Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/y_l9NbvPv2pnc3feZHYh6C8w-kg.roa
File: y_l9NbvPv2pnc3feZHYh6C8w-kg.roa (raw, json)
Hash identifier: juIw3xIQQjoTKEExKJCn0EmtyZprW0/z8OFSbkdJlNg=
Subject key identifier: CB:F9:7D:35:BB:CF:BF:6A:67:73:77:DE:64:76:21:E8:2F:30:FA:48
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 018BD273A9E3DCAB2B0528CEC632E43797E9
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/y_l9NbvPv2pnc3feZHYh6C8w-kg.roa
Signing time: Wed 15 Nov 2023 10:07:57 +0000
ROA not before: Wed 15 Nov 2023 10:07:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8220
IP address blocks: 212.36.128.0/18 maxlen: 18
62.23.0.0/16 maxlen: 16
62.23.14.0/24 maxlen: 24
212.36.144.0/20 maxlen: 20
62.23.23.0/24 maxlen: 24
80.80.0.0/19 maxlen: 19
46.248.128.0/19 maxlen: 19
212.161.0.0/17 maxlen: 17
136.225.0.0/16 maxlen: 16
84.16.160.0/19 maxlen: 19
193.188.132.0/23 maxlen: 23
213.215.128.0/17 maxlen: 17
213.208.192.0/18 maxlen: 18
212.36.160.0/20 maxlen: 20
62.97.64.0/18 maxlen: 18
62.23.43.0/24 maxlen: 24
157.120.224.0/21 maxlen: 21
157.120.236.0/22 maxlen: 22
212.36.184.0/21 maxlen: 21
62.23.61.0/24 maxlen: 24
62.23.70.0/24 maxlen: 24
157.120.240.0/20 maxlen: 20
212.35.96.0/19 maxlen: 19
62.96.0.0/16 maxlen: 16
213.86.0.0/16 maxlen: 16
87.241.0.0/18 maxlen: 18
213.173.160.0/19 maxlen: 19
213.164.0.0/19 maxlen: 19
193.93.80.0/22 maxlen: 22
80.251.160.0/19 maxlen: 19
195.110.64.0/19 maxlen: 19
212.123.192.0/18 maxlen: 18
217.110.0.0/15 maxlen: 15
212.203.64.0/18 maxlen: 18
212.78.160.0/19 maxlen: 19
194.223.128.0/21 maxlen: 21
194.223.136.0/22 maxlen: 22
213.246.192.0/18 maxlen: 18
85.88.128.0/19 maxlen: 19
195.68.74.0/24 maxlen: 24
193.118.224.0/19 maxlen: 19
78.143.0.0/18 maxlen: 18
212.31.224.0/19 maxlen: 19
217.173.96.0/20 maxlen: 20
82.112.192.0/19 maxlen: 19
62.72.96.0/19 maxlen: 19
57.133.0.0/16 maxlen: 16
78.156.64.0/19 maxlen: 19
78.156.64.0/20 maxlen: 20
193.82.32.0/19 maxlen: 19
78.156.80.0/21 maxlen: 21
84.14.217.0/24 maxlen: 24
212.74.79.0/24 maxlen: 24
212.121.128.0/19 maxlen: 19
212.23.224.0/19 maxlen: 19
213.185.160.0/19 maxlen: 19
212.0.96.0/19 maxlen: 19
213.61.0.0/16 maxlen: 16
62.192.0.0/19 maxlen: 19
193.114.160.0/19 maxlen: 19
212.74.64.0/24 maxlen: 24
212.74.64.0/19 maxlen: 19
212.74.77.0/24 maxlen: 24
212.74.78.0/24 maxlen: 24
195.68.0.0/17 maxlen: 17
84.14.63.0/24 maxlen: 24
62.152.96.0/19 maxlen: 19
62.23.254.0/24 maxlen: 24
62.23.255.0/24 maxlen: 24
213.229.128.0/18 maxlen: 18
118.67.224.0/19 maxlen: 19
62.84.192.0/19 maxlen: 19
84.14.0.0/16 maxlen: 16
213.27.128.0/17 maxlen: 17
213.41.0.0/17 maxlen: 17
80.169.0.0/16 maxlen: 16
2001:921::/32 maxlen: 32
2001:926::/32 maxlen: 32
2001:924::/32 maxlen: 32
2001:925::/32 maxlen: 32
2001:920::/29 maxlen: 29
2001:920::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d2:73:a9:e3:dc:ab:2b:05:28:ce:c6:32:e4:37:97:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Nov 15 10:07:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cbf97d35bbcfbf6a677377de647621e82f30fa48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:32:98:9c:bc:f0:00:b2:08:80:f2:65:ba:47:
c0:bf:78:87:c9:dc:33:c8:61:41:37:e2:cb:9c:73:
10:b9:b2:a5:ca:a1:7d:e6:08:09:cf:63:e0:20:5a:
b2:f6:c6:b0:4c:8d:74:eb:70:27:31:90:61:7d:1e:
fd:1f:27:d4:7a:ba:6d:a8:d6:b3:91:f0:42:74:66:
a4:8c:51:7c:07:bf:73:25:a0:0e:8c:8a:01:5b:8d:
d4:e0:f0:f1:b7:03:ec:23:db:d3:89:23:19:8b:6e:
52:29:c5:e9:4a:f3:d4:42:96:f8:97:02:a5:23:42:
52:3b:10:ad:45:1f:fa:b3:4d:1f:2c:5a:6d:11:41:
02:28:cd:a7:96:27:b1:34:5f:c1:80:29:34:fe:bb:
c0:bd:41:2e:bc:96:f6:2a:ee:f1:d5:aa:a4:e2:e6:
0e:14:c8:f6:63:f7:2d:7f:54:bd:10:5f:93:f0:cb:
14:e6:18:ed:13:88:f2:7f:dc:00:81:3b:19:3f:61:
15:32:db:6d:7a:d4:83:61:40:0c:60:80:f6:86:5d:
76:12:25:6c:93:c9:5d:0b:60:76:ea:19:70:4c:c0:
3a:8f:98:07:eb:44:40:09:fa:21:11:fb:57:de:9a:
86:88:04:c8:12:76:11:82:c1:47:3f:22:84:69:26:
c3:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:F9:7D:35:BB:CF:BF:6A:67:73:77:DE:64:76:21:E8:2F:30:FA:48
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/y_l9NbvPv2pnc3feZHYh6C8w-kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.248.128.0/19
57.133.0.0/16
62.23.0.0/16
62.72.96.0/19
62.84.192.0/19
62.96.0.0/16
62.97.64.0/18
62.152.96.0/19
62.192.0.0/19
78.143.0.0/18
78.156.64.0/19
80.80.0.0/19
80.169.0.0/16
80.251.160.0/19
82.112.192.0/19
84.14.0.0/16
84.16.160.0/19
85.88.128.0/19
87.241.0.0/18
118.67.224.0/19
136.225.0.0/16
157.120.224.0/21
157.120.236.0-157.120.255.255
193.82.32.0/19
193.93.80.0/22
193.114.160.0/19
193.118.224.0/19
193.188.132.0/23
194.223.128.0-194.223.139.255
195.68.0.0/17
195.110.64.0/19
212.0.96.0/19
212.23.224.0/19
212.31.224.0/19
212.35.96.0/19
212.36.128.0/18
212.74.64.0/19
212.78.160.0/19
212.121.128.0/19
212.123.192.0/18
212.161.0.0/17
212.203.64.0/18
213.27.128.0/17
213.41.0.0/17
213.61.0.0/16
213.86.0.0/16
213.164.0.0/19
213.173.160.0/19
213.185.160.0/19
213.208.192.0/18
213.215.128.0/17
213.229.128.0/18
213.246.192.0/18
217.110.0.0/15
217.173.96.0/20
IPv6:
2001:920::/29
Signature Algorithm: sha256WithRSAEncryption
2f:6f:10:b4:af:b8:6b:4e:a9:be:0f:6f:6f:70:95:bd:7b:98:
91:dc:ad:f7:c8:f1:2c:13:15:9b:42:cd:14:09:6f:ee:c9:85:
44:53:8a:ef:a0:8d:ec:bf:3c:b9:5f:1c:18:bb:6d:12:46:66:
3c:92:56:e6:7a:c4:fa:4d:5e:5f:12:8d:1c:ed:7d:de:27:25:
db:b0:e0:23:c5:9f:14:ae:d7:46:d0:fc:78:e3:b5:1c:85:08:
f1:4d:ce:21:d6:e3:12:66:53:57:8f:89:71:65:55:4b:04:29:
f1:92:83:ec:62:ac:81:d2:9f:98:29:a3:be:b9:e8:10:a1:f7:
45:39:05:ab:e5:59:f5:a3:da:c2:24:dd:08:a4:da:8d:e3:ac:
4c:6a:50:8a:7e:86:bf:04:84:82:c7:44:64:a3:f2:ec:81:c6:
55:3c:91:5b:31:a8:06:89:a4:e9:bd:31:22:30:62:4d:69:59:
1d:83:0c:27:39:67:71:50:cc:27:c6:68:1f:e7:58:a7:78:9c:
03:87:db:0c:c8:f2:a3:6b:bb:aa:83:89:a8:67:46:0f:f2:2c:
46:f8:5f:6f:1d:be:a9:d6:b3:e5:b6:70:75:7b:08:34:af:6f:
fc:34:96:be:69:bf:57:dc:2e:95:0c:68:ef:77:e1:88:a5:a8:
69:91:8e:3d
-----BEGIN CERTIFICATE-----
MIIGYDCCBUigAwIBAgISAYvSc6nj3KsrBSjOxjLkN5fpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjhmZmMwODg1OTFlNGYyNDNiYWFmYTIxYjQyOThiZmIz
NjYwMjYwHhcNMjMxMTE1MTAwNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmY5N2QzNWJiY2ZiZjZhNjc3Mzc3ZGU2NDc2MjFlODJmMzBmYTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDKYnLzwALIIgPJlukfAv3iHydwz
yGFBN+LLnHMQubKlyqF95ggJz2PgIFqy9sawTI1063AnMZBhfR79HyfUerptqNaz
kfBCdGakjFF8B79zJaAOjIoBW43U4PDxtwPsI9vTiSMZi25SKcXpSvPUQpb4lwKl
I0JSOxCtRR/6s00fLFptEUECKM2nliexNF/BgCk0/rvAvUEuvJb2Ku7x1aqk4uYO
FMj2Y/ctf1S9EF+T8MsU5hjtE4jyf9wAgTsZP2EVMtttetSDYUAMYID2hl12EiVs
k8ldC2B26hlwTMA6j5gH60RACfohEftX3pqGiATIEnYRgsFHPyKEaSbDPQIDAQAB
o4IDbDCCA2gwHQYDVR0OBBYEFMv5fTW7z79qZ3N33mR2IegvMPpIMB8GA1UdIwQY
MBaAFEz4/8CIWR5PJDuq+iG0KYv7NmAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMt
YjNiNzhiMGI2NmVhLzEveV9sOU5idlB2MnBuYzNmZVpIWWg2Qzh3LWtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMtYjNiNzhiMGI2NmVh
LzEvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBgAYIKwYBBQUHAQcBAf8EggFvMIIBazCCAVgEAgABMIIB
UAMEBS74gAMDADmFAwMAPhcDBAU+SGADBAU+VMADAwA+YAMEBj5hQAMEBT6YYAME
BT7AAAMEBk6PAAMEBU6cQAMEBVBQAAMDAFCpAwQFUPugAwQFUnDAAwMAVA4DBAVU
EKADBAVVWIADBAZX8QADBAV2Q+ADAwCI4QMEA5144DALAwQCnXjsAwMAnXgDBAXB
UiADBALBXVADBAXBcqADBAXBduADBAHBvIQwDAMEB8LfgAMEAsLfiAMEB8NEAAME
BcNuQAMEBdQAYAMEBdQX4AMEBdQf4AMEBdQjYAMEBtQkgAMEBdRKQAMEBdROoAME
BdR5gAMEBtR7wAMEB9ShAAMEBtTLQAMEB9UbgAMEB9UpAAMDANU9AwMA1VYDBAXV
pAADBAXVraADBAXVuaADBAbV0MADBAfV14ADBAbV5YADBAbV9sADAwHZbgMEBNmt
YDANBAIAAjAHAwUDIAEJIDANBgkqhkiG9w0BAQsFAAOCAQEAL28QtK+4a06pvg9v
b3CVvXuYkdyt98jxLBMVm0LNFAlv7smFRFOK76CN7L88uV8cGLttEkZmPJJW5nrE
+k1eXxKNHO193icl27DgI8WfFK7XRtD8eOO1HIUI8U3OIdbjEmZTV4+JcWVVSwQp
8ZKD7GKsgdKfmCmjvrnoEKH3RTkFq+VZ9aPawiTdCKTajeOsTGpQin6GvwSEgsdE
ZKPy7IHGVTyRWzGoBomk6b0xIjBiTWlZHYMMJzlncVDMJ8ZoH+dYp3icA4fbDMjy
o2u7qoOJqGdGD/IsRvhfbx2+qdaz5bZwdXsINK9v/DSWvmm/V9wulQxo73fhiKWo
aZGOPQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org