Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/u8sXeOybHDAUp8flKr6uA110F0U.roa
File: u8sXeOybHDAUp8flKr6uA110F0U.roa (raw, json)
Hash identifier: 5L0gOabMYglDQ66Vqmp6psiOaiL2wqhRdKImUfvn2Lo=
Subject key identifier: BB:CB:17:78:EC:9B:1C:30:14:A7:C7:E5:2A:BE:AE:03:5D:74:17:45
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 018E335002E92FF1C7A63B36788422B753FE
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/u8sXeOybHDAUp8flKr6uA110F0U.roa
Signing time: Tue 12 Mar 2024 15:37:45 +0000
ROA not before: Tue 12 Mar 2024 15:37:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21267
IP address blocks: 80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
185.79.184.0/22 maxlen: 24
185.94.204.0/22 maxlen: 24
185.99.76.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.204.212.0/22 maxlen: 24
188.94.16.0/21 maxlen: 24
193.24.3.0/24 maxlen: 24
193.24.13.0/24 maxlen: 24
195.26.32.0/19 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 15:57:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:33:50:02:e9:2f:f1:c7:a6:3b:36:78:84:22:b7:53:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Mar 12 15:37:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbcb1778ec9b1c3014a7c7e52abeae035d741745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:01:17:3f:46:cb:f5:16:41:4a:9c:48:4c:82:
37:1c:8e:96:64:0a:34:af:1e:30:20:67:0f:ed:90:
e0:14:30:d8:7d:1d:64:0f:20:00:8b:28:a4:19:fe:
d4:bb:c8:76:84:18:1c:0c:bc:29:d3:9c:b5:2d:1c:
da:62:84:6a:50:b0:25:20:59:6d:bd:fc:86:fe:b0:
3c:8b:5b:1e:7f:02:a2:22:ae:a2:ae:97:de:ff:c5:
0d:1f:d4:8a:92:0c:91:53:a8:38:21:8c:f6:6f:fc:
d8:be:a3:b6:d1:98:c7:e1:fc:fe:9b:c1:4a:c0:60:
ae:e6:66:39:7c:04:55:68:e6:39:79:f4:56:2b:03:
30:2b:af:ff:dc:63:7e:d3:26:3b:0e:43:d6:2b:66:
13:5d:0f:90:99:a2:af:dc:b0:8d:1d:60:b3:c7:8b:
64:fd:86:3d:85:06:ec:93:57:bc:92:5f:3a:85:c9:
11:33:72:33:14:cb:71:26:7b:27:7b:f1:cd:62:bd:
a1:1a:1f:70:70:d7:f6:34:05:8a:17:d2:71:88:bf:
01:ad:2a:8e:db:3b:b7:5d:9f:ef:ec:83:32:51:08:
ad:28:93:11:b8:94:e3:80:5b:40:b4:f3:a5:07:5c:
9e:ce:2f:6b:48:66:0b:f9:4e:d6:3a:a7:5f:c9:bf:
dd:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:CB:17:78:EC:9B:1C:30:14:A7:C7:E5:2A:BE:AE:03:5D:74:17:45
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/u8sXeOybHDAUp8flKr6uA110F0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.74.240.0/20
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
185.79.184.0/22
185.94.204.0/22
185.99.76.0/22
185.178.216.0/22
185.204.212.0/22
188.94.16.0/21
193.24.3.0/24
193.24.13.0/24
195.26.32.0/19
Signature Algorithm: sha256WithRSAEncryption
4c:f4:19:d4:a1:57:2e:ac:e3:83:6b:61:6a:f3:e7:d2:1f:8a:
27:2b:5e:52:5b:dc:ea:fa:b8:ec:c0:2d:e9:87:d8:0c:0e:8a:
9d:52:fb:48:57:1d:42:0e:c9:89:94:af:11:7a:26:d1:cc:27:
12:1f:ec:47:92:17:12:2e:25:c0:f4:aa:f3:8e:fa:d5:d9:60:
d0:d5:70:89:12:bb:4d:92:a7:27:f3:4e:79:2c:e7:43:d3:48:
e5:28:01:3d:7e:4f:3f:60:e7:24:d1:c6:4d:d2:85:44:69:ef:
00:2d:c2:4b:bc:ce:41:8b:06:5f:cd:8e:ca:66:35:f0:1a:c2:
14:3e:b6:42:41:e3:da:af:c2:b9:04:11:9d:c4:25:0c:88:18:
a8:86:b9:3f:9e:49:df:5d:0a:b1:6f:52:bd:1c:3e:cc:34:20:
f1:ce:6e:1e:12:b3:5a:2a:26:90:d8:d8:d6:a0:af:d3:3f:9e:
cc:62:a1:a4:33:8d:fb:ee:24:ee:f8:98:9e:13:3b:c3:65:e9:
53:c5:c2:b2:d0:54:f3:ed:c1:46:91:21:9c:27:e3:c8:12:9f:
53:fd:0d:51:84:15:ba:c8:8c:ce:d7:f5:92:c1:b0:a7:0c:1b:
b3:68:6c:c7:25:dd:83:64:5c:9c:27:1c:46:e3:15:3d:fb:66:
57:c4:b6:59
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAY4zUALpL/HHpjs2eIQit1P+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwMzEyMTUzNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmNiMTc3OGVjOWIxYzMwMTRhN2M3ZTUyYWJlYWUwMzVkNzQxNzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQEXP0bL9RZBSpxITII3HI6WZAo0
rx4wIGcP7ZDgFDDYfR1kDyAAiyikGf7Uu8h2hBgcDLwp05y1LRzaYoRqULAlIFlt
vfyG/rA8i1sefwKiIq6irpfe/8UNH9SKkgyRU6g4IYz2b/zYvqO20ZjH4fz+m8FK
wGCu5mY5fARVaOY5efRWKwMwK6//3GN+0yY7DkPWK2YTXQ+QmaKv3LCNHWCzx4tk
/YY9hQbsk1e8kl86hckRM3IzFMtxJnsne/HNYr2hGh9wcNf2NAWKF9JxiL8BrSqO
2zu3XZ/v7IMyUQitKJMRuJTjgFtAtPOlB1yezi9rSGYL+U7WOqdfyb/dnwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFLvLF3jsmxwwFKfH5Sq+rgNddBdFMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvdThzWGVPeWJIREFVcDhmbEtyNnVBMTEwRjBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQEUErwAwQF
VV9gAwQDXCp4AwQDX4FAAwQCuU+4AwQCuV7MAwQCuWNMAwQCubLYAwQCuczUAwQD
vF4QAwQAwRgDAwQAwRgNAwQFwxogMA0GCSqGSIb3DQEBCwUAA4IBAQBM9BnUoVcu
rOODa2Fq8+fSH4onK15SW9zq+rjswC3ph9gMDoqdUvtIVx1CDsmJlK8ReibRzCcS
H+xHkhcSLiXA9KrzjvrV2WDQ1XCJErtNkqcn8055LOdD00jlKAE9fk8/YOck0cZN
0oVEae8ALcJLvM5BiwZfzY7KZjXwGsIUPrZCQePar8K5BBGdxCUMiBiohrk/nknf
XQqxb1K9HD7MNCDxzm4eErNaKiaQ2NjWoK/TP57MYqGkM4377iTu+JieEzvDZelT
xcKy0FTz7cFGkSGcJ+PIEp9T/Q1RhBW6yIzO1/WSwbCnDBuzaGzHJd2DZFycJxxG
4xU9+2ZXxLZZ
-----END CERTIFICATE-----
Generated at Tue Mar 12 23:02:58 2024 by rpki-client on console.sobornost.net