Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Eru0FkTYIcW2kIOiCbarwzrlgms.roa
File: Eru0FkTYIcW2kIOiCbarwzrlgms.roa (raw, json)
Hash identifier: aMgqUSVDM00McHSPGfmalRhLINkX9KdeswRnh7AAWw4=
Subject key identifier: 12:BB:B4:16:44:D8:21:C5:B6:90:83:A2:09:B6:AB:C3:3A:E5:82:6B
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018FD0056E2D9AE0DF8CA9EB427DDFA53EFD
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Eru0FkTYIcW2kIOiCbarwzrlgms.roa
Signing time: Fri 31 May 2024 18:59:27 +0000
ROA not before: Fri 31 May 2024 18:59:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 2.56.0.0/22 maxlen: 22
5.180.4.0/22 maxlen: 22
5.182.28.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.86.16.0/21 maxlen: 21
45.88.124.0/22 maxlen: 22
45.143.44.0/22 maxlen: 22
45.151.196.0/22 maxlen: 22
85.159.117.0/24 maxlen: 24
89.39.242.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
91.239.59.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
91.242.94.0/24 maxlen: 24
91.242.95.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.123.0/24 maxlen: 24
91.242.124.0/24 maxlen: 24
91.242.125.0/24 maxlen: 24
91.242.126.0/24 maxlen: 24
91.242.127.0/24 maxlen: 24
94.231.198.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
178.175.176.0/22 maxlen: 22
185.40.105.0/24 maxlen: 24
185.173.244.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
193.46.204.0/24 maxlen: 24
194.50.200.0/23 maxlen: 24
194.50.201.0/24 maxlen: 24
194.50.206.0/23 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/24 maxlen: 24
195.138.105.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.108.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.112.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.116.0/24 maxlen: 24
195.138.118.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.138.122.0/23 maxlen: 23
195.138.124.0/22 maxlen: 22
195.216.156.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 05 Jun 2024 11:44:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d0:05:6e:2d:9a:e0:df:8c:a9:eb:42:7d:df:a5:3e:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: May 31 18:59:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12bbb41644d821c5b69083a209b6abc33ae5826b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:70:fe:c0:63:c9:53:10:80:12:43:7a:40:41:
16:c9:d2:57:ea:df:e8:41:d7:3c:1a:b9:8f:2b:d3:
09:b4:00:ee:ce:5f:2a:97:05:d8:fa:18:5b:40:4f:
4c:c4:92:75:e7:eb:80:f6:97:c5:84:fc:03:b8:a5:
3f:7a:87:1c:47:69:4d:6b:09:64:de:77:97:18:34:
0e:f2:05:82:0d:d9:67:e6:cb:50:f9:fe:03:56:93:
34:be:8d:75:c7:af:d4:e6:8f:45:54:bb:c3:90:98:
42:3b:0c:19:37:1e:ee:3b:e0:68:cb:f3:c2:de:ed:
ca:51:e7:12:68:43:d9:0c:04:e4:8b:7c:7d:36:ff:
a9:23:ae:0c:cd:fe:32:e5:0d:5f:97:e5:15:71:9e:
e1:cf:3e:73:85:db:bd:ba:e7:c5:42:75:cd:1b:f0:
eb:63:17:0a:38:17:a5:92:29:ef:38:e5:df:f9:a7:
20:56:5d:0b:98:90:d2:19:ca:61:28:b9:76:0a:d8:
49:fa:49:49:f4:79:c5:b4:1d:8a:b3:9f:ab:74:e2:
b7:be:99:42:9d:21:86:c0:da:ff:ae:37:14:6e:b9:
5a:92:33:f1:86:df:79:ed:aa:91:12:53:25:d1:27:
12:7c:8c:a1:9f:c2:28:b3:36:35:54:28:af:bf:ef:
8b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:BB:B4:16:44:D8:21:C5:B6:90:83:A2:09:B6:AB:C3:3A:E5:82:6B
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Eru0FkTYIcW2kIOiCbarwzrlgms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.0.0/22
5.180.4.0/22
5.182.28.0/22
45.67.117.0/24
45.86.16.0/21
45.88.124.0/22
45.143.44.0/22
45.151.196.0/22
85.159.117.0/24
89.39.242.0/24
89.40.161.0/24
91.239.59.0/24
91.242.70.0/24
91.242.72.0/22
91.242.94.0/23
91.242.103.0/24
91.242.105.0/24
91.242.123.0-91.242.127.255
94.231.198.0/24
176.126.223.0/24
178.175.176.0/22
185.40.105.0/24
185.173.244.0/24
185.173.247.0/24
185.180.145.0/24
185.212.11.0/24
193.46.204.0/24
194.50.200.0/23
194.50.206.0/23
195.138.103.0-195.138.108.255
195.138.111.0-195.138.112.255
195.138.114.0/24
195.138.116.0/24
195.138.118.0/24
195.138.120.0/24
195.138.122.0-195.138.127.255
195.216.156.0/22
Signature Algorithm: sha256WithRSAEncryption
05:d5:af:c9:35:e9:f6:05:21:a6:71:ea:fc:c5:72:27:3e:69:
9e:9f:63:85:7f:06:b7:c5:96:44:23:56:36:aa:93:a3:e4:51:
c2:78:0e:7e:5b:78:f8:71:cf:8b:c9:89:24:3a:7e:39:43:77:
d4:23:76:a4:92:bd:d1:55:5a:b9:28:de:fd:64:6d:e4:b3:7b:
0d:0f:66:40:7a:22:0d:a4:73:ad:1e:9f:98:71:ed:ed:56:69:
0a:fb:da:24:29:44:78:14:21:b7:ee:3a:56:94:d0:53:05:10:
57:e4:41:ea:b4:50:98:f6:86:ae:6e:c9:f8:d8:08:bc:97:2d:
22:6e:70:1d:a3:a4:a6:3d:6e:24:d8:a8:df:86:0f:98:57:34:
62:63:c2:dd:58:7e:22:a5:4c:68:13:da:01:6a:14:0b:16:56:
0e:ea:2f:40:b0:65:8d:20:f2:04:81:fb:3b:c8:76:11:b2:cb:
66:51:b6:71:c2:03:1e:52:2d:c5:40:a4:be:cd:69:83:a2:43:
a4:5a:58:b0:c1:e3:2c:34:ca:3d:e5:ec:dc:ca:52:a8:0d:5b:
39:aa:48:a4:f6:96:99:03:46:c5:5f:1a:6e:55:9d:54:7d:09:
bc:b4:c4:77:96:00:13:1a:d0:ed:40:b6:3c:3a:85:d2:26:de:
b0:fd:39:e6
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISAY/QBW4tmuDfjKnrQn3fpT79MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwNTMxMTg1OTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmJiYjQxNjQ0ZDgyMWM1YjY5MDgzYTIwOWI2YWJjMzNhZTU4MjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4HD+wGPJUxCAEkN6QEEWydJX6t/o
Qdc8GrmPK9MJtADuzl8qlwXY+hhbQE9MxJJ15+uA9pfFhPwDuKU/eoccR2lNawlk
3neXGDQO8gWCDdln5stQ+f4DVpM0vo11x6/U5o9FVLvDkJhCOwwZNx7uO+Boy/PC
3u3KUecSaEPZDATki3x9Nv+pI64Mzf4y5Q1fl+UVcZ7hzz5zhdu9uufFQnXNG/Dr
YxcKOBelkinvOOXf+acgVl0LmJDSGcphKLl2CthJ+klJ9HnFtB2Ks5+rdOK3vplC
nSGGwNr/rjcUbrlakjPxht957aqRElMl0ScSfIyhn8IoszY1VCivv++LNQIDAQAB
o4IDCjCCAwYwHQYDVR0OBBYEFBK7tBZE2CHFtpCDogm2q8M65YJrMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvRXJ1MEZrVFlJY1cya0lPaUNiYXJ3enJsZ21zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHgYIKwYBBQUHAQcBAf8EggENMIIBCTCCAQUEAgABMIH+
AwQCAjgAAwQCBbQEAwQCBbYcAwQALUN1AwQDLVYQAwQCLVh8AwQCLY8sAwQCLZfE
AwQAVZ91AwQAWSfyAwQAWSihAwQAW+87AwQAW/JGAwQCW/JIAwQBW/JeAwQAW/Jn
AwQAW/JpMAwDBABb8nsDBAdb8gADBABe58YDBACwft8DBAKyr7ADBAC5KGkDBAC5
rfQDBAC5rfcDBAC5tJEDBAC51AsDBADBLswDBAHCMsgDBAHCMs4wDAMEAMOKZwME
AMOKbDAMAwQAw4pvAwQAw4pwAwQAw4pyAwQAw4p0AwQAw4p2AwQAw4p4MAwDBAHD
inoDBAfDigADBALD2JwwDQYJKoZIhvcNAQELBQADggEBAAXVr8k16fYFIaZx6vzF
cic+aZ6fY4V/BrfFlkQjVjaqk6PkUcJ4Dn5bePhxz4vJiSQ6fjlDd9QjdqSSvdFV
Wrko3v1kbeSzew0PZkB6Ig2kc60en5hx7e1WaQr72iQpRHgUIbfuOlaU0FMFEFfk
Qeq0UJj2hq5uyfjYCLyXLSJucB2jpKY9biTYqN+GD5hXNGJjwt1YfiKlTGgT2gFq
FAsWVg7qL0CwZY0g8gSB+zvIdhGyy2ZRtnHCAx5SLcVApL7NaYOiQ6RaWLDB4yw0
yj3l7NzKUqgNWzmqSKT2lpkDRsVfGm5VnVR9Cby0xHeWABMa0O1Atjw6hdIm3rD9
OeY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org