Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/9HAkfmi14tgbhiRPDGXDiumluIc.roa
File: 9HAkfmi14tgbhiRPDGXDiumluIc.roa (raw, json)
Hash identifier: wltqAge5CUFoUqHm4dPhAdmZuCruXzx1HhJXhXBCFQM=
Subject key identifier: F4:70:24:7E:68:B5:E2:D8:1B:86:24:4F:0C:65:C3:8A:E9:A5:B8:87
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018CC4938431F72EA41F5CEBEB5777B1FE42
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/9HAkfmi14tgbhiRPDGXDiumluIc.roa
Signing time: Mon 01 Jan 2024 10:30:51 +0000
ROA not before: Mon 01 Jan 2024 10:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13213
IP address blocks: 162.218.89.0/24 maxlen: 24
162.218.88.0/24 maxlen: 24
162.218.91.0/24 maxlen: 24
162.218.94.0/24 maxlen: 24
162.218.93.0/24 maxlen: 24
162.218.92.0/24 maxlen: 24
212.60.14.0/24 maxlen: 24
185.187.213.0/24 maxlen: 24
185.187.215.0/24 maxlen: 24
185.187.214.0/24 maxlen: 24
79.98.182.0/24 maxlen: 24
78.31.206.0/24 maxlen: 24
78.31.207.0/24 maxlen: 24
185.171.126.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
185.230.123.0/24 maxlen: 24
185.230.121.0/24 maxlen: 24
185.230.120.0/24 maxlen: 24
185.208.153.0/24 maxlen: 24
185.208.154.0/24 maxlen: 24
45.67.146.0/24 maxlen: 24
185.205.206.0/24 maxlen: 24
185.52.137.0/24 maxlen: 24
185.52.136.0/24 maxlen: 24
185.52.139.0/24 maxlen: 24
185.52.138.0/24 maxlen: 24
185.205.207.0/24 maxlen: 24
185.161.191.0/24 maxlen: 24
185.201.40.0/24 maxlen: 24
5.182.184.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Feb 2024 18:35:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:84:31:f7:2e:a4:1f:5c:eb:eb:57:77:b1:fe:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 1 10:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f470247e68b5e2d81b86244f0c65c38ae9a5b887
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:da:93:46:b1:72:ef:da:06:dc:cc:e3:57:0b:
03:e4:d3:32:fb:73:e7:d2:88:2f:3e:3a:dd:78:15:
49:45:97:5e:a3:cb:db:63:4c:3a:32:2a:95:dc:df:
eb:87:f9:8c:a3:7b:aa:63:d9:e2:89:12:27:61:c5:
26:ad:b3:91:69:ba:2b:ac:48:69:4c:28:ea:bf:af:
cd:0f:11:e4:d6:82:03:ef:51:0c:ee:20:dd:d7:b0:
47:c7:df:63:e3:23:f7:fe:e2:ee:89:ce:1d:92:d9:
fb:4a:b2:f3:6b:9b:a0:bd:e7:db:1d:de:10:5c:41:
0c:44:69:0e:55:bd:53:41:4d:bc:69:ae:3a:20:a8:
47:89:1d:e9:7f:3c:25:95:fd:6f:2c:a4:89:57:a7:
28:4c:6a:b9:18:98:f0:48:9c:24:42:7f:9b:cd:d3:
e8:0d:f7:cd:06:a1:8f:25:41:fe:43:41:2b:8c:d5:
83:e1:f4:2f:be:d2:ef:67:4c:97:17:4f:f5:6a:71:
91:0f:4b:7a:46:7f:80:7c:63:e6:a8:b9:8c:4a:79:
39:97:98:bd:79:d2:0a:7c:71:df:b9:fc:5f:59:f2:
d5:a4:8c:2c:c9:41:e9:98:5f:af:a2:df:8d:7a:5d:
d3:54:a7:97:4c:66:55:6f:be:46:a2:51:34:b5:08:
c7:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:70:24:7E:68:B5:E2:D8:1B:86:24:4F:0C:65:C3:8A:E9:A5:B8:87
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/9HAkfmi14tgbhiRPDGXDiumluIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.184.0/24
45.67.146.0/24
78.31.206.0/23
79.98.182.0/24
162.218.88.0/23
162.218.91.0-162.218.94.255
185.52.136.0/22
185.161.191.0/24
185.171.126.0/24
185.187.213.0-185.187.215.255
185.201.40.0/24
185.205.206.0/23
185.208.152.0-185.208.154.255
185.230.120.0/23
185.230.123.0/24
212.60.14.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:71:d7:92:29:fa:39:fc:39:a3:c5:49:0a:93:c7:7c:29:9f:
7d:25:cd:f3:38:c6:84:2c:a8:c9:37:6b:50:3e:ed:7b:33:41:
b7:2a:f5:7e:84:53:65:9b:c4:84:ba:24:b9:49:3f:bc:16:a3:
0a:bd:e1:23:67:77:ce:db:1e:9f:27:6f:c7:16:7a:74:17:17:
5c:5a:a9:c5:96:e5:dc:ca:fc:cd:8f:31:cf:ca:59:5c:16:f1:
23:92:e9:09:21:fa:ba:69:99:18:c5:31:e0:fc:4f:7c:51:7a:
a2:e1:58:ff:c6:7c:b2:8f:ee:67:05:48:9e:10:69:14:d4:1c:
42:6c:d7:8e:03:05:ff:29:5e:56:f6:4f:b3:58:0c:27:99:e6:
fd:87:be:0a:eb:ff:d6:18:e3:09:1b:fa:05:ca:9d:48:35:b3:
d2:dc:9e:04:28:ad:5a:7b:19:8b:8f:17:ed:fd:ba:d5:06:1f:
b3:f1:84:81:28:39:c0:de:23:15:64:d0:f4:2f:03:6b:c4:7e:
1c:09:be:2d:1d:06:3b:73:92:23:1b:14:71:16:fb:84:f5:dd:
29:33:f7:4e:fc:22:93:f8:d4:42:83:04:5a:c7:9b:54:1d:fa:
36:11:86:23:e7:53:48:51:a3:77:dd:77:ce:12:fe:41:9e:40:
50:73:69:de
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYzEk4Qx9y6kH1zr61d3sf5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwMTAxMTAzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDcwMjQ3ZTY4YjVlMmQ4MWI4NjI0NGYwYzY1YzM4YWU5YTViODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNqTRrFy79oG3MzjVwsD5NMy+3Pn
0ogvPjrdeBVJRZdeo8vbY0w6MiqV3N/rh/mMo3uqY9niiRInYcUmrbORaborrEhp
TCjqv6/NDxHk1oID71EM7iDd17BHx99j4yP3/uLuic4dktn7SrLza5ugvefbHd4Q
XEEMRGkOVb1TQU28aa46IKhHiR3pfzwllf1vLKSJV6coTGq5GJjwSJwkQn+bzdPo
DffNBqGPJUH+Q0ErjNWD4fQvvtLvZ0yXF0/1anGRD0t6Rn+AfGPmqLmMSnk5l5i9
edIKfHHfufxfWfLVpIwsyUHpmF+vot+Nel3TVKeXTGZVb75GolE0tQjHnwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFPRwJH5oteLYG4YkTwxlw4rppbiHMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvOUhBa2ZtaTE0dGdiaGlSUERHWERpdW1sdUljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQABba4
AwQALUOSAwQBTh/OAwQAT2K2AwQBotpYMAwDBACi2lsDBACi2l4DBAK5NIgDBAC5
ob8DBAC5q34wDAMEALm71QMEA7m70AMEALnJKAMEAbnNzjAMAwQDudCYAwQAudCa
AwQBueZ4AwQAueZ7AwQA1DwOMA0GCSqGSIb3DQEBCwUAA4IBAQCecdeSKfo5/Dmj
xUkKk8d8KZ99Jc3zOMaELKjJN2tQPu17M0G3KvV+hFNlm8SEuiS5ST+8FqMKveEj
Z3fO2x6fJ2/HFnp0FxdcWqnFluXcyvzNjzHPyllcFvEjkukJIfq6aZkYxTHg/E98
UXqi4Vj/xnyyj+5nBUieEGkU1BxCbNeOAwX/KV5W9k+zWAwnmeb9h74K6//WGOMJ
G/oFyp1INbPS3J4EKK1aexmLjxft/brVBh+z8YSBKDnA3iMVZND0LwNrxH4cCb4t
HQY7c5IjGxRxFvuE9d0pM/dO/CKT+NRCgwRax5tUHfo2EYYj51NIUaN33XfOEv5B
nkBQc2ne
-----END CERTIFICATE-----
Generated at Fri Feb 9 21:14:27 2024 by rpki-client on console-ams.rpki-client.org