Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/8l26Zi65M2x5_HxH-YTVhWSf5bo.roa
File: 8l26Zi65M2x5_HxH-YTVhWSf5bo.roa (raw, json)
Hash identifier: xrmEBd6vXy1GrT+pckx9DV89930jrvzeitg7CQu4VZw=
Subject key identifier: F2:5D:BA:66:2E:B9:33:6C:79:FC:7C:47:F9:84:D5:85:64:9F:E5:BA
Certificate issuer: /CN=4da4d6199aec828f6989e2e84cec17765bac5cd5
Certificate serial: 018EEB6B105EC9E22F2DA913758AA6F0EE4B
Authority key identifier: 4D:A4:D6:19:9A:EC:82:8F:69:89:E2:E8:4C:EC:17:76:5B:AC:5C:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TaTWGZrsgo9pieLoTOwXdlusXNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/8l26Zi65M2x5_HxH-YTVhWSf5bo.roa
Signing time: Wed 17 Apr 2024 09:37:26 +0000
ROA not before: Wed 17 Apr 2024 09:37:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20776
IP address blocks: 80.243.240.0/20 maxlen: 20
80.243.240.0/21 maxlen: 21
80.243.248.0/21 maxlen: 21
82.197.96.0/19 maxlen: 23
82.197.112.0/20 maxlen: 20
82.197.126.0/24 maxlen: 24
89.16.0.0/19 maxlen: 19
89.16.0.0/20 maxlen: 20
89.16.0.0/21 maxlen: 21
89.16.8.0/21 maxlen: 21
89.16.16.0/20 maxlen: 20
89.16.16.0/21 maxlen: 21
89.16.24.0/21 maxlen: 21
92.49.64.0/19 maxlen: 19
92.49.64.0/20 maxlen: 20
92.49.80.0/20 maxlen: 20
92.49.96.0/19 maxlen: 19
92.49.96.0/20 maxlen: 20
92.49.96.0/21 maxlen: 21
92.49.104.0/24 maxlen: 24
92.49.105.0/24 maxlen: 24
92.49.106.0/24 maxlen: 24
92.49.107.0/24 maxlen: 24
92.49.108.0/22 maxlen: 22
92.49.112.0/20 maxlen: 20
92.49.112.0/21 maxlen: 21
92.49.120.0/21 maxlen: 21
92.49.125.0/24 maxlen: 24
93.176.0.0/19 maxlen: 19
93.176.0.0/20 maxlen: 20
93.176.16.0/20 maxlen: 20
109.62.0.0/17 maxlen: 24
109.62.0.0/19 maxlen: 19
109.62.0.0/21 maxlen: 21
109.62.4.0/22 maxlen: 22
109.62.8.0/24 maxlen: 24
109.62.9.0/24 maxlen: 24
109.62.10.0/23 maxlen: 23
109.62.12.0/23 maxlen: 23
109.62.14.0/24 maxlen: 24
109.62.15.0/24 maxlen: 24
109.62.16.0/21 maxlen: 21
109.62.24.0/23 maxlen: 23
109.62.26.0/24 maxlen: 24
109.62.27.0/24 maxlen: 24
109.62.28.0/22 maxlen: 22
109.62.56.0/21 maxlen: 21
109.62.56.0/22 maxlen: 22
109.62.60.0/22 maxlen: 22
109.62.64.0/24 maxlen: 24
109.62.66.0/24 maxlen: 24
109.62.67.0/24 maxlen: 24
109.62.68.0/22 maxlen: 23
109.62.68.0/23 maxlen: 23
109.62.70.0/23 maxlen: 23
109.62.72.0/21 maxlen: 21
109.62.72.0/22 maxlen: 22
109.62.76.0/22 maxlen: 22
109.62.80.0/20 maxlen: 20
109.62.80.0/21 maxlen: 21
109.62.88.0/21 maxlen: 21
109.62.96.0/20 maxlen: 20
188.115.64.0/18 maxlen: 18
188.115.64.0/19 maxlen: 19
188.115.64.0/20 maxlen: 20
188.115.80.0/20 maxlen: 20
188.115.96.0/19 maxlen: 19
188.115.96.0/21 maxlen: 21
188.115.104.0/21 maxlen: 21
188.115.112.0/22 maxlen: 22
188.115.116.0/22 maxlen: 22
188.115.120.0/21 maxlen: 21
217.175.160.0/19 maxlen: 24
217.175.168.0/21 maxlen: 21
217.175.168.0/24 maxlen: 24
217.175.169.0/24 maxlen: 24
217.175.170.0/24 maxlen: 24
217.175.171.0/24 maxlen: 24
217.175.172.0/24 maxlen: 24
217.175.174.0/23 maxlen: 23
217.175.176.0/21 maxlen: 21
217.175.176.0/22 maxlen: 22
217.175.180.0/22 maxlen: 22
217.175.184.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 19 Apr 2024 09:50:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:eb:6b:10:5e:c9:e2:2f:2d:a9:13:75:8a:a6:f0:ee:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4da4d6199aec828f6989e2e84cec17765bac5cd5
Validity
Not Before: Apr 17 09:37:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f25dba662eb9336c79fc7c47f984d585649fe5ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:6f:16:49:b3:0b:0e:81:be:3e:c7:ab:fa:3d:
b7:e8:14:ca:0d:5a:5e:14:c8:9b:74:bb:c3:8e:38:
ca:0a:34:25:09:fb:da:34:6b:c4:13:9d:80:69:41:
0b:17:df:bf:21:c7:8e:2a:45:f4:b0:91:58:d7:39:
aa:9a:51:a0:8a:41:f7:a0:aa:71:4e:e3:21:3b:91:
23:e2:eb:dc:4e:61:cf:b1:13:16:20:43:f1:63:55:
12:aa:8a:09:85:95:27:ff:82:a5:a9:2a:d7:54:07:
15:7c:39:ef:0b:6c:7b:5d:d4:08:54:33:0b:af:e7:
89:e9:51:a3:d2:38:17:1b:18:12:8d:cc:ca:34:54:
87:0d:b2:9d:4d:3d:8d:5d:d6:26:fc:7f:e2:4b:54:
ba:0c:f3:ea:f7:e1:3b:c7:4d:64:16:04:35:fe:97:
67:14:6c:fc:01:74:4f:af:0d:ce:16:2a:26:11:36:
94:a3:ea:64:c5:70:fd:7f:34:19:24:9a:a9:80:2e:
1e:e6:a0:2d:b9:87:81:3e:a2:53:ee:50:1e:5c:d6:
ac:69:06:b7:1e:b0:4c:8b:51:45:7c:d3:35:90:27:
3b:6a:80:69:ed:3b:00:73:f0:00:e5:d8:19:dd:77:
16:4a:ad:25:b5:a3:26:a5:35:46:57:c6:ba:00:75:
74:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:5D:BA:66:2E:B9:33:6C:79:FC:7C:47:F9:84:D5:85:64:9F:E5:BA
X509v3 Authority Key Identifier:
keyid:4D:A4:D6:19:9A:EC:82:8F:69:89:E2:E8:4C:EC:17:76:5B:AC:5C:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TaTWGZrsgo9pieLoTOwXdlusXNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/8l26Zi65M2x5_HxH-YTVhWSf5bo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/TaTWGZrsgo9pieLoTOwXdlusXNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.243.240.0/20
82.197.96.0/19
89.16.0.0/19
92.49.64.0/18
93.176.0.0/19
109.62.0.0/17
188.115.64.0/18
217.175.160.0/19
Signature Algorithm: sha256WithRSAEncryption
91:61:ee:bc:a3:07:52:bd:22:28:f3:10:bc:d4:ec:18:b5:2a:
86:54:6b:aa:dd:e6:40:8b:e2:30:18:c5:53:73:b3:1c:9e:42:
09:c4:db:a4:86:82:cd:77:c6:35:6b:af:d9:4f:53:56:ee:d9:
8b:81:c2:bc:fb:b6:49:be:04:cb:4a:ad:2b:24:67:61:39:5e:
50:f7:e8:34:69:9d:6e:a2:8d:62:0b:aa:c3:a7:6b:fd:d1:88:
61:cf:87:79:65:5c:b3:8c:a2:73:86:e5:c4:5c:0c:a2:47:46:
dd:ab:8c:05:de:6b:af:35:7c:65:33:5e:48:82:88:91:3d:45:
13:f1:3f:97:df:8e:11:58:9d:f6:1c:ae:1d:4d:d6:60:07:9a:
e0:7d:22:89:83:68:d5:a5:82:85:64:e5:2f:58:27:40:5c:f3:
e7:9f:3c:f0:9a:e4:2c:d5:71:da:e5:91:49:47:0a:34:0c:75:
5c:59:6f:53:b9:b4:de:ff:a2:11:9d:74:57:7c:32:5d:c3:d3:
e1:4f:04:3d:65:37:62:92:34:07:92:84:1d:e5:7d:5f:8b:12:
86:e6:8c:b9:07:f5:85:d2:5a:58:12:27:27:f8:dc:42:53:26:
12:63:1c:dc:1b:26:8d:1e:2f:e8:9a:ab:42:5d:b1:95:0a:99:
91:4f:60:fe
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY7raxBeyeIvLakTdYqm8O5LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTRkNjE5OWFlYzgyOGY2OTg5ZTJlODRjZWMxNzc2NWJh
YzVjZDUwHhcNMjQwNDE3MDkzNzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjVkYmE2NjJlYjkzMzZjNzlmYzdjNDdmOTg0ZDU4NTY0OWZlNWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi28WSbMLDoG+Pser+j236BTKDVpe
FMibdLvDjjjKCjQlCfvaNGvEE52AaUELF9+/IceOKkX0sJFY1zmqmlGgikH3oKpx
TuMhO5Ej4uvcTmHPsRMWIEPxY1USqooJhZUn/4KlqSrXVAcVfDnvC2x7XdQIVDML
r+eJ6VGj0jgXGxgSjczKNFSHDbKdTT2NXdYm/H/iS1S6DPPq9+E7x01kFgQ1/pdn
FGz8AXRPrw3OFiomETaUo+pkxXD9fzQZJJqpgC4e5qAtuYeBPqJT7lAeXNasaQa3
HrBMi1FFfNM1kCc7aoBp7TsAc/AA5dgZ3XcWSq0ltaMmpTVGV8a6AHV0RwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPJdumYuuTNsefx8R/mE1YVkn+W6MB8GA1UdIwQY
MBaAFE2k1hma7IKPaYni6EzsF3ZbrFzVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFUV0dacnNnbzlwaWVMb1RPd1hkbHVzWE5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yYzg0ODItNTMzMS00ZTU3LTk5NzQt
NDA4MzdkNDg0NzNkLzEvOGwyNlppNjVNMng1X0h4SC1ZVFZoV1NmNWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yYzg0ODItNTMzMS00ZTU3LTk5NzQtNDA4MzdkNDg0NzNk
LzEvVGFUV0dacnNnbzlwaWVMb1RPd1hkbHVzWE5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQEUPPwAwQF
UsVgAwQFWRAAAwQGXDFAAwQFXbAAAwQHbT4AAwQGvHNAAwQF2a+gMA0GCSqGSIb3
DQEBCwUAA4IBAQCRYe68owdSvSIo8xC81OwYtSqGVGuq3eZAi+IwGMVTc7McnkIJ
xNukhoLNd8Y1a6/ZT1NW7tmLgcK8+7ZJvgTLSq0rJGdhOV5Q9+g0aZ1uoo1iC6rD
p2v90Yhhz4d5ZVyzjKJzhuXEXAyiR0bdq4wF3muvNXxlM15IgoiRPUUT8T+X344R
WJ32HK4dTdZgB5rgfSKJg2jVpYKFZOUvWCdAXPPnnzzwmuQs1XHa5ZFJRwo0DHVc
WW9TubTe/6IRnXRXfDJdw9PhTwQ9ZTdikjQHkoQd5X1fixKG5oy5B/WF0lpYEicn
+NxCUyYSYxzcGyaNHi/omqtCXbGVCpmRT2D+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:49 2025 by rpki-client