Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/sRsVV5cnABMhuP4dq1HOTkkdiiE.roa
File: sRsVV5cnABMhuP4dq1HOTkkdiiE.roa (raw, json)
Hash identifier: +q4azsrY1QBCR30PTt6pqlYMSSAls0bYII0f7JsIRcU=
Subject key identifier: B1:1B:15:57:97:27:00:13:21:B8:FE:1D:AB:51:CE:4E:49:1D:8A:21
Certificate issuer: /CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Certificate serial: 01856C65CE61EE4BCBE4A2F4D0507B6891CC
Authority key identifier: C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/sRsVV5cnABMhuP4dq1HOTkkdiiE.roa
Signing time: Sun 01 Jan 2023 08:14:49 +0000
ROA not before: Sun 01 Jan 2023 08:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35745
IP address blocks: 37.131.160.0/20 maxlen: 20
93.175.128.0/20 maxlen: 20
93.175.129.0/24 maxlen: 24
188.125.224.0/19 maxlen: 19
46.20.58.0/24 maxlen: 24
91.206.108.0/23 maxlen: 23
128.127.80.0/21 maxlen: 21
128.127.80.0/20 maxlen: 20
91.208.50.0/24 maxlen: 24
185.15.232.0/22 maxlen: 22
46.20.48.0/20 maxlen: 20
188.125.244.0/22 maxlen: 22
188.125.242.0/23 maxlen: 23
213.109.32.0/20 maxlen: 20
213.109.40.0/24 maxlen: 24
213.109.39.0/24 maxlen: 24
2a00:10a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 04 Apr 2023 09:55:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:ce:61:ee:4b:cb:e4:a2:f4:d0:50:7b:68:91:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Validity
Not Before: Jan 1 08:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b11b15579727001321b8fe1dab51ce4e491d8a21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e9:27:24:84:7e:83:90:77:aa:00:ae:0f:07:
b2:4a:0b:0f:15:3c:06:2e:fc:cd:bc:fb:a6:7b:fe:
24:b5:26:39:ff:21:bf:68:b0:9c:70:16:f7:87:b5:
17:a6:2a:1e:e5:67:de:c6:eb:27:3d:29:2d:cb:28:
3d:2c:fc:77:cf:cd:4c:39:d8:d8:a2:1f:f4:bf:61:
3c:34:01:2d:ef:c6:e9:cb:07:00:6a:16:d7:a2:5b:
1a:c0:21:95:a8:2d:5f:b1:8c:55:de:e9:09:30:1a:
de:15:67:f5:06:63:b1:67:ee:8d:17:37:0e:32:93:
61:94:21:4e:c8:6d:01:b7:b3:4c:8c:32:f2:48:4b:
17:4f:7b:7a:0f:03:1e:e6:32:38:a6:51:ee:07:bc:
d5:c4:49:cf:70:23:dc:be:02:96:45:7f:56:84:08:
cd:57:2a:65:00:11:a5:ce:f8:03:ef:3a:40:92:61:
9c:7a:e8:58:e3:e3:73:18:d8:6a:45:e6:e3:57:ae:
3d:12:9b:6c:29:06:51:1d:d6:d5:7e:7f:7f:d0:c3:
a8:a1:68:33:af:9a:0c:77:c9:2e:01:42:53:d3:e5:
55:03:03:fe:d3:c8:8d:61:78:5b:6a:a3:36:78:73:
9b:9a:c7:a6:22:fb:19:dd:35:ad:15:4e:13:8f:ac:
ac:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:1B:15:57:97:27:00:13:21:B8:FE:1D:AB:51:CE:4E:49:1D:8A:21
X509v3 Authority Key Identifier:
keyid:C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/sRsVV5cnABMhuP4dq1HOTkkdiiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.131.160.0/20
46.20.48.0/20
91.206.108.0/23
91.208.50.0/24
93.175.128.0/20
128.127.80.0/20
185.15.232.0/22
188.125.224.0/19
213.109.32.0/20
IPv6:
2a00:10a0::/32
Signature Algorithm: sha256WithRSAEncryption
8a:25:63:51:ae:50:3a:1b:2d:f0:cf:73:10:25:1d:20:a3:82:
a6:80:65:8a:b8:6f:e5:cd:93:37:85:4d:ba:66:8a:37:80:f5:
db:93:9d:c2:54:a3:a7:1b:7f:9c:c4:5c:4c:b3:cf:93:75:2c:
8c:93:4d:83:fb:7c:67:b8:61:43:52:f2:b6:9d:56:e6:ea:4a:
74:15:c7:60:09:7b:1f:17:0a:21:d6:81:ff:af:c6:fd:73:df:
be:ff:7b:85:29:20:f2:78:59:bf:b8:2f:91:fc:5f:a1:5a:e6:
cb:5c:71:3f:10:61:1a:10:75:89:fe:c5:e5:6e:c5:b2:50:8d:
3b:2a:44:89:87:36:69:19:14:86:3e:f8:87:7d:7f:a3:2d:c4:
6a:7b:6d:b9:b9:65:4d:51:20:2c:f1:01:24:ec:c9:89:a4:8e:
67:bd:90:77:dd:b6:eb:72:36:3a:28:04:67:13:c4:61:07:bc:
e2:09:bd:53:af:48:cf:d0:59:7e:44:cb:8c:34:11:0f:38:1a:
fd:3d:4f:eb:dc:37:85:22:1f:72:05:8d:c9:7f:82:03:8e:44:
a1:43:ad:3f:ea:6e:17:6b:a8:1f:a6:c0:8d:13:3c:52:9b:f2:
80:a7:35:8b:26:54:cf:c5:01:a7:9d:f4:bc:ba:21:68:98:37:
31:d9:2d:80
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYVsZc5h7kvL5KL00FB7aJHMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MWM3MjIxZWRlM2FmNWVlOTJlMzIwNmFmMmYxOGJkMDEw
ZDVkZDkwHhcNMjMwMTAxMDgxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTFiMTU1Nzk3MjcwMDEzMjFiOGZlMWRhYjUxY2U0ZTQ5MWQ4YTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+knJIR+g5B3qgCuDweySgsPFTwG
LvzNvPume/4ktSY5/yG/aLCccBb3h7UXpioe5WfexusnPSktyyg9LPx3z81MOdjY
oh/0v2E8NAEt78bpywcAahbXolsawCGVqC1fsYxV3ukJMBreFWf1BmOxZ+6NFzcO
MpNhlCFOyG0Bt7NMjDLySEsXT3t6DwMe5jI4plHuB7zVxEnPcCPcvgKWRX9WhAjN
VyplABGlzvgD7zpAkmGceuhY4+NzGNhqRebjV649EptsKQZRHdbVfn9/0MOooWgz
r5oMd8kuAUJT0+VVAwP+08iNYXhbaqM2eHObmsemIvsZ3TWtFU4Tj6ys7QIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFLEbFVeXJwATIbj+HatRzk5JHYohMB8GA1UdIwQY
MBaAFMQcciHt469e6S4yBq8vGL0BDV3ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEt
OTkzMGYyMTk0YTBlLzEvc1JzVlY1Y25BQk1odVA0ZHExSE9Ua2tkaWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEtOTkzMGYyMTk0YTBl
LzEveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQEJYOgAwQE
LhQwAwQBW85sAwQAW9AyAwQEXa+AAwQEgH9QAwQCuQ/oAwQFvH3gAwQE1W0gMA0E
AgACMAcDBQAqABCgMA0GCSqGSIb3DQEBCwUAA4IBAQCKJWNRrlA6Gy3wz3MQJR0g
o4KmgGWKuG/lzZM3hU26Zoo3gPXbk53CVKOnG3+cxFxMs8+TdSyMk02D+3xnuGFD
UvK2nVbm6kp0FcdgCXsfFwoh1oH/r8b9c9++/3uFKSDyeFm/uC+R/F+hWubLXHE/
EGEaEHWJ/sXlbsWyUI07KkSJhzZpGRSGPviHfX+jLcRqe225uWVNUSAs8QEk7MmJ
pI5nvZB33bbrcjY6KARnE8RhB7ziCb1Tr0jP0Fl+RMuMNBEPOBr9PU/r3DeFIh9y
BY3Jf4IDjkShQ60/6m4Xa6gfpsCNEzxSm/KApzWLJlTPxQGnnfS8uiFomDcx2S2A
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:26 2024 by rpki-client on console-ams.rpki-client.org