Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/D0ndA_9Ypk0aNbZH1aspyYrJ2vU.roa
File: D0ndA_9Ypk0aNbZH1aspyYrJ2vU.roa (raw, json)
Hash identifier: Dzt3M8m4fdkpL7n+5KS2RxV/J2ix3NEP0b61D/j41n4=
Subject key identifier: 0F:49:DD:03:FF:58:A6:4D:1A:35:B6:47:D5:AB:29:C9:8A:C9:DA:F5
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 0189F8332330490EF18488F024FFBE9BEF9C
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/D0ndA_9Ypk0aNbZH1aspyYrJ2vU.roa
Signing time: Tue 15 Aug 2023 07:57:28 +0000
ROA not before: Tue 15 Aug 2023 07:57:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8220
IP address blocks: 212.36.128.0/18 maxlen: 18
62.23.0.0/16 maxlen: 16
62.23.14.0/24 maxlen: 24
212.36.144.0/20 maxlen: 20
62.23.23.0/24 maxlen: 24
80.80.0.0/19 maxlen: 19
46.248.128.0/19 maxlen: 19
212.161.0.0/17 maxlen: 17
136.225.0.0/16 maxlen: 16
84.16.160.0/19 maxlen: 19
193.188.132.0/23 maxlen: 23
213.215.128.0/17 maxlen: 17
213.208.192.0/18 maxlen: 18
212.36.160.0/20 maxlen: 20
62.97.64.0/18 maxlen: 18
62.23.43.0/24 maxlen: 24
157.120.224.0/21 maxlen: 21
157.120.236.0/22 maxlen: 22
212.36.184.0/21 maxlen: 21
62.23.61.0/24 maxlen: 24
62.23.70.0/24 maxlen: 24
157.120.240.0/20 maxlen: 20
212.35.96.0/19 maxlen: 19
62.96.0.0/16 maxlen: 16
213.86.0.0/16 maxlen: 16
87.241.0.0/18 maxlen: 18
213.173.160.0/19 maxlen: 19
213.164.0.0/19 maxlen: 19
193.93.80.0/22 maxlen: 22
80.251.160.0/19 maxlen: 19
195.110.64.0/19 maxlen: 19
212.123.192.0/18 maxlen: 18
217.110.0.0/15 maxlen: 15
212.203.64.0/18 maxlen: 18
212.78.160.0/19 maxlen: 19
194.223.128.0/21 maxlen: 21
194.223.136.0/22 maxlen: 22
213.246.192.0/18 maxlen: 18
85.88.128.0/19 maxlen: 19
195.68.74.0/24 maxlen: 24
193.118.224.0/19 maxlen: 19
78.143.0.0/18 maxlen: 18
212.31.224.0/19 maxlen: 19
217.173.96.0/20 maxlen: 20
82.112.192.0/19 maxlen: 19
62.72.96.0/19 maxlen: 19
57.133.0.0/16 maxlen: 16
78.156.64.0/19 maxlen: 19
78.156.64.0/20 maxlen: 20
193.82.32.0/19 maxlen: 19
78.156.80.0/21 maxlen: 21
212.74.79.0/24 maxlen: 24
212.121.128.0/19 maxlen: 19
212.23.224.0/19 maxlen: 19
213.185.160.0/19 maxlen: 19
212.0.96.0/19 maxlen: 19
213.61.0.0/16 maxlen: 16
62.192.0.0/19 maxlen: 19
193.114.160.0/19 maxlen: 19
212.74.64.0/24 maxlen: 24
212.74.64.0/19 maxlen: 19
212.74.77.0/24 maxlen: 24
212.74.78.0/24 maxlen: 24
195.68.0.0/17 maxlen: 17
84.14.63.0/24 maxlen: 24
62.152.96.0/19 maxlen: 19
62.23.254.0/24 maxlen: 24
213.229.128.0/18 maxlen: 18
118.67.224.0/19 maxlen: 19
62.84.192.0/19 maxlen: 19
84.14.0.0/16 maxlen: 16
213.27.128.0/17 maxlen: 17
213.41.0.0/17 maxlen: 17
80.169.0.0/16 maxlen: 16
2001:921::/32 maxlen: 32
2001:926::/32 maxlen: 32
2001:924::/32 maxlen: 32
2001:925::/32 maxlen: 32
2001:920::/29 maxlen: 29
2001:920::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 15 Nov 2023 10:07:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f8:33:23:30:49:0e:f1:84:88:f0:24:ff:be:9b:ef:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Aug 15 07:57:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f49dd03ff58a64d1a35b647d5ab29c98ac9daf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c0:f6:9a:60:e4:c8:51:d9:4c:46:ee:c8:f7:
9e:16:d5:cc:cb:ff:57:74:49:5a:e4:e6:3e:1b:64:
e8:6a:ea:60:9f:6e:15:f6:a9:93:0c:1c:42:04:95:
04:ab:09:a0:2d:ad:9e:87:13:97:16:ff:3f:12:20:
db:d0:fb:de:fc:4d:10:86:86:02:39:9b:89:2f:d0:
40:7b:db:a7:f9:ca:67:c6:67:ec:ef:9d:55:44:54:
8d:56:52:2b:36:99:0d:fe:ea:75:c1:d7:41:24:0d:
f7:28:61:57:90:91:9e:4f:90:37:f1:dd:6f:55:43:
29:ab:f9:3d:25:c9:ad:4f:99:98:1c:93:44:c5:4f:
c6:2e:fb:01:0c:a9:e8:08:41:43:d2:f3:ff:d3:b4:
78:d1:c4:b0:09:46:1e:68:37:6d:10:0c:79:c0:a0:
f9:e2:59:cd:60:4d:5b:00:00:cd:ee:cf:a3:91:1e:
90:5b:19:0c:c0:7e:e2:d7:55:6a:7a:c2:2a:15:0e:
aa:62:a9:10:59:60:ab:ee:9a:94:d4:ce:be:1f:c4:
9c:d8:df:ef:ed:82:32:fe:e8:e0:ad:06:cb:c9:23:
d6:ef:16:40:b2:ae:93:90:f5:d0:26:f1:f0:0d:96:
17:68:1d:45:b1:8d:84:2a:6d:20:c0:f3:c6:5b:9e:
9e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:49:DD:03:FF:58:A6:4D:1A:35:B6:47:D5:AB:29:C9:8A:C9:DA:F5
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/D0ndA_9Ypk0aNbZH1aspyYrJ2vU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.248.128.0/19
57.133.0.0/16
62.23.0.0/16
62.72.96.0/19
62.84.192.0/19
62.96.0.0/16
62.97.64.0/18
62.152.96.0/19
62.192.0.0/19
78.143.0.0/18
78.156.64.0/19
80.80.0.0/19
80.169.0.0/16
80.251.160.0/19
82.112.192.0/19
84.14.0.0/16
84.16.160.0/19
85.88.128.0/19
87.241.0.0/18
118.67.224.0/19
136.225.0.0/16
157.120.224.0/21
157.120.236.0-157.120.255.255
193.82.32.0/19
193.93.80.0/22
193.114.160.0/19
193.118.224.0/19
193.188.132.0/23
194.223.128.0-194.223.139.255
195.68.0.0/17
195.110.64.0/19
212.0.96.0/19
212.23.224.0/19
212.31.224.0/19
212.35.96.0/19
212.36.128.0/18
212.74.64.0/19
212.78.160.0/19
212.121.128.0/19
212.123.192.0/18
212.161.0.0/17
212.203.64.0/18
213.27.128.0/17
213.41.0.0/17
213.61.0.0/16
213.86.0.0/16
213.164.0.0/19
213.173.160.0/19
213.185.160.0/19
213.208.192.0/18
213.215.128.0/17
213.229.128.0/18
213.246.192.0/18
217.110.0.0/15
217.173.96.0/20
IPv6:
2001:920::/29
Signature Algorithm: sha256WithRSAEncryption
24:90:30:00:eb:15:33:05:e4:3e:8b:f9:34:77:b7:b8:9c:3f:
a9:9b:46:3e:80:37:2f:6a:9c:d0:43:89:96:02:fd:3e:b0:48:
ae:6e:37:d3:2c:21:46:cd:26:3a:8e:8c:74:4c:b8:85:15:61:
3a:be:8b:26:07:36:06:4f:5f:d7:69:39:42:80:da:c2:7e:af:
1d:29:ed:c9:fd:8c:1d:7b:33:81:e4:9e:0d:42:d7:59:dc:69:
31:c1:77:92:18:8d:7c:f2:90:51:97:52:58:1b:63:32:33:e3:
52:86:4e:0c:70:e6:66:cb:fd:c5:65:cb:c8:c8:a6:6c:f7:ae:
09:49:ab:64:f8:6c:66:99:d9:ee:65:44:15:77:7c:04:0c:0b:
b2:09:3a:f4:30:a2:e3:60:62:e4:0b:8c:97:71:93:d0:0c:ea:
8e:d3:71:dc:0b:bd:f0:c4:93:e7:bb:fd:ab:b8:b8:16:61:44:
35:5d:f0:ed:05:5f:a8:b6:e0:7b:e0:56:a4:35:9d:23:43:cd:
d7:29:5e:97:00:88:6d:cb:b9:26:99:de:4b:3e:30:a0:07:76:
f6:ce:f0:8e:4e:ce:08:82:0f:3f:64:c7:54:2f:aa:b3:01:7f:
a8:cf:88:60:16:66:00:63:51:c1:d1:1b:5c:fa:db:b4:8d:fa:
47:2b:ee:9a
-----BEGIN CERTIFICATE-----
MIIGYDCCBUigAwIBAgISAYn4MyMwSQ7xhIjwJP++m++cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjhmZmMwODg1OTFlNGYyNDNiYWFmYTIxYjQyOThiZmIz
NjYwMjYwHhcNMjMwODE1MDc1NzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjQ5ZGQwM2ZmNThhNjRkMWEzNWI2NDdkNWFiMjljOThhYzlkYWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncD2mmDkyFHZTEbuyPeeFtXMy/9X
dEla5OY+G2Toaupgn24V9qmTDBxCBJUEqwmgLa2ehxOXFv8/EiDb0Pve/E0QhoYC
OZuJL9BAe9un+cpnxmfs751VRFSNVlIrNpkN/up1wddBJA33KGFXkJGeT5A38d1v
VUMpq/k9JcmtT5mYHJNExU/GLvsBDKnoCEFD0vP/07R40cSwCUYeaDdtEAx5wKD5
4lnNYE1bAADN7s+jkR6QWxkMwH7i11VqesIqFQ6qYqkQWWCr7pqU1M6+H8Sc2N/v
7YIy/ujgrQbLySPW7xZAsq6TkPXQJvHwDZYXaB1FsY2EKm0gwPPGW56epQIDAQAB
o4IDbDCCA2gwHQYDVR0OBBYEFA9J3QP/WKZNGjW2R9WrKcmKydr1MB8GA1UdIwQY
MBaAFEz4/8CIWR5PJDuq+iG0KYv7NmAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMt
YjNiNzhiMGI2NmVhLzEvRDBuZEFfOVlwazBhTmJaSDFhc3B5WXJKMnZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMtYjNiNzhiMGI2NmVh
LzEvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBgAYIKwYBBQUHAQcBAf8EggFvMIIBazCCAVgEAgABMIIB
UAMEBS74gAMDADmFAwMAPhcDBAU+SGADBAU+VMADAwA+YAMEBj5hQAMEBT6YYAME
BT7AAAMEBk6PAAMEBU6cQAMEBVBQAAMDAFCpAwQFUPugAwQFUnDAAwMAVA4DBAVU
EKADBAVVWIADBAZX8QADBAV2Q+ADAwCI4QMEA5144DALAwQCnXjsAwMAnXgDBAXB
UiADBALBXVADBAXBcqADBAXBduADBAHBvIQwDAMEB8LfgAMEAsLfiAMEB8NEAAME
BcNuQAMEBdQAYAMEBdQX4AMEBdQf4AMEBdQjYAMEBtQkgAMEBdRKQAMEBdROoAME
BdR5gAMEBtR7wAMEB9ShAAMEBtTLQAMEB9UbgAMEB9UpAAMDANU9AwMA1VYDBAXV
pAADBAXVraADBAXVuaADBAbV0MADBAfV14ADBAbV5YADBAbV9sADAwHZbgMEBNmt
YDANBAIAAjAHAwUDIAEJIDANBgkqhkiG9w0BAQsFAAOCAQEAJJAwAOsVMwXkPov5
NHe3uJw/qZtGPoA3L2qc0EOJlgL9PrBIrm430ywhRs0mOo6MdEy4hRVhOr6LJgc2
Bk9f12k5QoDawn6vHSntyf2MHXszgeSeDULXWdxpMcF3khiNfPKQUZdSWBtjMjPj
UoZODHDmZsv9xWXLyMimbPeuCUmrZPhsZpnZ7mVEFXd8BAwLsgk69DCi42Bi5AuM
l3GT0AzqjtNx3Au98MST57v9q7i4FmFENV3w7QVfqLbge+BWpDWdI0PN1ylelwCI
bcu5JpneSz4woAd29s7wjk7OCIIPP2THVC+qswF/qM+IYBZmAGNRwdEbXPrbtI36
Ryvumg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:27 2024 by rpki-client on console-ams.rpki-client.org