Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/CNmpboZLYIPtYhaqF_AgBTeUNsQ.roa
File: CNmpboZLYIPtYhaqF_AgBTeUNsQ.roa (raw, json)
Hash identifier: OH3MFOYBY8sWtBkrhLGkb3wdcc0hVEiGyNxcxuuJjpE=
Subject key identifier: 08:D9:A9:6E:86:4B:60:83:ED:62:16:AA:17:F0:20:05:37:94:36:C4
Certificate issuer: /CN=7a8746a76cda8369009d28941ef156239c6a63a1
Certificate serial: 018CC424DC158E83EF8787841350AF5BED27
Authority key identifier: 7A:87:46:A7:6C:DA:83:69:00:9D:28:94:1E:F1:56:23:9C:6A:63:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eodGp2zag2kAnSiUHvFWI5xqY6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/CNmpboZLYIPtYhaqF_AgBTeUNsQ.roa
Signing time: Mon 01 Jan 2024 08:29:59 +0000
ROA not before: Mon 01 Jan 2024 08:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1273
IP address blocks: 195.92.0.0/16 maxlen: 16
195.80.64.0/19 maxlen: 19
194.112.64.0/18 maxlen: 18
194.6.64.0/19 maxlen: 19
194.205.0.0/16 maxlen: 16
62.208.0.0/16 maxlen: 16
213.216.128.0/18 maxlen: 18
194.6.0.0/18 maxlen: 18
213.38.0.0/16 maxlen: 16
217.134.0.0/15 maxlen: 15
217.161.0.0/16 maxlen: 16
141.1.0.0/16 maxlen: 16
195.89.13.0/24 maxlen: 24
195.10.0.0/18 maxlen: 18
212.165.0.0/19 maxlen: 19
193.164.160.0/19 maxlen: 19
194.176.128.0/19 maxlen: 19
195.144.128.0/19 maxlen: 19
212.62.0.0/19 maxlen: 19
212.158.0.0/17 maxlen: 17
195.89.0.0/16 maxlen: 16
185.204.4.0/22 maxlen: 22
213.12.0.0/16 maxlen: 16
195.44.0.0/16 maxlen: 16
217.135.0.0/16 maxlen: 16
195.2.0.0/19 maxlen: 19
62.221.0.0/19 maxlen: 19
194.221.0.0/16 maxlen: 16
62.25.64.0/18 maxlen: 18
195.59.0.0/16 maxlen: 16
195.27.0.0/16 maxlen: 16
194.152.64.0/19 maxlen: 19
194.177.160.0/19 maxlen: 19
213.185.192.0/19 maxlen: 19
212.137.0.0/16 maxlen: 16
2001:5000::/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 16 May 2024 09:32:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:dc:15:8e:83:ef:87:87:84:13:50:af:5b:ed:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a8746a76cda8369009d28941ef156239c6a63a1
Validity
Not Before: Jan 1 08:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08d9a96e864b6083ed6216aa17f02005379436c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:3a:36:4d:ee:14:b2:0a:a6:3d:93:74:53:24:
3b:65:cb:e0:31:af:e2:50:01:0e:d9:29:b5:4b:19:
0b:e0:7d:86:21:a6:ab:1f:ca:1d:d2:84:cb:8e:79:
a3:12:e7:f7:2a:55:20:1a:17:d7:e0:00:12:8b:52:
7c:2c:c3:77:30:2c:79:6b:a0:6a:1b:2f:9a:db:bc:
cc:c8:bf:46:32:34:5f:43:51:de:10:5c:df:01:b1:
30:b5:95:96:bd:e0:da:90:61:84:bb:06:c7:00:31:
58:c0:7a:11:26:56:ec:36:cb:e2:c0:39:e0:18:ec:
8c:fa:0f:a9:16:3a:fa:27:9e:c0:57:15:a9:be:05:
cf:e3:86:09:0c:87:e5:0c:39:5a:e0:28:51:0e:d1:
d0:13:09:65:f3:f3:53:14:05:24:ce:b4:fc:8f:38:
8f:7e:36:38:85:d1:ec:8c:35:db:29:0e:04:1f:99:
98:00:42:54:b5:5b:06:5c:eb:99:90:cf:e4:44:f9:
37:98:3c:30:98:b7:ec:2c:32:bb:4a:38:9e:d6:8c:
98:e0:ab:cb:b4:06:f9:de:2e:4a:f8:50:50:2d:d8:
ab:b8:02:bc:b9:08:62:30:60:c9:7d:e1:ea:b2:3c:
9b:3b:84:a8:39:76:2d:ca:20:28:0e:92:26:55:a6:
1f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D9:A9:6E:86:4B:60:83:ED:62:16:AA:17:F0:20:05:37:94:36:C4
X509v3 Authority Key Identifier:
keyid:7A:87:46:A7:6C:DA:83:69:00:9D:28:94:1E:F1:56:23:9C:6A:63:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eodGp2zag2kAnSiUHvFWI5xqY6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/CNmpboZLYIPtYhaqF_AgBTeUNsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/eodGp2zag2kAnSiUHvFWI5xqY6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.25.64.0/18
62.208.0.0/16
62.221.0.0/19
141.1.0.0/16
185.204.4.0/22
193.164.160.0/19
194.6.0.0-194.6.95.255
194.112.64.0/18
194.152.64.0/19
194.176.128.0/19
194.177.160.0/19
194.205.0.0/16
194.221.0.0/16
195.2.0.0/19
195.10.0.0/18
195.27.0.0/16
195.44.0.0/16
195.59.0.0/16
195.80.64.0/19
195.89.0.0/16
195.92.0.0/16
195.144.128.0/19
212.62.0.0/19
212.137.0.0/16
212.158.0.0/17
212.165.0.0/19
213.12.0.0/16
213.38.0.0/16
213.185.192.0/19
213.216.128.0/18
217.134.0.0/15
217.161.0.0/16
IPv6:
2001:5000::/21
Signature Algorithm: sha256WithRSAEncryption
ad:8f:05:5f:83:3c:6e:9e:fb:f0:33:cd:8a:94:4e:e4:8d:ac:
25:5b:77:b4:c0:f6:17:e0:d2:95:8c:e4:f6:5c:52:d0:48:cd:
cb:7f:e5:3f:15:82:16:6a:3c:b2:2d:f1:a8:e7:12:61:b1:3d:
1c:7d:46:2c:16:6b:9d:26:d6:ee:23:cd:bb:23:92:b4:48:7f:
e9:51:ec:a6:a3:13:26:dc:39:45:48:62:af:f2:73:df:00:3c:
7d:48:68:be:f5:c5:f6:70:4c:ac:97:06:4b:78:f3:0d:10:12:
b0:cb:fd:d1:d5:4d:2d:0c:e3:8b:6b:af:ca:30:af:90:12:95:
79:1d:81:8c:b1:0e:3a:95:33:d7:9c:50:7e:5c:90:a7:fc:6f:
d5:2b:1a:84:20:09:57:90:00:d4:9d:eb:f1:fb:5b:0e:d4:d6:
58:fb:36:69:4d:80:16:b4:01:b4:cb:22:11:10:c2:79:f8:fc:
93:47:9b:4b:10:38:0a:8e:ea:8c:07:4d:23:8f:57:f4:ad:cb:
bd:47:91:5e:60:0d:e4:c3:ea:b2:5b:c1:d5:26:5c:fc:29:cd:
eb:ef:2a:a5:52:18:5b:cb:97:20:18:43:94:77:3e:43:37:a5:
52:0f:3b:27:b8:b1:7e:dc:42:b6:bd:4b:03:dd:47:81:93:12:
61:06:cd:44
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgISAYzEJNwVjoPvh4eEE1CvW+0nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhODc0NmE3NmNkYTgzNjkwMDlkMjg5NDFlZjE1NjIzOWM2
YTYzYTEwHhcNMjQwMTAxMDgyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGQ5YTk2ZTg2NGI2MDgzZWQ2MjE2YWExN2YwMjAwNTM3OTQzNmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizo2Te4UsgqmPZN0UyQ7ZcvgMa/i
UAEO2Sm1SxkL4H2GIaarH8od0oTLjnmjEuf3KlUgGhfX4AASi1J8LMN3MCx5a6Bq
Gy+a27zMyL9GMjRfQ1HeEFzfAbEwtZWWveDakGGEuwbHADFYwHoRJlbsNsviwDng
GOyM+g+pFjr6J57AVxWpvgXP44YJDIflDDla4ChRDtHQEwll8/NTFAUkzrT8jziP
fjY4hdHsjDXbKQ4EH5mYAEJUtVsGXOuZkM/kRPk3mDwwmLfsLDK7Sjie1oyY4KvL
tAb53i5K+FBQLdiruAK8uQhiMGDJfeHqsjybO4SoOXYtyiAoDpImVaYfZQIDAQAB
o4ICzzCCAsswHQYDVR0OBBYEFAjZqW6GS2CD7WIWqhfwIAU3lDbEMB8GA1UdIwQY
MBaAFHqHRqds2oNpAJ0olB7xViOcamOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW9kR3AyemFnMmtBblNpVUh2RldJNXhxWTZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi85MTNlMTItZjVlZC00NmY0LTk4MmMt
NTJkZWRkZGVlMzkzLzEvQ05tcGJvWkxZSVB0WWhhcUZfQWdCVGVVTnNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi85MTNlMTItZjVlZC00NmY0LTk4MmMtNTJkZWRkZGVlMzkz
LzEvZW9kR3AyemFnMmtBblNpVUh2RldJNXhxWTZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHkBggrBgEFBQcBBwEB/wSB1DCB0TCBwAQCAAEwgbkDBAY+
GUADAwA+0AMEBT7dAAMDAI0BAwQCucwEAwQFwaSgMAsDAwHCBgMEBcIGQAMEBsJw
QAMEBcKYQAMEBcKwgAMEBcKxoAMDAMLNAwMAwt0DBAXDAgADBAbDCgADAwDDGwMD
AMMsAwMAwzsDBAXDUEADAwDDWQMDAMNcAwQFw5CAAwQF1D4AAwMA1IkDBAfUngAD
BAXUpQADAwDVDAMDANUmAwQF1bnAAwQG1diAAwMB2YYDAwDZoTAMBAIAAjAGAwQD
IAFQMA0GCSqGSIb3DQEBCwUAA4IBAQCtjwVfgzxunvvwM82KlE7kjawlW3e0wPYX
4NKVjOT2XFLQSM3Lf+U/FYIWajyyLfGo5xJhsT0cfUYsFmudJtbuI827I5K0SH/p
UeymoxMm3DlFSGKv8nPfADx9SGi+9cX2cEyslwZLePMNEBKwy/3R1U0tDOOLa6/K
MK+QEpV5HYGMsQ46lTPXnFB+XJCn/G/VKxqEIAlXkADUnevx+1sO1NZY+zZpTYAW
tAG0yyIREMJ5+PyTR5tLEDgKjuqMB00jj1f0rcu9R5FeYA3kw+qyW8HVJlz8Kc3r
7yqlUhhby5cgGEOUdz5DN6VSDzsnuLF+3EK2vUsD3UeBkxJhBs1E
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:22 2024 by rpki-client on console-ams.rpki-client.org