Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/IiJCpKVPGxt7D7jAxBlmCpZJizk.roa
File: IiJCpKVPGxt7D7jAxBlmCpZJizk.roa (raw, json)
Hash identifier: hh6IFCAkmxxZWkXT78ZsYDTNfZ6TW/tiIHkfqegp+aY=
Subject key identifier: 22:22:42:A4:A5:4F:1B:1B:7B:0F:B8:C0:C4:19:66:0A:96:49:8B:39
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 0191BC480743844BD5D3562249B8E79F29EB
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/IiJCpKVPGxt7D7jAxBlmCpZJizk.roa
Signing time: Wed 04 Sep 2024 09:05:22 +0000
ROA not before: Wed 04 Sep 2024 09:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8708
IP address blocks: 80.96.12.0/24 maxlen: 24
80.96.43.0/24 maxlen: 24
80.96.47.0/24 maxlen: 24
80.96.51.0/24 maxlen: 24
80.96.67.0/24 maxlen: 24
80.96.69.0/24 maxlen: 24
80.96.72.0/24 maxlen: 24
80.96.79.0/24 maxlen: 24
80.96.82.0/24 maxlen: 24
80.96.219.0/24 maxlen: 24
80.97.147.0/24 maxlen: 24
80.97.148.0/24 maxlen: 24
80.97.149.0/24 maxlen: 24
81.180.27.0/24 maxlen: 24
81.181.30.0/24 maxlen: 24
81.181.112.0/24 maxlen: 24
81.181.128.0/24 maxlen: 24
81.181.167.0/24 maxlen: 24
81.181.246.0/24 maxlen: 24
85.120.20.0/24 maxlen: 24
85.120.23.0/24 maxlen: 24
193.226.16.0/24 maxlen: 24
193.226.116.0/24 maxlen: 24
193.226.125.0/24 maxlen: 24
193.226.127.0/24 maxlen: 24
193.230.158.0/24 maxlen: 24
193.230.217.0/24 maxlen: 24
193.230.229.0/24 maxlen: 24
193.231.75.0/24 maxlen: 24
193.231.108.0/24 maxlen: 24
193.231.184.0/24 maxlen: 24
193.231.194.0/24 maxlen: 24
193.231.226.0/24 maxlen: 24
193.231.233.0/24 maxlen: 24
193.231.236.0/24 maxlen: 24
193.231.238.0/24 maxlen: 24
193.231.252.0/24 maxlen: 24
194.102.98.0/24 maxlen: 24
194.102.134.0/24 maxlen: 24
194.102.229.0/24 maxlen: 24
194.153.224.0/24 maxlen: 24
217.156.14.0/24 maxlen: 24
217.156.20.0/23 maxlen: 23
217.156.41.0/24 maxlen: 24
217.156.92.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Sep 2024 05:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bc:48:07:43:84:4b:d5:d3:56:22:49:b8:e7:9f:29:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Sep 4 09:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=222242a4a54f1b1b7b0fb8c0c419660a96498b39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1a:2a:d1:a4:68:36:03:e8:6f:8a:58:50:73:
6a:29:dd:62:ee:d4:6a:de:6c:49:d7:19:7b:0e:5a:
b4:76:0f:b6:6a:5f:0f:ca:67:c0:30:5e:22:65:d8:
63:bc:a0:fc:77:ef:5c:3a:0c:c4:fc:0e:aa:7f:ae:
37:02:b3:db:23:50:a7:5b:c6:87:03:8e:67:01:0f:
d4:ee:b2:90:3b:e2:2b:06:64:2b:54:73:4c:bb:a2:
de:cb:42:4a:89:f5:5e:cb:bd:7d:7c:28:97:9d:43:
5e:12:e8:fd:1a:7c:08:ea:ee:28:3b:15:08:fe:bb:
ab:af:ba:4e:e6:bd:ed:49:c0:a3:40:7b:33:c7:7c:
40:51:1a:fa:6d:d9:93:e6:27:22:45:7e:66:6e:4f:
53:d2:99:10:c6:6a:d9:40:2b:44:a9:81:61:ec:14:
14:7b:94:59:f3:35:80:87:12:7f:c6:c7:f2:e5:96:
41:fe:cd:d5:1a:f7:68:8a:66:fd:08:d9:e1:10:69:
76:66:56:f6:bd:41:28:75:a3:03:05:9c:f2:71:9c:
3b:a1:ab:9c:09:85:8b:d8:49:3a:65:9b:68:fe:59:
ba:9c:00:72:59:0a:e8:a8:fa:53:08:b5:fc:ad:82:
ad:d2:fe:7f:e1:7f:22:c5:64:f8:30:9c:0d:d5:54:
f6:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:22:42:A4:A5:4F:1B:1B:7B:0F:B8:C0:C4:19:66:0A:96:49:8B:39
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/IiJCpKVPGxt7D7jAxBlmCpZJizk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.12.0/24
80.96.43.0/24
80.96.47.0/24
80.96.51.0/24
80.96.67.0/24
80.96.69.0/24
80.96.72.0/24
80.96.79.0/24
80.96.82.0/24
80.96.219.0/24
80.97.147.0-80.97.149.255
81.180.27.0/24
81.181.30.0/24
81.181.112.0/24
81.181.128.0/24
81.181.167.0/24
81.181.246.0/24
85.120.20.0/24
85.120.23.0/24
193.226.16.0/24
193.226.116.0/24
193.226.125.0/24
193.226.127.0/24
193.230.158.0/24
193.230.217.0/24
193.230.229.0/24
193.231.75.0/24
193.231.108.0/24
193.231.184.0/24
193.231.194.0/24
193.231.226.0/24
193.231.233.0/24
193.231.236.0/24
193.231.238.0/24
193.231.252.0/24
194.102.98.0/24
194.102.134.0/24
194.102.229.0/24
194.153.224.0/24
217.156.14.0/24
217.156.20.0/23
217.156.41.0/24
217.156.92.0/24
Signature Algorithm: sha256WithRSAEncryption
64:33:20:94:9b:d3:1c:63:80:24:c9:ff:24:7a:ab:a8:62:93:
1b:78:57:ee:a4:e5:f1:b1:92:5f:e8:6f:2f:58:e5:db:44:68:
77:74:ac:c0:85:15:f7:23:cf:cc:97:08:f7:aa:65:65:bd:2a:
89:83:02:82:c3:8b:c8:ce:a6:a9:17:78:53:a5:a9:7d:54:86:
56:69:c4:3b:76:e2:bb:ff:5e:a9:ef:8b:d4:39:2c:07:e9:46:
fe:8e:00:2e:b2:30:d2:16:3f:27:38:53:a8:b9:99:2f:97:ab:
c6:88:29:a2:58:56:cd:50:6e:d7:31:22:ce:fe:f5:9c:ae:c0:
54:10:71:bb:0b:d0:d5:bb:f6:fc:69:70:7e:3d:81:f4:fb:8a:
d2:c6:e4:11:7e:95:f0:97:5b:14:76:ec:b4:02:1a:3c:94:26:
21:c1:15:39:dc:a8:55:40:e6:69:70:e4:15:4f:c6:22:c6:aa:
2f:5e:73:7d:e9:d8:c1:2b:c6:74:72:3c:ec:53:2a:cf:07:a2:
a6:af:0d:8a:0a:cc:c4:38:a7:a6:52:e6:08:bf:2e:8d:c4:82:
05:71:0d:ce:13:11:b0:00:29:89:f0:f2:ae:db:24:dd:7b:4b:
db:b0:c9:97:b4:5f:2f:ff:e1:83:ee:ac:73:68:08:f3:af:5f:
75:f7:b4:39
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAZG8SAdDhEvV01YiSbjnnynrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwOTA0MDkwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjIyNDJhNGE1NGYxYjFiN2IwZmI4YzBjNDE5NjYwYTk2NDk4YjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxoq0aRoNgPob4pYUHNqKd1i7tRq
3mxJ1xl7Dlq0dg+2al8PymfAMF4iZdhjvKD8d+9cOgzE/A6qf643ArPbI1CnW8aH
A45nAQ/U7rKQO+IrBmQrVHNMu6Ley0JKifVey719fCiXnUNeEuj9GnwI6u4oOxUI
/rurr7pO5r3tScCjQHszx3xAURr6bdmT5iciRX5mbk9T0pkQxmrZQCtEqYFh7BQU
e5RZ8zWAhxJ/xsfy5ZZB/s3VGvdoimb9CNnhEGl2Zlb2vUEodaMDBZzycZw7oauc
CYWL2Ek6ZZto/lm6nAByWQroqPpTCLX8rYKt0v5/4X8ixWT4MJwN1VT2YQIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFCIiQqSlTxsbew+4wMQZZgqWSYs5MB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvSWlKQ3BLVlBHeHQ3RDdqQXhCbG1DcFpKaXprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKwYIKwYBBQUHAQcBAf8EggEaMIIBFjCCARIEAgABMIIB
CgMEAFBgDAMEAFBgKwMEAFBgLwMEAFBgMwMEAFBgQwMEAFBgRQMEAFBgSAMEAFBg
TwMEAFBgUgMEAFBg2zAMAwQAUGGTAwQBUGGUAwQAUbQbAwQAUbUeAwQAUbVwAwQA
UbWAAwQAUbWnAwQAUbX2AwQAVXgUAwQAVXgXAwQAweIQAwQAweJ0AwQAweJ9AwQA
weJ/AwQAweaeAwQAwebZAwQAweblAwQAwedLAwQAwedsAwQAwee4AwQAwefCAwQA
wefiAwQAwefpAwQAwefsAwQAwefuAwQAwef8AwQAwmZiAwQAwmaGAwQAwmblAwQA
wpngAwQA2ZwOAwQB2ZwUAwQA2ZwpAwQA2ZxcMA0GCSqGSIb3DQEBCwUAA4IBAQBk
MyCUm9McY4Akyf8kequoYpMbeFfupOXxsZJf6G8vWOXbRGh3dKzAhRX3I8/Mlwj3
qmVlvSqJgwKCw4vIzqapF3hTpal9VIZWacQ7duK7/16p74vUOSwH6Ub+jgAusjDS
Fj8nOFOouZkvl6vGiCmiWFbNUG7XMSLO/vWcrsBUEHG7C9DVu/b8aXB+PYH0+4rS
xuQRfpXwl1sUduy0Aho8lCYhwRU53KhVQOZpcOQVT8YixqovXnN96djBK8Z0cjzs
UyrPB6Kmrw2KCszEOKemUuYIvy6NxIIFcQ3OExGwACmJ8PKu2yTde0vbsMmXtF8v
/+GD7qxzaAjzr19197Q5
-----END CERTIFICATE-----
Generated at Thu Sep 12 07:27:13 2024 by rpki-client on console-ams.rpki-client.org