Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d4b5f9-af44-41d0-b5f1-a25e07cea2c0/1/MY_q4f9nPrsD52si7fyVKkbtF5A.roa
File: MY_q4f9nPrsD52si7fyVKkbtF5A.roa (raw, json)
Hash identifier: RPTUyxdlHIyOdSmn7IhuI3Qsx1nM25tq9g7qvfoE3DQ=
Subject key identifier: 31:8F:EA:E1:FF:67:3E:BB:03:E7:6B:22:ED:FC:95:2A:46:ED:17:90
Certificate issuer: /CN=046f364658b64e2bf150d20fc838c364207975e2
Certificate serial: 0186E4569E43B1EA3E3D442CC4266233B165
Authority key identifier: 04:6F:36:46:58:B6:4E:2B:F1:50:D2:0F:C8:38:C3:64:20:79:75:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BG82Rli2TivxUNIPyDjDZCB5deI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4b5f9-af44-41d0-b5f1-a25e07cea2c0/1/MY_q4f9nPrsD52si7fyVKkbtF5A.roa
Signing time: Wed 15 Mar 2023 08:15:27 +0000
ROA not before: Wed 15 Mar 2023 08:15:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31252
IP address blocks: 87.248.160.0/19 maxlen: 32
89.28.0.0/17 maxlen: 32
89.28.21.0/24 maxlen: 32
195.93.218.0/23 maxlen: 32
188.138.128.0/17 maxlen: 32
185.70.188.0/22 maxlen: 32
185.175.80.0/22 maxlen: 32
95.65.0.0/17 maxlen: 32
185.17.224.0/22 maxlen: 32
188.244.16.0/20 maxlen: 32
91.216.97.0/24 maxlen: 24
178.168.0.0/17 maxlen: 32
178.18.32.0/20 maxlen: 32
37.233.0.0/18 maxlen: 32
2a0b:dd00::/29 maxlen: 128
2a00:9900::/29 maxlen: 128
2a01:320::/29 maxlen: 128
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e4:56:9e:43:b1:ea:3e:3d:44:2c:c4:26:62:33:b1:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=046f364658b64e2bf150d20fc838c364207975e2
Validity
Not Before: Mar 15 08:15:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=318feae1ff673ebb03e76b22edfc952a46ed1790
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f3:b4:d5:5d:f0:67:86:20:cd:3d:95:eb:6d:
42:59:f4:f2:50:08:53:36:c6:3f:4d:60:5a:c9:c4:
5c:86:cf:04:34:9b:5d:29:b7:89:da:00:0e:78:66:
a4:cc:a7:ed:e6:48:1d:fa:bf:df:59:f1:2c:c1:a5:
ca:41:c7:78:77:e7:c2:3e:46:85:99:15:1d:e0:b0:
cb:07:93:ce:34:44:bf:f3:18:b4:7d:8d:d1:32:13:
c3:d2:a3:82:4c:4b:ee:0c:b0:1c:95:ca:b9:68:90:
45:7e:49:03:d3:cf:f8:0f:8c:2c:78:ac:72:f5:18:
7b:78:c2:5f:6d:a9:e0:ac:7e:17:e1:a2:c3:fa:40:
fa:0b:3c:f8:74:7e:05:99:9b:88:8c:a2:b6:98:63:
50:86:0b:c0:26:01:01:1a:cd:48:c3:84:7b:be:39:
55:57:e6:62:bd:b6:4c:fe:c5:36:51:57:25:a0:53:
d0:ca:fc:83:66:6b:61:5b:44:47:73:d7:a3:87:29:
2b:9f:d3:40:a3:b2:c1:ec:1a:db:4d:a8:90:f4:5d:
ff:81:f1:49:e1:fa:e9:43:d5:5a:0f:8b:c5:3f:95:
29:f2:d0:8e:9c:1e:b7:d3:5c:f2:65:43:b0:a1:74:
31:89:2d:61:a7:55:a7:eb:47:cc:25:c5:d0:8a:b9:
6f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:8F:EA:E1:FF:67:3E:BB:03:E7:6B:22:ED:FC:95:2A:46:ED:17:90
X509v3 Authority Key Identifier:
keyid:04:6F:36:46:58:B6:4E:2B:F1:50:D2:0F:C8:38:C3:64:20:79:75:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BG82Rli2TivxUNIPyDjDZCB5deI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4b5f9-af44-41d0-b5f1-a25e07cea2c0/1/MY_q4f9nPrsD52si7fyVKkbtF5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4b5f9-af44-41d0-b5f1-a25e07cea2c0/1/BG82Rli2TivxUNIPyDjDZCB5deI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.233.0.0/18
87.248.160.0/19
89.28.0.0/17
91.216.97.0/24
95.65.0.0/17
178.18.32.0/20
178.168.0.0/17
185.17.224.0/22
185.70.188.0/22
185.175.80.0/22
188.138.128.0/17
188.244.16.0/20
195.93.218.0/23
IPv6:
2a00:9900::/29
2a01:320::/29
2a0b:dd00::/29
Signature Algorithm: sha256WithRSAEncryption
cb:21:8b:9c:e2:78:1d:a5:e0:d5:9b:34:d6:92:89:65:3f:05:
8d:f1:4c:21:a2:f5:b6:3f:64:d3:60:48:e7:ac:f3:50:a2:69:
06:36:10:ad:46:54:97:ab:2e:5f:fd:f2:16:5b:52:f9:cb:d0:
f6:99:54:a1:04:47:49:7e:7f:27:fc:86:5b:e2:24:1b:32:28:
c3:8f:08:08:2c:17:ab:72:00:24:b1:7a:3f:9a:aa:dc:ee:2c:
c8:81:0d:39:7f:8c:36:46:1f:3e:09:e8:0f:61:86:57:b6:68:
ff:d2:48:63:37:f9:9f:58:03:98:68:5d:32:0b:29:7a:bf:4a:
78:61:eb:25:47:54:f3:5c:91:91:47:66:28:40:47:2b:79:8d:
f3:09:5d:3d:a3:8c:50:60:84:29:87:ac:5a:e3:d3:5e:03:24:
01:3e:cd:1f:cb:21:86:cb:66:05:77:89:88:8c:88:a2:e9:ce:
cb:59:b3:b5:10:c2:37:0a:72:68:b0:19:5e:df:bf:e5:ce:7b:
5b:b3:22:53:a0:5f:d7:74:e1:8f:6c:4c:de:f0:f4:d1:8e:e7:
70:a6:c8:8e:38:99:bd:29:3a:e0:95:17:4f:be:68:f3:ee:11:
75:cc:72:5f:13:f1:22:e7:09:6a:c7:35:1f:dd:65:f3:86:6a:
8c:91:8c:22
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYbkVp5Dseo+PUQsxCZiM7FlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NmYzNjQ2NThiNjRlMmJmMTUwZDIwZmM4MzhjMzY0MjA3
OTc1ZTIwHhcNMjMwMzE1MDgxNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMThmZWFlMWZmNjczZWJiMDNlNzZiMjJlZGZjOTUyYTQ2ZWQxNzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfO01V3wZ4YgzT2V621CWfTyUAhT
NsY/TWBaycRchs8ENJtdKbeJ2gAOeGakzKft5kgd+r/fWfEswaXKQcd4d+fCPkaF
mRUd4LDLB5PONES/8xi0fY3RMhPD0qOCTEvuDLAclcq5aJBFfkkD08/4D4wseKxy
9Rh7eMJfbangrH4X4aLD+kD6Czz4dH4FmZuIjKK2mGNQhgvAJgEBGs1Iw4R7vjlV
V+ZivbZM/sU2UVcloFPQyvyDZmthW0RHc9ejhykrn9NAo7LB7BrbTaiQ9F3/gfFJ
4frpQ9VaD4vFP5Up8tCOnB6301zyZUOwoXQxiS1hp1Wn60fMJcXQirlveQIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFDGP6uH/Zz67A+drIu38lSpG7ReQMB8GA1UdIwQY
MBaAFARvNkZYtk4r8VDSD8g4w2QgeXXiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkc4MlJsaTJUaXZ4VU5JUHlEakRaQ0I1ZGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kNGI1ZjktYWY0NC00MWQwLWI1ZjEt
YTI1ZTA3Y2VhMmMwLzEvTVlfcTRmOW5QcnNENTJzaTdmeVZLa2J0RjVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kNGI1ZjktYWY0NC00MWQwLWI1ZjEtYTI1ZTA3Y2VhMmMw
LzEvQkc4MlJsaTJUaXZ4VU5JUHlEakRaQ0I1ZGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwVAQCAAEwTgMEBiXpAAME
BVf4oAMEB1kcAAMEAFvYYQMEB19BAAMEBLISIAMEB7KoAAMEArkR4AMEArlGvAME
ArmvUAMEB7yKgAMEBLz0EAMEAcNd2jAbBAIAAjAVAwUDKgCZAAMFAyoBAyADBQMq
C90AMA0GCSqGSIb3DQEBCwUAA4IBAQDLIYuc4ngdpeDVmzTWkollPwWN8UwhovW2
P2TTYEjnrPNQomkGNhCtRlSXqy5f/fIWW1L5y9D2mVShBEdJfn8n/IZb4iQbMijD
jwgILBercgAksXo/mqrc7izIgQ05f4w2Rh8+CegPYYZXtmj/0khjN/mfWAOYaF0y
Cyl6v0p4YeslR1TzXJGRR2YoQEcreY3zCV09o4xQYIQph6xa49NeAyQBPs0fyyGG
y2YFd4mIjIii6c7LWbO1EMI3CnJosBle37/lzntbsyJToF/XdOGPbEze8PTRjudw
psiOOJm9KTrglRdPvmjz7hF1zHJfE/Ei5wlqxzUf3WXzhmqMkYwi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:38 2024 by rpki-client on console-fra.rpki-client.org