Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/v_883ctzmsovHGarQd76eGxO6LU.roa
File: v_883ctzmsovHGarQd76eGxO6LU.roa (raw, json)
Hash identifier: Bfk4m2y9W+kWenGUZLGLyclnyxw7KA1AnaxyGDNs/WI=
Subject key identifier: BF:FF:3C:DD:CB:73:9A:CA:2F:1C:66:AB:41:DE:FA:78:6C:4E:E8:B5
Certificate issuer: /CN=db239685409f64ba1c3a54a8ef141c924e71d892
Certificate serial: 018CC7954400CD56C356377A011A55F0D9EE
Authority key identifier: DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/v_883ctzmsovHGarQd76eGxO6LU.roa
Signing time: Tue 02 Jan 2024 00:31:37 +0000
ROA not before: Tue 02 Jan 2024 00:31:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8426
IP address blocks: 185.7.36.0/22 maxlen: 22
62.240.224.0/19 maxlen: 19
194.146.172.0/22 maxlen: 22
31.3.136.0/21 maxlen: 21
94.198.144.0/21 maxlen: 21
89.185.32.0/19 maxlen: 19
212.43.192.0/18 maxlen: 18
46.18.128.0/21 maxlen: 21
185.88.104.0/22 maxlen: 22
185.93.36.0/22 maxlen: 22
185.29.40.0/22 maxlen: 22
79.99.32.0/21 maxlen: 21
2a02:2328::/32 maxlen: 32
2a03:7300::/32 maxlen: 32
2a01:4580::/29 maxlen: 29
2001:a70::/32 maxlen: 32
2a02:1f8::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 28 Mar 2024 10:28:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:44:00:cd:56:c3:56:37:7a:01:1a:55:f0:d9:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db239685409f64ba1c3a54a8ef141c924e71d892
Validity
Not Before: Jan 2 00:31:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bfff3cddcb739aca2f1c66ab41defa786c4ee8b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:70:a4:cd:ec:f1:5a:7b:c5:c7:b0:de:70:fb:
d8:5a:58:8e:51:90:b1:e8:02:2b:73:e5:33:ac:a1:
e8:9c:1d:47:26:35:8d:41:cd:27:0e:ac:ad:bf:14:
7a:6b:14:4c:ff:cc:d6:f8:c9:15:28:91:90:1a:4f:
28:38:62:72:eb:44:ba:e5:31:c6:1d:3b:09:7a:c7:
90:96:54:ec:f2:eb:73:76:67:8e:79:c0:6b:03:52:
3d:1b:5e:65:ab:50:f0:ac:ed:9d:84:c4:26:84:50:
7b:95:77:f5:59:3d:44:5e:29:31:81:d7:f2:22:f3:
17:12:04:11:dd:11:ce:54:56:38:fe:0f:6b:83:d9:
e8:87:02:03:d7:0a:41:e6:7e:b8:70:0b:ea:88:0e:
2a:b3:15:62:bb:11:c2:92:32:00:92:09:9c:45:50:
a5:0c:fa:ae:9a:e5:96:64:34:1c:f7:dd:16:be:58:
f1:71:35:5e:d2:7b:6e:99:00:1f:4f:2f:cf:1a:ca:
ff:8e:08:f5:23:d0:58:1b:f3:84:e1:3c:a2:f9:6f:
b9:be:c9:e7:6c:cd:c8:29:8b:81:9f:95:63:28:59:
78:fe:b7:53:ac:6b:f7:c8:d7:80:18:9b:83:5f:07:
a1:c9:dd:dc:60:e5:36:e3:f1:8b:93:1a:3d:2c:f4:
fb:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:FF:3C:DD:CB:73:9A:CA:2F:1C:66:AB:41:DE:FA:78:6C:4E:E8:B5
X509v3 Authority Key Identifier:
keyid:DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/v_883ctzmsovHGarQd76eGxO6LU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/2yOWhUCfZLocOlSo7xQckk5x2JI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.136.0/21
46.18.128.0/21
62.240.224.0/19
79.99.32.0/21
89.185.32.0/19
94.198.144.0/21
185.7.36.0/22
185.29.40.0/22
185.88.104.0/22
185.93.36.0/22
194.146.172.0/22
212.43.192.0/18
IPv6:
2001:a70::/32
2a01:4580::/29
2a02:1f8::/32
2a02:2328::/32
2a03:7300::/32
Signature Algorithm: sha256WithRSAEncryption
71:66:26:14:ac:a1:fc:c5:0c:ba:9f:f3:cd:74:2e:de:3a:eb:
d6:f9:a2:4b:7c:b8:22:18:0b:71:80:5a:eb:10:00:21:ab:5d:
49:41:35:c1:db:97:83:ec:ec:70:1c:57:31:bd:3a:11:af:c0:
36:8e:8d:62:c2:b9:d7:f1:7b:96:4e:86:bd:38:10:93:18:4d:
ac:83:c6:21:37:73:32:d3:7d:16:85:df:e4:3d:c0:1d:f7:33:
0e:ef:51:79:9e:f5:83:5d:fe:d9:95:53:cb:e8:20:74:4e:48:
2c:b0:50:35:e0:e6:2b:c7:db:c3:75:ce:0f:e7:c5:cc:08:d6:
48:d1:e0:49:f5:7d:4a:1b:95:f5:eb:51:ab:1a:b6:2d:28:66:
19:ee:76:f7:c9:03:f6:c7:1e:7e:66:8e:8f:7d:58:6e:c1:0d:
ca:44:1f:1f:85:89:5f:3e:97:53:86:52:97:5a:87:7c:4e:93:
56:d0:85:43:f4:ab:10:16:37:d6:e6:0b:b5:e0:bb:f3:be:97:
64:e4:af:cc:38:ad:24:4a:c7:39:b1:3a:d2:15:5a:66:62:cb:
f0:2e:52:4e:2e:b7:14:d5:01:1f:f5:dc:70:1e:1e:aa:18:7a:
ee:57:07:91:9d:bd:0f:95:e5:16:00:db:76:44:29:1f:8a:e8:
c1:52:5c:ec
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgISAYzHlUQAzVbDVjd6ARpV8NnuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjM5Njg1NDA5ZjY0YmExYzNhNTRhOGVmMTQxYzkyNGU3
MWQ4OTIwHhcNMjQwMTAyMDAzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmZmM2NkZGNiNzM5YWNhMmYxYzY2YWI0MWRlZmE3ODZjNGVlOGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHCkzezxWnvFx7DecPvYWliOUZCx
6AIrc+UzrKHonB1HJjWNQc0nDqytvxR6axRM/8zW+MkVKJGQGk8oOGJy60S65THG
HTsJeseQllTs8utzdmeOecBrA1I9G15lq1DwrO2dhMQmhFB7lXf1WT1EXikxgdfy
IvMXEgQR3RHOVFY4/g9rg9nohwID1wpB5n64cAvqiA4qsxViuxHCkjIAkgmcRVCl
DPqumuWWZDQc990WvljxcTVe0ntumQAfTy/PGsr/jgj1I9BYG/OE4Tyi+W+5vsnn
bM3IKYuBn5VjKFl4/rdTrGv3yNeAGJuDXwehyd3cYOU24/GLkxo9LPT7fwIDAQAB
o4ICdzCCAnMwHQYDVR0OBBYEFL//PN3Lc5rKLxxmq0He+nhsTui1MB8GA1UdIwQY
MBaAFNsjloVAn2S6HDpUqO8UHJJOcdiSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmIt
MmVmNDQ3ZTFiMDhjLzEvdl84ODNjdHptc292SEdhclFkNzZlR3hPNkxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmItMmVmNDQ3ZTFiMDhj
LzEvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGMBggrBgEFBQcBBwEB/wR9MHswTgQCAAEwSAMEAx8DiAME
Ay4SgAMEBT7w4AMEA09jIAMEBVm5IAMEA17GkAMEArkHJAMEArkdKAMEArlYaAME
ArldJAMEAsKSrAMEBtQrwDApBAIAAjAjAwUAIAEKcAMFAyoBRYADBQAqAgH4AwUA
KgIjKAMFACoDcwAwDQYJKoZIhvcNAQELBQADggEBAHFmJhSsofzFDLqf8810Lt46
69b5okt8uCIYC3GAWusQACGrXUlBNcHbl4Ps7HAcVzG9OhGvwDaOjWLCudfxe5ZO
hr04EJMYTayDxiE3czLTfRaF3+Q9wB33Mw7vUXme9YNd/tmVU8voIHROSCywUDXg
5ivH28N1zg/nxcwI1kjR4En1fUoblfXrUasati0oZhnudvfJA/bHHn5mjo99WG7B
DcpEHx+FiV8+l1OGUpdah3xOk1bQhUP0qxAWN9bmC7Xgu/O+l2Tkr8w4rSRKxzmx
OtIVWmZiy/AuUk4utxTVAR/13HAeHqoYeu5XB5GdvQ+V5RYA23ZEKR+K6MFSXOw=
-----END CERTIFICATE-----
Generated at Thu Mar 28 15:23:25 2024 by rpki-client on console-ams.rpki-client.org