Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/a78F0E6aYmEGB3F_Q3iSpLInhPg.roa
File: a78F0E6aYmEGB3F_Q3iSpLInhPg.roa (raw, json)
Hash identifier: g6vmN4jctAkJNFsLqhlmVCUW+ZS7PgPZMVgh+maI6AQ=
Subject key identifier: 6B:BF:05:D0:4E:9A:62:61:06:07:71:7F:43:78:92:A4:B2:27:84:F8
Certificate issuer: /CN=a4eb9eb5547c7f5f1aafc0ada140805419618726
Certificate serial: 0185CA2F6C64882E1B1E7466C42C4779985F
Authority key identifier: A4:EB:9E:B5:54:7C:7F:5F:1A:AF:C0:AD:A1:40:80:54:19:61:87:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOuetVR8f18ar8CtoUCAVBlhhyY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/a78F0E6aYmEGB3F_Q3iSpLInhPg.roa
Signing time: Thu 19 Jan 2023 13:19:43 +0000
ROA not before: Thu 19 Jan 2023 13:19:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35467
IP address blocks: 145.87.224.0/19 maxlen: 20
83.136.192.0/21 maxlen: 24
93.95.144.0/21 maxlen: 22
81.92.176.0/20 maxlen: 21
37.0.16.0/21 maxlen: 22
217.27.224.0/21 maxlen: 22
217.27.232.0/21 maxlen: 23
212.52.224.0/19 maxlen: 22
185.55.108.0/22 maxlen: 23
91.106.224.0/21 maxlen: 23
31.186.160.0/21 maxlen: 22
185.250.160.0/22 maxlen: 24
185.35.32.0/22 maxlen: 23
2a02:5b0::/32 maxlen: 32
2a02:5b0::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ca:2f:6c:64:88:2e:1b:1e:74:66:c4:2c:47:79:98:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4eb9eb5547c7f5f1aafc0ada140805419618726
Validity
Not Before: Jan 19 13:19:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6bbf05d04e9a62610607717f437892a4b22784f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e2:91:1a:2b:52:cd:db:ee:a3:65:3f:76:18:
e4:b9:6e:8e:00:46:c4:b6:63:27:a3:84:1c:ff:7d:
77:ad:72:82:a7:bc:d6:b0:7b:bd:b3:a1:b0:57:ca:
fe:4d:43:86:86:4f:19:65:53:14:20:02:a3:8d:cd:
ca:ee:9c:a9:62:b4:b2:92:2a:85:0f:ca:70:ea:36:
93:8b:22:31:13:b3:f6:b6:59:cf:81:4c:28:37:85:
fa:07:4b:92:58:8e:53:84:93:93:f2:62:5b:61:ff:
73:62:c4:fa:0a:37:51:29:4b:b6:4c:fa:22:bf:44:
01:8b:0d:a0:39:55:26:0c:92:c7:4c:71:d1:26:41:
3f:1e:11:37:4e:07:a5:a5:f9:59:12:85:3f:f1:38:
bd:6c:a6:5f:b1:42:ad:77:ca:5a:20:a6:08:e3:e6:
d7:bf:23:6f:ad:8d:09:9b:57:63:24:cc:15:fb:de:
3d:f0:11:17:bc:04:17:c4:7d:10:19:62:a8:3d:46:
03:23:b6:1d:d5:fe:d8:3f:7b:f3:bf:65:af:f9:a2:
b5:93:63:29:3e:19:cc:1a:9d:8a:4f:09:da:ba:0d:
f9:2e:74:0a:0e:60:72:a2:38:22:4b:49:f7:e0:83:
38:4b:60:ed:0b:85:ee:ea:7d:2a:86:6a:02:7c:cb:
62:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:BF:05:D0:4E:9A:62:61:06:07:71:7F:43:78:92:A4:B2:27:84:F8
X509v3 Authority Key Identifier:
keyid:A4:EB:9E:B5:54:7C:7F:5F:1A:AF:C0:AD:A1:40:80:54:19:61:87:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOuetVR8f18ar8CtoUCAVBlhhyY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/a78F0E6aYmEGB3F_Q3iSpLInhPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/pOuetVR8f18ar8CtoUCAVBlhhyY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.160.0/21
37.0.16.0/21
81.92.176.0/20
83.136.192.0/21
91.106.224.0/21
93.95.144.0/21
145.87.224.0/19
185.35.32.0/22
185.55.108.0/22
185.250.160.0/22
212.52.224.0/19
217.27.224.0/20
IPv6:
2a02:5b0::/32
Signature Algorithm: sha256WithRSAEncryption
d5:39:02:89:06:95:7a:dd:f8:5a:15:fe:83:f6:32:df:ef:66:
55:9e:17:91:be:c8:8e:9d:31:75:1a:d6:f4:41:66:c1:de:cc:
35:a1:b3:35:2b:12:7c:94:d8:4c:90:95:ef:b7:fa:da:f6:87:
09:db:e9:98:11:d1:d5:45:e0:40:e8:0f:e8:95:42:80:17:53:
21:70:31:de:5d:48:45:2b:07:5a:6b:e0:3a:b5:f3:75:2c:3a:
81:b3:d5:bb:48:ab:48:93:d9:76:42:6d:2d:67:59:67:6f:b9:
f2:b1:66:9a:04:54:75:66:2c:50:20:61:f5:f3:d7:2a:ac:53:
74:30:89:43:ca:a2:d3:0f:a7:40:29:7a:57:95:4e:61:37:79:
20:57:a7:22:70:b0:e0:6d:1c:85:a1:af:93:0c:29:92:a3:55:
2a:80:3c:e8:56:bf:ea:af:cd:c2:69:9a:c0:84:90:75:ab:fd:
d6:cc:06:d8:4c:62:52:1f:77:0b:6d:4f:06:ac:a2:75:32:41:
d5:31:82:7c:20:af:3c:07:69:78:e4:63:22:7f:c5:93:e9:e8:
54:51:40:69:ca:19:9d:55:3d:9c:05:aa:3c:fd:a0:c6:59:da:
55:c8:6b:2c:cd:cc:a9:3b:de:d7:a6:6d:84:ed:dc:66:c2:b0:
87:5d:ab:11
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYXKL2xkiC4bHnRmxCxHeZhfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZWI5ZWI1NTQ3YzdmNWYxYWFmYzBhZGExNDA4MDU0MTk2
MTg3MjYwHhcNMjMwMTE5MTMxOTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmJmMDVkMDRlOWE2MjYxMDYwNzcxN2Y0Mzc4OTJhNGIyMjc4NGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+KRGitSzdvuo2U/dhjkuW6OAEbE
tmMno4Qc/313rXKCp7zWsHu9s6GwV8r+TUOGhk8ZZVMUIAKjjc3K7pypYrSykiqF
D8pw6jaTiyIxE7P2tlnPgUwoN4X6B0uSWI5ThJOT8mJbYf9zYsT6CjdRKUu2TPoi
v0QBiw2gOVUmDJLHTHHRJkE/HhE3TgelpflZEoU/8Ti9bKZfsUKtd8paIKYI4+bX
vyNvrY0Jm1djJMwV+9498BEXvAQXxH0QGWKoPUYDI7Yd1f7YP3vzv2Wv+aK1k2Mp
PhnMGp2KTwnaug35LnQKDmByojgiS0n34IM4S2DtC4Xu6n0qhmoCfMtiVwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFGu/BdBOmmJhBgdxf0N4kqSyJ4T4MB8GA1UdIwQY
MBaAFKTrnrVUfH9fGq/AraFAgFQZYYcmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE91ZXRWUjhmMThhcjhDdG9VQ0FWQmxoaHlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi80Y2Q3MmQtZDhhNS00NmNlLTg2NzQt
MGQyMjIzMmMzNGEwLzEvYTc4RjBFNmFZbUVHQjNGX1EzaVNwTEluaFBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi80Y2Q3MmQtZDhhNS00NmNlLTg2NzQtMGQyMjIzMmMzNGEw
LzEvcE91ZXRWUjhmMThhcjhDdG9VQ0FWQmxoaHlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDH7qgAwQD
JQAQAwQEUVywAwQDU4jAAwQDW2rgAwQDXV+QAwQFkVfgAwQCuSMgAwQCuTdsAwQC
ufqgAwQF1DTgAwQE2RvgMA0EAgACMAcDBQAqAgWwMA0GCSqGSIb3DQEBCwUAA4IB
AQDVOQKJBpV63fhaFf6D9jLf72ZVnheRvsiOnTF1Gtb0QWbB3sw1obM1KxJ8lNhM
kJXvt/ra9ocJ2+mYEdHVReBA6A/olUKAF1MhcDHeXUhFKwdaa+A6tfN1LDqBs9W7
SKtIk9l2Qm0tZ1lnb7nysWaaBFR1ZixQIGH189cqrFN0MIlDyqLTD6dAKXpXlU5h
N3kgV6cicLDgbRyFoa+TDCmSo1UqgDzoVr/qr83CaZrAhJB1q/3WzAbYTGJSH3cL
bU8GrKJ1MkHVMYJ8IK88B2l45GMif8WT6ehUUUBpyhmdVT2cBao8/aDGWdpVyGss
zcypO97Xpm2E7dxmwrCHXasR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:46 2024 by rpki-client on console-ams.rpki-client.org