Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/p7sUc_EjMpIvAakHO7SmsIfigs0.roa
File: p7sUc_EjMpIvAakHO7SmsIfigs0.roa (raw, json)
Hash identifier: Kwn629dgZSmsX+zrIAMss4thwfN0qPs9MV2Xwr36eeE=
Subject key identifier: A7:BB:14:73:F1:23:32:92:2F:01:A9:07:3B:B4:A6:B0:87:E2:82:CD
Certificate issuer: /CN=69507f066f2bb0389dd88436074e1426114f2d92
Certificate serial: 018CC649F50AD15FF7F906F6C9E386E09D4F
Authority key identifier: 69:50:7F:06:6F:2B:B0:38:9D:D8:84:36:07:4E:14:26:11:4F:2D:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aVB_Bm8rsDid2IQ2B04UJhFPLZI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/p7sUc_EjMpIvAakHO7SmsIfigs0.roa
Signing time: Mon 01 Jan 2024 18:29:44 +0000
ROA not before: Mon 01 Jan 2024 18:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216139
IP address blocks: 178.208.64.0/24 maxlen: 24
178.208.65.0/24 maxlen: 24
178.208.66.0/24 maxlen: 24
178.208.67.0/24 maxlen: 24
178.208.72.0/24 maxlen: 24
178.208.73.0/24 maxlen: 24
178.208.78.0/24 maxlen: 24
178.208.76.0/24 maxlen: 24
178.208.77.0/24 maxlen: 24
178.208.74.0/24 maxlen: 24
178.208.75.0/24 maxlen: 24
178.208.85.0/24 maxlen: 24
178.208.83.0/24 maxlen: 24
178.208.84.0/24 maxlen: 24
178.208.81.0/24 maxlen: 24
178.208.82.0/24 maxlen: 24
178.208.79.0/24 maxlen: 24
178.208.80.0/24 maxlen: 24
178.208.86.0/24 maxlen: 24
178.208.90.0/24 maxlen: 24
178.208.91.0/24 maxlen: 24
178.208.88.0/24 maxlen: 24
178.208.89.0/24 maxlen: 24
178.208.93.0/24 maxlen: 24
185.105.108.0/24 maxlen: 24
109.234.32.0/24 maxlen: 24
95.142.32.0/24 maxlen: 24
2.56.90.0/24 maxlen: 24
2.56.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 08:49:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:f5:0a:d1:5f:f7:f9:06:f6:c9:e3:86:e0:9d:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69507f066f2bb0389dd88436074e1426114f2d92
Validity
Not Before: Jan 1 18:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7bb1473f12332922f01a9073bb4a6b087e282cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:bc:dc:be:16:28:ad:af:05:6f:1e:d0:13:79:
fd:f0:73:b6:5a:d7:66:d7:88:3b:33:05:3c:44:38:
fa:0e:3c:c2:13:62:9a:92:62:30:d8:f7:cd:b1:21:
a6:1e:a8:8e:d5:a1:f8:6c:0e:e1:c4:99:f7:66:53:
d1:91:3e:8a:21:60:82:32:11:48:dc:40:94:ac:01:
e3:db:28:78:e4:3b:e3:d3:60:76:a8:99:0a:7b:f0:
1a:b1:3b:36:aa:0a:03:a4:68:d9:21:9c:e2:da:5c:
45:56:2c:88:5d:c0:b8:8c:02:b7:e5:6b:d6:48:5b:
d2:64:65:8d:f4:93:bf:2b:7a:dc:e0:b7:52:d3:41:
a3:37:0e:57:b4:bb:f6:cd:61:5a:df:51:1d:09:49:
30:c2:f7:f7:e6:67:d5:14:c6:8b:09:b0:a4:84:93:
4f:98:0b:90:60:65:d0:76:b7:00:26:16:03:c3:75:
05:e6:ac:e0:91:c5:2c:f5:35:61:b7:56:c7:ae:90:
99:53:fe:23:24:9d:9b:40:af:3d:8c:c8:e6:a8:e8:
c8:91:ce:97:a0:82:a0:db:2f:dd:da:0a:4a:3c:36:
12:8f:c2:42:15:d0:bd:28:7b:20:8e:19:cc:7d:d0:
5a:31:d0:eb:3b:4d:46:e4:54:b9:95:b3:76:fa:49:
d2:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:BB:14:73:F1:23:32:92:2F:01:A9:07:3B:B4:A6:B0:87:E2:82:CD
X509v3 Authority Key Identifier:
keyid:69:50:7F:06:6F:2B:B0:38:9D:D8:84:36:07:4E:14:26:11:4F:2D:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aVB_Bm8rsDid2IQ2B04UJhFPLZI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/p7sUc_EjMpIvAakHO7SmsIfigs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/aVB_Bm8rsDid2IQ2B04UJhFPLZI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.89.0-2.56.90.255
95.142.32.0/24
109.234.32.0/24
178.208.64.0/22
178.208.72.0-178.208.86.255
178.208.88.0/22
178.208.93.0/24
185.105.108.0/24
Signature Algorithm: sha256WithRSAEncryption
63:d1:5b:a5:79:a7:a2:b5:f7:6b:c3:cb:45:b4:63:04:a4:3e:
4a:1a:8b:5f:db:b9:46:f9:37:2d:5f:f3:3c:b4:19:eb:1f:a3:
81:59:c7:f0:43:67:76:a2:b6:b0:1e:b6:af:dd:ac:01:b4:4f:
6d:b5:49:34:e0:9e:d1:b0:f5:07:dc:df:97:fc:9f:b0:e7:62:
0b:e4:fd:77:56:4b:1e:43:a5:c8:81:a8:35:d9:41:c2:12:28:
58:c9:0d:83:b3:a3:38:4b:9c:81:24:55:79:d9:44:5b:84:2d:
52:e1:cc:79:81:c0:49:82:9b:63:d3:72:07:01:7c:5f:a2:3b:
e3:3c:c0:a6:28:22:63:d8:f8:b0:ce:9c:ef:e3:f1:74:2f:45:
cc:6b:5c:76:05:8d:1a:69:7f:73:9d:47:94:be:b4:6b:af:d6:
5e:e6:3c:ce:4c:ab:a9:45:27:85:ee:51:47:de:30:ae:ea:71:
88:72:f4:e3:54:84:81:1c:82:98:9d:26:40:df:58:ae:a0:9e:
80:ef:39:e8:f2:51:49:5a:6b:c6:0a:f7:48:43:51:ca:7c:80:
de:b6:0d:c5:e7:2e:f5:8a:e2:a3:a6:87:a8:ef:6c:a4:af:09:
7d:b1:b5:cc:1f:8a:09:32:c8:f4:5f:b9:4c:4c:a6:88:ed:53:
e9:d6:f6:fd
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYzGSfUK0V/3+Qb2yeOG4J1PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NTA3ZjA2NmYyYmIwMzg5ZGQ4ODQzNjA3NGUxNDI2MTE0
ZjJkOTIwHhcNMjQwMTAxMTgyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2JiMTQ3M2YxMjMzMjkyMmYwMWE5MDczYmI0YTZiMDg3ZTI4MmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7zcvhYora8Fbx7QE3n98HO2Wtdm
14g7MwU8RDj6DjzCE2KakmIw2PfNsSGmHqiO1aH4bA7hxJn3ZlPRkT6KIWCCMhFI
3ECUrAHj2yh45Dvj02B2qJkKe/AasTs2qgoDpGjZIZzi2lxFViyIXcC4jAK35WvW
SFvSZGWN9JO/K3rc4LdS00GjNw5XtLv2zWFa31EdCUkwwvf35mfVFMaLCbCkhJNP
mAuQYGXQdrcAJhYDw3UF5qzgkcUs9TVht1bHrpCZU/4jJJ2bQK89jMjmqOjIkc6X
oIKg2y/d2gpKPDYSj8JCFdC9KHsgjhnMfdBaMdDrO01G5FS5lbN2+knSTQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFKe7FHPxIzKSLwGpBzu0prCH4oLNMB8GA1UdIwQY
MBaAFGlQfwZvK7A4ndiENgdOFCYRTy2SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVZCX0JtOHJzRGlkMklRMkIwNFVKaEZQTFpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9iZjgzMzgtODc1Mi00ZDU1LTljMzEt
MGUxYjhmZWE4OTEzLzEvcDdzVWNfRWpNcEl2QWFrSE83U21zSWZpZ3MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9iZjgzMzgtODc1Mi00ZDU1LTljMzEtMGUxYjhmZWE4OTEz
LzEvYVZCX0JtOHJzRGlkMklRMkIwNFVKaEZQTFpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAMAwDBAACOFkD
BAACOFoDBABfjiADBABt6iADBAKy0EAwDAMEA7LQSAMEALLQVgMEArLQWAMEALLQ
XQMEALlpbDANBgkqhkiG9w0BAQsFAAOCAQEAY9FbpXmnorX3a8PLRbRjBKQ+ShqL
X9u5Rvk3LV/zPLQZ6x+jgVnH8ENndqK2sB62r92sAbRPbbVJNOCe0bD1B9zfl/yf
sOdiC+T9d1ZLHkOlyIGoNdlBwhIoWMkNg7OjOEucgSRVedlEW4QtUuHMeYHASYKb
Y9NyBwF8X6I74zzApigiY9j4sM6c7+PxdC9FzGtcdgWNGml/c51HlL60a6/WXuY8
zkyrqUUnhe5RR94wrupxiHL041SEgRyCmJ0mQN9YrqCegO856PJRSVprxgr3SENR
ynyA3rYNxecu9Yrio6aHqO9spK8JfbG1zB+KCTLI9F+5TEymiO1T6db2/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:20 2024 by rpki-client on console-fra.rpki-client.org