Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/Is-8pSqKeFEwFCYJSvLt-XbTQ64.roa
File: Is-8pSqKeFEwFCYJSvLt-XbTQ64.roa (raw, json)
Hash identifier: 3F2R1BI5ujhVbQYtK8Y6inkipiXIaT2HlGCE8nGM/H8=
Subject key identifier: 22:CF:BC:A5:2A:8A:78:51:30:14:26:09:4A:F2:ED:F9:76:D3:43:AE
Certificate issuer: /CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Certificate serial: 018A02EBD57A95B5679E1FA64913EE1C7AD8
Authority key identifier: DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/Is-8pSqKeFEwFCYJSvLt-XbTQ64.roa
Signing time: Thu 17 Aug 2023 09:55:24 +0000
ROA not before: Thu 17 Aug 2023 09:55:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25255
IP address blocks: 46.220.0.0/16 maxlen: 16
91.141.0.0/20 maxlen: 20
91.141.0.0/17 maxlen: 17
194.24.128.0/19 maxlen: 19
178.112.0.0/14 maxlen: 14
178.115.128.0/20 maxlen: 20
94.245.192.0/18 maxlen: 18
77.116.0.0/14 maxlen: 14
77.119.128.0/20 maxlen: 20
213.94.64.0/21 maxlen: 21
109.126.64.0/18 maxlen: 18
213.94.64.0/18 maxlen: 18
213.94.78.0/24 maxlen: 24
213.94.76.0/24 maxlen: 24
213.94.77.0/24 maxlen: 24
91.141.32.0/19 maxlen: 19
91.141.64.0/20 maxlen: 20
81.3.192.0/18 maxlen: 18
213.94.79.0/24 maxlen: 24
213.94.80.0/22 maxlen: 22
77.119.160.0/20 maxlen: 20
213.94.96.0/21 maxlen: 21
213.94.95.0/24 maxlen: 24
77.119.192.0/19 maxlen: 19
178.165.192.0/20 maxlen: 20
178.115.64.0/20 maxlen: 20
178.165.128.0/17 maxlen: 17
178.165.128.0/20 maxlen: 20
178.165.160.0/19 maxlen: 19
178.115.32.0/19 maxlen: 19
2a02:2861::/32 maxlen: 32
2a02:2864::/30 maxlen: 30
Validation: Failed, certificate revoked on Thu 17 Aug 2023 09:56:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:02:eb:d5:7a:95:b5:67:9e:1f:a6:49:13:ee:1c:7a:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Validity
Not Before: Aug 17 09:55:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22cfbca52a8a7851301426094af2edf976d343ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a3:e3:07:5d:a4:60:4c:44:6a:4c:06:fc:5f:
9f:af:10:80:cb:21:0b:83:1d:36:1c:31:55:09:de:
0b:33:28:42:be:f6:2c:4e:12:e3:65:6b:c5:de:3a:
08:6a:10:65:0d:b9:6f:84:64:ac:f3:07:de:c5:a8:
36:bc:8a:3d:b7:dc:e9:d5:f2:30:4c:70:a4:1f:a2:
38:cc:b8:1b:73:53:38:2b:9c:3c:9e:fa:b3:f6:08:
98:13:ab:39:ff:f4:75:b1:e5:45:aa:a7:06:6a:88:
7d:27:b4:80:04:fd:2a:1a:3f:31:13:85:ea:63:0c:
2e:71:fb:ba:3a:eb:4e:42:06:16:85:97:e4:07:25:
b9:21:63:cc:92:21:2e:f2:24:a3:da:b8:9e:d9:7c:
66:1f:c4:2c:96:31:9f:ef:a4:f0:b4:e4:81:29:db:
ec:fb:0c:42:a7:e6:7c:7e:b3:a6:9f:08:f8:c9:1a:
d5:c8:da:94:4d:bb:ba:99:8c:11:b9:2c:be:62:c2:
ac:73:05:b7:4f:db:d9:14:8e:61:b8:df:ef:7d:a4:
05:5c:f6:0e:12:3e:6d:9b:fd:e7:b0:2a:65:ed:4c:
6f:01:ff:72:66:00:5b:8d:10:e5:7e:93:de:c5:41:
ca:af:61:d0:07:0b:1b:aa:7e:aa:de:f8:04:6a:39:
a3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:CF:BC:A5:2A:8A:78:51:30:14:26:09:4A:F2:ED:F9:76:D3:43:AE
X509v3 Authority Key Identifier:
keyid:DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/Is-8pSqKeFEwFCYJSvLt-XbTQ64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.220.0.0/16
77.116.0.0/14
81.3.192.0/18
91.141.0.0/17
94.245.192.0/18
109.126.64.0/18
178.112.0.0/14
178.165.128.0/17
194.24.128.0/19
213.94.64.0/18
IPv6:
2a02:2861::/32
2a02:2864::/30
Signature Algorithm: sha256WithRSAEncryption
9d:ba:ad:8e:06:8c:69:5d:90:68:6e:54:6c:67:b8:fe:97:dc:
41:8f:40:c2:a9:76:cb:79:2f:1b:50:72:d1:d9:cb:ac:ae:b8:
5d:e7:72:62:5c:0e:ad:93:dc:19:f7:ad:9a:99:0c:9b:45:1b:
48:b8:41:ff:76:08:d1:77:81:a4:27:c6:81:81:0d:e8:ad:22:
f5:a7:5e:46:ef:40:4a:2d:90:bd:50:6f:05:28:fb:1d:bd:73:
cc:75:f0:3b:5c:13:e6:7b:f5:71:34:1c:30:b4:d8:04:a3:34:
19:48:d1:a8:46:b7:8f:2f:ca:0d:f7:29:0d:3c:1a:20:67:17:
6b:52:7f:9f:b7:c4:1f:75:80:b9:f0:7b:83:de:0d:9a:92:42:
d1:a8:3f:01:04:2e:64:f0:98:8e:15:cc:da:88:b0:d7:4f:29:
ed:1e:ff:30:8e:89:30:58:15:46:5a:97:26:e7:8a:9f:01:44:
c5:ec:57:88:6e:dc:aa:68:b0:c1:90:af:f7:d3:28:9b:98:d7:
72:02:58:f7:85:0c:6a:03:c0:f5:9c:62:90:31:27:76:4b:37:
e8:6d:df:46:68:c4:cd:92:31:ea:10:69:c6:33:62:1a:dc:eb:
0b:a2:83:97:e7:80:5a:1c:32:20:a6:b1:de:32:9f:a9:8e:b3:
12:7e:c9:aa
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYoC69V6lbVnnh+mSRPuHHrYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOWQxOTdmYmJlZTJhMWRjY2I0ZjU1NzIyYTgyMTBkMzEw
NWIwNDIwHhcNMjMwODE3MDk1NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmNmYmNhNTJhOGE3ODUxMzAxNDI2MDk0YWYyZWRmOTc2ZDM0M2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaPjB12kYExEakwG/F+frxCAyyEL
gx02HDFVCd4LMyhCvvYsThLjZWvF3joIahBlDblvhGSs8wfexag2vIo9t9zp1fIw
THCkH6I4zLgbc1M4K5w8nvqz9giYE6s5//R1seVFqqcGaoh9J7SABP0qGj8xE4Xq
Ywwucfu6OutOQgYWhZfkByW5IWPMkiEu8iSj2rie2XxmH8QsljGf76TwtOSBKdvs
+wxCp+Z8frOmnwj4yRrVyNqUTbu6mYwRuSy+YsKscwW3T9vZFI5huN/vfaQFXPYO
Ej5tm/3nsCpl7UxvAf9yZgBbjRDlfpPexUHKr2HQBwsbqn6q3vgEajmj5wIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFCLPvKUqinhRMBQmCUry7fl200OuMB8GA1UdIwQY
MBaAFNudGX+77iodzLT1VyKoIQ0xBbBCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMt
NGIyMzk1NmZiZDg2LzEvSXMtOHBTcUtlRkV3RkNZSlN2THQtWGJUUTY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMtNGIyMzk1NmZiZDg2
LzEvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzA/BAIAATA5AwMALtwDAwJN
dAMEBlEDwAMEB1uNAAMEBl71wAMEBm1+QAMDArJwAwQHsqWAAwQFwhiAAwQG1V5A
MBQEAgACMA4DBQAqAihhAwUCKgIoZDANBgkqhkiG9w0BAQsFAAOCAQEAnbqtjgaM
aV2QaG5UbGe4/pfcQY9Awql2y3kvG1By0dnLrK64XedyYlwOrZPcGfetmpkMm0Ub
SLhB/3YI0XeBpCfGgYEN6K0i9adeRu9ASi2QvVBvBSj7Hb1zzHXwO1wT5nv1cTQc
MLTYBKM0GUjRqEa3jy/KDfcpDTwaIGcXa1J/n7fEH3WAufB7g94NmpJC0ag/AQQu
ZPCYjhXM2oiw108p7R7/MI6JMFgVRlqXJueKnwFExexXiG7cqmiwwZCv99Mom5jX
cgJY94UMagPA9ZxikDEndks36G3fRmjEzZIx6hBpxjNiGtzrC6KDl+eAWhwyIKax
3jKfqY6zEn7Jqg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:17 2024 by rpki-client on console-fra.rpki-client.org