Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/j6hhi2mP_oUTkj-dF1hjAVyoqzk.roa
File: j6hhi2mP_oUTkj-dF1hjAVyoqzk.roa (raw, json)
Hash identifier: Bw6mGQ9tepeGzxnh0ZIgkroON7JgFgsIHhp8eNsfwok=
Subject key identifier: 8F:A8:61:8B:69:8F:FE:85:13:92:3F:9D:17:58:63:01:5C:A8:AB:39
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0187CA63FCD65146A5ED82023950A49B94EE
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/j6hhi2mP_oUTkj-dF1hjAVyoqzk.roa
Signing time: Sat 29 Apr 2023 00:22:43 +0000
ROA not before: Sat 29 Apr 2023 00:22:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
78.108.216.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
194.31.140.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
45.154.196.0/22 maxlen: 24
185.185.43.0/24 maxlen: 24
185.227.68.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
193.105.184.0/24 maxlen: 24
45.90.144.0/22 maxlen: 24
194.56.226.0/24 maxlen: 24
194.56.224.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
45.90.145.0/24 maxlen: 24
45.90.146.0/24 maxlen: 24
77.83.240.0/22 maxlen: 24
45.81.20.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.234.74.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
193.31.28.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
2a0b:7080:10::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b82::/44 maxlen: 44
2a0b:b85::/32 maxlen: 32
2a0b:b87:fff0::/44 maxlen: 44
2a0b:b87:ff12::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:b87:ffda::/48 maxlen: 48
2a0d:77c7::/32 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b84::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 May 2023 15:05:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ca:63:fc:d6:51:46:a5:ed:82:02:39:50:a4:9b:94:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Apr 29 00:22:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8fa8618b698ffe8513923f9d175863015ca8ab39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:96:e4:3c:ae:f2:86:5a:67:01:da:9f:1e:63:
91:ba:fb:a7:a0:56:86:e2:37:5a:f7:46:4b:c2:32:
7a:50:18:c0:20:6b:2c:83:32:30:a3:03:01:d5:1a:
00:66:d4:2a:b2:ad:11:04:cd:d5:e3:5f:a5:71:b6:
e5:06:17:6a:75:a7:cc:7e:65:f1:cd:95:5d:a7:68:
0a:98:8c:f1:45:8a:bc:78:5b:80:ea:13:a7:91:35:
ac:1a:c5:64:f2:f4:f4:93:ac:79:50:4c:13:29:a4:
22:68:11:10:80:c8:6f:14:4a:e1:70:a5:b6:e3:4b:
2a:05:c4:36:63:c5:cb:7f:34:f8:b1:f6:34:07:88:
ac:32:4c:49:78:62:ea:fb:9b:dd:14:72:2f:c4:b7:
72:b7:bc:48:f1:c6:a0:8b:60:51:f0:88:74:30:f4:
6b:f2:26:eb:55:32:79:b0:40:f3:53:64:87:6a:95:
a9:d4:c1:ed:62:66:f7:ea:c1:d0:65:42:b3:f9:1a:
6a:0e:57:25:46:54:db:4a:5e:15:c8:f0:6d:0f:d4:
85:8a:34:e0:33:2f:4f:11:66:63:5c:29:a1:80:54:
fa:4f:e0:2d:4f:ac:69:63:94:1c:d7:71:5a:6a:de:
ff:d5:e0:f4:36:14:53:3f:71:6a:29:69:46:72:12:
e6:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:A8:61:8B:69:8F:FE:85:13:92:3F:9D:17:58:63:01:5C:A8:AB:39
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/j6hhi2mP_oUTkj-dF1hjAVyoqzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.105.184.0/24
193.221.192.0/22
194.31.140.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::/31
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c7::/32
Signature Algorithm: sha256WithRSAEncryption
1d:0c:4e:c6:1e:87:6e:0f:f9:28:3b:ce:4f:e0:cf:84:27:10:
f2:5d:27:7b:a3:3f:2e:09:e5:2f:4d:f9:27:39:17:22:80:7d:
18:e9:eb:a7:f1:e4:1d:56:44:0c:64:af:15:d3:0c:9e:f2:91:
e8:20:a7:48:9a:54:ce:9d:50:0d:ec:da:ff:fa:23:84:92:9d:
26:79:b4:e9:16:44:95:e6:38:9d:ae:6d:b8:66:58:e9:d0:11:
2b:bc:fa:09:28:24:f1:9c:97:47:93:8f:47:36:61:74:08:80:
34:4e:3f:0b:d2:80:7f:ef:e9:4d:da:2d:f7:00:ea:8a:45:5b:
5b:b8:49:b1:be:1d:cb:99:8a:34:6d:3a:8b:16:2f:41:1a:fa:
22:81:9c:29:1e:55:98:a3:a7:89:ef:ba:d4:b0:cd:a1:26:95:
9e:b6:be:12:14:a7:c6:76:cc:ed:be:b7:35:96:12:11:aa:88:
b0:5b:41:89:56:b4:33:33:0d:2f:7f:35:7b:2c:4b:83:ab:29:
91:1e:7d:d0:72:66:f9:05:f0:b2:ef:11:bc:ac:a6:d2:03:75:
1f:16:f4:c9:39:b3:12:98:08:65:cd:bb:3b:9c:3b:ad:38:73:
0e:4a:7f:60:a5:a1:bc:e6:81:5b:7c:66:fe:6a:4c:ac:ef:eb:
de:83:1a:8f
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAYfKY/zWUUal7YICOVCkm5TuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwNDI5MDAyMjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmE4NjE4YjY5OGZmZTg1MTM5MjNmOWQxNzU4NjMwMTVjYThhYjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5bkPK7yhlpnAdqfHmORuvunoFaG
4jda90ZLwjJ6UBjAIGssgzIwowMB1RoAZtQqsq0RBM3V41+lcbblBhdqdafMfmXx
zZVdp2gKmIzxRYq8eFuA6hOnkTWsGsVk8vT0k6x5UEwTKaQiaBEQgMhvFErhcKW2
40sqBcQ2Y8XLfzT4sfY0B4isMkxJeGLq+5vdFHIvxLdyt7xI8cagi2BR8Ih0MPRr
8ibrVTJ5sEDzU2SHapWp1MHtYmb36sHQZUKz+RpqDlclRlTbSl4VyPBtD9SFijTg
My9PEWZjXCmhgFT6T+AtT6xpY5Qc13Faat7/1eD0NhRTP3FqKWlGchLmDQIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFI+oYYtpj/6FE5I/nRdYYwFcqKs5MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvajZoaGkybVBfb1VUa2otZEYxaGpBVnlvcXprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDQYIKwYBBQUHAQcBAf8Egf0wgfowgZcEAgABMIGQAwQC
AjikAwQCLVEUAwQCLVqQAwQCLYzcAwQCLZrEAwQCTVPwAwQCTmzYAwQCU490AwQC
VcqgAwQCWb6cAwQCstqQAwQCubkoAwQCubpAAwQCueNEAwQCuepIAwQCufLgAwQC
wR8cAwQCwSJMAwQAwWm4AwQCwd3AAwQCwh+MAwQCwjIQAwQCwjjgAwQC1GsMMF4E
AgACMFgDBwQqCwuCAAADBQEqCwuEAwcAKgsLh/8SAwcAKgsLh/+0AwcAKgsLh//a
AwcAKgsLh//sAwcEKgsLh//wMBIDBwQqC3CAABADBwYqC3CAAAADBQAqDXfHMA0G
CSqGSIb3DQEBCwUAA4IBAQAdDE7GHoduD/koO85P4M+EJxDyXSd7oz8uCeUvTfkn
ORcigH0Y6eun8eQdVkQMZK8V0wye8pHoIKdImlTOnVAN7Nr/+iOEkp0mebTpFkSV
5jidrm24Zljp0BErvPoJKCTxnJdHk49HNmF0CIA0Tj8L0oB/7+lN2i33AOqKRVtb
uEmxvh3LmYo0bTqLFi9BGvoigZwpHlWYo6eJ77rUsM2hJpWetr4SFKfGdsztvrc1
lhIRqoiwW0GJVrQzMw0vfzV7LEuDqymRHn3Qcmb5BfCy7xG8rKbSA3UfFvTJObMS
mAhlzbs7nDutOHMOSn9gpaG85oFbfGb+akys7+vegxqP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:40 2024 by rpki-client on console-ams.rpki-client.org