Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/1VkOjAaq_aMxTaTWtnSusMGZ6bg.roa
File: 1VkOjAaq_aMxTaTWtnSusMGZ6bg.roa (raw, json)
Hash identifier: XoJPp2MJ+7HrovE+HKCX5E4g7KZPnQBDzOm4Mf+yVfI=
Subject key identifier: D5:59:0E:8C:06:AA:FD:A3:31:4D:A4:D6:B6:74:AE:B0:C1:99:E9:B8
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 018CC80167D425B3F25CD4F28027B5C5DFAC
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/1VkOjAaq_aMxTaTWtnSusMGZ6bg.roa
Signing time: Tue 02 Jan 2024 02:29:44 +0000
ROA not before: Tue 02 Jan 2024 02:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30860
IP address blocks: 45.11.58.0/24 maxlen: 24
45.11.57.0/24 maxlen: 24
45.11.56.0/24 maxlen: 24
195.66.210.0/24 maxlen: 24
45.11.59.0/24 maxlen: 24
176.119.24.0/24 maxlen: 24
176.119.25.0/24 maxlen: 24
176.119.26.0/24 maxlen: 24
176.119.26.0/23 maxlen: 23
176.119.30.0/24 maxlen: 24
176.119.31.0/24 maxlen: 24
176.119.29.0/24 maxlen: 24
176.119.27.0/24 maxlen: 24
176.119.28.0/24 maxlen: 24
95.214.233.0/24 maxlen: 24
95.214.232.0/24 maxlen: 24
95.214.234.0/23 maxlen: 23
45.134.172.0/22 maxlen: 24
152.89.63.0/24 maxlen: 24
152.89.61.0/24 maxlen: 24
152.89.62.0/24 maxlen: 24
152.89.60.0/24 maxlen: 24
91.208.115.0/24 maxlen: 24
176.97.112.0/20 maxlen: 24
45.12.3.0/24 maxlen: 24
45.12.0.0/22 maxlen: 24
45.12.1.0/24 maxlen: 24
193.23.181.0/24 maxlen: 24
31.42.187.0/24 maxlen: 24
185.66.88.0/23 maxlen: 23
185.66.90.0/24 maxlen: 24
185.66.91.0/24 maxlen: 24
194.42.204.0/22 maxlen: 24
62.182.80.0/23 maxlen: 23
62.182.85.0/24 maxlen: 24
62.182.84.0/24 maxlen: 24
62.182.82.0/23 maxlen: 23
185.254.198.0/24 maxlen: 24
185.254.199.0/24 maxlen: 24
185.254.196.0/23 maxlen: 23
62.182.87.0/24 maxlen: 24
62.182.86.0/24 maxlen: 24
31.42.186.0/24 maxlen: 24
31.42.184.0/23 maxlen: 23
2a09:2dc0::/29 maxlen: 29
2a09:2dc1::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 22 Feb 2024 11:22:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:67:d4:25:b3:f2:5c:d4:f2:80:27:b5:c5:df:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: Jan 2 02:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5590e8c06aafda3314da4d6b674aeb0c199e9b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:12:e8:1d:18:1d:75:6d:66:75:51:f3:e8:7e:
32:db:41:3c:33:5c:9d:ae:17:ad:e0:11:8a:83:bc:
16:34:e6:b6:c0:23:17:1c:51:75:19:8f:26:78:03:
99:60:ba:23:66:70:3a:73:5d:2c:70:8a:ce:86:5c:
83:e2:f6:f7:32:14:54:93:21:d9:f2:0f:7d:f6:10:
4d:29:cb:f6:70:ff:c9:05:a6:21:8d:63:c3:84:26:
aa:44:79:37:d8:a3:51:0e:6d:95:85:4b:0b:4e:07:
22:9d:94:86:76:95:e7:a1:82:7f:23:68:c6:3e:82:
d2:5a:68:91:83:9a:f3:51:6a:61:18:e3:d1:81:5e:
cc:4d:e4:91:8f:e4:44:ca:a5:eb:44:76:3b:a3:fd:
43:63:5c:08:55:3b:e4:20:37:1c:95:e9:5f:1c:8d:
28:11:0a:63:c1:72:2d:2e:ff:df:b3:f9:4f:5a:0b:
28:3b:2c:29:91:ce:85:47:40:f5:87:e2:29:ed:fa:
96:fd:1c:11:e3:ec:08:86:89:ca:3a:a9:47:d0:1a:
c0:73:d6:4a:64:79:a4:b2:86:2e:d4:e2:e8:ac:e1:
6f:ef:d1:a5:08:11:8e:54:a4:f8:90:c6:ee:64:be:
f9:93:97:78:c0:fd:ed:2b:50:e5:f3:20:7d:af:dd:
46:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:59:0E:8C:06:AA:FD:A3:31:4D:A4:D6:B6:74:AE:B0:C1:99:E9:B8
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/1VkOjAaq_aMxTaTWtnSusMGZ6bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.184.0/22
45.11.56.0/22
45.12.0.0/22
45.134.172.0/22
62.182.80.0/21
91.208.115.0/24
95.214.232.0/22
152.89.60.0/22
176.97.112.0/20
176.119.24.0/21
185.66.88.0/22
185.254.196.0/22
193.23.181.0/24
194.42.204.0/22
195.66.210.0/24
IPv6:
2a09:2dc0::/29
Signature Algorithm: sha256WithRSAEncryption
01:e6:c9:a9:78:00:61:1e:8f:c4:05:4c:f8:11:3a:f7:d8:40:
16:58:67:65:98:79:33:81:e5:41:80:dd:35:32:d6:85:be:6f:
14:e7:8a:f3:0d:4c:01:b5:e0:d6:96:f2:ac:35:d5:e3:02:01:
00:f5:ed:27:9e:f0:07:b9:4e:fa:59:3e:af:6f:7e:ce:c4:33:
7e:ea:55:51:d5:31:a1:3a:5b:38:3f:0c:ca:d3:3f:4d:ee:4c:
a5:95:a9:87:72:97:e9:a9:2d:30:d9:12:bd:ea:05:1a:71:16:
fb:96:89:dd:da:80:70:4a:6f:70:b1:e6:39:fa:db:06:f4:82:
1f:c0:7c:be:ec:54:07:0e:fc:bf:92:5b:1d:27:e1:9e:ac:a7:
cb:bd:3a:ed:7c:88:bf:8f:82:f0:e3:9f:c7:c5:f3:ae:14:98:
6d:3a:39:48:fb:ae:57:6f:78:ca:97:fa:24:3b:a5:6b:66:ff:
43:59:ec:0f:64:d0:74:6d:3e:c2:af:5d:72:20:8d:f0:27:68:
08:63:3c:26:fc:36:42:29:78:1f:10:86:e7:62:4e:8b:a7:ac:
96:ee:9e:7d:8e:b6:cb:9a:38:85:8e:26:54:2a:7c:ed:f3:77:
6d:25:8a:c5:24:29:0e:df:23:1e:e7:05:16:f5:8f:2b:1c:e9:
3b:8c:9a:1a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYzIAWfUJbPyXNTygCe1xd+sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjQwMTAyMDIyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTU5MGU4YzA2YWFmZGEzMzE0ZGE0ZDZiNjc0YWViMGMxOTllOWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhLoHRgddW1mdVHz6H4y20E8M1yd
rhet4BGKg7wWNOa2wCMXHFF1GY8meAOZYLojZnA6c10scIrOhlyD4vb3MhRUkyHZ
8g999hBNKcv2cP/JBaYhjWPDhCaqRHk32KNRDm2VhUsLTgcinZSGdpXnoYJ/I2jG
PoLSWmiRg5rzUWphGOPRgV7MTeSRj+REyqXrRHY7o/1DY1wIVTvkIDcclelfHI0o
EQpjwXItLv/fs/lPWgsoOywpkc6FR0D1h+Ip7fqW/RwR4+wIhonKOqlH0BrAc9ZK
ZHmksoYu1OLorOFv79GlCBGOVKT4kMbuZL75k5d4wP3tK1Dl8yB9r91G6QIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFNVZDowGqv2jMU2k1rZ0rrDBmem4MB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvMVZrT2pBYXFfYU14VGFUV3RuU3VzTUdaNmJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjItY2IxMWJjNWIyZjFi
LzEvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAh8quAME
Ai0LOAMEAi0MAAMEAi2GrAMEAz62UAMEAFvQcwMEAl/W6AMEAphZPAMEBLBhcAME
A7B3GAMEArlCWAMEArn+xAMEAMEXtQMEAsIqzAMEAMNC0jANBAIAAjAHAwUDKgkt
wDANBgkqhkiG9w0BAQsFAAOCAQEAAebJqXgAYR6PxAVM+BE699hAFlhnZZh5M4Hl
QYDdNTLWhb5vFOeK8w1MAbXg1pbyrDXV4wIBAPXtJ57wB7lO+lk+r29+zsQzfupV
UdUxoTpbOD8MytM/Te5MpZWph3KX6aktMNkSveoFGnEW+5aJ3dqAcEpvcLHmOfrb
BvSCH8B8vuxUBw78v5JbHSfhnqyny7067XyIv4+C8OOfx8XzrhSYbTo5SPuuV294
ypf6JDula2b/Q1nsD2TQdG0+wq9dciCN8CdoCGM8Jvw2Qil4HxCG52JOi6eslu6e
fY62y5o4hY4mVCp87fN3bSWKxSQpDt8jHucFFvWPKxzpO4yaGg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:21 2024 by rpki-client on console-fra.rpki-client.org