Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/CeywY5jiRX1pvTYQLADeI7ZhuDQ.roa
File: CeywY5jiRX1pvTYQLADeI7ZhuDQ.roa (raw, json)
Hash identifier: fPXfZWGiKjuWwepISNDt7HXj5gxBZfebsPhTFiyQyB8=
Subject key identifier: 09:EC:B0:63:98:E2:45:7D:69:BD:36:10:2C:00:DE:23:B6:61:B8:34
Certificate issuer: /CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Certificate serial: 018573682EC61DB9B4D6A2EFE37B5C374816
Authority key identifier: 7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/CeywY5jiRX1pvTYQLADeI7ZhuDQ.roa
Signing time: Mon 02 Jan 2023 16:54:45 +0000
ROA not before: Mon 02 Jan 2023 16:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8075
IP address blocks: 94.245.64.0/18 maxlen: 24
172.208.0.0/13 maxlen: 13
51.124.0.0/16 maxlen: 16
192.100.112.0/21 maxlen: 21
192.100.120.0/21 maxlen: 21
192.100.128.0/22 maxlen: 22
192.100.132.0/23 maxlen: 23
172.160.0.0/11 maxlen: 11
51.144.0.0/15 maxlen: 15
51.107.0.0/16 maxlen: 16
40.171.0.0/16 maxlen: 16
192.100.104.0/21 maxlen: 21
51.138.0.0/16 maxlen: 16
51.10.0.0/15 maxlen: 15
194.110.197.0/24 maxlen: 24
51.104.0.0/15 maxlen: 15
51.12.0.0/15 maxlen: 15
51.103.0.0/16 maxlen: 16
51.140.0.0/14 maxlen: 14
135.130.0.0/16 maxlen: 16
57.150.0.0/15 maxlen: 15
132.164.0.0/16 maxlen: 16
193.221.113.0/24 maxlen: 24
51.53.0.0/16 maxlen: 16
57.160.0.0/12 maxlen: 12
51.120.0.0/16 maxlen: 16
57.156.0.0/14 maxlen: 14
172.128.0.0/11 maxlen: 11
193.149.64.0/19 maxlen: 24
172.200.0.0/13 maxlen: 13
51.116.0.0/16 maxlen: 16
40.170.0.0/16 maxlen: 16
51.136.0.0/15 maxlen: 15
209.199.0.0/16 maxlen: 16
167.162.0.0/16 maxlen: 16
159.128.0.0/16 maxlen: 16
194.41.16.0/20 maxlen: 20
194.41.18.0/24 maxlen: 24
194.41.22.0/24 maxlen: 24
194.41.23.0/24 maxlen: 24
194.41.20.0/24 maxlen: 24
194.41.21.0/24 maxlen: 24
194.41.19.0/24 maxlen: 24
51.132.0.0/16 maxlen: 16
157.31.0.0/16 maxlen: 16
157.95.0.0/16 maxlen: 16
213.199.128.0/18 maxlen: 24
167.186.0.0/16 maxlen: 16
147.243.0.0/16 maxlen: 24
51.51.0.0/16 maxlen: 16
57.152.0.0/14 maxlen: 14
151.206.0.0/16 maxlen: 16
138.105.0.0/16 maxlen: 16
40.169.0.0/16 maxlen: 16
2a00:1c68::/29 maxlen: 29
2a01:111:4004::/48 maxlen: 48
2a01:111::/32 maxlen: 32
2a01:111:4000::/36 maxlen: 36
2a01:111:2000::/36 maxlen: 36
2a01:111:f000::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 27 Apr 2023 21:07:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:68:2e:c6:1d:b9:b4:d6:a2:ef:e3:7b:5c:37:48:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Validity
Not Before: Jan 2 16:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09ecb06398e2457d69bd36102c00de23b661b834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:6a:69:c4:be:bd:64:12:93:94:42:6e:6b:bf:
d1:fc:b2:a4:18:66:a4:6f:25:0a:fd:2f:b2:3e:dd:
68:eb:4c:fb:bd:54:66:88:b3:cb:09:0d:61:7c:bb:
a6:c6:47:29:9f:ec:39:2e:4d:45:8c:6b:0c:b4:b3:
83:8f:6d:5e:49:0b:3b:ff:09:a6:e6:f1:a5:fb:b6:
66:88:ce:2c:fb:aa:8a:3e:46:07:eb:93:1f:bf:e8:
fb:22:e0:60:dd:29:03:39:d9:09:af:4b:3b:41:8b:
39:4a:f1:06:0c:ac:60:51:77:e6:d1:10:b5:d0:37:
cb:4b:93:01:d1:75:58:13:36:25:7e:40:41:00:9d:
8d:04:06:f3:9e:0d:65:ef:20:45:e6:17:ed:d2:00:
ef:48:27:37:6f:e7:a2:0b:58:3f:0e:fe:a2:14:bf:
f5:11:c0:0a:c6:79:e2:66:25:cd:c4:5f:de:2d:e2:
ef:b5:8e:aa:bf:4c:3c:e4:15:ac:50:19:8f:2d:f5:
8e:ac:fd:af:ea:65:67:98:c6:be:b1:da:9f:5d:fb:
6e:a0:3a:9e:c9:60:7a:fc:46:3c:0e:46:ca:0f:58:
6f:be:f9:76:3c:75:5d:1a:31:96:90:1f:44:82:4c:
fa:2d:96:9c:7b:56:4f:b4:d1:a5:0c:64:c8:be:5f:
87:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:EC:B0:63:98:E2:45:7D:69:BD:36:10:2C:00:DE:23:B6:61:B8:34
X509v3 Authority Key Identifier:
keyid:7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/CeywY5jiRX1pvTYQLADeI7ZhuDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
40.169.0.0-40.171.255.255
51.10.0.0-51.13.255.255
51.51.0.0/16
51.53.0.0/16
51.103.0.0-51.105.255.255
51.107.0.0/16
51.116.0.0/16
51.120.0.0/16
51.124.0.0/16
51.132.0.0/16
51.136.0.0-51.138.255.255
51.140.0.0-51.145.255.255
57.150.0.0-57.175.255.255
94.245.64.0/18
132.164.0.0/16
135.130.0.0/16
138.105.0.0/16
147.243.0.0/16
151.206.0.0/16
157.31.0.0/16
157.95.0.0/16
159.128.0.0/16
167.162.0.0/16
167.186.0.0/16
172.128.0.0/10
172.200.0.0-172.215.255.255
192.100.104.0-192.100.133.255
193.149.64.0/19
193.221.113.0/24
194.41.16.0/20
194.110.197.0/24
209.199.0.0/16
213.199.128.0/18
IPv6:
2a00:1c68::/29
2a01:111::/32
Signature Algorithm: sha256WithRSAEncryption
60:ce:3e:1a:8a:12:fc:61:db:86:e3:ca:26:25:2e:11:df:fd:
59:27:f0:c7:e8:8c:05:be:a0:f7:5d:d7:e1:05:9a:b3:45:35:
0c:6d:5f:88:84:ad:a0:c9:bb:f7:75:74:d7:d0:99:6c:f5:60:
f6:cf:c0:ed:05:6d:92:30:f6:02:99:44:c3:0a:05:0a:fd:1f:
37:45:29:72:2b:a9:19:36:24:4d:4b:70:fd:f4:4c:a5:6f:a9:
cc:6f:62:8f:37:97:97:f8:db:61:b6:94:c9:36:49:45:57:aa:
15:4a:2c:0b:5c:c2:ea:da:fc:3c:31:80:f1:b7:19:53:e5:45:
c7:e1:41:d4:04:65:b5:ea:71:0f:8b:45:46:e0:48:92:84:94:
88:61:71:87:26:1d:30:46:14:01:38:20:9f:63:f3:f5:d0:40:
fe:e3:74:c2:9e:7f:7c:16:33:af:12:0e:4a:0b:f8:c3:90:46:
da:02:75:74:49:e0:c0:ec:57:27:be:ec:b6:95:82:bc:06:e4:
a0:99:a8:97:28:73:9c:88:59:64:b7:96:9d:a8:d5:ca:47:6e:
b7:70:d4:95:89:3e:17:5c:f3:37:76:16:9b:bd:d2:41:90:41:
52:2b:b8:04:ae:7a:03:e1:46:02:9a:9a:43:4b:9a:a1:da:9a:
b5:82:0a:92
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAYVzaC7GHbm01qLv43tcN0gWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZTY4ZGFmNWYwODk0NTZjMGUxZDAyMjQ1MzkzNTMxYWM1
YjhmY2IwHhcNMjMwMTAyMTY1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWVjYjA2Mzk4ZTI0NTdkNjliZDM2MTAyYzAwZGUyM2I2NjFiODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2ppxL69ZBKTlEJua7/R/LKkGGak
byUK/S+yPt1o60z7vVRmiLPLCQ1hfLumxkcpn+w5Lk1FjGsMtLODj21eSQs7/wmm
5vGl+7ZmiM4s+6qKPkYH65Mfv+j7IuBg3SkDOdkJr0s7QYs5SvEGDKxgUXfm0RC1
0DfLS5MB0XVYEzYlfkBBAJ2NBAbzng1l7yBF5hft0gDvSCc3b+eiC1g/Dv6iFL/1
EcAKxnniZiXNxF/eLeLvtY6qv0w85BWsUBmPLfWOrP2v6mVnmMa+sdqfXftuoDqe
yWB6/EY8DkbKD1hvvvl2PHVdGjGWkB9Egkz6LZace1ZPtNGlDGTIvl+HEQIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFAnssGOY4kV9ab02ECwA3iO2Ybg0MB8GA1UdIwQY
MBaAFHzmja9fCJRWwOHQIkU5NTGsW4/LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMt
MTNhMDZhMjY5YWE4LzEvQ2V5d1k1amlSWDFwdlRZUUxBRGVJN1podURRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMtMTNhMDZhMjY5YWE4
LzEvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGgYIKwYBBQUHAQcBAf8EggEJMIIBBTCB7AQCAAEwgeUw
CgMDACipAwMCKKgwCgMDATMKAwMBMwwDAwAzMwMDADM1MAoDAwAzZwMDATNoAwMA
M2sDAwAzdAMDADN4AwMAM3wDAwAzhDAKAwMDM4gDAwAzijAKAwMCM4wDAwEzkDAK
AwMBOZYDAwQ5oAMEBl71QAMDAISkAwMAh4IDAwCKaQMDAJPzAwMAl84DAwCdHwMD
AJ1fAwMAn4ADAwCnogMDAKe6AwMGrIAwCgMDA6zIAwMDrNAwDAMEA8BkaAMEAcBk
hAMEBcGVQAMEAMHdcQMEBMIpEAMEAMJuxQMDANHHAwQG1ceAMBQEAgACMA4DBQMq
ABxoAwUAKgEBETANBgkqhkiG9w0BAQsFAAOCAQEAYM4+GooS/GHbhuPKJiUuEd/9
WSfwx+iMBb6g913X4QWas0U1DG1fiIStoMm793V019CZbPVg9s/A7QVtkjD2AplE
wwoFCv0fN0UpciupGTYkTUtw/fRMpW+pzG9ijzeXl/jbYbaUyTZJRVeqFUosC1zC
6tr8PDGA8bcZU+VFx+FB1ARltepxD4tFRuBIkoSUiGFxhyYdMEYUATggn2Pz9dBA
/uN0wp5/fBYzrxIOSgv4w5BG2gJ1dEngwOxXJ77stpWCvAbkoJmolyhznIhZZLeW
najVykdut3DUlYk+F1zzN3YWm73SQZBBUiu4BK56A+FGApqaQ0uaodqatYIKkg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:00 2024 by rpki-client on console-ams.rpki-client.org