Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/igdYbQ0cfZDwi0OxfptIc5Qb4Qw.roa
File: igdYbQ0cfZDwi0OxfptIc5Qb4Qw.roa (raw, json)
Hash identifier: IVPTezbkzwhluhEd85P08sE78IxAnzasTE1Evz9qZTk=
Subject key identifier: 8A:07:58:6D:0D:1C:7D:90:F0:8B:43:B1:7E:9B:48:73:94:1B:E1:0C
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018E3C5D3566450F450DDF0E01E9D15A66B7
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/igdYbQ0cfZDwi0OxfptIc5Qb4Qw.roa
Signing time: Thu 14 Mar 2024 09:48:45 +0000
ROA not before: Thu 14 Mar 2024 09:48:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210906
IP address blocks: 85.254.2.0/24 maxlen: 24
85.254.4.0/24 maxlen: 24
85.254.7.0/24 maxlen: 24
85.254.29.0/24 maxlen: 24
85.254.30.0/24 maxlen: 24
85.254.40.0/24 maxlen: 24
85.254.42.0/23 maxlen: 23
85.254.51.0/24 maxlen: 24
85.254.59.0/24 maxlen: 24
85.254.64.0/23 maxlen: 23
85.254.76.0/22 maxlen: 22
85.254.84.0/23 maxlen: 23
85.254.103.0/24 maxlen: 24
85.254.112.0/22 maxlen: 22
85.254.124.0/23 maxlen: 23
85.254.126.0/24 maxlen: 24
85.254.128.0/22 maxlen: 22
85.254.134.0/24 maxlen: 24
85.254.137.0/24 maxlen: 24
85.254.138.0/23 maxlen: 23
85.254.140.0/24 maxlen: 24
85.254.174.0/23 maxlen: 23
85.254.178.0/23 maxlen: 23
85.254.180.0/23 maxlen: 23
159.148.26.0/24 maxlen: 24
159.148.54.0/24 maxlen: 24
159.148.62.0/24 maxlen: 24
159.148.66.0/24 maxlen: 24
159.148.109.0/24 maxlen: 24
159.148.126.0/24 maxlen: 24
159.148.128.0/24 maxlen: 24
159.148.130.0/24 maxlen: 24
159.148.157.0/24 maxlen: 24
159.148.158.0/24 maxlen: 24
159.148.163.0/24 maxlen: 24
159.148.166.0/23 maxlen: 23
159.148.169.0/24 maxlen: 24
159.148.177.0/24 maxlen: 24
159.148.179.0/24 maxlen: 24
159.148.180.0/24 maxlen: 24
159.148.204.0/24 maxlen: 24
159.148.216.0/24 maxlen: 24
159.148.218.0/24 maxlen: 24
159.148.234.0/24 maxlen: 24
159.148.236.0/24 maxlen: 24
159.148.239.0/24 maxlen: 24
159.148.241.0/24 maxlen: 24
159.148.246.0/23 maxlen: 23
159.148.248.0/24 maxlen: 24
185.27.92.0/24 maxlen: 24
185.27.93.0/24 maxlen: 24
185.27.94.0/24 maxlen: 24
185.27.95.0/24 maxlen: 24
217.69.121.0/24 maxlen: 24
217.69.125.0/24 maxlen: 24
217.69.126.0/24 maxlen: 24
217.69.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 12:51:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3c:5d:35:66:45:0f:45:0d:df:0e:01:e9:d1:5a:66:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Mar 14 09:48:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a07586d0d1c7d90f08b43b17e9b4873941be10c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9c:53:d5:20:99:09:e4:3c:3a:22:b1:12:b4:
b3:f7:cc:59:f4:02:60:a9:67:0d:c6:8b:3e:11:a2:
ec:6b:68:6f:71:cf:f3:e0:65:6e:3a:01:e7:99:24:
57:23:57:e4:47:30:8c:c5:2f:46:80:1a:e4:a0:63:
a0:7e:97:d7:f7:52:bc:69:c6:68:04:fb:bf:c2:37:
80:d4:95:03:d1:53:84:63:ee:98:1d:ec:4b:fd:5c:
f5:5d:1e:a5:78:77:ae:39:e1:83:db:e3:84:ec:86:
65:b1:21:71:a9:ef:09:aa:9c:93:36:e4:60:66:da:
85:85:0e:51:81:34:c0:8e:0f:f8:a0:ea:8b:30:81:
32:7b:17:cc:b4:43:da:c0:02:2e:3b:1a:ff:9f:a5:
52:ab:4d:0c:99:b0:0d:a1:22:62:f4:78:19:8e:7e:
d0:2a:5e:2e:44:1a:7a:66:35:91:47:ff:80:37:b9:
e9:d5:38:bf:8e:21:e2:90:5b:eb:76:3b:a3:e6:39:
64:b2:ba:0e:8e:dc:ec:10:d6:8a:42:ab:61:35:f5:
3d:51:f9:8c:5b:a0:27:43:12:e9:07:3b:eb:c7:c6:
e6:72:ba:93:c8:22:9c:3b:95:d2:23:25:68:65:f3:
96:bb:cf:4c:eb:59:da:05:c3:4a:70:53:a5:dd:b8:
ea:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:07:58:6D:0D:1C:7D:90:F0:8B:43:B1:7E:9B:48:73:94:1B:E1:0C
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/igdYbQ0cfZDwi0OxfptIc5Qb4Qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.2.0/24
85.254.4.0/24
85.254.7.0/24
85.254.29.0-85.254.30.255
85.254.40.0/24
85.254.42.0/23
85.254.51.0/24
85.254.59.0/24
85.254.64.0/23
85.254.76.0/22
85.254.84.0/23
85.254.103.0/24
85.254.112.0/22
85.254.124.0-85.254.126.255
85.254.128.0/22
85.254.134.0/24
85.254.137.0-85.254.140.255
85.254.174.0/23
85.254.178.0-85.254.181.255
159.148.26.0/24
159.148.54.0/24
159.148.62.0/24
159.148.66.0/24
159.148.109.0/24
159.148.126.0/24
159.148.128.0/24
159.148.130.0/24
159.148.157.0-159.148.158.255
159.148.163.0/24
159.148.166.0/23
159.148.169.0/24
159.148.177.0/24
159.148.179.0-159.148.180.255
159.148.204.0/24
159.148.216.0/24
159.148.218.0/24
159.148.234.0/24
159.148.236.0/24
159.148.239.0/24
159.148.241.0/24
159.148.246.0-159.148.248.255
185.27.92.0/22
217.69.121.0/24
217.69.125.0-217.69.127.255
Signature Algorithm: sha256WithRSAEncryption
10:12:36:bb:41:1f:10:d3:21:0c:4c:e8:65:53:c7:95:d9:c0:
1e:28:bb:a8:0d:18:e7:c0:00:58:80:a3:90:bf:7e:5e:05:8f:
b8:8f:e7:0f:35:70:e1:4f:35:84:1b:17:9b:d5:2f:a8:02:f7:
82:12:52:84:95:c9:4b:46:eb:10:fb:42:87:a7:d5:68:2a:bc:
83:af:57:db:02:f4:b9:85:82:2f:3b:12:77:84:e3:2c:93:aa:
94:09:86:c8:14:05:77:9c:b5:f1:28:1a:c9:d9:7a:9c:a5:3c:
45:8e:43:a3:15:1d:b1:0a:4a:69:98:77:04:6c:c6:cf:ca:a5:
dc:3f:b4:d7:91:cc:e9:a3:f8:28:f1:35:17:35:3e:dd:46:4f:
79:f1:bc:01:3b:9b:e3:53:49:04:a0:14:0d:03:8c:82:f4:f0:
84:ef:63:03:af:cc:1e:2e:7c:13:4a:74:c8:3e:6e:cf:e5:4e:
47:fe:43:78:fd:cf:75:44:9e:31:9d:24:78:4d:62:0f:a0:73:
28:6f:5e:ed:d5:27:f2:52:46:c3:9a:af:ad:c2:c4:f7:17:06:
8b:48:ca:94:48:99:4e:3c:8f:a1:52:cb:73:ea:ea:01:d2:10:
b1:fd:4b:96:73:89:86:0e:0d:86:f1:74:58:de:86:6f:7f:2f:
c5:2c:67:a8
-----BEGIN CERTIFICATE-----
MIIGSTCCBTGgAwIBAgISAY48XTVmRQ9FDd8OAenRWma3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMzE0MDk0ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTA3NTg2ZDBkMWM3ZDkwZjA4YjQzYjE3ZTliNDg3Mzk0MWJlMTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZxT1SCZCeQ8OiKxErSz98xZ9AJg
qWcNxos+EaLsa2hvcc/z4GVuOgHnmSRXI1fkRzCMxS9GgBrkoGOgfpfX91K8acZo
BPu/wjeA1JUD0VOEY+6YHexL/Vz1XR6leHeuOeGD2+OE7IZlsSFxqe8JqpyTNuRg
ZtqFhQ5RgTTAjg/4oOqLMIEyexfMtEPawAIuOxr/n6VSq00MmbANoSJi9HgZjn7Q
Kl4uRBp6ZjWRR/+AN7np1Ti/jiHikFvrdjuj5jlksroOjtzsENaKQqthNfU9UfmM
W6AnQxLpBzvrx8bmcrqTyCKcO5XSIyVoZfOWu89M61naBcNKcFOl3bjq7wIDAQAB
o4IDVTCCA1EwHQYDVR0OBBYEFIoHWG0NHH2Q8ItDsX6bSHOUG+EMMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvaWdkWWJRMGNmWkR3aTBPeGZwdEljNVFiNFF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBaQYIKwYBBQUHAQcBAf8EggFYMIIBVDCCAVAEAgABMIIB
SAMEAFX+AgMEAFX+BAMEAFX+BzAMAwQAVf4dAwQAVf4eAwQAVf4oAwQBVf4qAwQA
Vf4zAwQAVf47AwQBVf5AAwQCVf5MAwQBVf5UAwQAVf5nAwQCVf5wMAwDBAJV/nwD
BABV/n4DBAJV/oADBABV/oYwDAMEAFX+iQMEAFX+jAMEAVX+rjAMAwQBVf6yAwQB
Vf60AwQAn5QaAwQAn5Q2AwQAn5Q+AwQAn5RCAwQAn5RtAwQAn5R+AwQAn5SAAwQA
n5SCMAwDBACflJ0DBACflJ4DBACflKMDBAGflKYDBACflKkDBACflLEwDAMEAJ+U
swMEAJ+UtAMEAJ+UzAMEAJ+U2AMEAJ+U2gMEAJ+U6gMEAJ+U7AMEAJ+U7wMEAJ+U
8TAMAwQBn5T2AwQAn5T4AwQCuRtcAwQA2UV5MAwDBADZRX0DBAfZRQAwDQYJKoZI
hvcNAQELBQADggEBABASNrtBHxDTIQxM6GVTx5XZwB4ou6gNGOfAAFiAo5C/fl4F
j7iP5w81cOFPNYQbF5vVL6gC94ISUoSVyUtG6xD7Qoen1WgqvIOvV9sC9LmFgi87
EneE4yyTqpQJhsgUBXectfEoGsnZepylPEWOQ6MVHbEKSmmYdwRsxs/Kpdw/tNeR
zOmj+CjxNRc1Pt1GT3nxvAE7m+NTSQSgFA0DjIL08ITvYwOvzB4ufBNKdMg+bs/l
Tkf+Q3j9z3VEnjGdJHhNYg+gcyhvXu3VJ/JSRsOar63CxPcXBotIypRImU48j6FS
y3Pq6gHSELH9S5ZziYYODYbxdFjehm9/L8UsZ6g=
-----END CERTIFICATE-----
Generated at Tue Apr 2 17:16:03 2024 by rpki-client on console-fra.rpki-client.org