Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/I44NeoKXqYmoa4nPW7EVhpri7_M.roa
File: I44NeoKXqYmoa4nPW7EVhpri7_M.roa (raw, json)
Hash identifier: LacN78KghR/FmfrMeXAb6R6P/rM7P9N2LTNtsms0l5Y=
Subject key identifier: 23:8E:0D:7A:82:97:A9:89:A8:6B:89:CF:5B:B1:15:86:9A:E2:EF:F3
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018CD8B7B94A4E6E16B2139000F9A466A78E
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/I44NeoKXqYmoa4nPW7EVhpri7_M.roa
Signing time: Fri 05 Jan 2024 08:22:48 +0000
ROA not before: Fri 05 Jan 2024 08:22:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210906
IP address blocks: 159.148.26.0/24 maxlen: 24
85.254.138.0/23 maxlen: 23
85.254.137.0/24 maxlen: 24
85.254.134.0/24 maxlen: 24
85.254.140.0/24 maxlen: 24
85.254.174.0/23 maxlen: 23
85.254.178.0/23 maxlen: 23
85.254.180.0/23 maxlen: 23
85.254.84.0/23 maxlen: 23
85.254.103.0/24 maxlen: 24
85.254.112.0/22 maxlen: 22
85.254.124.0/23 maxlen: 23
85.254.128.0/22 maxlen: 22
85.254.126.0/24 maxlen: 24
217.69.125.0/24 maxlen: 24
217.69.121.0/24 maxlen: 24
217.69.127.0/24 maxlen: 24
217.69.126.0/24 maxlen: 24
85.254.29.0/24 maxlen: 24
85.254.30.0/24 maxlen: 24
85.254.42.0/23 maxlen: 23
85.254.40.0/24 maxlen: 24
85.254.51.0/24 maxlen: 24
85.254.59.0/24 maxlen: 24
85.254.64.0/23 maxlen: 23
85.254.76.0/22 maxlen: 22
85.254.4.0/24 maxlen: 24
85.254.2.0/24 maxlen: 24
85.254.7.0/24 maxlen: 24
159.148.109.0/24 maxlen: 24
159.148.126.0/24 maxlen: 24
159.148.130.0/24 maxlen: 24
159.148.128.0/24 maxlen: 24
159.148.157.0/24 maxlen: 24
159.148.158.0/24 maxlen: 24
159.148.54.0/24 maxlen: 24
159.148.62.0/24 maxlen: 24
159.148.66.0/24 maxlen: 24
159.148.216.0/24 maxlen: 24
159.148.218.0/24 maxlen: 24
159.148.236.0/24 maxlen: 24
159.148.239.0/24 maxlen: 24
159.148.234.0/24 maxlen: 24
159.148.246.0/23 maxlen: 23
159.148.241.0/24 maxlen: 24
159.148.248.0/24 maxlen: 24
185.27.93.0/24 maxlen: 24
185.27.94.0/24 maxlen: 24
185.27.92.0/24 maxlen: 24
185.27.95.0/24 maxlen: 24
159.148.163.0/24 maxlen: 24
159.148.169.0/24 maxlen: 24
159.148.166.0/23 maxlen: 23
159.148.179.0/24 maxlen: 24
159.148.177.0/24 maxlen: 24
159.148.180.0/24 maxlen: 24
159.148.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Mar 2024 09:46:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d8:b7:b9:4a:4e:6e:16:b2:13:90:00:f9:a4:66:a7:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 5 08:22:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=238e0d7a8297a989a86b89cf5bb115869ae2eff3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:5f:f3:fe:32:88:49:a9:3d:40:ba:62:f5:59:
4d:ef:4b:50:23:2d:5a:06:86:ff:83:9c:f6:3d:6a:
64:16:19:0e:dc:34:0f:b0:a8:1e:d4:41:45:19:13:
0c:24:31:34:30:5e:32:21:c5:98:ae:36:73:1b:6f:
55:65:a4:24:1f:21:e7:d0:43:56:09:39:d5:76:b0:
fa:f0:f3:89:c1:06:9a:01:8e:6b:b5:82:30:f9:9d:
85:a4:17:14:90:65:c2:22:a1:ce:fc:ea:d9:df:0a:
d7:e9:b6:0d:f3:e3:80:36:54:ef:02:15:a5:b2:85:
45:af:62:c8:aa:03:52:c0:53:a4:71:f4:30:ab:67:
e5:e3:6a:70:fd:40:71:fa:20:55:c5:cf:db:0e:2d:
78:3c:c0:be:a2:cd:17:61:4c:df:ac:5c:9a:6b:5a:
46:59:a0:99:cc:68:50:46:fb:cf:3e:7f:38:f9:a1:
3b:74:6c:68:7f:e6:8d:d2:4d:51:b2:3d:34:3f:54:
27:1b:f2:5b:0c:45:1c:b1:12:34:ca:ad:0f:f3:02:
48:1e:a5:49:33:58:f1:a4:31:23:56:fb:f5:fc:70:
65:82:d1:26:62:7e:0f:12:5e:ef:2e:cd:16:1b:db:
aa:5a:8b:f6:6d:14:4b:53:87:57:a2:40:af:86:29:
2c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:8E:0D:7A:82:97:A9:89:A8:6B:89:CF:5B:B1:15:86:9A:E2:EF:F3
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/I44NeoKXqYmoa4nPW7EVhpri7_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.2.0/24
85.254.4.0/24
85.254.7.0/24
85.254.29.0-85.254.30.255
85.254.40.0/24
85.254.42.0/23
85.254.51.0/24
85.254.59.0/24
85.254.64.0/23
85.254.76.0/22
85.254.84.0/23
85.254.103.0/24
85.254.112.0/22
85.254.124.0-85.254.126.255
85.254.128.0/22
85.254.134.0/24
85.254.137.0-85.254.140.255
85.254.174.0/23
85.254.178.0-85.254.181.255
159.148.26.0/24
159.148.54.0/24
159.148.62.0/24
159.148.66.0/24
159.148.109.0/24
159.148.126.0/24
159.148.128.0/24
159.148.130.0/24
159.148.157.0-159.148.158.255
159.148.163.0/24
159.148.166.0/23
159.148.169.0/24
159.148.177.0/24
159.148.179.0-159.148.180.255
159.148.204.0/24
159.148.216.0/24
159.148.218.0/24
159.148.234.0/24
159.148.236.0/24
159.148.239.0/24
159.148.241.0/24
159.148.246.0-159.148.248.255
185.27.92.0/22
217.69.121.0/24
217.69.125.0-217.69.127.255
Signature Algorithm: sha256WithRSAEncryption
96:08:f6:a8:f6:9a:61:df:48:bb:35:a8:2f:39:64:70:36:c6:
ff:4a:3b:6b:dc:46:95:bf:65:43:d8:e4:67:76:a0:8c:99:55:
12:fb:15:be:c3:f7:7c:25:f5:71:24:40:f3:fd:bb:75:03:56:
1d:9a:00:dd:85:7e:60:bf:68:05:fc:b1:7c:f7:4c:1c:84:df:
a3:dd:b7:a8:ee:48:04:26:f1:dc:54:d9:c8:21:e2:56:74:0e:
98:0d:87:b3:52:c1:3e:cd:08:0c:65:e7:8f:e3:73:a0:df:7a:
24:70:5c:e2:e4:0d:7b:69:03:65:d9:04:92:b3:6c:cd:cd:b2:
4d:ad:9e:d2:59:a8:ff:e4:b8:90:f6:3a:58:56:ba:c7:06:07:
cc:fb:77:d0:99:ce:5b:27:fa:5d:05:29:d9:8f:88:fc:0c:26:
20:5e:57:90:8a:ae:44:74:07:5d:64:e6:b9:6f:b5:f4:35:75:
f5:5b:ba:db:5f:f7:97:1a:bb:30:1e:f6:12:02:7f:af:08:60:
5e:e3:53:20:57:aa:4a:80:ac:3d:1d:f7:b2:59:a2:25:cd:ea:
b3:9d:a6:69:b2:a8:89:01:6a:05:23:b6:79:13:9f:92:f0:a9:
c4:0e:96:77:7d:b6:d4:34:56:9f:c7:2a:68:b1:66:b9:89:d0:
e3:f2:22:4d
-----BEGIN CERTIFICATE-----
MIIGSTCCBTGgAwIBAgISAYzYt7lKTm4WshOQAPmkZqeOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTA1MDgyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzhlMGQ3YTgyOTdhOTg5YTg2Yjg5Y2Y1YmIxMTU4NjlhZTJlZmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmV/z/jKISak9QLpi9VlN70tQIy1a
Bob/g5z2PWpkFhkO3DQPsKge1EFFGRMMJDE0MF4yIcWYrjZzG29VZaQkHyHn0ENW
CTnVdrD68POJwQaaAY5rtYIw+Z2FpBcUkGXCIqHO/OrZ3wrX6bYN8+OANlTvAhWl
soVFr2LIqgNSwFOkcfQwq2fl42pw/UBx+iBVxc/bDi14PMC+os0XYUzfrFyaa1pG
WaCZzGhQRvvPPn84+aE7dGxof+aN0k1Rsj00P1QnG/JbDEUcsRI0yq0P8wJIHqVJ
M1jxpDEjVvv1/HBlgtEmYn4PEl7vLs0WG9uqWov2bRRLU4dXokCvhikskwIDAQAB
o4IDVTCCA1EwHQYDVR0OBBYEFCOODXqCl6mJqGuJz1uxFYaa4u/zMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvSTQ0TmVvS1hxWW1vYTRuUFc3RVZocHJpN19NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBaQYIKwYBBQUHAQcBAf8EggFYMIIBVDCCAVAEAgABMIIB
SAMEAFX+AgMEAFX+BAMEAFX+BzAMAwQAVf4dAwQAVf4eAwQAVf4oAwQBVf4qAwQA
Vf4zAwQAVf47AwQBVf5AAwQCVf5MAwQBVf5UAwQAVf5nAwQCVf5wMAwDBAJV/nwD
BABV/n4DBAJV/oADBABV/oYwDAMEAFX+iQMEAFX+jAMEAVX+rjAMAwQBVf6yAwQB
Vf60AwQAn5QaAwQAn5Q2AwQAn5Q+AwQAn5RCAwQAn5RtAwQAn5R+AwQAn5SAAwQA
n5SCMAwDBACflJ0DBACflJ4DBACflKMDBAGflKYDBACflKkDBACflLEwDAMEAJ+U
swMEAJ+UtAMEAJ+UzAMEAJ+U2AMEAJ+U2gMEAJ+U6gMEAJ+U7AMEAJ+U7wMEAJ+U
8TAMAwQBn5T2AwQAn5T4AwQCuRtcAwQA2UV5MAwDBADZRX0DBAfZRQAwDQYJKoZI
hvcNAQELBQADggEBAJYI9qj2mmHfSLs1qC85ZHA2xv9KO2vcRpW/ZUPY5Gd2oIyZ
VRL7Fb7D93wl9XEkQPP9u3UDVh2aAN2FfmC/aAX8sXz3TByE36Pdt6juSAQm8dxU
2cgh4lZ0DpgNh7NSwT7NCAxl54/jc6DfeiRwXOLkDXtpA2XZBJKzbM3Nsk2tntJZ
qP/kuJD2OlhWuscGB8z7d9CZzlsn+l0FKdmPiPwMJiBeV5CKrkR0B11k5rlvtfQ1
dfVbuttf95cauzAe9hICf68IYF7jUyBXqkqArD0d97JZoiXN6rOdpmmyqIkBagUj
tnkTn5LwqcQOlnd9ttQ0Vp/HKmixZrmJ0OPyIk0=
-----END CERTIFICATE-----
Generated at Thu Mar 14 14:48:43 2024 by rpki-client on console-ams.rpki-client.org