Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/ieOLovUW7CDM67OsKe5wrRMMVGw.roa
File: ieOLovUW7CDM67OsKe5wrRMMVGw.roa (raw, json)
Hash identifier: Jo9hT2gg1ex8FY9ZaXjVYE49Kf7zZC4/Fhu2vFZ3gHI=
Subject key identifier: 89:E3:8B:A2:F5:16:EC:20:CC:EB:B3:AC:29:EE:70:AD:13:0C:54:6C
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01938CCF3685B078FA1A576758DAFE2AEC18
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/ieOLovUW7CDM67OsKe5wrRMMVGw.roa
Signing time: Tue 03 Dec 2024 13:56:50 +0000
ROA not before: Tue 03 Dec 2024 13:56:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 5.182.28.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.150.168.0/22 maxlen: 22
45.151.196.0/22 maxlen: 22
89.40.161.0/24 maxlen: 24
91.239.59.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.71.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.73.0/24 maxlen: 24
91.242.75.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.123.0/24 maxlen: 24
91.242.124.0/24 maxlen: 24
91.242.125.0/24 maxlen: 24
91.242.126.0/24 maxlen: 24
91.242.127.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
193.31.104.0/22 maxlen: 22
194.50.200.0/24 maxlen: 24
194.50.201.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/22 maxlen: 24
195.138.104.0/24 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.109.0/24 maxlen: 24
195.138.110.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.113.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.115.0/24 maxlen: 24
195.138.116.0/24 maxlen: 24
195.138.118.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.138.124.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 25 Dec 2024 16:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8c:cf:36:85:b0:78:fa:1a:57:67:58:da:fe:2a:ec:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Dec 3 13:56:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89e38ba2f516ec20ccebb3ac29ee70ad130c546c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ab:b7:34:7d:9d:17:3f:50:27:d9:af:57:a4:
bb:43:c3:b3:d3:aa:05:c7:8f:00:cf:9a:b2:60:7f:
b7:9f:78:ec:e7:7a:67:44:2c:00:96:8a:b4:a0:82:
f7:97:27:92:d7:c1:5c:84:fc:d4:d6:6e:68:25:1f:
d7:8c:0b:c5:8b:a7:1a:e4:d2:a0:a2:7d:63:f8:af:
4b:27:22:d6:a2:ec:92:3b:c7:da:09:94:f4:17:4c:
da:fc:17:77:c3:dc:4a:fa:bc:c3:65:c8:77:30:29:
8b:e3:0b:cd:0f:92:e7:3a:ec:67:d1:2d:3d:d5:dc:
f3:12:df:66:12:f1:e5:3a:82:37:b5:e4:30:52:94:
f6:45:c8:ef:27:78:b3:40:82:c5:86:5b:e3:61:42:
37:d3:d5:4d:ee:e1:9c:47:12:64:a5:b6:28:80:40:
d0:83:ef:f3:4a:a8:dd:eb:7b:dd:9f:ba:51:6d:8d:
d2:05:2a:7e:14:8e:35:96:bd:46:74:be:f9:4a:64:
f5:7d:3a:c0:93:52:7a:6e:0f:a2:4d:08:4b:9b:2e:
6c:b5:40:1d:e7:34:3f:c0:3f:6b:1c:d7:0a:6c:ed:
5f:a2:d2:61:8b:33:e6:20:9c:2d:e5:74:1b:35:78:
8d:bd:35:de:ae:de:bd:72:a0:b6:5d:b1:c3:a9:a8:
d0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:E3:8B:A2:F5:16:EC:20:CC:EB:B3:AC:29:EE:70:AD:13:0C:54:6C
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/ieOLovUW7CDM67OsKe5wrRMMVGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.28.0/22
45.67.117.0/24
45.150.168.0/22
45.151.196.0/22
89.40.161.0/24
91.239.59.0/24
91.242.70.0-91.242.73.255
91.242.75.0/24
91.242.105.0/24
91.242.123.0-91.242.127.255
185.40.105.0/24
185.180.145.0/24
193.31.104.0/22
194.50.200.0/23
194.180.238.0/24
195.138.103.0-195.138.107.255
195.138.109.0-195.138.111.255
195.138.113.0-195.138.116.255
195.138.118.0/24
195.138.120.0/24
195.138.124.0/22
Signature Algorithm: sha256WithRSAEncryption
26:75:d5:58:54:f0:ca:47:ee:3f:96:7b:97:f3:1f:fb:6b:8a:
0e:77:64:5b:5c:8e:67:bd:d3:5f:9d:17:82:39:01:16:3b:d6:
21:74:e3:e5:fa:2a:8e:69:1b:33:53:6e:68:b7:b0:64:61:a8:
8f:56:ac:c9:06:dc:ee:bd:92:7f:71:76:b0:67:df:dc:7a:d3:
d5:c5:50:fb:63:be:28:99:a4:02:bb:52:85:35:3d:e4:dd:ee:
39:d1:f7:8b:8b:77:d1:5c:5f:0d:8c:7f:0d:31:e0:c1:29:66:
d5:b5:cb:f1:79:ba:b2:83:d7:cf:50:6f:c2:3b:71:32:a7:ba:
e5:5c:71:4a:5d:a3:96:cb:2f:2c:7e:12:1b:48:14:85:9b:a2:
fd:fe:5b:39:7b:2f:52:ac:67:12:c6:5b:5c:6c:d2:51:49:4c:
9a:ea:e8:17:16:c3:ff:56:63:15:29:59:56:9f:fc:2c:20:0f:
92:57:ab:d1:a4:93:20:49:ea:4f:a6:50:01:19:3f:1f:ec:14:
84:5f:6f:fb:05:ed:90:89:45:61:ec:66:31:bc:31:ca:8a:14:
c0:7e:48:8e:0c:ac:b5:b4:a7:5e:b0:e7:22:a7:e0:2c:5c:fb:
9e:cf:b1:e0:ca:f6:ef:95:82:95:59:3e:6e:ae:24:1d:8e:79:
32:0e:b3:36
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAZOMzzaFsHj6GldnWNr+KuwYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQxMjAzMTM1NjUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWUzOGJhMmY1MTZlYzIwY2NlYmIzYWMyOWVlNzBhZDEzMGM1NDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKu3NH2dFz9QJ9mvV6S7Q8Oz06oF
x48Az5qyYH+3n3js53pnRCwAloq0oIL3lyeS18FchPzU1m5oJR/XjAvFi6ca5NKg
on1j+K9LJyLWouySO8faCZT0F0za/Bd3w9xK+rzDZch3MCmL4wvND5LnOuxn0S09
1dzzEt9mEvHlOoI3teQwUpT2RcjvJ3izQILFhlvjYUI309VN7uGcRxJkpbYogEDQ
g+/zSqjd63vdn7pRbY3SBSp+FI41lr1GdL75SmT1fTrAk1J6bg+iTQhLmy5stUAd
5zQ/wD9rHNcKbO1fotJhizPmIJwt5XQbNXiNvTXert69cqC2XbHDqajQuQIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFInji6L1FuwgzOuzrCnucK0TDFRsMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvaWVPTG92VVc3Q0RNNjdPc0tlNXdyUk1NVkd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBrQQCAAEwgaYDBAIF
thwDBAAtQ3UDBAItlqgDBAItl8QDBABZKKEDBABb7zswDAMEAVvyRgMEAVvySAME
AFvySwMEAFvyaTAMAwQAW/J7AwQHW/IAAwQAuShpAwQAubSRAwQCwR9oAwQBwjLI
AwQAwrTuMAwDBADDimcDBALDimgwDAMEAMOKbQMEBMOKYDAMAwQAw4pxAwQAw4p0
AwQAw4p2AwQAw4p4AwQCw4p8MA0GCSqGSIb3DQEBCwUAA4IBAQAmddVYVPDKR+4/
lnuX8x/7a4oOd2RbXI5nvdNfnReCOQEWO9YhdOPl+iqOaRszU25ot7BkYaiPVqzJ
BtzuvZJ/cXawZ9/cetPVxVD7Y74omaQCu1KFNT3k3e450feLi3fRXF8NjH8NMeDB
KWbVtcvxebqyg9fPUG/CO3Eyp7rlXHFKXaOWyy8sfhIbSBSFm6L9/ls5ey9SrGcS
xltcbNJRSUya6ugXFsP/VmMVKVlWn/wsIA+SV6vRpJMgSepPplABGT8f7BSEX2/7
Be2QiUVh7GYxvDHKihTAfkiODKy1tKdesOcip+AsXPuez7HgyvbvlYKVWT5uriQd
jnkyDrM2
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:13:59 2025 by rpki-client