Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/L32bBMOA3tHNLfKvyBir1-1PUqQ.roa
File: L32bBMOA3tHNLfKvyBir1-1PUqQ.roa (raw, json)
Hash identifier: 9U8seVKX3l72UmF8CGC6VFSqZQ8HCmmQNlRyUvYXLeU=
Subject key identifier: 2F:7D:9B:04:C3:80:DE:D1:CD:2D:F2:AF:C8:18:AB:D7:ED:4F:52:A4
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018C6D65F04D28D3A95013A4E4A0FB73C9B4
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/L32bBMOA3tHNLfKvyBir1-1PUqQ.roa
Signing time: Fri 15 Dec 2023 12:14:06 +0000
ROA not before: Fri 15 Dec 2023 12:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20632
IP address blocks: 84.204.230.0/24 maxlen: 24
212.14.160.0/19 maxlen: 19
84.204.160.0/20 maxlen: 20
82.196.64.0/19 maxlen: 19
84.204.176.0/21 maxlen: 21
79.171.8.0/21 maxlen: 21
81.24.128.0/20 maxlen: 20
84.204.188.0/22 maxlen: 22
84.204.192.0/18 maxlen: 18
109.124.108.0/22 maxlen: 22
217.195.64.0/19 maxlen: 19
109.124.64.0/18 maxlen: 18
213.154.160.0/21 maxlen: 21
213.154.168.0/21 maxlen: 21
213.168.32.0/19 maxlen: 19
213.154.176.0/21 maxlen: 21
213.154.184.0/21 maxlen: 21
84.204.0.0/17 maxlen: 17
213.172.0.0/19 maxlen: 19
93.153.128.0/17 maxlen: 17
93.153.144.0/21 maxlen: 21
109.74.112.0/20 maxlen: 20
93.153.158.0/24 maxlen: 24
93.153.162.0/24 maxlen: 24
93.153.161.0/24 maxlen: 24
195.144.224.0/19 maxlen: 19
212.119.160.0/19 maxlen: 19
80.247.176.0/20 maxlen: 20
81.3.128.0/18 maxlen: 18
91.193.212.0/22 maxlen: 22
84.204.132.0/22 maxlen: 22
94.25.248.0/21 maxlen: 21
84.204.138.0/24 maxlen: 24
84.204.136.0/24 maxlen: 24
84.204.139.0/24 maxlen: 24
213.182.160.0/19 maxlen: 19
84.204.140.0/22 maxlen: 22
84.204.144.0/20 maxlen: 20
212.44.64.0/19 maxlen: 19
195.5.128.0/19 maxlen: 19
82.140.64.0/18 maxlen: 18
82.140.93.0/24 maxlen: 24
95.137.0.0/17 maxlen: 17
46.47.192.0/18 maxlen: 18
62.182.128.0/21 maxlen: 21
2a03:d000:9009::/48 maxlen: 48
2a03:d000:9008::/48 maxlen: 48
2a03:d000:9008::/46 maxlen: 46
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6d:65:f0:4d:28:d3:a9:50:13:a4:e4:a0:fb:73:c9:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 15 12:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f7d9b04c380ded1cd2df2afc818abd7ed4f52a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5e:d2:76:13:5b:1a:56:11:68:b4:70:c5:26:
e0:a5:e9:d3:f3:cc:99:31:d9:71:5a:66:34:b3:85:
11:17:5b:d7:94:60:c1:d3:73:f7:35:f0:b5:11:b5:
2f:be:1c:66:04:93:17:41:41:d7:76:06:32:b8:34:
64:5c:43:ff:7c:f9:d3:ca:32:58:3b:c0:04:fe:96:
c5:47:d8:62:15:c2:c2:1c:7b:2f:4f:dc:87:75:c4:
73:62:30:77:e7:78:f1:87:fa:88:fd:39:c4:e2:fe:
ff:6a:c7:ac:33:bf:bb:ee:be:11:f4:84:93:de:20:
33:73:01:24:c2:c3:8a:c4:9f:0b:c9:fd:6a:ca:6b:
be:ee:6f:22:16:97:2f:bd:1b:17:2f:c0:b1:af:33:
4a:cb:25:f1:67:45:4f:15:15:f3:89:5b:d1:73:30:
d8:eb:80:40:6d:74:5d:c2:1f:5b:de:d9:bf:9b:8b:
04:68:cb:49:a6:7b:7d:8d:60:d6:7c:d0:d0:06:d8:
3f:44:c7:73:70:22:00:69:0f:f4:b8:51:5b:28:07:
24:e1:d0:13:7f:e1:d8:86:dd:c5:2e:2b:56:4b:cd:
ce:a4:0b:4b:34:bf:2f:77:bb:d3:a8:8c:41:37:03:
e8:ce:2b:8c:51:1a:56:37:b8:15:1e:c9:70:a3:6d:
a1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:7D:9B:04:C3:80:DE:D1:CD:2D:F2:AF:C8:18:AB:D7:ED:4F:52:A4
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/L32bBMOA3tHNLfKvyBir1-1PUqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.47.192.0/18
62.182.128.0/21
79.171.8.0/21
80.247.176.0/20
81.3.128.0/18
81.24.128.0/20
82.140.64.0/18
82.196.64.0/19
84.204.0.0/17
84.204.132.0-84.204.136.255
84.204.138.0-84.204.183.255
84.204.188.0-84.204.255.255
91.193.212.0/22
93.153.128.0/17
94.25.248.0/21
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
195.5.128.0/19
195.144.224.0/19
212.14.160.0/19
212.44.64.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.172.0.0/19
213.182.160.0/19
217.195.64.0/19
IPv6:
2a03:d000:9008::/46
Signature Algorithm: sha256WithRSAEncryption
49:d2:79:dd:84:b3:70:ba:83:f2:99:36:c3:3c:12:ab:ae:51:
af:3c:b5:6e:ce:c6:96:f6:70:d1:8b:56:04:d6:0a:e6:45:c9:
dc:de:55:fa:3e:33:c4:ac:6b:16:38:48:57:84:6a:7c:82:32:
05:13:22:26:43:99:4d:5f:ec:41:24:13:a9:59:5d:dd:c9:f8:
5c:76:59:a0:42:23:a0:b7:f3:41:30:2e:82:a1:68:a9:5f:b9:
e4:b4:50:e2:a3:0a:ed:f2:86:50:14:12:c3:13:91:cf:49:39:
bd:15:ba:f8:01:9b:88:ec:24:d4:e5:da:c9:1e:78:5d:04:8e:
63:e3:4d:41:c5:6b:5b:7d:11:6e:2a:b1:0a:56:c4:dd:c5:c0:
e0:7f:92:5c:3e:de:5d:8a:f8:06:a1:46:49:11:ee:8d:c1:69:
02:8c:81:b0:84:0b:f1:ed:8b:37:91:59:28:af:b7:62:1c:48:
c2:9e:7e:27:3c:4d:a5:fc:b3:5f:ac:ec:27:c0:22:3b:df:6d:
b8:3a:2c:d0:df:89:33:89:46:0d:72:ae:54:71:23:40:25:a0:
45:d3:f5:3b:ef:59:50:dc:79:f2:7b:d0:1c:23:52:6a:71:0d:
42:65:a2:e9:17:76:c2:0d:c8:c4:10:f5:c7:5d:44:27:dd:f5:
2b:c2:7c:9a
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAYxtZfBNKNOpUBOk5KD7c8m0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMxMjE1MTIxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjdkOWIwNGMzODBkZWQxY2QyZGYyYWZjODE4YWJkN2VkNGY1MmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtV7SdhNbGlYRaLRwxSbgpenT88yZ
MdlxWmY0s4URF1vXlGDB03P3NfC1EbUvvhxmBJMXQUHXdgYyuDRkXEP/fPnTyjJY
O8AE/pbFR9hiFcLCHHsvT9yHdcRzYjB353jxh/qI/TnE4v7/asesM7+77r4R9IST
3iAzcwEkwsOKxJ8Lyf1qymu+7m8iFpcvvRsXL8CxrzNKyyXxZ0VPFRXziVvRczDY
64BAbXRdwh9b3tm/m4sEaMtJpnt9jWDWfNDQBtg/RMdzcCIAaQ/0uFFbKAck4dAT
f+HYht3FLitWS83OpAtLNL8vd7vTqIxBNwPoziuMURpWN7gVHslwo22hZQIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFC99mwTDgN7RzS3yr8gYq9ftT1KkMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvTDMyYkJNT0EzdEhOTGZLdnlCaXIxLTFQVXFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCBxgQCAAEwgb8DBAYu
L8ADBAM+toADBANPqwgDBARQ97ADBAZRA4ADBARRGIADBAZSjEADBAVSxEADBAdU
zAAwDAMEAlTMhAMEAFTMiDAMAwQBVMyKAwQDVMywMAsDBAJUzLwDAwBUzAMEAlvB
1AMEB12ZgAMEA14Z+AMEB1+JAAMEBG1KcAMEBm18QAMEBcMFgAMEBcOQ4AMEBdQO
oAMEBdQsQAMEBdR3oAMEBdWaoAMEBdWoIAMEBdWsAAMEBdW2oAMEBdnDQDAPBAIA
AjAJAwcCKgPQAJAIMA0GCSqGSIb3DQEBCwUAA4IBAQBJ0nndhLNwuoPymTbDPBKr
rlGvPLVuzsaW9nDRi1YE1grmRcnc3lX6PjPErGsWOEhXhGp8gjIFEyImQ5lNX+xB
JBOpWV3dyfhcdlmgQiOgt/NBMC6CoWipX7nktFDiowrt8oZQFBLDE5HPSTm9Fbr4
AZuI7CTU5drJHnhdBI5j401BxWtbfRFuKrEKVsTdxcDgf5JcPt5divgGoUZJEe6N
wWkCjIGwhAvx7Ys3kVkor7diHEjCnn4nPE2l/LNfrOwnwCI73224OizQ34kziUYN
cq5UcSNAJaBF0/U771lQ3Hnye9AcI1JqcQ1CZaLpF3bCDcjEEPXHXUQn3fUrwnya
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:34 2024 by rpki-client on console-ams.rpki-client.org