Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/O8p6Q9QtQe3hy4ELSdo2L5c8PkY.roa
File: O8p6Q9QtQe3hy4ELSdo2L5c8PkY.roa (raw, json)
Hash identifier: fP7ltSA/DaM3YjMrRDV1Ajriwfqjy6XUjMV9FUTT/IU=
Subject key identifier: 3B:CA:7A:43:D4:2D:41:ED:E1:CB:81:0B:49:DA:36:2F:97:3C:3E:46
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 018CC3B6D0EEC170E968AA19D3C5B4B2A627
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/O8p6Q9QtQe3hy4ELSdo2L5c8PkY.roa
Signing time: Mon 01 Jan 2024 06:29:47 +0000
ROA not before: Mon 01 Jan 2024 06:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8220
IP address blocks: 212.36.128.0/18 maxlen: 18
62.23.0.0/16 maxlen: 16
62.23.14.0/24 maxlen: 24
212.36.144.0/20 maxlen: 20
62.23.23.0/24 maxlen: 24
80.80.0.0/19 maxlen: 19
46.248.128.0/19 maxlen: 19
212.161.0.0/17 maxlen: 17
136.225.0.0/16 maxlen: 16
84.16.160.0/19 maxlen: 19
193.188.132.0/23 maxlen: 23
213.215.128.0/17 maxlen: 17
213.208.192.0/18 maxlen: 18
212.36.160.0/20 maxlen: 20
62.97.64.0/18 maxlen: 18
62.23.43.0/24 maxlen: 24
157.120.224.0/21 maxlen: 21
157.120.236.0/22 maxlen: 22
212.36.184.0/21 maxlen: 21
62.23.61.0/24 maxlen: 24
62.23.70.0/24 maxlen: 24
157.120.240.0/20 maxlen: 20
212.35.96.0/19 maxlen: 19
62.96.0.0/16 maxlen: 16
213.86.0.0/16 maxlen: 16
87.241.0.0/18 maxlen: 18
213.173.160.0/19 maxlen: 19
213.164.0.0/19 maxlen: 19
193.93.80.0/22 maxlen: 22
80.251.160.0/19 maxlen: 19
195.110.64.0/19 maxlen: 19
212.123.192.0/18 maxlen: 18
217.110.0.0/15 maxlen: 15
212.203.64.0/18 maxlen: 18
212.78.160.0/19 maxlen: 19
194.223.128.0/21 maxlen: 21
194.223.136.0/22 maxlen: 22
213.246.192.0/18 maxlen: 18
85.88.128.0/19 maxlen: 19
195.68.74.0/24 maxlen: 24
193.118.224.0/19 maxlen: 19
78.143.0.0/18 maxlen: 18
212.31.224.0/19 maxlen: 19
217.173.96.0/20 maxlen: 20
82.112.192.0/19 maxlen: 19
62.72.96.0/19 maxlen: 19
57.133.0.0/16 maxlen: 16
78.156.64.0/19 maxlen: 19
78.156.64.0/20 maxlen: 20
193.82.32.0/19 maxlen: 19
78.156.80.0/21 maxlen: 21
84.14.217.0/24 maxlen: 24
212.74.79.0/24 maxlen: 24
212.121.128.0/19 maxlen: 19
212.23.224.0/19 maxlen: 19
213.185.160.0/19 maxlen: 19
212.0.96.0/19 maxlen: 19
213.61.0.0/16 maxlen: 16
62.192.0.0/19 maxlen: 19
193.114.160.0/19 maxlen: 19
212.74.64.0/24 maxlen: 24
212.74.64.0/19 maxlen: 19
212.74.77.0/24 maxlen: 24
212.74.78.0/24 maxlen: 24
195.68.0.0/17 maxlen: 17
84.14.63.0/24 maxlen: 24
62.152.96.0/19 maxlen: 19
62.23.254.0/24 maxlen: 24
62.23.255.0/24 maxlen: 24
213.229.128.0/18 maxlen: 18
118.67.224.0/19 maxlen: 19
62.84.192.0/19 maxlen: 19
84.14.0.0/16 maxlen: 16
213.27.128.0/17 maxlen: 17
213.41.0.0/17 maxlen: 17
80.169.0.0/16 maxlen: 16
2001:921::/32 maxlen: 32
2001:926::/32 maxlen: 32
2001:924::/32 maxlen: 32
2001:925::/32 maxlen: 32
2001:920::/29 maxlen: 29
2001:920::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 30 Apr 2024 06:10:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:d0:ee:c1:70:e9:68:aa:19:d3:c5:b4:b2:a6:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Jan 1 06:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bca7a43d42d41ede1cb810b49da362f973c3e46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:34:a9:69:67:89:fa:b5:68:d9:37:36:77:89:
a6:0f:9b:66:11:19:87:b2:2b:e0:73:66:99:23:bf:
f4:6b:47:94:5d:32:13:dc:48:e5:51:fd:26:03:70:
a6:1c:1c:64:f2:a8:e8:c0:b6:a4:4f:c5:4a:87:3b:
97:f8:a1:31:ce:73:54:65:a3:1b:3d:70:73:c5:ca:
6c:af:00:25:cb:60:a1:bc:b2:7c:04:2b:f7:5b:cf:
6e:17:09:e3:74:6a:81:98:74:d2:c6:49:b8:74:d2:
a5:0b:7e:80:ad:3e:4d:77:01:c9:f1:1c:7a:41:d9:
96:4b:0c:d1:ee:df:a9:a8:f7:48:05:be:78:b2:a5:
10:1e:54:79:d3:e7:e2:4d:19:91:3d:1a:3c:b8:8e:
ad:af:03:c2:ae:7c:1c:72:54:ce:2f:62:e5:fe:ba:
2a:cd:4d:3b:e4:1c:61:7a:f8:08:6e:e1:00:d0:00:
b3:7f:59:8d:6c:1f:51:ee:e3:d9:0e:e8:c9:e8:9f:
5a:00:f7:71:29:78:20:37:a1:dd:be:bf:6c:e7:ba:
3c:1d:4b:56:1d:ab:b0:fb:97:f8:4a:95:a8:27:95:
82:82:02:17:30:80:c3:22:a3:47:c7:26:09:c8:b4:
3d:b8:f1:99:29:44:cd:ca:1b:ac:90:bb:39:52:bd:
66:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:CA:7A:43:D4:2D:41:ED:E1:CB:81:0B:49:DA:36:2F:97:3C:3E:46
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/O8p6Q9QtQe3hy4ELSdo2L5c8PkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.248.128.0/19
57.133.0.0/16
62.23.0.0/16
62.72.96.0/19
62.84.192.0/19
62.96.0.0/16
62.97.64.0/18
62.152.96.0/19
62.192.0.0/19
78.143.0.0/18
78.156.64.0/19
80.80.0.0/19
80.169.0.0/16
80.251.160.0/19
82.112.192.0/19
84.14.0.0/16
84.16.160.0/19
85.88.128.0/19
87.241.0.0/18
118.67.224.0/19
136.225.0.0/16
157.120.224.0/21
157.120.236.0-157.120.255.255
193.82.32.0/19
193.93.80.0/22
193.114.160.0/19
193.118.224.0/19
193.188.132.0/23
194.223.128.0-194.223.139.255
195.68.0.0/17
195.110.64.0/19
212.0.96.0/19
212.23.224.0/19
212.31.224.0/19
212.35.96.0/19
212.36.128.0/18
212.74.64.0/19
212.78.160.0/19
212.121.128.0/19
212.123.192.0/18
212.161.0.0/17
212.203.64.0/18
213.27.128.0/17
213.41.0.0/17
213.61.0.0/16
213.86.0.0/16
213.164.0.0/19
213.173.160.0/19
213.185.160.0/19
213.208.192.0/18
213.215.128.0/17
213.229.128.0/18
213.246.192.0/18
217.110.0.0/15
217.173.96.0/20
IPv6:
2001:920::/29
Signature Algorithm: sha256WithRSAEncryption
2a:67:d6:0f:f4:c1:3a:a5:7a:05:94:0a:cf:86:65:58:68:c6:
11:de:77:39:a4:de:b0:88:67:53:58:34:d5:ef:53:43:c8:a7:
2b:7f:ee:c7:11:e9:6a:0b:2f:f0:cc:f6:d8:b0:35:1c:d8:21:
6d:05:90:43:92:8b:1d:83:8a:aa:5d:1d:1b:31:fd:13:2d:16:
a4:28:3b:33:60:64:54:52:76:85:0b:f7:d1:94:6d:31:a8:60:
4f:d7:18:df:59:3e:0d:39:a3:74:db:62:e0:85:4a:55:ca:be:
85:7f:48:38:b2:25:ed:39:d6:1f:b5:bc:fe:9c:ab:00:b7:1a:
ca:54:96:57:cd:de:9b:67:60:ac:ad:a0:f0:ec:de:f1:98:95:
50:6e:4c:a4:4b:f0:33:6b:52:9b:66:46:0d:ca:db:fd:5c:25:
53:24:14:07:6e:bf:d5:5f:f4:61:d2:53:49:f8:c1:dc:74:39:
61:c2:af:4b:53:7b:0e:7a:c5:6c:62:40:b9:19:7e:5a:b3:47:
e4:64:52:60:db:45:39:be:0b:11:50:4c:6c:61:1e:2e:0a:5e:
05:2b:2e:b2:be:71:d5:6e:e9:f2:43:bb:42:b8:be:f8:76:5b:
ae:c6:ff:51:59:e0:d1:68:4c:90:b9:8a:23:5c:ee:22:a7:21:
83:36:4e:87
-----BEGIN CERTIFICATE-----
MIIGYDCCBUigAwIBAgISAYzDttDuwXDpaKoZ08W0sqYnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjhmZmMwODg1OTFlNGYyNDNiYWFmYTIxYjQyOThiZmIz
NjYwMjYwHhcNMjQwMTAxMDYyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmNhN2E0M2Q0MmQ0MWVkZTFjYjgxMGI0OWRhMzYyZjk3M2MzZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTSpaWeJ+rVo2Tc2d4mmD5tmERmH
sivgc2aZI7/0a0eUXTIT3EjlUf0mA3CmHBxk8qjowLakT8VKhzuX+KExznNUZaMb
PXBzxcpsrwAly2ChvLJ8BCv3W89uFwnjdGqBmHTSxkm4dNKlC36ArT5NdwHJ8Rx6
QdmWSwzR7t+pqPdIBb54sqUQHlR50+fiTRmRPRo8uI6trwPCrnwcclTOL2Ll/roq
zU075BxhevgIbuEA0ACzf1mNbB9R7uPZDujJ6J9aAPdxKXggN6Hdvr9s57o8HUtW
Hauw+5f4SpWoJ5WCggIXMIDDIqNHxyYJyLQ9uPGZKUTNyhuskLs5Ur1mawIDAQAB
o4IDbDCCA2gwHQYDVR0OBBYEFDvKekPULUHt4cuBC0naNi+XPD5GMB8GA1UdIwQY
MBaAFEz4/8CIWR5PJDuq+iG0KYv7NmAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMt
YjNiNzhiMGI2NmVhLzEvTzhwNlE5UXRRZTNoeTRFTFNkbzJMNWM4UGtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMtYjNiNzhiMGI2NmVh
LzEvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBgAYIKwYBBQUHAQcBAf8EggFvMIIBazCCAVgEAgABMIIB
UAMEBS74gAMDADmFAwMAPhcDBAU+SGADBAU+VMADAwA+YAMEBj5hQAMEBT6YYAME
BT7AAAMEBk6PAAMEBU6cQAMEBVBQAAMDAFCpAwQFUPugAwQFUnDAAwMAVA4DBAVU
EKADBAVVWIADBAZX8QADBAV2Q+ADAwCI4QMEA5144DALAwQCnXjsAwMAnXgDBAXB
UiADBALBXVADBAXBcqADBAXBduADBAHBvIQwDAMEB8LfgAMEAsLfiAMEB8NEAAME
BcNuQAMEBdQAYAMEBdQX4AMEBdQf4AMEBdQjYAMEBtQkgAMEBdRKQAMEBdROoAME
BdR5gAMEBtR7wAMEB9ShAAMEBtTLQAMEB9UbgAMEB9UpAAMDANU9AwMA1VYDBAXV
pAADBAXVraADBAXVuaADBAbV0MADBAfV14ADBAbV5YADBAbV9sADAwHZbgMEBNmt
YDANBAIAAjAHAwUDIAEJIDANBgkqhkiG9w0BAQsFAAOCAQEAKmfWD/TBOqV6BZQK
z4ZlWGjGEd53OaTesIhnU1g01e9TQ8inK3/uxxHpagsv8Mz22LA1HNghbQWQQ5KL
HYOKql0dGzH9Ey0WpCg7M2BkVFJ2hQv30ZRtMahgT9cY31k+DTmjdNti4IVKVcq+
hX9IOLIl7TnWH7W8/pyrALcaylSWV83em2dgrK2g8Oze8ZiVUG5MpEvwM2tSm2ZG
Dcrb/VwlUyQUB26/1V/0YdJTSfjB3HQ5YcKvS1N7DnrFbGJAuRl+WrNH5GRSYNtF
Ob4LEVBMbGEeLgpeBSsusr5x1W7p8kO7Qri++HZbrsb/UVng0WhMkLmKI1zuIqch
gzZOhw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org