Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/P94FNkjM2BP_Ulv_tLtECnqwGBw.roa
File: P94FNkjM2BP_Ulv_tLtECnqwGBw.roa (raw, json)
Hash identifier: 9WJqt+qRaX593jKNzhBWA8FAaKpezdAPXO7LB9xTOdc=
Subject key identifier: 3F:DE:05:36:48:CC:D8:13:FF:52:5B:FF:B4:BB:44:0A:7A:B0:18:1C
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018CC42553A7A31DA99DD5820FD36DA80C81
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/P94FNkjM2BP_Ulv_tLtECnqwGBw.roa
Signing time: Mon 01 Jan 2024 08:30:29 +0000
ROA not before: Mon 01 Jan 2024 08:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
212.107.14.0/24 maxlen: 24
45.154.196.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
45.90.144.0/22 maxlen: 24
194.56.226.0/24 maxlen: 24
194.56.224.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
45.90.145.0/24 maxlen: 24
45.90.146.0/24 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
89.190.156.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
83.143.119.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
78.108.216.0/22 maxlen: 24
78.108.217.0/24 maxlen: 24
194.31.140.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
193.105.184.0/24 maxlen: 24
45.81.20.0/22 maxlen: 24
185.242.225.0/24 maxlen: 24
185.242.224.0/22 maxlen: 24
193.31.28.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
2a0b:7080:10::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b86::/40 maxlen: 48
2a0b:b85::/32 maxlen: 32
2a0b:b87:ff12::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0d:77c0::/29 maxlen: 32
2a0b:b82::/44 maxlen: 44
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:b87:ffda::/48 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0b:b84::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 10 Jan 2024 21:56:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:53:a7:a3:1d:a9:9d:d5:82:0f:d3:6d:a8:0c:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 08:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fde053648ccd813ff525bffb4bb440a7ab0181c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8a:d8:33:5d:03:ed:e7:d6:a9:f1:06:ae:b0:
2a:5a:da:3a:85:71:59:37:06:1d:22:99:37:42:31:
6a:38:cf:38:6b:a6:f5:01:4e:36:a9:f1:e8:02:3d:
95:56:6d:c8:0c:52:8b:f3:29:eb:cf:2d:79:81:18:
3b:fc:6c:59:35:da:c9:5a:81:22:4e:9a:4c:73:ca:
3a:3e:be:e4:75:a4:95:28:d0:c9:16:64:fb:b3:7a:
92:75:95:53:f4:df:49:16:7f:2a:34:61:cd:58:0b:
83:9a:b2:68:8a:a8:31:8e:3d:dd:85:39:95:ac:8a:
7a:18:55:6c:5c:74:03:c2:12:dd:c5:20:f9:3f:79:
1d:97:ce:91:31:4d:2b:0c:6c:a6:8c:ae:50:54:b2:
ed:2b:4c:28:44:93:cc:de:64:2f:4f:6a:8c:e9:a4:
b4:fe:38:ba:1a:f0:fb:1f:8e:0f:b8:2b:70:d1:9a:
8a:fa:29:a0:2e:cd:c9:e4:51:6b:d4:1f:10:8b:ff:
7f:99:47:f8:d8:b4:ca:8f:b8:25:2e:ee:a2:85:4b:
ca:ea:d3:7b:dc:e1:6c:9a:1d:f2:8c:98:db:87:bd:
91:93:2c:6f:08:57:83:f3:66:0e:33:c8:ca:fb:21:
b8:5d:66:86:0c:68:49:7d:81:9b:d7:cd:b1:34:ca:
ff:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:DE:05:36:48:CC:D8:13:FF:52:5B:FF:B4:BB:44:0A:7A:B0:18:1C
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/P94FNkjM2BP_Ulv_tLtECnqwGBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.105.184.0/24
193.221.192.0/22
194.31.140.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::-2a0b:b86:ff:ffff:ffff:ffff:ffff:ffff
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
b7:2a:41:af:e1:80:54:4e:74:ef:ab:9c:94:7b:99:ca:f1:9a:
cb:8d:17:be:5e:08:a4:c7:54:fc:11:7f:63:91:7e:71:b0:9d:
d1:10:26:df:d6:d0:3a:44:ee:ad:a8:9d:9f:c8:b8:38:2e:35:
61:84:f9:82:f3:32:77:a4:5d:5f:f3:2f:88:59:de:55:f1:2c:
8f:91:a0:40:0e:d5:21:67:f5:a2:28:4b:34:be:45:b7:4e:0c:
0b:46:00:88:e1:32:35:ff:0a:13:17:43:2e:72:25:f4:c3:dd:
fd:62:01:f4:3e:b8:fd:a2:9d:1f:8f:8a:33:d0:0a:66:d0:40:
25:ad:26:c6:6f:ff:db:4b:72:72:30:a9:ee:db:c3:f1:5f:8f:
7c:31:1c:aa:ad:16:99:69:2a:d4:2e:38:86:9d:0a:84:37:b7:
3e:83:4d:e9:1d:70:9c:c6:0e:08:80:00:3e:89:a5:fa:b3:5e:
60:0a:5c:7f:3a:ef:87:d8:09:84:0b:d2:a8:7a:b3:9b:0f:33:
5c:d7:b3:3d:ce:c6:c0:53:ae:51:c8:e7:bb:88:f3:d8:d6:82:
a7:f6:1d:e3:91:b2:fd:20:59:27:61:0d:21:26:6d:d0:b9:82:
d1:bf:d1:85:e1:8b:2a:0b:5b:62:5a:a7:e9:36:4a:81:b9:ca:
fa:df:f5:a5
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgISAYzEJVOnox2pndWCD9NtqAyBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTAxMDgzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmRlMDUzNjQ4Y2NkODEzZmY1MjViZmZiNGJiNDQwYTdhYjAxODFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhorYM10D7efWqfEGrrAqWto6hXFZ
NwYdIpk3QjFqOM84a6b1AU42qfHoAj2VVm3IDFKL8ynrzy15gRg7/GxZNdrJWoEi
TppMc8o6Pr7kdaSVKNDJFmT7s3qSdZVT9N9JFn8qNGHNWAuDmrJoiqgxjj3dhTmV
rIp6GFVsXHQDwhLdxSD5P3kdl86RMU0rDGymjK5QVLLtK0woRJPM3mQvT2qM6aS0
/ji6GvD7H44PuCtw0ZqK+imgLs3J5FFr1B8Qi/9/mUf42LTKj7glLu6ihUvK6tN7
3OFsmh3yjJjbh72RkyxvCFeD82YOM8jK+yG4XWaGDGhJfYGb182xNMr/sQIDAQAB
o4IDBTCCAwEwHQYDVR0OBBYEFD/eBTZIzNgT/1Jb/7S7RAp6sBgcMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvUDk0Rk5rak0yQlBfVWx2X3RMdEVDbnF3R0J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGQYIKwYBBQUHAQcBAf8EggEIMIIBBDCBlwQCAAEwgZAD
BAICOKQDBAItURQDBAItWpADBAItjNwDBAItmsQDBAJNU/ADBAJObNgDBAJTj3QD
BAJVyqADBAJZvpwDBAKy2pADBAK5uSgDBAK5ukADBAK540QDBAK56kgDBAK58uAD
BALBHxwDBALBIkwDBADBabgDBALB3cADBALCH4wDBALCMhADBALCOOADBALUawww
aAQCAAIwYgMHBCoLC4IAADAPAwUCKgsLhAMGACoLC4YAAwcAKgsLh/8SAwcAKgsL
h/+0AwcAKgsLh//aAwcAKgsLh//sAwcEKgsLh//wMBIDBwQqC3CAABADBwYqC3CA
AAADBQMqDXfAMA0GCSqGSIb3DQEBCwUAA4IBAQC3KkGv4YBUTnTvq5yUe5nK8ZrL
jRe+Xgikx1T8EX9jkX5xsJ3RECbf1tA6RO6tqJ2fyLg4LjVhhPmC8zJ3pF1f8y+I
Wd5V8SyPkaBADtUhZ/WiKEs0vkW3TgwLRgCI4TI1/woTF0MuciX0w939YgH0Prj9
op0fj4oz0Apm0EAlrSbGb//bS3JyMKnu28PxX498MRyqrRaZaSrULjiGnQqEN7c+
g03pHXCcxg4IgAA+iaX6s15gClx/Ou+H2AmEC9KoerObDzNc17M9zsbAU65RyOe7
iPPY1oKn9h3jkbL9IFknYQ0hJm3QuYLRv9GF4YsqC1tiWqfpNkqBucr63/Wl
-----END CERTIFICATE-----
Generated at Thu Jan 11 00:45:09 2024 by rpki-client on console-fra.rpki-client.org