Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/TIu-DUBKUaQ8GTyypbFRUjM_EFY.roa
File: TIu-DUBKUaQ8GTyypbFRUjM_EFY.roa (raw, json)
Hash identifier: +Lq2yVt4s1eVZOLgB20/nJDhzxKWeGNiNOogJdAP+Qc=
Subject key identifier: 4C:8B:BE:0D:40:4A:51:A4:3C:19:3C:B2:A5:B1:51:52:33:3F:10:56
Certificate issuer: /CN=945b73df7e6fe1100f1d13a07c18d59af228428c
Certificate serial: 01874782F7FD3EF8A6ACFF19AA22A675FB9D
Authority key identifier: 94:5B:73:DF:7E:6F:E1:10:0F:1D:13:A0:7C:18:D5:9A:F2:28:42:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lFtz335v4RAPHROgfBjVmvIoQow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/TIu-DUBKUaQ8GTyypbFRUjM_EFY.roa
Signing time: Mon 03 Apr 2023 14:26:18 +0000
ROA not before: Mon 03 Apr 2023 14:26:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61098
IP address blocks: 159.100.240.0/22 maxlen: 24
159.100.245.0/24 maxlen: 24
159.100.246.0/23 maxlen: 24
159.100.244.0/24 maxlen: 24
159.100.248.0/21 maxlen: 24
91.92.224.0/23 maxlen: 24
91.92.227.0/24 maxlen: 24
85.217.160.0/22 maxlen: 24
85.217.172.0/23 maxlen: 24
185.150.8.0/22 maxlen: 24
91.92.202.0/23 maxlen: 24
91.92.200.0/23 maxlen: 24
85.217.174.0/23 maxlen: 24
85.217.186.0/23 maxlen: 24
85.217.184.0/23 maxlen: 24
185.19.28.0/22 maxlen: 24
194.182.188.0/22 maxlen: 24
91.92.118.0/23 maxlen: 24
91.92.116.0/23 maxlen: 24
91.92.142.0/23 maxlen: 24
91.92.140.0/23 maxlen: 24
91.92.152.0/23 maxlen: 24
91.92.154.0/23 maxlen: 24
138.124.208.0/22 maxlen: 24
194.182.164.0/22 maxlen: 24
194.182.160.0/22 maxlen: 24
194.182.172.0/22 maxlen: 24
194.182.168.0/22 maxlen: 24
89.145.164.0/23 maxlen: 24
194.182.176.0/22 maxlen: 24
89.145.160.0/22 maxlen: 24
194.182.184.0/22 maxlen: 24
89.145.166.0/23 maxlen: 24
194.182.180.0/22 maxlen: 24
2a07:6cc0:11::/48 maxlen: 48
2a07:6cc0:70::/48 maxlen: 48
2a07:6cc0:30::/48 maxlen: 48
2a04:c42::/32 maxlen: 48
2a07:6cc0:12::/48 maxlen: 48
2a07:6cc0:41::/48 maxlen: 48
2a04:c42:f12::/48 maxlen: 48
2a04:c41::/32 maxlen: 48
2a07:6cc0:20::/48 maxlen: 48
2a07:6cc0:60::/48 maxlen: 48
2a04:c44::/32 maxlen: 48
2a04:c47::/32 maxlen: 48
2a07:6cc0:71::/48 maxlen: 48
2a07:6cc0:31::/48 maxlen: 48
2a04:c46::/32 maxlen: 48
2a04:c42:f11::/48 maxlen: 48
2a04:c45::/32 maxlen: 48
2a07:6cc0:50::/48 maxlen: 48
2a07:6cc0:10::/48 maxlen: 48
2a04:c47:f12::/48 maxlen: 48
2a07:6cc2::/32 maxlen: 48
2a04:c43::/32 maxlen: 48
2a07:6cc0:21::/48 maxlen: 48
2a07:6cc1::/32 maxlen: 48
2a07:6cc2:f12::/48 maxlen: 48
2a07:6cc0:40::/48 maxlen: 48
2a04:c47:f11::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:47:82:f7:fd:3e:f8:a6:ac:ff:19:aa:22:a6:75:fb:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=945b73df7e6fe1100f1d13a07c18d59af228428c
Validity
Not Before: Apr 3 14:26:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c8bbe0d404a51a43c193cb2a5b15152333f1056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8e:0c:af:68:6b:a4:f3:4a:23:fe:8c:35:da:
5d:78:94:e2:b9:ec:ec:85:6e:09:8a:5f:be:80:c7:
6f:e9:e9:b3:08:eb:55:d8:68:1a:3e:5a:e1:4a:13:
7d:31:d0:dd:70:f4:e9:40:2b:11:78:3c:ce:72:b2:
79:f8:9f:01:b6:d3:17:7f:a8:70:9e:85:f0:51:0e:
27:62:55:df:dc:3f:52:cd:7d:e3:a4:5f:29:28:0a:
6e:71:d8:d6:b6:98:87:14:bd:6b:fe:32:89:5f:a9:
fe:d5:6f:f7:20:91:a8:b9:2d:9e:6f:e4:4b:66:50:
4d:c2:88:ff:52:3a:ec:b8:a8:58:36:f0:21:f5:b4:
4e:56:fc:12:80:6d:6e:39:4d:6f:1e:90:c6:d9:44:
5f:68:23:b0:69:b5:8a:6a:f4:5f:15:24:ee:3b:84:
e5:ec:70:a2:ec:25:a7:79:04:2d:21:f1:f7:c9:4b:
08:8d:78:6b:4e:61:5d:b8:27:18:f6:c7:68:bc:f1:
16:45:11:9c:25:32:de:71:c9:2e:5c:03:a5:93:d6:
94:0c:f1:e0:a0:df:4a:c1:6d:34:e9:78:9f:c9:54:
47:73:d5:16:bb:5b:f3:e6:79:f6:4c:17:5a:ff:50:
12:00:c9:cb:78:ff:a7:bd:cd:27:59:f5:76:29:d0:
13:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:8B:BE:0D:40:4A:51:A4:3C:19:3C:B2:A5:B1:51:52:33:3F:10:56
X509v3 Authority Key Identifier:
keyid:94:5B:73:DF:7E:6F:E1:10:0F:1D:13:A0:7C:18:D5:9A:F2:28:42:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lFtz335v4RAPHROgfBjVmvIoQow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/TIu-DUBKUaQ8GTyypbFRUjM_EFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/lFtz335v4RAPHROgfBjVmvIoQow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.160.0/22
85.217.172.0/22
85.217.184.0/22
89.145.160.0/21
91.92.116.0/22
91.92.140.0/22
91.92.152.0/22
91.92.200.0/22
91.92.224.0/23
91.92.227.0/24
138.124.208.0/22
159.100.240.0/20
185.19.28.0/22
185.150.8.0/22
194.182.160.0/19
IPv6:
2a04:c41::-2a04:c47:ffff:ffff:ffff:ffff:ffff:ffff
2a07:6cc0:10::-2a07:6cc0:12:ffff:ffff:ffff:ffff:ffff
2a07:6cc0:20::/47
2a07:6cc0:30::/47
2a07:6cc0:40::/47
2a07:6cc0:50::/48
2a07:6cc0:60::/48
2a07:6cc0:70::/47
2a07:6cc1::-2a07:6cc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7c:9c:9d:60:42:da:f9:99:7c:dc:5e:d9:98:11:6c:88:0c:6d:
78:16:24:86:85:81:c7:9f:11:16:1b:3f:8a:8e:b6:4e:b1:c2:
00:d0:61:59:af:4f:89:51:b4:39:35:0e:64:9a:f8:90:1b:7f:
b8:1e:8e:59:c5:f4:ca:3f:6f:c9:32:1e:e8:04:5f:28:52:e4:
cb:4a:30:52:54:2f:8f:c0:e1:ef:6b:14:59:5c:1d:eb:58:04:
fb:40:47:cb:31:e9:d9:1e:f8:8a:b5:79:5f:bd:9b:75:a3:2b:
d3:cb:6e:f3:22:cd:da:9e:4f:e2:c9:92:72:5d:4e:05:32:07:
fe:ca:64:3e:65:9f:ab:4f:49:7c:ac:ac:e0:4e:a4:96:04:55:
40:82:d8:eb:1e:bb:9c:fa:1c:cf:7f:16:c2:33:dd:36:98:2a:
a0:1a:04:d1:5a:35:9c:16:9e:c6:0c:fc:89:7a:1b:65:d5:1e:
04:b1:9a:fb:95:c5:23:d7:5d:8a:3f:75:60:f0:51:77:5f:f5:
cc:81:47:ee:ee:e0:90:3b:f9:68:2b:7a:fc:a6:80:1a:b5:18:
30:f9:40:d0:5e:bb:a9:3b:d3:bc:15:b8:8e:7e:f4:89:88:4d:
d5:3f:de:52:4d:65:b9:3d:74:ba:b3:a0:69:cc:2e:2a:31:26:
b7:ed:38:68
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAYdHgvf9PvimrP8ZqiKmdfudMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NWI3M2RmN2U2ZmUxMTAwZjFkMTNhMDdjMThkNTlhZjIy
ODQyOGMwHhcNMjMwNDAzMTQyNjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzhiYmUwZDQwNGE1MWE0M2MxOTNjYjJhNWIxNTE1MjMzM2YxMDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo44Mr2hrpPNKI/6MNdpdeJTiuezs
hW4Jil++gMdv6emzCOtV2GgaPlrhShN9MdDdcPTpQCsReDzOcrJ5+J8BttMXf6hw
noXwUQ4nYlXf3D9SzX3jpF8pKApucdjWtpiHFL1r/jKJX6n+1W/3IJGouS2eb+RL
ZlBNwoj/UjrsuKhYNvAh9bROVvwSgG1uOU1vHpDG2URfaCOwabWKavRfFSTuO4Tl
7HCi7CWneQQtIfH3yUsIjXhrTmFduCcY9sdovPEWRRGcJTLecckuXAOlk9aUDPHg
oN9KwW006XifyVRHc9UWu1vz5nn2TBda/1ASAMnLeP+nvc0nWfV2KdATGwIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFEyLvg1ASlGkPBk8sqWxUVIzPxBWMB8GA1UdIwQY
MBaAFJRbc99+b+EQDx0ToHwY1ZryKEKMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEZ0ejMzNXY0UkFQSFJPZ2ZCalZtdklvUW93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9lYzYxOGYtOWY2MS00MTg1LWJhMGQt
NmU0NTI0MjVhMTkzLzEvVEl1LURVQktVYVE4R1R5eXBiRlJVak1fRUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9lYzYxOGYtOWY2MS00MTg1LWJhMGQtNmU0NTI0MjVhMTkz
LzEvbEZ0ejMzNXY0UkFQSFJPZ2ZCalZtdklvUW93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DBgBAIAATBaAwQCVdmg
AwQCVdmsAwQCVdm4AwQDWZGgAwQCW1x0AwQCW1yMAwQCW1yYAwQCW1zIAwQBW1zg
AwQAW1zjAwQCinzQAwQEn2TwAwQCuRMcAwQCuZYIAwQFwragMHAEAgACMGowDgMF
ACoEDEEDBQMqBAxAMBIDBwQqB2zAABADBwAqB2zAABIDBwEqB2zAACADBwEqB2zA
ADADBwEqB2zAAEADBwAqB2zAAFADBwAqB2zAAGADBwEqB2zAAHAwDgMFACoHbMED
BQAqB2zCMA0GCSqGSIb3DQEBCwUAA4IBAQB8nJ1gQtr5mXzcXtmYEWyIDG14FiSG
hYHHnxEWGz+KjrZOscIA0GFZr0+JUbQ5NQ5kmviQG3+4Ho5ZxfTKP2/JMh7oBF8o
UuTLSjBSVC+PwOHvaxRZXB3rWAT7QEfLMenZHviKtXlfvZt1oyvTy27zIs3ank/i
yZJyXU4FMgf+ymQ+ZZ+rT0l8rKzgTqSWBFVAgtjrHruc+hzPfxbCM902mCqgGgTR
WjWcFp7GDPyJehtl1R4EsZr7lcUj112KP3Vg8FF3X/XMgUfu7uCQO/loK3r8poAa
tRgw+UDQXrupO9O8FbiOfvSJiE3VP95STWW5PXS6s6BpzC4qMSa37Tho
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:02 2024 by rpki-client on console-fra.rpki-client.org