Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3-7y79dytvlnlEms2wc6lmfXwbw.roa
File: 3-7y79dytvlnlEms2wc6lmfXwbw.roa (raw, json)
Hash identifier: TKRqQHIT7OoYGruBB5nu6Xz8kN1zcRt3A/T1OAoA9tA=
Subject key identifier: DF:EE:F2:EF:D7:72:B6:F9:67:94:49:AC:DB:07:3A:96:67:D7:C1:BC
Certificate issuer: /CN=dc4e453affe895b6452b84027437c5c00fd37067
Certificate serial: 018921A2E33FDA6ED8B1D25E6BBF21AC392B
Authority key identifier: DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3-7y79dytvlnlEms2wc6lmfXwbw.roa
Signing time: Tue 04 Jul 2023 16:01:10 +0000
ROA not before: Tue 04 Jul 2023 16:01:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31122
IP address blocks: 78.137.128.0/18 maxlen: 18
93.92.8.0/21 maxlen: 21
92.51.192.0/18 maxlen: 18
84.203.0.0/16 maxlen: 16
185.53.32.0/24 maxlen: 24
185.53.35.0/24 maxlen: 24
83.147.128.0/18 maxlen: 18
212.126.32.0/19 maxlen: 19
46.183.104.0/23 maxlen: 23
212.126.60.0/22 maxlen: 22
185.233.176.0/22 maxlen: 22
94.247.48.0/21 maxlen: 21
92.51.208.0/20 maxlen: 20
185.182.72.0/22 maxlen: 22
185.242.236.0/23 maxlen: 23
89.234.64.0/18 maxlen: 18
176.52.216.0/22 maxlen: 22
176.52.220.0/23 maxlen: 23
80.93.16.0/20 maxlen: 20
185.205.228.0/22 maxlen: 22
217.78.0.0/20 maxlen: 20
37.46.16.0/21 maxlen: 21
2001:1bb8::/32 maxlen: 32
2a00:15b8:400::/40 maxlen: 40
2a00:15b8::/32 maxlen: 32
2a02:220::/32 maxlen: 32
2a01:258::/32 maxlen: 32
2a01:8aa0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 10 Jul 2023 13:55:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:21:a2:e3:3f:da:6e:d8:b1:d2:5e:6b:bf:21:ac:39:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc4e453affe895b6452b84027437c5c00fd37067
Validity
Not Before: Jul 4 16:01:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfeef2efd772b6f9679449acdb073a9667d7c1bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:1b:27:61:7e:60:9d:51:9c:14:ab:87:64:60:
01:63:9d:98:9f:9f:61:90:58:76:aa:ca:bb:b1:59:
1b:f8:87:83:f2:d8:a2:40:f2:41:b6:3c:06:bd:90:
a3:b6:3b:67:07:bb:9d:35:72:9e:38:e8:f3:23:39:
b0:a7:1d:6f:06:37:f0:cf:cc:9d:21:45:28:a6:8f:
b7:b4:50:4c:70:f1:dd:4b:eb:f6:cf:e4:a9:8d:31:
1a:9d:3c:3e:1f:9c:5b:5c:8c:06:77:26:e4:e6:59:
3c:c0:d7:e6:fa:f1:33:f4:db:c1:a4:ae:60:34:38:
e2:24:29:23:ca:30:c2:0e:c6:a9:c8:a1:e8:68:c8:
e1:f7:da:33:23:90:67:40:fb:6d:42:ea:f5:a6:26:
4f:d8:2b:ff:0f:3e:25:64:1f:0b:56:57:4b:a8:02:
88:d0:ea:78:24:36:81:15:71:5d:5a:73:5f:8f:be:
b5:cb:e5:9b:23:5d:48:25:fd:ae:50:e7:9a:c7:b4:
23:2b:90:28:fb:02:a4:49:6d:43:74:99:d3:04:eb:
4f:c9:85:93:d4:b3:6a:38:9b:cb:66:b1:92:f9:5a:
32:7b:91:d2:be:15:d2:87:bb:8f:4d:4d:e6:27:f2:
ae:14:8c:f5:5d:28:2a:89:0b:98:a6:7d:3e:84:d0:
95:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:EE:F2:EF:D7:72:B6:F9:67:94:49:AC:DB:07:3A:96:67:D7:C1:BC
X509v3 Authority Key Identifier:
keyid:DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3-7y79dytvlnlEms2wc6lmfXwbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.16.0/21
46.183.104.0/23
78.137.128.0/18
80.93.16.0/20
83.147.128.0/18
84.203.0.0/16
89.234.64.0/18
92.51.192.0/18
93.92.8.0/21
94.247.48.0/21
176.52.216.0-176.52.221.255
185.53.32.0/24
185.53.35.0/24
185.182.72.0/22
185.205.228.0/22
185.233.176.0/22
185.242.236.0/23
212.126.32.0/19
217.78.0.0/20
IPv6:
2001:1bb8::/32
2a00:15b8::/32
2a01:258::/32
2a01:8aa0::/32
2a02:220::/32
Signature Algorithm: sha256WithRSAEncryption
06:ad:a6:89:a5:25:c8:5d:36:db:7e:3b:4c:da:bc:19:b4:d4:
be:a0:4f:2a:3a:9c:3c:76:ee:9c:e6:7c:df:54:2a:32:89:56:
34:68:b8:02:f2:06:0e:98:bd:f2:f1:05:ce:bb:69:9b:fa:a4:
ea:3a:2e:62:1c:7f:46:30:68:17:e1:56:3d:c3:12:28:3e:6e:
b9:5e:f3:9c:ed:65:bf:96:b1:fe:f5:50:38:6a:63:54:2c:74:
88:02:cc:b5:08:4b:40:9e:89:7c:2f:af:44:d1:62:77:78:ce:
ea:c0:25:63:8d:1a:94:27:1c:69:3e:f8:28:24:15:c5:f1:f5:
13:87:86:86:43:1d:75:6a:85:18:51:61:ff:cb:ad:9c:b0:51:
2d:87:4d:7c:90:d4:02:dc:d0:95:23:69:4f:7c:77:9f:d8:c3:
a1:6a:59:2e:8f:00:fe:3a:06:ac:98:8e:6e:8d:67:54:05:57:
da:87:20:3c:50:19:ed:a6:00:3c:af:04:c0:1f:4f:e4:87:5f:
2c:bd:bf:b4:e8:bf:ee:ed:ea:a7:f5:e9:af:2d:6c:aa:50:f0:
65:c1:10:6e:d6:2f:95:66:fb:3d:0a:d4:7b:ca:51:02:36:bf:
3b:a3:f8:b0:8e:b1:dc:dc:77:23:e1:31:b2:c4:7d:a4:2c:58:
01:a2:d7:74
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAYkhouM/2m7YsdJea78hrDkrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGU0NTNhZmZlODk1YjY0NTJiODQwMjc0MzdjNWMwMGZk
MzcwNjcwHhcNMjMwNzA0MTYwMTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmVlZjJlZmQ3NzJiNmY5Njc5NDQ5YWNkYjA3M2E5NjY3ZDdjMWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxsnYX5gnVGcFKuHZGABY52Yn59h
kFh2qsq7sVkb+IeD8tiiQPJBtjwGvZCjtjtnB7udNXKeOOjzIzmwpx1vBjfwz8yd
IUUopo+3tFBMcPHdS+v2z+SpjTEanTw+H5xbXIwGdybk5lk8wNfm+vEz9NvBpK5g
NDjiJCkjyjDCDsapyKHoaMjh99ozI5BnQPttQur1piZP2Cv/Dz4lZB8LVldLqAKI
0Op4JDaBFXFdWnNfj761y+WbI11IJf2uUOeax7QjK5Ao+wKkSW1DdJnTBOtPyYWT
1LNqOJvLZrGS+Voye5HSvhXSh7uPTU3mJ/KuFIz1XSgqiQuYpn0+hNCVdwIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFN/u8u/Xcrb5Z5RJrNsHOpZn18G8MB8GA1UdIwQY
MBaAFNxORTr/6JW2RSuEAnQ3xcAP03BnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEt
MTgyMjg2N2UxNTk2LzEvMy03eTc5ZHl0dmxubEVtczJ3YzZsbWZYd2J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEtMTgyMjg2N2UxNTk2
LzEvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDB/BAIAATB5AwQDJS4Q
AwQBLrdoAwQGTomAAwQEUF0QAwQGU5OAAwMAVMsDBAZZ6kADBAZcM8ADBANdXAgD
BANe9zAwDAMEA7A02AMEAbA03AMEALk1IAMEALk1IwMEArm2SAMEArnN5AMEArnp
sAMEAbny7AMEBdR+IAMEBNlOADApBAIAAjAjAwUAIAEbuAMFACoAFbgDBQAqAQJY
AwUAKgGKoAMFACoCAiAwDQYJKoZIhvcNAQELBQADggEBAAatpomlJchdNtt+O0za
vBm01L6gTyo6nDx27pzmfN9UKjKJVjRouALyBg6YvfLxBc67aZv6pOo6LmIcf0Yw
aBfhVj3DEig+brle85ztZb+Wsf71UDhqY1QsdIgCzLUIS0CeiXwvr0TRYnd4zurA
JWONGpQnHGk++CgkFcXx9ROHhoZDHXVqhRhRYf/LrZywUS2HTXyQ1ALc0JUjaU98
d5/Yw6FqWS6PAP46BqyYjm6NZ1QFV9qHIDxQGe2mADyvBMAfT+SHXyy9v7Tov+7t
6qf16a8tbKpQ8GXBEG7WL5Vm+z0K1HvKUQI2vzuj+LCOsdzcdyPhMbLEfaQsWAGi
13Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:46 2024 by rpki-client on console-fra.rpki-client.org