Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/bDIQLBsXI_WYljvyt9qHO7TBrh4.roa
File: bDIQLBsXI_WYljvyt9qHO7TBrh4.roa (raw, json)
Hash identifier: jJRAh+OgVEiboP6jURaEro89BMQLsvALQ0MNkABCfSI=
Subject key identifier: 6C:32:10:2C:1B:17:23:F5:98:96:3B:F2:B7:DA:87:3B:B4:C1:AE:1E
Certificate issuer: /CN=df0198a7b3afdcdd7003562a0871878e238760ad
Certificate serial: 0187B351E4D76F7CAFB6966D577FA7404B68
Authority key identifier: DF:01:98:A7:B3:AF:DC:DD:70:03:56:2A:08:71:87:8E:23:87:60:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/bDIQLBsXI_WYljvyt9qHO7TBrh4.roa
Signing time: Mon 24 Apr 2023 12:51:41 +0000
ROA not before: Mon 24 Apr 2023 12:51:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21334
IP address blocks: 195.184.160.0/20 maxlen: 20
195.184.160.0/19 maxlen: 19
195.184.176.0/20 maxlen: 20
176.63.128.0/17 maxlen: 17
89.134.0.0/15 maxlen: 15
86.101.0.0/17 maxlen: 17
130.43.192.0/18 maxlen: 18
86.101.0.0/16 maxlen: 16
185.33.80.0/23 maxlen: 23
185.33.80.0/24 maxlen: 24
185.33.81.0/24 maxlen: 24
37.188.80.0/21 maxlen: 21
37.188.80.0/22 maxlen: 22
37.188.84.0/22 maxlen: 22
5.63.192.0/18 maxlen: 18
212.48.240.0/20 maxlen: 20
212.48.240.0/21 maxlen: 21
37.220.192.0/18 maxlen: 18
212.48.248.0/21 maxlen: 21
212.96.32.0/20 maxlen: 20
212.96.32.0/19 maxlen: 19
80.244.96.0/20 maxlen: 20
212.96.48.0/20 maxlen: 20
37.191.0.0/19 maxlen: 19
176.63.0.0/17 maxlen: 17
37.191.0.0/18 maxlen: 18
176.63.0.0/16 maxlen: 16
37.191.32.0/19 maxlen: 19
188.142.160.0/20 maxlen: 20
188.142.160.0/19 maxlen: 19
89.223.128.0/17 maxlen: 17
89.223.128.0/18 maxlen: 18
188.142.176.0/20 maxlen: 20
178.48.0.0/17 maxlen: 17
178.48.0.0/16 maxlen: 16
78.139.0.0/19 maxlen: 19
78.139.0.0/18 maxlen: 18
78.139.32.0/19 maxlen: 19
5.206.128.0/18 maxlen: 18
188.142.192.0/19 maxlen: 19
188.142.192.0/18 maxlen: 18
80.99.0.0/16 maxlen: 16
178.48.128.0/17 maxlen: 17
188.142.224.0/19 maxlen: 19
89.223.192.0/18 maxlen: 18
94.44.0.0/17 maxlen: 17
94.44.0.0/16 maxlen: 16
151.0.64.0/18 maxlen: 18
213.222.160.0/19 maxlen: 19
88.87.240.0/22 maxlen: 22
80.98.0.0/16 maxlen: 16
88.87.240.0/21 maxlen: 21
88.87.244.0/22 maxlen: 22
80.98.0.0/15 maxlen: 15
185.10.124.0/22 maxlen: 22
185.10.124.0/23 maxlen: 23
185.10.126.0/23 maxlen: 23
213.222.128.0/19 maxlen: 19
213.222.128.0/18 maxlen: 18
5.148.224.0/19 maxlen: 19
89.132.0.0/15 maxlen: 15
94.44.128.0/17 maxlen: 17
89.132.0.0/14 maxlen: 14
86.101.128.0/17 maxlen: 17
89.135.60.0/24 maxlen: 24
5.148.192.0/19 maxlen: 19
5.148.192.0/18 maxlen: 18
2a02:ab80::/29 maxlen: 29
2a02:ab80::/28 maxlen: 28
2a02:ab88::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 24 Apr 2023 13:53:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b3:51:e4:d7:6f:7c:af:b6:96:6d:57:7f:a7:40:4b:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df0198a7b3afdcdd7003562a0871878e238760ad
Validity
Not Before: Apr 24 12:51:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c32102c1b1723f598963bf2b7da873bb4c1ae1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e9:30:f3:c3:61:fd:9a:a1:f0:d8:0f:f0:65:
fc:49:fc:03:25:55:ab:be:97:73:9a:7c:0f:d8:71:
5a:4d:2e:63:bf:42:2e:ee:2b:e1:5b:57:c7:53:95:
7e:d4:24:65:0e:76:b8:47:cf:30:b1:eb:26:38:9a:
98:a8:9e:3f:46:b6:65:ec:27:c9:52:fb:d8:20:10:
32:c1:b8:0e:90:84:f5:2c:0e:f6:38:d6:20:b2:10:
83:10:61:79:6d:0b:b9:35:3a:51:dc:16:da:bb:8e:
3a:b9:80:13:76:56:61:fc:ac:d9:5e:df:8b:f2:cd:
8b:3c:88:aa:dd:10:7b:7a:cf:18:a8:ab:a9:1b:92:
3c:87:81:07:ad:5b:13:86:9b:0f:a6:65:a9:47:67:
2b:bd:b7:a4:b8:59:89:21:fb:e6:fc:65:7c:71:be:
c9:31:dc:04:e2:43:08:6a:97:99:52:7b:a1:df:c0:
e9:b1:52:36:d7:27:f5:c0:6c:c2:9e:8f:b7:dc:d5:
77:6b:5b:27:60:e5:0b:98:80:73:24:07:29:9a:35:
7b:eb:09:e6:e1:04:ac:22:8f:9f:c0:73:ec:dd:3f:
99:29:56:bd:01:49:23:99:42:97:a4:13:ec:b3:71:
2e:86:0a:aa:03:be:d8:ad:83:d2:9d:e7:9d:3f:e1:
87:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:32:10:2C:1B:17:23:F5:98:96:3B:F2:B7:DA:87:3B:B4:C1:AE:1E
X509v3 Authority Key Identifier:
keyid:DF:01:98:A7:B3:AF:DC:DD:70:03:56:2A:08:71:87:8E:23:87:60:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/bDIQLBsXI_WYljvyt9qHO7TBrh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.192.0/18
5.148.192.0/18
5.206.128.0/18
37.188.80.0/21
37.191.0.0/18
37.220.192.0/18
78.139.0.0/18
80.98.0.0/15
80.244.96.0/20
86.101.0.0/16
88.87.240.0/21
89.132.0.0/14
89.223.128.0/17
94.44.0.0/16
130.43.192.0/18
151.0.64.0/18
176.63.0.0/16
178.48.0.0/16
185.10.124.0/22
185.33.80.0/23
188.142.160.0-188.142.255.255
195.184.160.0/19
212.48.240.0/20
212.96.32.0/19
213.222.128.0/18
IPv6:
2a02:ab80::/28
Signature Algorithm: sha256WithRSAEncryption
22:62:60:4b:93:63:f1:f6:17:cd:e7:cb:5e:e1:a8:79:49:2c:
07:80:f9:18:fe:5a:02:c6:ad:18:93:9f:52:ab:4e:9a:d0:60:
cf:72:45:ee:d9:0f:24:53:a5:4f:09:c6:76:f9:21:36:eb:e5:
fd:59:1c:5f:38:5a:93:a6:8a:8b:ee:53:66:f1:d8:48:45:19:
bf:0f:c9:9b:97:f8:ef:c4:64:6f:c1:42:08:d3:15:bd:70:60:
dc:a6:e2:c6:4a:82:0a:1d:98:4b:46:f8:9e:54:58:fb:ea:53:
f8:86:80:65:36:fa:49:70:64:e4:37:eb:11:c7:a6:d6:e4:ae:
a2:83:62:15:e0:13:5b:29:43:82:53:3d:1a:eb:96:40:fa:82:
73:67:5f:f6:c6:37:f5:59:8b:72:4d:0b:87:61:f1:4e:b4:12:
3c:17:87:20:4b:71:2d:67:2b:12:11:85:0e:05:c0:ff:24:a2:
db:65:39:8f:c7:1f:26:a3:b5:df:37:ab:fe:fc:44:ee:6d:b9:
2a:1c:78:23:21:9f:e7:2c:16:24:5e:0a:42:01:5d:56:a8:1a:
26:74:bd:e3:23:d2:57:0c:dd:10:cf:6b:6b:2e:92:b6:f3:15:
17:6c:d4:d5:b4:03:7b:c4:09:86:a7:17:8d:9f:98:53:e0:26:
9a:63:59:ce
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYezUeTXb3yvtpZtV3+nQEtoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMDE5OGE3YjNhZmRjZGQ3MDAzNTYyYTA4NzE4NzhlMjM4
NzYwYWQwHhcNMjMwNDI0MTI1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzMyMTAyYzFiMTcyM2Y1OTg5NjNiZjJiN2RhODczYmI0YzFhZTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+kw88Nh/Zqh8NgP8GX8SfwDJVWr
vpdzmnwP2HFaTS5jv0Iu7ivhW1fHU5V+1CRlDna4R88wsesmOJqYqJ4/RrZl7CfJ
UvvYIBAywbgOkIT1LA72ONYgshCDEGF5bQu5NTpR3Bbau446uYATdlZh/KzZXt+L
8s2LPIiq3RB7es8YqKupG5I8h4EHrVsThpsPpmWpR2crvbekuFmJIfvm/GV8cb7J
MdwE4kMIapeZUnuh38DpsVI21yf1wGzCno+33NV3a1snYOULmIBzJAcpmjV76wnm
4QSsIo+fwHPs3T+ZKVa9AUkjmUKXpBPss3EuhgqqA77YrYPSneedP+GHgQIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFGwyECwbFyP1mJY78rfahzu0wa4eMB8GA1UdIwQY
MBaAFN8BmKezr9zdcANWKghxh44jh2CtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3dHWXA3T3YzTjF3QTFZcUNIR0hqaU9IWUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9kM2ZjYTYtZWNiNS00M2FhLThjOWQt
MGZjYzZjMzAxMWZjLzEvYkRJUUxCc1hJX1dZbGp2eXQ5cUhPN1RCcmg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9kM2ZjYTYtZWNiNS00M2FhLThjOWQtMGZjYzZjMzAxMWZj
LzEvM3dHWXA3T3YzTjF3QTFZcUNIR0hqaU9IWUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBngQCAAEwgZcDBAYF
P8ADBAYFlMADBAYFzoADBAMlvFADBAYlvwADBAYl3MADBAZOiwADAwFQYgMEBFD0
YAMDAFZlAwQDWFfwAwMCWYQDBAdZ34ADAwBeLAMEBoIrwAMEBpcAQAMDALA/AwMA
sjADBAK5CnwDBAG5IVAwCwMEBbyOoAMDALyOAwQFw7igAwQE1DDwAwQF1GAgAwQG
1d6AMA0EAgACMAcDBQQqAquAMA0GCSqGSIb3DQEBCwUAA4IBAQAiYmBLk2Px9hfN
58te4ah5SSwHgPkY/loCxq0Yk59Sq06a0GDPckXu2Q8kU6VPCcZ2+SE26+X9WRxf
OFqTpoqL7lNm8dhIRRm/D8mbl/jvxGRvwUII0xW9cGDcpuLGSoIKHZhLRvieVFj7
6lP4hoBlNvpJcGTkN+sRx6bW5K6ig2IV4BNbKUOCUz0a65ZA+oJzZ1/2xjf1WYty
TQuHYfFOtBI8F4cgS3EtZysSEYUOBcD/JKLbZTmPxx8mo7XfN6v+/ETubbkqHHgj
IZ/nLBYkXgpCAV1WqBomdL3jI9JXDN0Qz2trLpK28xUXbNTVtAN7xAmGpxeNn5hT
4CaaY1nO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:34 2024 by rpki-client on console-ams.rpki-client.org