65:cf:c8:a6:95:c6:e5:
07:48:0d:77:cb:5d:eb:36:b1:6e:76:0b:ad:14:0c:cc:ae:54:
06:73:e8:86:09:c5:b0:3f:2c:d2:bd:c3:8e:6d:f2:16:0d:eb:
bb:56:23:10:83:b5:3f:ec:63:10:9c:d0:09:13:3c:7d:b8:42:
9f:cd:d3:24:b4:48:88:a8:e9:fb:78:a2:e1:27:27:2a:3c:6a:
f5:47:83:a7:1a:b7:eb:9b:cb:05:aa:39:2b:de:60:5c:4d:a5:
66:50:fa:92:00:2c:76:3d:8c:1c:e3:46:43:7b:4d:b7:1c:2f:
0a:13:1b:36:82:b6:ff:2e:35:98:bb:06:84:c0:97:9d:d1:80:
f8:ba:92:17
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAY1EjuP/2vYefNrYxwu1r313MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjQwMTI2MDY1NzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGM5YjUzNTQxY2ZkOTg2ZDJhZWQ3NjY4ZDgyZDc4YmNmMmIxN2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgL5AdmVDa5rkNQXQPqk7bedZqmOr
HZnx+dkNg5JYSrkKU2RymeX7/IVeuV7r3tgVPm7XhbR+Iwm0lKV+XJbXY7RP9zsr
bBxFrsjHFUZ/wGJxGJg2x8eubpN1D52T+xrOwgRNPyGQqItL+GKwaZaZCe7gfjkQ
BKNIXW6bL3nfMBgjcl1MoLR4PbENIUVXw7wKTpUYpME+vDL4djNxs3MS44XmtIBZ
LHyY1+UzQbh2jqUR6hCfRweQ2JM/UVNtgg04tGEPB8ytdQP/ftjSDdlNJyePUdXw
b0NUVGIEPqJ5Li7HmL/L2zXFYcHxK7a1ziLx9kwGIhfzW2hwVzLNkB+hgQIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFADJtTVBz9mG0q7XZo2C14vPKxeoMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvQU1tMU5VSFAyWWJTcnRkbWpZTFhpODhyRjZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDQYIKwYBBQUHAQcBAf8Egf0wgfowgfcEAgABMIHwMAoD
AwMCiAMDAAKKAwMCT5ADAwFQHgMDAFEgMAoDAwFRIgMDAlEoAwMCUyAwCgMDAFMl
AwMDUyADAwBTLwMDAlM0MAoDAwBTOQMDAFM8AwMAUz8DAwFYAAMDAlgIMAoDAwBY
DQMDAFgQAwMBWBgDAwBYHgMEAMBlAQMEAMJF4QMEAMKzIgMEAMKzcAMEAMLgnQMD
AMM1AwQBwzdOAwQAwzduAwQAwzkFAwQAwzkbAwQAw0yNAwQAw0ykAwQAw005AwQA
w+tfAwQAw+u8AwQAw+vhAwQA1KqcAwQA1KqfAwQA1WMsAwQA1WM7AwQA2Xy2MA0G
CSqGSIb3DQEBCwUAA4IBAQAgIbF5EuI7uTCMncdnXUXcSqsitITgXiUSqDkta/uL
Roe22bSRDCpWVJfZH+HVqfUgsIkbj9xR1E8EBfFxJb70VvlrtyMLdCTt7Vc4+74j
dZmHQIcgueMT6yE6L6/Z6t8mVq1zD8pFHj0ynM8CYBk7AmJ+xNklYmXPyKaVxuUH
SA13y13rNrFudgutFAzMrlQGc+iGCcWwPyzSvcOObfIWDeu7ViMQg7U/7GMQnNAJ
Ezx9uEKfzdMktEiIqOn7eKLhJycqPGr1R4OnGrfrm8sFqjkr3mBcTaVmUPqSACx2
PYwc40ZDe023HC8KExs2grb/LjWYuwaEwJed0YD4upIX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:05 2024 by rpki-client on console-fra.rpki-client.org