Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/ITbKJeYi1Iun4s2LGQsnwfVz6qw.roa
File: ITbKJeYi1Iun4s2LGQsnwfVz6qw.roa (raw, json)
Hash identifier: rD1xCIGtAzCD0awuKKS1X1UBkpo0J6FKywWu9SHMLz8=
Subject key identifier: 21:36:CA:25:E6:22:D4:8B:A7:E2:CD:8B:19:0B:27:C1:F5:73:EA:AC
Certificate issuer: /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial: 018C1F5D850F41D60C33E625ADC76D377B41
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/ITbKJeYi1Iun4s2LGQsnwfVz6qw.roa
Signing time: Thu 30 Nov 2023 08:34:31 +0000
ROA not before: Thu 30 Nov 2023 08:34:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12578
IP address blocks: 185.38.56.0/22 maxlen: 24
46.109.0.0/16 maxlen: 16
195.122.28.0/24 maxlen: 24
195.122.29.0/24 maxlen: 24
195.122.26.0/23 maxlen: 23
81.198.0.0/16 maxlen: 16
78.84.0.0/16 maxlen: 16
195.114.32.0/19 maxlen: 19
81.198.95.0/24 maxlen: 24
194.8.16.0/21 maxlen: 21
194.8.24.0/22 maxlen: 22
195.13.201.0/24 maxlen: 24
195.13.200.0/24 maxlen: 24
80.232.150.13/32 maxlen: 32
80.232.195.0/24 maxlen: 24
195.13.215.0/24 maxlen: 24
84.237.128.0/17 maxlen: 17
195.13.128.0/17 maxlen: 24
80.232.128.0/17 maxlen: 17
80.232.150.0/24 maxlen: 24
80.232.147.0/24 maxlen: 24
95.68.0.0/17 maxlen: 17
87.246.144.0/20 maxlen: 20
195.2.96.0/19 maxlen: 19
195.122.0.0/19 maxlen: 24
87.246.160.0/19 maxlen: 19
62.85.0.0/17 maxlen: 17
195.13.228.0/24 maxlen: 24
195.13.237.0/24 maxlen: 24
195.13.245.0/24 maxlen: 24
195.13.253.0/24 maxlen: 24
195.13.251.0/24 maxlen: 24
195.13.249.0/24 maxlen: 24
87.110.0.0/16 maxlen: 16
91.105.0.0/17 maxlen: 17
2a02:2330::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1f:5d:85:0f:41:d6:0c:33:e6:25:ad:c7:6d:37:7b:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Validity
Not Before: Nov 30 08:34:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2136ca25e622d48ba7e2cd8b190b27c1f573eaac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:96:d9:54:48:11:bc:e4:b9:af:2b:9f:f3:e6:
83:e5:b2:e9:3a:81:01:f9:7e:69:cf:c2:b3:34:cd:
f0:87:56:16:74:08:0f:29:4c:0b:e0:97:0e:7e:c3:
9e:50:de:9a:c9:31:f1:cf:e9:bf:c3:e8:c7:74:11:
f0:5f:da:85:ca:f1:31:82:b7:0e:47:a2:c4:2e:e1:
5e:65:57:88:26:7d:ed:31:5f:75:2a:02:8f:5f:bd:
f6:b7:59:fb:8e:bb:9d:16:62:d0:cb:e0:77:93:6b:
e0:87:11:27:56:53:07:ea:0f:d0:13:e1:26:81:e8:
66:81:9d:18:4d:3f:0b:fc:93:a4:0b:47:af:e0:74:
a9:97:3e:98:52:b3:8a:b6:1c:3d:ed:59:bc:bc:a6:
05:1f:c1:b6:f7:28:99:df:ae:e5:2b:90:04:88:16:
eb:2f:55:bb:8d:63:1d:b1:45:6c:fc:65:ae:bf:15:
17:a6:0c:57:bf:01:43:a6:69:de:d7:aa:57:2e:23:
19:25:28:47:8b:8c:b5:09:5f:75:b2:b0:89:40:be:
5b:52:ce:4c:1f:ec:4a:43:d5:8d:ff:2b:6a:6f:5a:
e3:d9:04:45:fc:77:8c:1e:6d:65:2e:9c:93:a0:5f:
02:fa:b6:1e:83:78:c9:7d:0d:88:42:03:e7:74:ce:
95:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:36:CA:25:E6:22:D4:8B:A7:E2:CD:8B:19:0B:27:C1:F5:73:EA:AC
X509v3 Authority Key Identifier:
keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/ITbKJeYi1Iun4s2LGQsnwfVz6qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.109.0.0/16
62.85.0.0/17
78.84.0.0/16
80.232.128.0/17
81.198.0.0/16
84.237.128.0/17
87.110.0.0/16
87.246.144.0-87.246.191.255
91.105.0.0/17
95.68.0.0/17
185.38.56.0/22
194.8.16.0-194.8.27.255
195.2.96.0/19
195.13.128.0/17
195.114.32.0/19
195.122.0.0/19
IPv6:
2a02:2330::/29
Signature Algorithm: sha256WithRSAEncryption
41:4c:36:48:0d:ed:a9:63:68:7f:82:38:8e:87:08:7d:a1:8b:
c9:10:43:93:fe:ef:0b:c1:75:78:db:a1:e7:84:f7:5d:5a:80:
1a:7f:13:74:02:48:46:92:80:76:3b:3c:a3:1a:16:e0:65:98:
68:fb:62:4b:e5:57:4c:6a:71:41:d1:09:1c:2f:c1:d5:ad:1c:
73:81:be:5c:94:ce:3e:09:e5:97:0f:8b:36:55:0f:53:f0:b1:
59:6c:16:37:53:ef:4b:e4:84:48:69:6a:57:38:e6:96:af:15:
ce:1b:60:6e:4b:3c:34:c0:74:e4:2f:dc:f4:d6:6f:d7:fb:a4:
6d:f0:0f:a4:9c:30:48:22:9f:08:35:48:2e:30:d7:03:2a:a2:
35:6f:f9:a2:ef:b7:63:fb:fb:62:a0:09:b0:9f:56:8b:0a:04:
75:c5:b1:23:89:fe:16:0d:9a:77:f5:e9:57:b7:94:90:2a:d6:
7d:e0:8b:bb:2d:63:0f:0b:f5:eb:c5:90:1e:d2:1f:4f:d7:83:
20:37:c3:64:ec:43:86:c8:4a:05:7f:a4:5d:b1:83:47:6c:7f:
49:ab:95:2e:28:f6:13:55:ad:c0:f4:d0:11:b2:01:04:1d:53:
09:4f:89:d4:f9:e0:39:05:42:cc:3b:fa:3e:83:03:fb:21:6a:
f9:13:b8:58
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYwfXYUPQdYMM+YlrcdtN3tBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYmUwN2NiMWZkNGYxZTNjOTIyMzAzYjY3MGE4ODFiODJl
NjE0OTEwHhcNMjMxMTMwMDgzNDMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTM2Y2EyNWU2MjJkNDhiYTdlMmNkOGIxOTBiMjdjMWY1NzNlYWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZbZVEgRvOS5ryuf8+aD5bLpOoEB
+X5pz8KzNM3wh1YWdAgPKUwL4JcOfsOeUN6ayTHxz+m/w+jHdBHwX9qFyvExgrcO
R6LELuFeZVeIJn3tMV91KgKPX732t1n7jrudFmLQy+B3k2vghxEnVlMH6g/QE+Em
gehmgZ0YTT8L/JOkC0ev4HSplz6YUrOKthw97Vm8vKYFH8G29yiZ367lK5AEiBbr
L1W7jWMdsUVs/GWuvxUXpgxXvwFDpmne16pXLiMZJShHi4y1CV91srCJQL5bUs5M
H+xKQ9WN/ytqb1rj2QRF/HeMHm1lLpyToF8C+rYeg3jJfQ2IQgPndM6VIQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFCE2yiXmItSLp+LNixkLJ8H1c+qsMB8GA1UdIwQY
MBaAFOO+B8sf1PHjySIwO2cKiBuC5hSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMt
ZDRlZTFkMzg5ZTBkLzEvSVRiS0plWWkxSXVuNHMyTEdRc253ZlZ6NnF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMtZDRlZTFkMzg5ZTBk
LzEvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzByBAIAATBsAwMALm0D
BAc+VQADAwBOVAMEB1DogAMDAFHGAwQHVO2AAwMAV24wDAMEBFf2kAMEBlf2gAME
B1tpAAMEB19EAAMEArkmODAMAwQEwggQAwQCwggYAwQFwwJgAwQHww2AAwQFw3Ig
AwQFw3oAMA0EAgACMAcDBQMqAiMwMA0GCSqGSIb3DQEBCwUAA4IBAQBBTDZIDe2p
Y2h/gjiOhwh9oYvJEEOT/u8LwXV426HnhPddWoAafxN0AkhGkoB2OzyjGhbgZZho
+2JL5VdManFB0QkcL8HVrRxzgb5clM4+CeWXD4s2VQ9T8LFZbBY3U+9L5IRIaWpX
OOaWrxXOG2BuSzw0wHTkL9z01m/X+6Rt8A+knDBIIp8INUguMNcDKqI1b/mi77dj
+/tioAmwn1aLCgR1xbEjif4WDZp39elXt5SQKtZ94Iu7LWMPC/XrxZAe0h9P14Mg
N8Nk7EOGyEoFf6RdsYNHbH9Jq5UuKPYTVa3A9NARsgEEHVMJT4nU+eA5BULMO/o+
gwP7IWr5E7hY
-----END CERTIFICATE-----
Generated at Wed Dec 27 16:05:48 2023 by rpki-client on console-ams.rpki-client.org