Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/_Hb0gEYvMrl_kttU1y8Ucotx_AY.roa
File: _Hb0gEYvMrl_kttU1y8Ucotx_AY.roa (raw, json)
Hash identifier: 43cAoD8Fvq41M5XYh3W4dhDKxGL9iEdu/KhXesuErok=
Subject key identifier: FC:76:F4:80:46:2F:32:B9:7F:92:DB:54:D7:2F:14:72:8B:71:FC:06
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018CD67B8431C5EBCBD8F9877FC7CC0F194B
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/_Hb0gEYvMrl_kttU1y8Ucotx_AY.roa
Signing time: Thu 04 Jan 2024 21:57:48 +0000
ROA not before: Thu 04 Jan 2024 21:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 93.115.155.0/24 maxlen: 24
84.247.20.0/24 maxlen: 24
89.37.106.0/24 maxlen: 24
89.42.40.0/24 maxlen: 24
89.34.171.0/24 maxlen: 24
89.36.231.0/24 maxlen: 24
89.42.213.0/24 maxlen: 24
46.102.174.0/24 maxlen: 24
217.19.1.0/24 maxlen: 24
93.114.69.0/24 maxlen: 24
89.40.43.0/24 maxlen: 24
188.211.249.0/24 maxlen: 24
94.177.113.0/24 maxlen: 24
94.177.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Feb 2024 21:09:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d6:7b:84:31:c5:eb:cb:d8:f9:87:7f:c7:cc:0f:19:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 4 21:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc76f480462f32b97f92db54d72f14728b71fc06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:17:12:ba:47:2e:cf:48:00:69:4f:6f:ea:a2:
8d:21:7c:e6:b9:4c:76:04:09:13:fb:4e:54:3b:d7:
3d:3f:39:0c:83:8f:f9:1d:7e:6b:36:63:fe:60:f5:
26:da:9c:18:1d:7b:b7:87:2b:1d:47:f4:42:17:20:
5b:90:24:4b:8d:3a:b3:18:99:63:98:8a:1b:f8:aa:
37:b1:6f:36:eb:16:3f:3d:e2:ab:5f:ea:49:cf:4f:
74:de:a7:5d:85:50:51:8c:e9:1a:dc:93:83:3c:0d:
ac:ed:28:ee:97:8b:0d:9f:0d:96:a1:ba:49:50:ed:
20:50:c7:b2:d5:38:13:28:06:ab:df:80:7d:6b:40:
e2:61:68:ae:f6:fe:a6:91:2e:f5:be:f9:be:07:a7:
c3:08:c8:11:51:41:93:bf:da:e1:52:47:b3:7f:b3:
89:b8:12:fa:03:6b:92:70:5a:4b:74:72:a1:70:9b:
d4:78:29:4b:29:27:4b:dd:05:f4:18:85:f1:d7:0f:
59:d0:3f:0d:73:79:22:b7:01:ed:fa:cb:0e:ea:e4:
58:69:ec:e7:1e:74:c6:25:d2:a0:69:ca:07:7a:19:
5a:b1:92:75:92:ee:e7:57:91:6d:c5:b5:45:0c:fc:
aa:56:4b:c2:db:90:19:02:98:5d:99:0b:b3:fe:7c:
87:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:76:F4:80:46:2F:32:B9:7F:92:DB:54:D7:2F:14:72:8B:71:FC:06
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/_Hb0gEYvMrl_kttU1y8Ucotx_AY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.174.0/24
84.247.20.0/24
89.34.171.0/24
89.36.231.0/24
89.37.106.0/24
89.40.43.0/24
89.42.40.0/24
89.42.213.0/24
93.114.69.0/24
93.115.155.0/24
94.177.113.0/24
94.177.118.0/24
188.211.249.0/24
217.19.1.0/24
Signature Algorithm: sha256WithRSAEncryption
42:6c:d0:75:a4:b9:84:37:ec:3d:4b:d0:3f:f2:58:ce:b0:3e:
a7:59:bf:be:c4:5b:32:60:0f:6d:08:34:35:de:81:bc:45:1d:
33:2e:9d:7b:3d:b5:7b:b4:83:37:5f:6f:bb:03:b2:ed:54:b0:
0c:36:7c:5b:b2:2c:47:16:5a:08:19:75:ec:d7:24:a3:1f:09:
ef:b8:13:4b:9a:9b:99:3b:f4:8a:53:a5:14:ab:29:e5:a1:62:
31:e8:a6:62:6a:96:f5:f0:fd:00:6e:c8:5c:83:9b:13:b8:ff:
96:e3:ec:58:88:37:0c:19:ef:2f:96:fc:47:aa:92:ee:06:19:
bf:65:af:4b:3b:81:1c:9b:e3:05:59:4a:c7:31:66:44:59:49:
52:b2:4f:a6:79:0b:03:80:8c:c5:5e:08:ef:06:10:df:2e:e1:
97:e6:c7:01:40:00:fc:97:f1:44:7a:c1:85:33:8a:53:48:62:
6b:53:5e:0f:a9:61:d2:2a:f4:c6:a4:01:10:95:64:f1:59:58:
24:15:16:64:ec:97:15:23:0e:62:1b:1f:a9:76:85:cf:ec:4f:
cd:5e:41:45:f3:dd:b2:d4:69:24:58:47:57:ce:b0:16:87:d9:
c6:df:44:bc:b5:7e:18:3c:36:4c:78:b6:b9:47:79:59:59:3f:
48:6d:ab:11
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYzWe4QxxevL2PmHf8fMDxlLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMTA0MjE1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzc2ZjQ4MDQ2MmYzMmI5N2Y5MmRiNTRkNzJmMTQ3MjhiNzFmYzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBcSukcuz0gAaU9v6qKNIXzmuUx2
BAkT+05UO9c9PzkMg4/5HX5rNmP+YPUm2pwYHXu3hysdR/RCFyBbkCRLjTqzGJlj
mIob+Ko3sW826xY/PeKrX+pJz0903qddhVBRjOka3JODPA2s7Sjul4sNnw2WobpJ
UO0gUMey1TgTKAar34B9a0DiYWiu9v6mkS71vvm+B6fDCMgRUUGTv9rhUkezf7OJ
uBL6A2uScFpLdHKhcJvUeClLKSdL3QX0GIXx1w9Z0D8Nc3kitwHt+ssO6uRYaezn
HnTGJdKgacoHehlasZJ1ku7nV5FtxbVFDPyqVkvC25AZAphdmQuz/nyH8QIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFPx29IBGLzK5f5LbVNcvFHKLcfwGMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvX0hiMGdFWXZNcmxfa3R0VTF5OFVjb3R4X0FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQALmauAwQA
VPcUAwQAWSKrAwQAWSTnAwQAWSVqAwQAWSgrAwQAWSooAwQAWSrVAwQAXXJFAwQA
XXObAwQAXrFxAwQAXrF2AwQAvNP5AwQA2RMBMA0GCSqGSIb3DQEBCwUAA4IBAQBC
bNB1pLmEN+w9S9A/8ljOsD6nWb++xFsyYA9tCDQ13oG8RR0zLp17PbV7tIM3X2+7
A7LtVLAMNnxbsixHFloIGXXs1ySjHwnvuBNLmpuZO/SKU6UUqynloWIx6KZiapb1
8P0Abshcg5sTuP+W4+xYiDcMGe8vlvxHqpLuBhm/Za9LO4Ecm+MFWUrHMWZEWUlS
sk+meQsDgIzFXgjvBhDfLuGX5scBQAD8l/FEesGFM4pTSGJrU14PqWHSKvTGpAEQ
lWTxWVgkFRZk7JcVIw5iGx+pdoXP7E/NXkFF892y1GkkWEdXzrAWh9nG30S8tX4Y
PDZMeLa5R3lZWT9IbasR
-----END CERTIFICATE-----
Generated at Tue Feb 6 01:26:45 2024 by rpki-client on console-ams.rpki-client.org