Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/d88aae-68c3-4909-9f8a-07e83cd5b60d/1/lAi9lCHKFSUmUcaY2wI9VUxzdZc.roa
File: lAi9lCHKFSUmUcaY2wI9VUxzdZc.roa (raw, json)
Hash identifier: UhiSLo0dZ6B+hR5Npi7uORkUNsB8d7E/9zwJ7+a/Ypg=
Subject key identifier: 94:08:BD:94:21:CA:15:25:26:51:C6:98:DB:02:3D:55:4C:73:75:97
Certificate issuer: /CN=3a3149da0a12bdbf1bef598b0463090780206ce0
Certificate serial: 018EE6DBFA89E2B45048C390CE2E7227F6BF
Authority key identifier: 3A:31:49:DA:0A:12:BD:BF:1B:EF:59:8B:04:63:09:07:80:20:6C:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OjFJ2goSvb8b71mLBGMJB4AgbOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/d88aae-68c3-4909-9f8a-07e83cd5b60d/1/lAi9lCHKFSUmUcaY2wI9VUxzdZc.roa
Signing time: Tue 16 Apr 2024 12:22:39 +0000
ROA not before: Tue 16 Apr 2024 12:22:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5404
IP address blocks: 185.69.160.0/22 maxlen: 22
185.69.160.0/24 maxlen: 24
185.69.161.0/24 maxlen: 24
185.69.162.0/24 maxlen: 24
185.69.163.0/24 maxlen: 24
195.192.208.0/21 maxlen: 21
195.192.208.0/24 maxlen: 24
195.192.209.0/24 maxlen: 24
195.192.210.0/24 maxlen: 24
195.192.211.0/24 maxlen: 24
195.192.212.0/24 maxlen: 24
195.192.213.0/24 maxlen: 24
195.192.214.0/24 maxlen: 24
195.192.215.0/24 maxlen: 24
217.196.144.0/20 maxlen: 20
217.196.144.0/24 maxlen: 24
217.196.145.0/24 maxlen: 24
217.196.146.0/24 maxlen: 24
217.196.147.0/24 maxlen: 24
217.196.148.0/24 maxlen: 24
217.196.149.0/24 maxlen: 24
217.196.150.0/24 maxlen: 24
217.196.151.0/24 maxlen: 24
217.196.152.0/24 maxlen: 24
217.196.153.0/24 maxlen: 24
217.196.154.0/24 maxlen: 24
217.196.155.0/24 maxlen: 24
217.196.156.0/24 maxlen: 24
217.196.157.0/24 maxlen: 24
217.196.158.0/24 maxlen: 24
217.196.159.0/24 maxlen: 24
2a02:16a8::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 27 Jun 2024 08:38:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e6:db:fa:89:e2:b4:50:48:c3:90:ce:2e:72:27:f6:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a3149da0a12bdbf1bef598b0463090780206ce0
Validity
Not Before: Apr 16 12:22:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9408bd9421ca15252651c698db023d554c737597
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:78:ee:f2:d6:b2:ee:23:99:a0:1e:49:6c:95:
4b:64:90:bd:7d:41:0c:b5:59:20:51:14:9c:4b:7a:
02:c5:30:44:27:0a:05:b3:e2:7c:78:87:50:ca:4b:
75:3b:50:eb:c0:c5:7c:de:61:c7:5e:48:b2:bf:06:
e2:48:bb:68:7f:88:85:14:6c:f5:aa:7b:90:bd:2e:
fe:69:d6:1b:fc:1f:c6:ea:83:9b:bf:50:8f:ea:58:
23:b6:ab:83:01:92:fa:9c:52:cb:3b:72:0c:74:7b:
a2:a8:db:55:b7:eb:fb:ba:11:b0:7f:6c:a2:2b:00:
75:80:dd:57:cf:99:3e:bc:ec:41:c9:ef:d8:24:db:
4d:7d:75:73:15:83:ba:8e:59:8c:55:ec:54:6a:34:
39:2f:15:45:34:2d:30:33:c3:95:e8:c7:cd:a3:f0:
f6:ea:77:0e:19:1c:36:3c:47:76:22:c9:e3:ce:2b:
58:60:d4:a1:82:52:84:77:f2:c9:a4:21:84:dd:7d:
e6:bf:15:8a:b4:0a:1e:44:04:d0:36:6b:4b:1e:cd:
f4:62:f8:c7:5a:1c:f2:34:3b:a0:ce:13:f5:ff:0f:
7d:ae:8b:cd:6a:46:f1:90:db:16:71:8c:2e:7b:7c:
1f:4d:71:6e:33:c9:d0:76:be:5a:cf:7b:80:20:ad:
79:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:08:BD:94:21:CA:15:25:26:51:C6:98:DB:02:3D:55:4C:73:75:97
X509v3 Authority Key Identifier:
keyid:3A:31:49:DA:0A:12:BD:BF:1B:EF:59:8B:04:63:09:07:80:20:6C:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OjFJ2goSvb8b71mLBGMJB4AgbOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/d88aae-68c3-4909-9f8a-07e83cd5b60d/1/lAi9lCHKFSUmUcaY2wI9VUxzdZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/d88aae-68c3-4909-9f8a-07e83cd5b60d/1/OjFJ2goSvb8b71mLBGMJB4AgbOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.160.0/22
195.192.208.0/21
217.196.144.0/20
IPv6:
2a02:16a8::/32
Signature Algorithm: sha256WithRSAEncryption
b9:86:89:46:5b:8d:2c:36:b4:15:15:3f:40:9e:67:55:50:27:
aa:5c:22:c4:e4:e6:88:54:be:6c:04:3e:be:31:5d:96:ff:76:
8c:77:25:fc:43:53:cf:30:8e:f6:25:47:2b:95:e6:09:7c:47:
5c:1d:9f:0d:8f:13:e7:a1:a4:9b:66:cf:a6:ba:5f:82:fa:ee:
3b:86:82:72:56:2a:19:5e:3d:1c:7a:7b:27:cc:d3:1e:c2:a3:
72:68:86:61:7b:c3:5e:e2:4f:87:55:da:17:26:68:a3:da:cc:
50:3f:63:72:b9:4c:9f:83:c2:51:3d:3e:25:f0:27:23:48:70:
e3:f1:73:dc:c5:16:f6:18:5b:3f:40:4f:f1:fe:e4:cc:e7:d6:
cc:97:2a:fe:ff:01:88:96:64:96:62:e3:55:d0:32:0d:c9:57:
2c:dc:c1:ae:bb:1b:0b:25:bd:29:dd:79:1e:9a:05:5f:a9:fd:
6f:bf:49:ac:a5:26:38:cd:81:28:b2:bf:ad:f3:e8:32:1e:dc:
9e:03:59:45:aa:96:40:ea:a2:4e:7a:07:d4:97:77:c0:7c:e4:
b4:ff:cb:55:bf:a2:22:f2:5f:72:c5:a9:cf:bf:9b:7d:ed:db:
50:3c:eb:ec:25:1f:d5:e1:9a:5e:b5:6b:bb:4f:a0:81:cd:f5:
2e:c2:16:e9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY7m2/qJ4rRQSMOQzi5yJ/a/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMzE0OWRhMGExMmJkYmYxYmVmNTk4YjA0NjMwOTA3ODAy
MDZjZTAwHhcNMjQwNDE2MTIyMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDA4YmQ5NDIxY2ExNTI1MjY1MWM2OThkYjAyM2Q1NTRjNzM3NTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnju8tay7iOZoB5JbJVLZJC9fUEM
tVkgURScS3oCxTBEJwoFs+J8eIdQykt1O1DrwMV83mHHXkiyvwbiSLtof4iFFGz1
qnuQvS7+adYb/B/G6oObv1CP6lgjtquDAZL6nFLLO3IMdHuiqNtVt+v7uhGwf2yi
KwB1gN1Xz5k+vOxBye/YJNtNfXVzFYO6jlmMVexUajQ5LxVFNC0wM8OV6MfNo/D2
6ncOGRw2PEd2IsnjzitYYNShglKEd/LJpCGE3X3mvxWKtAoeRATQNmtLHs30YvjH
WhzyNDugzhP1/w99rovNakbxkNsWcYwue3wfTXFuM8nQdr5az3uAIK15owIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJQIvZQhyhUlJlHGmNsCPVVMc3WXMB8GA1UdIwQY
MBaAFDoxSdoKEr2/G+9ZiwRjCQeAIGzgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2pGSjJnb1N2YjhiNzFtTEJHTUpCNEFnYk9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9kODhhYWUtNjhjMy00OTA5LTlmOGEt
MDdlODNjZDViNjBkLzEvbEFpOWxDSEtGU1VtVWNhWTJ3STlWVXh6ZFpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9kODhhYWUtNjhjMy00OTA5LTlmOGEtMDdlODNjZDViNjBk
LzEvT2pGSjJnb1N2YjhiNzFtTEJHTUpCNEFnYk9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuUWgAwQD
w8DQAwQE2cSQMA0EAgACMAcDBQAqAhaoMA0GCSqGSIb3DQEBCwUAA4IBAQC5holG
W40sNrQVFT9AnmdVUCeqXCLE5OaIVL5sBD6+MV2W/3aMdyX8Q1PPMI72JUcrleYJ
fEdcHZ8NjxPnoaSbZs+mul+C+u47hoJyVioZXj0censnzNMewqNyaIZhe8Ne4k+H
VdoXJmij2sxQP2NyuUyfg8JRPT4l8CcjSHDj8XPcxRb2GFs/QE/x/uTM59bMlyr+
/wGIlmSWYuNV0DINyVcs3MGuuxsLJb0p3XkemgVfqf1vv0mspSY4zYEosr+t8+gy
HtyeA1lFqpZA6qJOegfUl3fAfOS0/8tVv6Ii8l9yxanPv5t97dtQPOvsJR/V4Zpe
tWu7T6CBzfUuwhbp
-----END CERTIFICATE-----
Generated at Thu Jun 27 13:47:37 2024 by rpki-client on console-fra.rpki-client.org