Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/uFcOulYi_JdTEYdDTHPmvTxNNWM.roa
File: uFcOulYi_JdTEYdDTHPmvTxNNWM.roa (raw, json)
Hash identifier: TcLWb6o1Q2Rzutnma5bBj6qG6BNiUD7CpTo7boK3O88=
Subject key identifier: B8:57:0E:BA:56:22:FC:97:53:11:87:43:4C:73:E6:BD:3C:4D:35:63
Certificate issuer: /CN=f10d39eddb008d1b89df9741960dbf2044f657fb
Certificate serial: 018E893A500CF90D59DAA2C90C28AB15FAD1
Authority key identifier: F1:0D:39:ED:DB:00:8D:1B:89:DF:97:41:96:0D:BF:20:44:F6:57:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Q057dsAjRuJ35dBlg2_IET2V_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/uFcOulYi_JdTEYdDTHPmvTxNNWM.roa
Signing time: Fri 29 Mar 2024 08:01:23 +0000
ROA not before: Fri 29 Mar 2024 08:01:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39923
IP address blocks: 91.238.219.0/24 maxlen: 24
109.68.160.0/21 maxlen: 21
109.68.160.0/24 maxlen: 24
109.68.161.0/24 maxlen: 24
109.68.162.0/24 maxlen: 24
109.68.163.0/24 maxlen: 24
109.68.164.0/24 maxlen: 24
109.68.165.0/24 maxlen: 24
109.68.166.0/24 maxlen: 24
109.68.167.0/24 maxlen: 24
185.35.164.0/22 maxlen: 22
185.35.164.0/24 maxlen: 24
185.35.165.0/24 maxlen: 24
185.35.166.0/24 maxlen: 24
185.35.167.0/24 maxlen: 24
185.58.96.0/22 maxlen: 22
185.58.96.0/24 maxlen: 24
185.58.97.0/24 maxlen: 24
185.58.98.0/24 maxlen: 24
185.58.99.0/24 maxlen: 24
185.111.204.0/22 maxlen: 22
185.111.204.0/24 maxlen: 24
185.111.205.0/24 maxlen: 24
185.111.206.0/24 maxlen: 24
185.111.207.0/24 maxlen: 24
194.145.127.0/24 maxlen: 24
194.145.152.0/24 maxlen: 24
194.145.155.0/24 maxlen: 24
194.146.23.0/24 maxlen: 24
195.189.202.0/23 maxlen: 23
195.189.202.0/24 maxlen: 24
195.189.203.0/24 maxlen: 24
2a02:2a08::/32 maxlen: 32
2a04:6480::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 16 Oct 2024 11:21:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:89:3a:50:0c:f9:0d:59:da:a2:c9:0c:28:ab:15:fa:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f10d39eddb008d1b89df9741960dbf2044f657fb
Validity
Not Before: Mar 29 08:01:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8570eba5622fc97531187434c73e6bd3c4d3563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f5:9b:01:9f:f4:16:99:60:6f:bf:45:9f:a9:
94:8b:17:37:a5:3b:e9:43:5d:e4:1c:5b:e5:ab:42:
45:78:39:3a:05:8c:8f:9c:4a:18:64:07:e2:5c:4d:
2c:40:79:33:8b:65:87:c5:96:fa:1c:1a:1c:a8:79:
0e:50:bf:1a:5c:0a:c5:a5:50:c0:2c:b3:17:a1:b1:
7b:34:3e:34:e1:56:79:de:8e:67:96:e1:8f:65:ee:
6f:b6:a4:0c:bf:dd:b7:de:88:b0:83:03:a8:c2:75:
62:cc:99:eb:c3:a0:66:b6:c4:5b:5a:52:13:f2:15:
ac:71:7b:60:2a:5a:f8:a0:58:6a:3f:97:3f:0d:c1:
89:70:44:45:89:a2:99:79:9e:1b:ca:3b:44:15:a9:
12:8c:33:ec:1f:dd:85:ab:78:e3:56:ba:4d:a2:09:
9b:03:b5:85:90:19:c3:10:e3:79:b8:62:45:f0:df:
d7:42:12:4d:52:aa:aa:6e:d6:5b:80:b0:e8:34:62:
6c:28:67:72:45:80:32:e8:0d:4a:b5:bb:15:c1:ad:
5a:ae:72:8d:52:79:ea:35:38:79:a0:1e:14:0a:32:
c9:0c:1f:c0:93:42:23:f3:92:a9:cf:c2:17:92:50:
f9:2f:d4:24:17:16:0b:ed:c7:70:64:26:d4:24:4b:
30:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:57:0E:BA:56:22:FC:97:53:11:87:43:4C:73:E6:BD:3C:4D:35:63
X509v3 Authority Key Identifier:
keyid:F1:0D:39:ED:DB:00:8D:1B:89:DF:97:41:96:0D:BF:20:44:F6:57:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Q057dsAjRuJ35dBlg2_IET2V_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/uFcOulYi_JdTEYdDTHPmvTxNNWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/8Q057dsAjRuJ35dBlg2_IET2V_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.219.0/24
109.68.160.0/21
185.35.164.0/22
185.58.96.0/22
185.111.204.0/22
194.145.127.0/24
194.145.152.0/24
194.145.155.0/24
194.146.23.0/24
195.189.202.0/23
IPv6:
2a02:2a08::/32
2a04:6480::/29
Signature Algorithm: sha256WithRSAEncryption
0e:34:c3:2e:04:17:86:13:d0:33:ae:44:22:81:bc:53:d1:71:
61:36:60:db:1c:7c:72:fe:72:47:7c:97:89:df:5c:ce:7e:d5:
b7:38:a0:98:a3:24:38:36:36:ee:e2:c7:58:a9:85:51:83:6a:
41:a1:73:08:26:28:27:74:88:81:3a:fd:26:f4:48:9f:2f:9e:
c3:67:fc:8e:2d:92:6d:07:9b:01:db:db:64:b9:9a:f2:a9:b5:
8e:fa:e6:b5:fb:54:1d:e4:74:30:38:bb:1a:9b:8b:f6:73:d4:
cf:f2:61:77:d8:67:61:ca:5a:69:cd:98:d9:a4:16:75:ff:84:
bc:f0:1f:23:47:b3:da:f4:00:b4:b6:ea:28:85:be:ff:3e:d0:
5a:60:d0:8d:80:0d:92:2d:7f:0c:b2:1d:5e:df:8b:8a:bb:a7:
f6:f8:a5:f0:63:cf:db:86:35:dd:92:23:cd:03:42:d8:21:60:
95:1a:a1:cc:c6:12:1d:0e:9f:25:d9:7a:05:f3:01:d4:51:0a:
bb:5a:ef:d4:ba:41:e9:d4:f7:de:c4:4d:e0:0f:02:59:a3:d4:
72:d0:a1:e0:b4:6b:34:bf:55:3f:c8:51:8b:35:42:ec:f1:77:
f4:e1:00:16:69:90:1d:44:5b:ac:15:dc:b5:32:36:a6:ed:4d:
fe:55:b9:74
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAY6JOlAM+Q1Z2qLJDCirFfrRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMGQzOWVkZGIwMDhkMWI4OWRmOTc0MTk2MGRiZjIwNDRm
NjU3ZmIwHhcNMjQwMzI5MDgwMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODU3MGViYTU2MjJmYzk3NTMxMTg3NDM0YzczZTZiZDNjNGQzNTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/WbAZ/0Fplgb79Fn6mUixc3pTvp
Q13kHFvlq0JFeDk6BYyPnEoYZAfiXE0sQHkzi2WHxZb6HBocqHkOUL8aXArFpVDA
LLMXobF7ND404VZ53o5nluGPZe5vtqQMv9233oiwgwOownVizJnrw6BmtsRbWlIT
8hWscXtgKlr4oFhqP5c/DcGJcERFiaKZeZ4byjtEFakSjDPsH92Fq3jjVrpNogmb
A7WFkBnDEON5uGJF8N/XQhJNUqqqbtZbgLDoNGJsKGdyRYAy6A1KtbsVwa1arnKN
UnnqNTh5oB4UCjLJDB/Ak0Ij85Kpz8IXklD5L9QkFxYL7cdwZCbUJEswdwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFLhXDrpWIvyXUxGHQ0xz5r08TTVjMB8GA1UdIwQY
MBaAFPENOe3bAI0bid+XQZYNvyBE9lf7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFEwNTdkc0FqUnVKMzVkQmxnMl9JRVQyVl9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mNzBlMWEtNzMyZS00ZTZiLWIzYjUt
ZjU2MmI4OTc0ZDhiLzEvdUZjT3VsWWlfSmRURVlkRFRIUG12VHhOTldNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9mNzBlMWEtNzMyZS00ZTZiLWIzYjUtZjU2MmI4OTc0ZDhi
LzEvOFEwNTdkc0FqUnVKMzVkQmxnMl9JRVQyVl9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQAW+7bAwQD
bUSgAwQCuSOkAwQCuTpgAwQCuW/MAwQAwpF/AwQAwpGYAwQAwpGbAwQAwpIXAwQB
w73KMBQEAgACMA4DBQAqAioIAwUDKgRkgDANBgkqhkiG9w0BAQsFAAOCAQEADjTD
LgQXhhPQM65EIoG8U9FxYTZg2xx8cv5yR3yXid9czn7VtzigmKMkODY27uLHWKmF
UYNqQaFzCCYoJ3SIgTr9JvRIny+ew2f8ji2SbQebAdvbZLma8qm1jvrmtftUHeR0
MDi7GpuL9nPUz/Jhd9hnYcpaac2Y2aQWdf+EvPAfI0ez2vQAtLbqKIW+/z7QWmDQ
jYANki1/DLIdXt+Lirun9vil8GPP24Y13ZIjzQNC2CFglRqhzMYSHQ6fJdl6BfMB
1FEKu1rv1LpB6dT33sRN4A8CWaPUctCh4LRrNL9VP8hRizVC7PF39OEAFmmQHURb
rBXctTI2pu1N/lW5dA==
-----END CERTIFICATE-----
Generated at Wed Oct 16 13:21:10 2024 by rpki-client on console-ams.rpki-client.org