Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/k9vh1G0PJvj-ap2SiaC76Ah7-t4.roa
File: k9vh1G0PJvj-ap2SiaC76Ah7-t4.roa (raw, json)
Hash identifier: 02GlUYQITBjk4P8h9yhasSZuxHo2m0muvc8acx25AFo=
Subject key identifier: 93:DB:E1:D4:6D:0F:26:F8:FE:6A:9D:92:89:A0:BB:E8:08:7B:FA:DE
Certificate issuer: /CN=ae72e47d56692499a726bf800ea8380362deb6be
Certificate serial: 018B193B8FDED22F9EBF411717DE949B1017
Authority key identifier: AE:72:E4:7D:56:69:24:99:A7:26:BF:80:0E:A8:38:03:62:DE:B6:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnLkfVZpJJmnJr-ADqg4A2Letr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/k9vh1G0PJvj-ap2SiaC76Ah7-t4.roa
Signing time: Tue 10 Oct 2023 10:56:55 +0000
ROA not before: Tue 10 Oct 2023 10:56:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21309
IP address blocks: 83.216.160.0/21 maxlen: 21
83.216.160.0/20 maxlen: 20
83.216.160.0/19 maxlen: 19
86.110.136.0/21 maxlen: 21
86.110.144.0/20 maxlen: 20
86.110.144.0/21 maxlen: 21
83.216.168.0/21 maxlen: 21
83.216.176.0/21 maxlen: 21
83.216.176.0/20 maxlen: 20
213.209.240.0/20 maxlen: 20
86.110.152.0/21 maxlen: 21
83.216.184.0/21 maxlen: 21
213.174.160.0/19 maxlen: 19
213.174.160.0/21 maxlen: 21
213.174.160.0/20 maxlen: 20
213.174.168.0/21 maxlen: 21
213.174.176.0/20 maxlen: 20
213.174.176.0/21 maxlen: 21
5.63.136.0/21 maxlen: 21
213.174.184.0/21 maxlen: 21
213.209.192.0/19 maxlen: 19
213.209.192.0/20 maxlen: 20
213.209.192.0/18 maxlen: 18
213.209.208.0/20 maxlen: 20
86.110.128.0/19 maxlen: 19
213.209.224.0/20 maxlen: 20
213.209.224.0/19 maxlen: 19
86.110.128.0/21 maxlen: 21
86.110.128.0/20 maxlen: 20
77.89.16.0/20 maxlen: 20
77.89.32.0/19 maxlen: 19
77.89.32.0/20 maxlen: 20
77.89.48.0/20 maxlen: 20
77.89.0.0/20 maxlen: 20
77.89.0.0/18 maxlen: 18
77.89.0.0/19 maxlen: 19
185.123.9.0/24 maxlen: 24
185.123.8.0/24 maxlen: 24
185.123.8.0/22 maxlen: 22
2a03:c380::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:19:3b:8f:de:d2:2f:9e:bf:41:17:17:de:94:9b:10:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae72e47d56692499a726bf800ea8380362deb6be
Validity
Not Before: Oct 10 10:56:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93dbe1d46d0f26f8fe6a9d9289a0bbe8087bfade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:38:c1:b9:5d:85:4e:17:e6:5c:93:4f:72:25:
5a:85:e8:36:f1:92:a8:b4:2b:8e:13:67:ba:4c:1b:
2c:dd:ae:85:10:ee:ee:27:8a:61:fc:c3:fd:5d:4c:
09:72:f2:da:a5:09:6d:7f:59:2b:4e:35:c3:1e:8a:
34:69:53:12:af:22:63:48:ee:59:ea:9c:f7:f7:4f:
4d:e7:26:14:72:ce:f2:a4:40:85:dd:fb:4d:58:2b:
cf:73:bf:10:92:be:2a:e2:bf:a6:b9:c2:78:d7:e6:
8a:b2:6e:fa:14:fd:68:6a:e2:33:05:02:f1:3f:8b:
93:58:ea:8d:62:74:82:11:73:c0:b9:38:d6:06:a3:
05:9e:17:84:6f:d1:aa:5a:9d:7d:9c:4b:65:e6:1b:
2e:81:d4:d1:54:83:93:6f:1f:50:00:26:20:45:a5:
b4:b6:96:b8:bd:68:13:4a:f2:ce:ea:74:f4:c7:bd:
ce:d3:31:53:42:46:d9:ed:95:01:05:15:a1:bb:1b:
91:03:71:98:d6:b6:53:4e:7f:10:d6:f8:4b:7d:10:
c9:21:29:16:12:0b:49:28:48:f7:4a:dd:9c:c7:36:
17:44:88:14:d4:f4:92:70:03:e9:d8:05:07:ad:95:
8b:23:d1:ba:bc:16:50:53:73:2d:9b:5f:90:02:ae:
0c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:DB:E1:D4:6D:0F:26:F8:FE:6A:9D:92:89:A0:BB:E8:08:7B:FA:DE
X509v3 Authority Key Identifier:
keyid:AE:72:E4:7D:56:69:24:99:A7:26:BF:80:0E:A8:38:03:62:DE:B6:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnLkfVZpJJmnJr-ADqg4A2Letr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/k9vh1G0PJvj-ap2SiaC76Ah7-t4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/rnLkfVZpJJmnJr-ADqg4A2Letr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.136.0/21
77.89.0.0/18
83.216.160.0/19
86.110.128.0/19
185.123.8.0/22
213.174.160.0/19
213.209.192.0/18
IPv6:
2a03:c380::/32
Signature Algorithm: sha256WithRSAEncryption
9b:a0:77:7b:db:21:1a:33:53:b5:ea:c8:ea:50:a5:9d:50:e1:
17:dc:81:bf:fc:ff:f5:05:0a:5a:56:5a:f4:1b:e2:01:10:db:
9b:f1:ad:51:20:c6:52:49:90:00:33:0b:53:0b:e1:14:f7:8a:
e1:b6:00:83:48:51:27:c3:51:d6:9b:4d:5a:82:75:a0:e0:f6:
37:8b:8f:95:46:2a:82:c1:4f:eb:c8:ca:28:6b:7f:78:ab:37:
02:03:d8:a5:bc:b3:a2:e2:ca:2d:ec:74:22:70:5f:07:43:f7:
c9:27:d3:40:91:70:78:74:6f:43:58:cd:39:aa:c1:1b:2a:75:
da:83:ae:8a:70:41:1c:3c:a0:61:62:c2:e3:7b:e1:55:61:10:
08:50:2b:d7:e7:fe:6e:a5:d1:aa:46:77:bd:6d:56:62:2d:0d:
e1:15:55:44:cc:69:7b:7c:25:d5:54:28:ad:65:bf:01:1e:ee:
9c:84:ad:38:e2:b9:6f:e2:37:18:56:34:a5:7a:ec:72:20:d0:
72:08:11:81:12:63:b0:de:2e:32:e6:6b:e1:0d:c1:a7:3d:62:
62:a1:1e:cd:26:f8:69:37:81:0c:60:ed:7c:34:5b:a2:8a:6f:
d4:2b:85:6b:1d:da:17:4c:bc:bd:0d:80:ab:58:7b:4e:80:93:
b4:af:58:29
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYsZO4/e0i+ev0EXF96UmxAXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzJlNDdkNTY2OTI0OTlhNzI2YmY4MDBlYTgzODAzNjJk
ZWI2YmUwHhcNMjMxMDEwMTA1NjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2RiZTFkNDZkMGYyNmY4ZmU2YTlkOTI4OWEwYmJlODA4N2JmYWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjjBuV2FThfmXJNPciVaheg28ZKo
tCuOE2e6TBss3a6FEO7uJ4ph/MP9XUwJcvLapQltf1krTjXDHoo0aVMSryJjSO5Z
6pz3909N5yYUcs7ypECF3ftNWCvPc78Qkr4q4r+mucJ41+aKsm76FP1oauIzBQLx
P4uTWOqNYnSCEXPAuTjWBqMFnheEb9GqWp19nEtl5hsugdTRVIOTbx9QACYgRaW0
tpa4vWgTSvLO6nT0x73O0zFTQkbZ7ZUBBRWhuxuRA3GY1rZTTn8Q1vhLfRDJISkW
EgtJKEj3St2cxzYXRIgU1PSScAPp2AUHrZWLI9G6vBZQU3Mtm1+QAq4MgwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFJPb4dRtDyb4/mqdkomgu+gIe/reMB8GA1UdIwQY
MBaAFK5y5H1WaSSZpya/gA6oOANi3ra+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Ma2ZWWnBKSm1uSnItQURxZzRBMkxldHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS82YmI0NzEtNGEzZS00ODhkLWI4OGMt
ZmUxMmM3NWJmNGFiLzEvazl2aDFHMFBKdmotYXAyU2lhQzc2QWg3LXQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS82YmI0NzEtNGEzZS00ODhkLWI4OGMtZmUxMmM3NWJmNGFi
LzEvcm5Ma2ZWWnBKSm1uSnItQURxZzRBMkxldHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDBT+IAwQG
TVkAAwQFU9igAwQFVm6AAwQCuXsIAwQF1a6gAwQG1dHAMA0EAgACMAcDBQAqA8OA
MA0GCSqGSIb3DQEBCwUAA4IBAQCboHd72yEaM1O16sjqUKWdUOEX3IG//P/1BQpa
Vlr0G+IBENub8a1RIMZSSZAAMwtTC+EU94rhtgCDSFEnw1HWm01agnWg4PY3i4+V
RiqCwU/ryMooa394qzcCA9ilvLOi4sot7HQicF8HQ/fJJ9NAkXB4dG9DWM05qsEb
KnXag66KcEEcPKBhYsLje+FVYRAIUCvX5/5updGqRne9bVZiLQ3hFVVEzGl7fCXV
VCitZb8BHu6chK044rlv4jcYVjSleuxyINByCBGBEmOw3i4y5mvhDcGnPWJioR7N
JvhpN4EMYO18NFuiim/UK4VrHdoXTLy9DYCrWHtOgJO0r1gp
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:31 2024 by rpki-client on console-fra.rpki-client.org