Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/0lmBJlDHi9CTPyU5DX7bQ9OBBC4.roa
File: 0lmBJlDHi9CTPyU5DX7bQ9OBBC4.roa (raw, json)
Hash identifier: 8vbdamhVKqZwTuXelGDhG3qP9MBHUgiK3C2WbEwRRpc=
Subject key identifier: D2:59:81:26:50:C7:8B:D0:93:3F:25:39:0D:7E:DB:43:D3:81:04:2E
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 018C24943493572FBC318D8AFFE6C4E10328
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/0lmBJlDHi9CTPyU5DX7bQ9OBBC4.roa
Signing time: Fri 01 Dec 2023 08:52:21 +0000
ROA not before: Fri 01 Dec 2023 08:52:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34177
IP address blocks: 185.132.116.0/22 maxlen: 22
83.142.144.0/21 maxlen: 21
91.90.96.0/21 maxlen: 21
62.193.32.0/19 maxlen: 19
82.210.0.0/19 maxlen: 19
78.31.40.0/21 maxlen: 21
83.118.192.0/19 maxlen: 19
80.245.16.0/20 maxlen: 20
178.16.160.0/20 maxlen: 20
176.57.32.0/21 maxlen: 21
95.141.96.0/20 maxlen: 20
194.213.124.0/23 maxlen: 23
82.210.32.0/19 maxlen: 19
94.228.176.0/20 maxlen: 20
185.213.160.0/22 maxlen: 22
62.244.112.0/22 maxlen: 22
5.133.68.0/22 maxlen: 22
195.200.160.0/19 maxlen: 19
62.244.117.0/24 maxlen: 24
62.244.119.0/24 maxlen: 24
212.106.96.0/19 maxlen: 19
185.18.208.0/22 maxlen: 22
195.15.128.0/18 maxlen: 18
185.5.108.0/22 maxlen: 22
185.81.52.0/22 maxlen: 22
62.244.84.0/22 maxlen: 22
62.244.88.0/23 maxlen: 23
62.244.86.0/23 maxlen: 23
62.244.89.0/24 maxlen: 24
62.244.96.0/22 maxlen: 22
185.19.48.0/22 maxlen: 22
159.180.224.0/19 maxlen: 19
185.4.44.0/22 maxlen: 22
78.109.240.0/20 maxlen: 20
185.41.4.0/22 maxlen: 22
2001:ab8::/29 maxlen: 32
2a01:4e00::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:24:94:34:93:57:2f:bc:31:8d:8a:ff:e6:c4:e1:03:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Dec 1 08:52:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d259812650c78bd0933f25390d7edb43d381042e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ce:61:94:8a:2e:d1:7e:9e:2d:94:5f:a1:fa:
eb:9f:a6:a1:5c:93:89:a7:43:aa:55:26:7d:0c:d1:
f0:da:a3:28:58:ed:af:2e:9e:b6:32:a2:59:39:31:
54:64:47:39:a2:c9:f0:4c:6d:09:0c:6f:68:1f:a0:
9a:f3:f1:d7:c0:4a:52:5a:e9:33:f6:c2:e5:05:d1:
05:8c:5f:dd:0a:2c:f8:ed:1e:dd:cd:53:cf:4e:3f:
84:eb:4e:91:00:98:35:1b:6e:48:4a:73:7d:46:74:
1b:41:c5:0d:97:ed:25:15:11:2c:7c:8c:29:eb:91:
cd:69:44:c1:fe:e4:26:34:38:18:4a:5c:21:21:6b:
14:c5:c9:59:20:cd:5d:b9:9a:22:ef:e5:49:0f:ea:
35:bc:f4:21:39:fe:96:99:8b:7a:b8:ae:f9:60:39:
68:22:55:9e:25:61:80:a4:14:d6:cc:03:a7:40:01:
40:ca:11:0b:9e:aa:3b:75:a5:4a:c5:f9:7f:6c:dc:
8d:31:93:ee:e2:e4:ac:99:36:c0:48:24:79:74:46:
1f:dd:58:77:1a:1c:8f:7d:0d:69:c8:c3:1f:7b:3b:
cc:69:ee:4a:b7:3d:38:44:b1:d2:a8:13:64:99:65:
74:49:65:3a:e4:6c:fd:14:78:03:b6:f8:6a:46:ca:
6a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:59:81:26:50:C7:8B:D0:93:3F:25:39:0D:7E:DB:43:D3:81:04:2E
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/0lmBJlDHi9CTPyU5DX7bQ9OBBC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.68.0/22
62.193.32.0/19
62.244.84.0-62.244.89.255
62.244.96.0/22
62.244.112.0/22
62.244.117.0/24
62.244.119.0/24
78.31.40.0/21
78.109.240.0/20
80.245.16.0/20
82.210.0.0/18
83.118.192.0/19
83.142.144.0/21
91.90.96.0/21
94.228.176.0/20
95.141.96.0/20
159.180.224.0/19
176.57.32.0/21
178.16.160.0/20
185.4.44.0/22
185.5.108.0/22
185.18.208.0/22
185.19.48.0/22
185.41.4.0/22
185.81.52.0/22
185.132.116.0/22
185.213.160.0/22
194.213.124.0/23
195.15.128.0/18
195.200.160.0/19
212.106.96.0/19
IPv6:
2001:ab8::/29
2a01:4e00::/32
Signature Algorithm: sha256WithRSAEncryption
18:8e:63:fe:3a:d1:1a:16:7a:e3:65:49:eb:e5:db:e5:f5:bf:
34:2f:cc:8c:4d:54:07:6a:da:04:2d:05:77:7c:ea:05:55:db:
d9:73:79:65:f9:52:04:73:3b:b9:3d:b3:4b:b4:d2:39:13:f6:
d9:e7:c1:0a:28:7a:5c:b3:30:3b:2f:cb:5b:0c:ad:a3:7f:40:
a5:3a:04:b2:7a:23:5f:65:0a:f1:dc:c4:d5:1d:d1:dd:15:03:
98:aa:36:1b:ea:e2:70:21:b4:74:49:20:bd:fb:21:a0:c1:f2:
c8:f8:ac:18:c0:ac:d7:ca:b2:79:96:a5:b1:d9:3c:52:43:5f:
5f:e0:bc:95:be:da:a7:7e:e6:7c:84:e6:57:e4:a2:37:23:d9:
08:06:18:50:27:08:2a:0a:9a:d1:d9:1d:3a:4d:78:e6:f6:6d:
8c:b7:f6:24:86:74:f8:87:1c:40:c6:e0:6a:98:cf:85:64:da:
b3:df:96:a9:d7:bc:81:3e:25:31:59:34:f1:32:33:1b:a7:d2:
36:18:9f:f3:47:88:f5:35:99:bf:e2:33:99:b3:51:a8:df:21:
e1:c6:03:e8:79:7f:65:a2:85:3c:c8:f2:f2:d7:31:cc:e0:ce:
49:aa:f2:55:29:f4:97:5a:37:05:c7:ca:79:70:5e:dd:da:2c:
3b:48:b5:02
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAYwklDSTVy+8MY2K/+bE4QMoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjMxMjAxMDg1MjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjU5ODEyNjUwYzc4YmQwOTMzZjI1MzkwZDdlZGI0M2QzODEwNDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo85hlIou0X6eLZRfofrrn6ahXJOJ
p0OqVSZ9DNHw2qMoWO2vLp62MqJZOTFUZEc5osnwTG0JDG9oH6Ca8/HXwEpSWukz
9sLlBdEFjF/dCiz47R7dzVPPTj+E606RAJg1G25ISnN9RnQbQcUNl+0lFREsfIwp
65HNaUTB/uQmNDgYSlwhIWsUxclZIM1duZoi7+VJD+o1vPQhOf6WmYt6uK75YDlo
IlWeJWGApBTWzAOnQAFAyhELnqo7daVKxfl/bNyNMZPu4uSsmTbASCR5dEYf3Vh3
GhyPfQ1pyMMfezvMae5Ktz04RLHSqBNkmWV0SWU65Gz9FHgDtvhqRspqywIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFNJZgSZQx4vQkz8lOQ1+20PTgQQuMB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvMGxtQkpsREhpOUNUUHlVNURYN2JROU9CQkM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jCByQQCAAEwgcIDBAIF
hUQDBAU+wSAwDAMEAj70VAMEAT70WAMEAj70YAMEAj70cAMEAD70dQMEAD70dwME
A04fKAMEBE5t8AMEBFD1EAMEBlLSAAMEBVN2wAMEA1OOkAMEA1taYAMEBF7ksAME
BF+NYAMEBZ+04AMEA7A5IAMEBLIQoAMEArkELAMEArkFbAMEArkS0AMEArkTMAME
ArkpBAMEArlRNAMEArmEdAMEArnVoAMEAcLVfAMEBsMPgAMEBcPIoAMEBdRqYDAU
BAIAAjAOAwUDIAEKuAMFACoBTgAwDQYJKoZIhvcNAQELBQADggEBABiOY/460RoW
euNlSevl2+X1vzQvzIxNVAdq2gQtBXd86gVV29lzeWX5UgRzO7k9s0u00jkT9tnn
wQooelyzMDsvy1sMraN/QKU6BLJ6I19lCvHcxNUd0d0VA5iqNhvq4nAhtHRJIL37
IaDB8sj4rBjArNfKsnmWpbHZPFJDX1/gvJW+2qd+5nyE5lfkojcj2QgGGFAnCCoK
mtHZHTpNeOb2bYy39iSGdPiHHEDG4GqYz4Vk2rPflqnXvIE+JTFZNPEyMxun0jYY
n/NHiPU1mb/iM5mzUajfIeHGA+h5f2WihTzI8vLXMczgzkmq8lUp9JdaNwXHynlw
Xt3aLDtItQI=
-----END CERTIFICATE-----
Generated at Mon Dec 18 14:52:04 2023 by rpki-client on console-fra.rpki-client.org