Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_f4KDcdDXlvnsXcMaJu9bjwv5RY.roa
File: _f4KDcdDXlvnsXcMaJu9bjwv5RY.roa (raw, json)
Hash identifier: dOVKDFVZaGdhnzsQ9FgBixXp97NTQUFCRCEf2k5g2DU=
Subject key identifier: FD:FE:0A:0D:C7:43:5E:5B:E7:B1:77:0C:68:9B:BD:6E:3C:2F:E5:16
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0191E1DA0AE1D1100BAE2647BE05D4E7A9E5
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_f4KDcdDXlvnsXcMaJu9bjwv5RY.roa
Signing time: Wed 11 Sep 2024 16:10:48 +0000
ROA not before: Wed 11 Sep 2024 16:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 5.180.4.0/22 maxlen: 22
5.182.28.0/22 maxlen: 22
45.86.16.0/21 maxlen: 21
85.159.117.0/24 maxlen: 24
89.39.242.0/24 maxlen: 24
91.239.59.0/24 maxlen: 24
91.242.72.0/23 maxlen: 23
91.242.73.0/24 maxlen: 24
91.242.74.0/23 maxlen: 23
91.242.94.0/24 maxlen: 24
91.242.95.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
94.231.198.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
178.175.176.0/22 maxlen: 22
185.40.105.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
194.50.200.0/23 maxlen: 24
194.50.201.0/24 maxlen: 24
194.50.206.0/23 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/22 maxlen: 22
195.138.104.0/24 maxlen: 24
195.138.105.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.108.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.112.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.116.0/24 maxlen: 24
195.138.118.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.138.122.0/23 maxlen: 23
195.138.124.0/22 maxlen: 22
195.138.124.0/24 maxlen: 24
195.216.156.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 12 Sep 2024 16:18:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e1:da:0a:e1:d1:10:0b:ae:26:47:be:05:d4:e7:a9:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 11 16:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdfe0a0dc7435e5be7b1770c689bbd6e3c2fe516
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:37:b3:3f:17:d8:5e:29:5c:64:38:41:47:84:
f2:a8:83:95:e5:bc:a8:6e:3a:fa:30:66:11:64:76:
82:0e:2b:aa:8f:c7:a9:15:70:c6:9d:d0:34:e2:ac:
e2:83:15:ab:2c:2d:b8:eb:73:03:d7:c9:24:8d:69:
f6:14:0d:24:4b:b4:8b:d4:7d:73:94:41:d2:4f:d9:
b0:41:17:b3:7e:e0:79:14:c7:6f:b6:fa:ef:17:4d:
79:53:c1:8f:7d:d7:2a:ca:9d:bd:56:fc:87:c4:9e:
d5:46:cb:ce:5a:f8:19:98:be:95:79:94:e6:17:77:
4e:4f:e6:a8:3a:1b:38:21:81:c2:f0:e9:bd:85:e2:
03:55:f3:67:32:2e:e5:2f:60:57:b7:ba:01:a5:1f:
7d:e6:a9:36:fa:69:9e:56:bb:30:0c:2d:97:0b:8c:
79:fe:e1:ab:2b:ae:0e:50:4e:9a:89:55:57:ef:23:
52:ff:cb:2e:a5:b2:cb:e6:13:ad:4a:b8:18:24:68:
33:ad:a6:7f:3d:4c:14:4b:33:c5:86:1a:00:ee:e9:
6d:4c:a7:3f:e3:8b:52:e7:0b:ef:78:d9:ae:d8:3a:
a3:06:27:14:60:86:0d:ab:c0:3f:a9:f2:79:27:f6:
50:7e:85:2d:98:98:8a:9e:a4:cc:52:6d:c5:48:3f:
2f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:FE:0A:0D:C7:43:5E:5B:E7:B1:77:0C:68:9B:BD:6E:3C:2F:E5:16
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_f4KDcdDXlvnsXcMaJu9bjwv5RY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.4.0/22
5.182.28.0/22
45.86.16.0/21
85.159.117.0/24
89.39.242.0/24
91.239.59.0/24
91.242.72.0/22
91.242.94.0/23
91.242.103.0/24
91.242.105.0/24
94.231.198.0/24
176.126.223.0/24
178.175.176.0/22
185.40.105.0/24
185.173.247.0/24
185.180.145.0/24
185.212.11.0/24
194.50.200.0/23
194.50.206.0/23
195.138.103.0-195.138.108.255
195.138.111.0-195.138.112.255
195.138.114.0/24
195.138.116.0/24
195.138.118.0/24
195.138.120.0/24
195.138.122.0-195.138.127.255
195.216.156.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:18:e2:b0:d6:2e:47:62:27:f8:b5:9f:dc:6a:96:c3:6a:ec:
24:62:8d:39:15:b5:14:d0:8c:f9:55:8c:0d:c4:cb:1d:b7:34:
f9:00:ad:d9:ef:50:c3:88:54:cf:d5:7a:f5:2c:86:a1:bf:69:
5f:78:00:82:df:a9:71:52:a9:dd:d8:be:b0:ad:56:2d:1c:29:
54:ef:8a:1c:8e:dc:b3:a2:31:3d:b1:70:79:7b:d7:fa:d2:b5:
26:a3:6b:80:10:8a:43:a7:f5:6c:77:26:23:5b:ed:c2:f0:da:
c6:44:25:02:ca:20:99:28:b8:7c:75:2e:40:b5:f4:ef:cb:47:
82:c4:49:54:ca:5d:7f:15:bf:6f:ab:d8:49:82:ce:14:3f:18:
05:7a:95:ef:e1:59:a2:36:ee:ad:19:17:73:c7:5e:86:68:74:
8f:f8:ce:d0:e1:39:d6:a3:bc:13:1b:a2:5f:d8:5c:48:09:34:
e9:18:63:8f:e4:2c:18:7a:db:65:2c:a8:cf:c7:93:23:e8:5a:
79:12:6f:5d:44:b8:b0:fb:d9:d4:a0:ce:47:54:81:cc:38:5b:
c7:dd:64:5f:ed:30:59:ab:95:33:4f:ec:80:9f:1a:ec:1f:79:
96:c9:08:e7:28:9f:90:1c:b8:79:cc:aa:0d:37:8d:ca:37:4d:
5b:f4:8b:a9
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAZHh2grh0RALriZHvgXU56nlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwOTExMTYxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGZlMGEwZGM3NDM1ZTViZTdiMTc3MGM2ODliYmQ2ZTNjMmZlNTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojezPxfYXilcZDhBR4TyqIOV5byo
bjr6MGYRZHaCDiuqj8epFXDGndA04qzigxWrLC2463MD18kkjWn2FA0kS7SL1H1z
lEHST9mwQRezfuB5FMdvtvrvF015U8GPfdcqyp29VvyHxJ7VRsvOWvgZmL6VeZTm
F3dOT+aoOhs4IYHC8Om9heIDVfNnMi7lL2BXt7oBpR995qk2+mmeVrswDC2XC4x5
/uGrK64OUE6aiVVX7yNS/8supbLL5hOtSrgYJGgzraZ/PUwUSzPFhhoA7ultTKc/
44tS5wvveNmu2DqjBicUYIYNq8A/qfJ5J/ZQfoUtmJiKnqTMUm3FSD8vhQIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFP3+Cg3HQ15b57F3DGibvW48L+UWMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvX2Y0S0RjZERYbHZuc1hjTWFKdTliand2NVJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBwQQCAAEwgboDBAIF
tAQDBAIFthwDBAMtVhADBABVn3UDBABZJ/IDBABb7zsDBAJb8kgDBAFb8l4DBABb
8mcDBABb8mkDBABe58YDBACwft8DBAKyr7ADBAC5KGkDBAC5rfcDBAC5tJEDBAC5
1AsDBAHCMsgDBAHCMs4wDAMEAMOKZwMEAMOKbDAMAwQAw4pvAwQAw4pwAwQAw4py
AwQAw4p0AwQAw4p2AwQAw4p4MAwDBAHDinoDBAfDigADBALD2JwwDQYJKoZIhvcN
AQELBQADggEBAI4Y4rDWLkdiJ/i1n9xqlsNq7CRijTkVtRTQjPlVjA3Eyx23NPkA
rdnvUMOIVM/VevUshqG/aV94AILfqXFSqd3YvrCtVi0cKVTvihyO3LOiMT2xcHl7
1/rStSaja4AQikOn9Wx3JiNb7cLw2sZEJQLKIJkouHx1LkC19O/LR4LESVTKXX8V
v2+r2EmCzhQ/GAV6le/hWaI27q0ZF3PHXoZodI/4ztDhOdajvBMbol/YXEgJNOkY
Y4/kLBh622UsqM/HkyPoWnkSb11EuLD72dSgzkdUgcw4W8fdZF/tMFmrlTNP7ICf
GuwfeZbJCOcon5AcuHnMqg03jco3TVv0i6k=
-----END CERTIFICATE-----
Generated at Thu Sep 12 18:44:57 2024 by rpki-client on console-ams.rpki-client.org