Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/s8f1mWg8Nv3gyJ1QnDfCPNzaunM.roa
File: s8f1mWg8Nv3gyJ1QnDfCPNzaunM.roa (raw, json)
Hash identifier: LuW9w6ItsjxinONyh8Hjkkuavgo1xg/fE7WDgkRsJzo=
Subject key identifier: B3:C7:F5:99:68:3C:36:FD:E0:C8:9D:50:9C:37:C2:3C:DC:DA:BA:73
Certificate issuer: /CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Certificate serial: 018BB0BED2A74A02210669522B0F7578D412
Authority key identifier: E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/s8f1mWg8Nv3gyJ1QnDfCPNzaunM.roa
Signing time: Wed 08 Nov 2023 21:02:57 +0000
ROA not before: Wed 08 Nov 2023 21:02:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43350
IP address blocks: 185.107.44.0/22 maxlen: 24
109.201.128.0/19 maxlen: 19
185.107.45.0/24 maxlen: 24
185.107.56.0/22 maxlen: 22
185.107.68.0/22 maxlen: 22
185.107.80.0/22 maxlen: 22
185.107.37.0/24 maxlen: 24
185.107.36.0/24 maxlen: 24
185.107.38.0/24 maxlen: 24
212.92.112.0/21 maxlen: 21
212.92.120.0/22 maxlen: 22
212.92.124.0/23 maxlen: 23
92.114.100.0/24 maxlen: 24
92.114.100.0/22 maxlen: 22
89.38.160.0/22 maxlen: 22
85.159.232.0/21 maxlen: 24
46.166.176.0/20 maxlen: 24
37.143.32.0/21 maxlen: 24
185.107.92.0/22 maxlen: 22
185.107.100.0/22 maxlen: 24
185.107.116.0/22 maxlen: 24
46.166.128.0/19 maxlen: 24
212.92.104.0/21 maxlen: 21
185.11.144.0/24 maxlen: 24
37.156.228.0/24 maxlen: 24
188.209.57.0/24 maxlen: 24
188.209.56.0/24 maxlen: 24
188.209.55.0/24 maxlen: 24
37.153.168.0/22 maxlen: 22
77.247.176.0/24 maxlen: 24
77.247.176.0/21 maxlen: 21
5.104.136.0/21 maxlen: 24
185.7.76.0/22 maxlen: 24
176.126.232.0/24 maxlen: 24
176.126.233.0/24 maxlen: 24
2a00:1768::/32 maxlen: 36
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b0:be:d2:a7:4a:02:21:06:69:52:2b:0f:75:78:d4:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Validity
Not Before: Nov 8 21:02:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3c7f599683c36fde0c89d509c37c23cdcdaba73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:23:a2:b7:8b:70:46:bd:3f:7c:7b:22:d4:ef:
5d:48:72:29:42:07:61:77:eb:a1:c9:a5:39:ee:0b:
3b:f4:16:ac:66:73:27:f8:9e:49:d8:e4:c1:06:14:
f2:40:84:c9:46:87:58:09:a6:8d:b8:68:9b:86:05:
f5:88:5a:59:57:1b:0e:8c:e5:6c:75:28:0f:0a:35:
5b:a2:7f:d6:5b:6d:19:92:a1:63:05:38:59:d9:15:
52:b2:58:16:70:a8:0e:71:1e:5c:fa:df:61:d2:f7:
dd:92:d3:e5:33:7b:52:3d:84:c9:d5:2c:88:30:20:
8a:72:fb:37:33:63:19:10:55:ba:ca:60:f2:da:98:
2d:78:51:c6:da:6c:a0:b1:6e:49:0a:83:6b:2b:90:
5f:92:e0:50:b0:4e:90:8a:9f:73:0f:e2:29:51:1e:
81:50:e1:f1:a9:d7:13:d0:18:12:d9:2c:69:aa:a7:
a1:be:53:57:67:1b:95:4b:43:f5:b8:10:cd:ac:f3:
fe:fa:c6:e3:18:90:dc:61:dc:7d:b5:e0:7d:1b:fe:
6a:80:20:f6:08:84:90:bd:5f:57:e4:a0:88:38:ce:
43:ea:3c:f7:43:ba:69:84:ec:7f:46:d7:35:c2:88:
fc:b0:a3:ed:2f:f7:9d:49:b5:8a:01:94:e0:c6:41:
3e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C7:F5:99:68:3C:36:FD:E0:C8:9D:50:9C:37:C2:3C:DC:DA:BA:73
X509v3 Authority Key Identifier:
keyid:E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/s8f1mWg8Nv3gyJ1QnDfCPNzaunM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.136.0/21
37.143.32.0/21
37.153.168.0/22
37.156.228.0/24
46.166.128.0/19
46.166.176.0/20
77.247.176.0/21
85.159.232.0/21
89.38.160.0/22
92.114.100.0/22
109.201.128.0/19
176.126.232.0/23
185.7.76.0/22
185.11.144.0/24
185.107.36.0-185.107.38.255
185.107.44.0/22
185.107.56.0/22
185.107.68.0/22
185.107.80.0/22
185.107.92.0/22
185.107.100.0/22
185.107.116.0/22
188.209.55.0-188.209.57.255
212.92.104.0-212.92.125.255
IPv6:
2a00:1768::/32
Signature Algorithm: sha256WithRSAEncryption
80:24:ee:4d:a8:89:1b:39:6b:bf:52:a1:70:92:5e:0f:f2:f6:
c5:d0:75:85:c0:14:60:a6:b7:7c:17:39:cf:54:a8:d3:bb:2e:
c2:2d:ce:46:d6:65:38:db:15:d9:d6:ac:b7:63:a9:06:05:97:
8c:68:bb:14:e1:2b:c1:01:f5:1c:4b:3b:5a:36:f6:1f:e4:de:
6a:43:ed:af:84:09:7a:eb:23:5c:fc:1e:a6:32:02:bc:ff:68:
52:0a:53:27:4c:76:d8:6b:6c:1a:82:74:a4:c2:89:f7:7e:3b:
00:a7:c1:a6:33:d9:ee:f0:09:27:52:45:af:35:b7:39:0a:8d:
ed:1b:77:10:34:42:0d:b5:b5:db:04:2b:03:14:1e:cb:1c:86:
d1:1d:7b:b8:b6:4e:b9:21:40:12:21:41:4c:ff:ba:33:a6:8d:
45:98:85:ce:73:90:be:df:87:8d:a3:1d:0d:40:8d:67:ad:f6:
68:25:e9:19:8d:78:19:cb:14:90:32:c0:bc:54:1c:94:60:62:
4e:4b:38:d4:f2:48:ec:26:32:ea:ee:97:41:62:f7:15:2b:e2:
64:57:54:ba:ad:92:f1:78:c9:91:0a:f6:6b:82:72:4d:05:f3:
e8:d9:28:37:20:1e:52:76:53:e2:0a:36:6b:2d:aa:c8:4d:75:
90:42:ed:4c
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYuwvtKnSgIhBmlSKw91eNQSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMzhlYzI0MmE0M2U5YzlkNGNlYjI1ZGM5MGU1NDUzMzcz
ZDNmNDYwHhcNMjMxMTA4MjEwMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2M3ZjU5OTY4M2MzNmZkZTBjODlkNTA5YzM3YzIzY2RjZGFiYTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyOit4twRr0/fHsi1O9dSHIpQgdh
d+uhyaU57gs79BasZnMn+J5J2OTBBhTyQITJRodYCaaNuGibhgX1iFpZVxsOjOVs
dSgPCjVbon/WW20ZkqFjBThZ2RVSslgWcKgOcR5c+t9h0vfdktPlM3tSPYTJ1SyI
MCCKcvs3M2MZEFW6ymDy2pgteFHG2mygsW5JCoNrK5BfkuBQsE6Qip9zD+IpUR6B
UOHxqdcT0BgS2SxpqqehvlNXZxuVS0P1uBDNrPP++sbjGJDcYdx9teB9G/5qgCD2
CISQvV9X5KCIOM5D6jz3Q7pphOx/Rtc1woj8sKPtL/edSbWKAZTgxkE+VwIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFLPH9ZloPDb94MidUJw3wjzc2rpzMB8GA1UdIwQY
MBaAFOE47CQqQ+nJ1M6yXckOVFM3PT9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFRqc0pDcEQ2Y25VenJKZHlRNVVVemM5UDBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wYjdmZDMtOTBmMC00NWQxLThhNTgt
Njc4NWNkNDU2ODcxLzEvczhmMW1XZzhOdjNneUoxUW5EZkNQTnphdW5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8wYjdmZDMtOTBmMC00NWQxLThhNTgtNjc4NWNkNDU2ODcx
LzEvNFRqc0pDcEQ2Y25VenJKZHlRNVVVemM5UDBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBrwQCAAEwgagDBAMF
aIgDBAMljyADBAIlmagDBAAlnOQDBAUupoADBAQuprADBANN97ADBANVn+gDBAJZ
JqADBAJccmQDBAVtyYADBAGwfugDBAK5B0wDBAC5C5AwDAMEArlrJAMEALlrJgME
ArlrLAMEArlrOAMEArlrRAMEArlrUAMEArlrXAMEArlrZAMEArlrdDAMAwQAvNE3
AwQBvNE4MAwDBAPUXGgDBAHUXHwwDQQCAAIwBwMFACoAF2gwDQYJKoZIhvcNAQEL
BQADggEBAIAk7k2oiRs5a79SoXCSXg/y9sXQdYXAFGCmt3wXOc9UqNO7LsItzkbW
ZTjbFdnWrLdjqQYFl4xouxThK8EB9RxLO1o29h/k3mpD7a+ECXrrI1z8HqYyArz/
aFIKUydMdthrbBqCdKTCifd+OwCnwaYz2e7wCSdSRa81tzkKje0bdxA0Qg21tdsE
KwMUHsschtEde7i2TrkhQBIhQUz/ujOmjUWYhc5zkL7fh42jHQ1AjWet9mgl6RmN
eBnLFJAywLxUHJRgYk5LONTySOwmMurul0Fi9xUr4mRXVLqtkvF4yZEK9muCck0F
8+jZKDcgHlJ2U+IKNmstqshNdZBC7Uw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:11 2024 by rpki-client on console-ams.rpki-client.org