Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/g0lLi7L7NcISmVL33LfTS66QG3M.roa
File: g0lLi7L7NcISmVL33LfTS66QG3M.roa (raw, json)
Hash identifier: lD6N6+aFRS9/zAieB5s6wlOQWUVTR8fXOZN5xitWFf0=
Subject key identifier: 83:49:4B:8B:B2:FB:35:C2:12:99:52:F7:DC:B7:D3:4B:AE:90:1B:73
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018EE2D3ADD171855AC68F09A63A41230075
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/g0lLi7L7NcISmVL33LfTS66QG3M.roa
Signing time: Mon 15 Apr 2024 17:35:07 +0000
ROA not before: Mon 15 Apr 2024 17:35:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
45.81.20.0/22 maxlen: 24
45.90.144.0/22 maxlen: 24
45.90.145.0/24 maxlen: 24
45.90.146.0/24 maxlen: 24
45.140.220.0/22 maxlen: 24
45.154.196.0/22 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
78.108.216.0/22 maxlen: 24
78.108.217.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
83.143.119.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.227.71.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.242.225.0/24 maxlen: 24
193.31.28.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.105.184.0/24 maxlen: 24
193.105.207.0/24 maxlen: 24
193.221.192.0/22 maxlen: 24
194.31.141.0/24 maxlen: 24
194.50.16.0/22 maxlen: 24
194.56.224.0/22 maxlen: 24
194.56.226.0/24 maxlen: 24
212.107.12.0/22 maxlen: 24
212.107.14.0/24 maxlen: 24
2a0b:b82::/44 maxlen: 44
2a0b:b84::/32 maxlen: 32
2a0b:b85::/32 maxlen: 32
2a0b:b86::/40 maxlen: 48
2a0b:b87:ff12::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b87:ffda::/48 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:7080:10::/48 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0d:77c0::/29 maxlen: 32
Validation: Failed, certificate revoked on Wed 17 Apr 2024 13:09:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e2:d3:ad:d1:71:85:5a:c6:8f:09:a6:3a:41:23:00:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Apr 15 17:35:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83494b8bb2fb35c2129952f7dcb7d34bae901b73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:17:3c:bf:21:a3:00:cb:4e:64:37:9b:7f:08:
bd:f6:39:67:d6:88:22:17:a3:a2:e8:3b:05:9f:53:
f6:78:12:f5:61:33:17:36:2d:c0:2a:90:24:1c:c2:
72:a9:f9:d2:fd:6c:0c:44:69:d5:2e:94:15:40:8a:
27:b1:d5:f9:43:bf:2c:00:58:bf:cf:e9:7f:5e:58:
18:2b:d3:cc:3e:81:12:ac:d6:a7:eb:72:3a:e9:bb:
42:f6:64:8b:ff:74:45:0c:fc:37:9f:39:8d:e7:34:
4f:e3:a2:a7:8b:3c:57:15:49:a2:4a:61:b2:c8:bc:
ae:80:48:82:a0:89:a5:67:80:fe:e0:d5:c7:ed:47:
f9:6e:36:d6:03:eb:24:cb:f3:0e:26:69:e2:61:a5:
3d:a3:df:18:d3:93:f2:f6:4d:f7:f9:e3:8c:2e:90:
ec:15:28:77:6d:91:81:0c:85:75:53:85:01:0a:25:
d8:6d:fb:4b:2b:6b:22:71:06:16:87:e8:8d:69:7f:
21:3c:10:65:27:e4:00:f9:ea:cf:48:81:ad:8d:70:
3e:c7:b7:8e:0c:92:08:73:be:83:6a:48:f3:c9:0f:
29:c6:1a:f5:b7:04:65:bd:9d:be:38:99:4d:36:97:
e5:86:41:3b:70:19:cb:a9:d1:6b:65:b7:42:9a:75:
a9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:49:4B:8B:B2:FB:35:C2:12:99:52:F7:DC:B7:D3:4B:AE:90:1B:73
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/g0lLi7L7NcISmVL33LfTS66QG3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.105.184.0/24
193.105.207.0/24
193.221.192.0/22
194.31.141.0/24
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::-2a0b:b86:ff:ffff:ffff:ffff:ffff:ffff
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
50:0a:4b:80:bb:cd:3e:ee:95:51:1e:16:7f:06:fb:e9:d0:ab:
39:7e:d4:10:a5:7f:38:80:4f:af:18:20:21:7a:12:cf:a9:4a:
e9:fd:0f:07:51:6f:c6:67:94:bc:7d:5e:14:03:12:62:5b:af:
56:34:49:76:ac:23:35:9c:71:31:09:8c:1a:3c:1c:b8:46:4c:
7b:1f:88:2c:59:52:37:39:66:d6:f0:8e:13:6b:79:bc:74:8e:
a4:f4:48:f6:7c:e9:f1:ee:8f:3e:79:2b:a2:1c:45:48:02:51:
be:c4:75:0c:26:97:64:8c:51:09:96:e1:aa:13:09:23:18:1c:
9b:76:26:90:76:cb:5f:e9:48:5d:a1:b6:53:81:96:c3:f2:76:
e7:6d:0b:f5:5f:ac:77:86:7e:31:6d:5e:15:4a:fa:46:94:f3:
b9:18:04:7b:3d:40:6f:97:2e:84:66:eb:69:57:b8:93:76:a5:
23:3d:45:1a:05:80:2a:ee:d5:76:1a:9d:a4:4a:30:e1:5e:24:
bc:7b:49:5e:d1:89:df:e0:56:ed:28:7c:86:fa:25:bc:10:ad:
24:df:ba:70:75:ae:80:cf:f5:eb:cd:9f:6c:01:35:df:06:02:
92:d6:94:53:79:39:bd:33:aa:64:55:1f:bf:99:75:f3:f3:d7:
2a:4b:fa:55
-----BEGIN CERTIFICATE-----
MIIF/zCCBOegAwIBAgISAY7i063RcYVaxo8JpjpBIwB1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwNDE1MTczNTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzQ5NGI4YmIyZmIzNWMyMTI5OTUyZjdkY2I3ZDM0YmFlOTAxYjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhc8vyGjAMtOZDebfwi99jln1ogi
F6Oi6DsFn1P2eBL1YTMXNi3AKpAkHMJyqfnS/WwMRGnVLpQVQIonsdX5Q78sAFi/
z+l/XlgYK9PMPoESrNan63I66btC9mSL/3RFDPw3nzmN5zRP46KnizxXFUmiSmGy
yLyugEiCoImlZ4D+4NXH7Uf5bjbWA+sky/MOJmniYaU9o98Y05Py9k33+eOMLpDs
FSh3bZGBDIV1U4UBCiXYbftLK2sicQYWh+iNaX8hPBBlJ+QA+erPSIGtjXA+x7eO
DJIIc76DakjzyQ8pxhr1twRlvZ2+OJlNNpflhkE7cBnLqdFrZbdCmnWpwwIDAQAB
o4IDCzCCAwcwHQYDVR0OBBYEFINJS4uy+zXCEplS99y300uukBtzMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvZzBsTGk3TDdOY0lTbVZMMzNMZlRTNjZRRzNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHwYIKwYBBQUHAQcBAf8EggEOMIIBCjCBnQQCAAEwgZYD
BAICOKQDBAItURQDBAItWpADBAItjNwDBAItmsQDBAJNU/ADBAJObNgDBAJTj3QD
BAJVyqADBAJZvpwDBAKy2pADBAK5uSgDBAK5ukADBAK540QDBAK56kgDBAK58uAD
BALBHxwDBALBIkwDBADBabgDBADBac8DBALB3cADBADCH40DBALCMhADBALCOOAD
BALUawwwaAQCAAIwYgMHBCoLC4IAADAPAwUCKgsLhAMGACoLC4YAAwcAKgsLh/8S
AwcAKgsLh/+0AwcAKgsLh//aAwcAKgsLh//sAwcEKgsLh//wMBIDBwQqC3CAABAD
BwYqC3CAAAADBQMqDXfAMA0GCSqGSIb3DQEBCwUAA4IBAQBQCkuAu80+7pVRHhZ/
Bvvp0Ks5ftQQpX84gE+vGCAhehLPqUrp/Q8HUW/GZ5S8fV4UAxJiW69WNEl2rCM1
nHExCYwaPBy4Rkx7H4gsWVI3OWbW8I4Ta3m8dI6k9Ej2fOnx7o8+eSuiHEVIAlG+
xHUMJpdkjFEJluGqEwkjGBybdiaQdstf6UhdobZTgZbD8nbnbQv1X6x3hn4xbV4V
SvpGlPO5GAR7PUBvly6EZutpV7iTdqUjPUUaBYAq7tV2Gp2kSjDhXiS8e0le0Ynf
4FbtKHyG+iW8EK0k37pwda6Az/XrzZ9sATXfBgKS1pRTeTm9M6pkVR+/mXXz89cq
S/pV
-----END CERTIFICATE-----
Generated at Wed Apr 17 17:48:16 2024 by rpki-client on console-ams.rpki-client.org