Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/8yNIfFIBsRuBf59zXVSdOXoesU4.roa
File: 8yNIfFIBsRuBf59zXVSdOXoesU4.roa (raw, json)
Hash identifier: AOTE6nrx9PKR9MmVaUfYQzLpNTmX5/AtUMHJmbwF47Q=
Subject key identifier: F3:23:48:7C:52:01:B1:1B:81:7F:9F:73:5D:54:9D:39:7A:1E:B1:4E
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 018B048850E1C6DE8819656B06E2B8F053A2
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/8yNIfFIBsRuBf59zXVSdOXoesU4.roa
Signing time: Fri 06 Oct 2023 10:28:44 +0000
ROA not before: Fri 06 Oct 2023 10:28:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48635
IP address blocks: 195.39.204.0/23 maxlen: 24
195.39.214.0/23 maxlen: 24
185.103.240.0/22 maxlen: 24
185.103.156.0/22 maxlen: 24
93.187.220.0/22 maxlen: 24
185.56.144.0/22 maxlen: 24
109.72.80.0/20 maxlen: 24
185.159.240.0/22 maxlen: 24
2.57.57.0/24 maxlen: 24
185.66.248.0/22 maxlen: 24
92.63.168.0/21 maxlen: 24
62.221.250.0/24 maxlen: 24
62.221.248.0/21 maxlen: 24
31.186.168.0/21 maxlen: 24
185.37.68.0/22 maxlen: 24
185.182.56.0/22 maxlen: 24
185.224.88.0/22 maxlen: 24
185.109.216.0/22 maxlen: 24
93.180.64.0/21 maxlen: 24
185.107.212.0/22 maxlen: 24
185.107.224.0/23 maxlen: 24
185.187.12.0/22 maxlen: 24
31.25.96.0/21 maxlen: 24
185.87.184.0/22 maxlen: 24
79.99.128.0/21 maxlen: 24
185.175.200.0/22 maxlen: 24
185.233.28.0/22 maxlen: 24
5.157.80.0/21 maxlen: 24
185.27.172.0/22 maxlen: 24
185.95.28.0/22 maxlen: 24
195.238.74.0/23 maxlen: 24
185.223.32.0/22 maxlen: 24
109.106.160.0/19 maxlen: 24
185.94.228.0/22 maxlen: 24
185.94.228.0/24 maxlen: 24
2a05:1500:500::/40 maxlen: 40
2a01:b942::/32 maxlen: 48
2a0b:8f80::/29 maxlen: 48
2a03:3060::/29 maxlen: 48
2a0b:7280::/29 maxlen: 48
2a04:6bc0::/36 maxlen: 48
2a0b:8f80::/48 maxlen: 48
2a02:40c1::/32 maxlen: 48
2a05:1500::/29 maxlen: 48
2a01:b944::/32 maxlen: 48
2a00:f10::/29 maxlen: 48
2a0c:84c0::/29 maxlen: 48
2a01:b940::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:04:88:50:e1:c6:de:88:19:65:6b:06:e2:b8:f0:53:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Oct 6 10:28:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f323487c5201b11b817f9f735d549d397a1eb14e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:76:9e:3c:7e:be:f3:ec:89:68:f5:d7:84:8f:
b9:9c:da:6d:5e:23:c4:ad:a8:94:c6:16:5e:45:df:
cd:2b:55:37:9c:7f:08:5a:4b:9c:34:71:fd:4c:09:
13:fd:f3:e0:e1:7e:dc:6e:50:9b:ed:a9:3a:2e:48:
7c:6d:52:7f:60:46:66:85:36:36:84:3a:f8:ee:85:
e5:04:44:f3:f9:f1:0e:43:f5:48:48:c8:a4:23:8d:
7b:67:d2:12:59:71:16:44:7b:de:0d:04:27:cd:94:
f9:3c:49:44:9f:f1:8a:4b:c1:16:33:8b:9c:d4:a3:
73:8c:94:59:99:51:7e:54:1a:09:72:53:94:e5:37:
43:74:f3:ee:8b:71:50:86:b8:69:30:1a:8a:41:ba:
4b:db:70:b3:dc:01:d2:73:c1:2e:93:df:54:f9:ec:
45:bd:63:4c:df:23:c8:03:34:7b:c3:fa:9c:8f:3c:
0a:f4:97:9b:87:da:f0:54:3f:4c:1e:b2:e7:15:da:
6a:f2:45:07:17:52:76:10:78:43:94:d9:25:5e:18:
ea:15:fc:07:93:b8:8d:5c:fd:af:a7:a9:cb:8b:f4:
2e:fd:33:d1:a6:02:e6:6f:3e:45:e2:81:d8:de:5d:
79:7f:16:12:e1:ef:3a:7e:31:68:14:f2:1a:72:a1:
b5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:23:48:7C:52:01:B1:1B:81:7F:9F:73:5D:54:9D:39:7A:1E:B1:4E
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/8yNIfFIBsRuBf59zXVSdOXoesU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.57.0/24
5.157.80.0/21
31.25.96.0/21
31.186.168.0/21
62.221.248.0/21
79.99.128.0/21
92.63.168.0/21
93.180.64.0/21
93.187.220.0/22
109.72.80.0/20
109.106.160.0/19
185.27.172.0/22
185.37.68.0/22
185.56.144.0/22
185.66.248.0/22
185.87.184.0/22
185.94.228.0/22
185.95.28.0/22
185.103.156.0/22
185.103.240.0/22
185.107.212.0/22
185.107.224.0/23
185.109.216.0/22
185.159.240.0/22
185.175.200.0/22
185.182.56.0/22
185.187.12.0/22
185.223.32.0/22
185.224.88.0/22
185.233.28.0/22
195.39.204.0/23
195.39.214.0/23
195.238.74.0/23
IPv6:
2a00:f10::/29
2a01:b940::/29
2a02:40c1::/32
2a03:3060::/29
2a04:6bc0::/36
2a05:1500::/29
2a0b:7280::/29
2a0b:8f80::/29
2a0c:84c0::/29
Signature Algorithm: sha256WithRSAEncryption
90:b8:cc:0a:aa:5b:e9:b8:ba:ba:c9:a2:28:a4:1f:dd:fe:28:
12:b0:f6:69:76:98:ff:95:0b:4a:15:b2:86:35:22:e4:ab:d1:
78:9d:57:7e:07:3f:77:9d:28:ef:56:c6:ef:c4:03:ff:25:9c:
82:81:9d:c0:02:67:df:9a:d2:f9:e2:97:a2:e1:9d:80:02:8a:
d4:d5:18:62:6a:26:aa:4b:1b:8c:53:0f:1f:18:d7:d4:85:b7:
a3:7d:3e:dd:20:56:8f:69:7a:e9:94:f4:36:0b:c7:be:70:bd:
8a:c4:4b:34:c8:4c:ee:1d:bb:ab:6c:9a:6a:a1:9d:81:0f:4b:
4d:6d:e6:62:ca:30:1c:05:90:1b:ec:d9:99:47:a2:00:df:66:
48:7a:d4:17:98:39:ad:67:32:b2:6c:16:2f:a8:10:ca:03:a9:
e0:8e:43:66:27:4c:9a:40:b0:32:dc:e3:23:d6:6c:08:49:8c:
59:1a:54:2c:98:4c:36:5c:d8:25:8a:b1:b1:a5:29:e0:2a:fa:
2b:e7:d2:a6:18:12:7d:6f:00:61:1d:6a:60:27:ae:d3:cf:f9:
e3:1c:9b:14:a1:fb:ae:76:03:68:d0:ac:76:1b:8b:ec:e2:83:
c5:57:9b:9c:43:23:04:fb:a0:dd:33:ae:b1:17:fc:3e:ef:be:
e5:ef:76:9f
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAYsEiFDhxt6IGWVrBuK48FOiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjMxMDA2MTAyODQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzIzNDg3YzUyMDFiMTFiODE3ZjlmNzM1ZDU0OWQzOTdhMWViMTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3aePH6+8+yJaPXXhI+5nNptXiPE
raiUxhZeRd/NK1U3nH8IWkucNHH9TAkT/fPg4X7cblCb7ak6Lkh8bVJ/YEZmhTY2
hDr47oXlBETz+fEOQ/VISMikI417Z9ISWXEWRHveDQQnzZT5PElEn/GKS8EWM4uc
1KNzjJRZmVF+VBoJclOU5TdDdPPui3FQhrhpMBqKQbpL23Cz3AHSc8Euk99U+exF
vWNM3yPIAzR7w/qcjzwK9Jebh9rwVD9MHrLnFdpq8kUHF1J2EHhDlNklXhjqFfwH
k7iNXP2vp6nLi/Qu/TPRpgLmbz5F4oHY3l15fxYS4e86fjFoFPIacqG14QIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFPMjSHxSAbEbgX+fc11UnTl6HrFOMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvOHlOSWZGSUJzUnVCZjU5elhWU2RPWG9lc1U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCBzQQCAAEwgcYD
BAACOTkDBAMFnVADBAMfGWADBAMfuqgDBAM+3fgDBANPY4ADBANcP6gDBANdtEAD
BAJdu9wDBARtSFADBAVtaqADBAK5G6wDBAK5JUQDBAK5OJADBAK5QvgDBAK5V7gD
BAK5XuQDBAK5XxwDBAK5Z5wDBAK5Z/ADBAK5a9QDBAG5a+ADBAK5bdgDBAK5n/AD
BAK5r8gDBAK5tjgDBAK5uwwDBAK53yADBAK54FgDBAK56RwDBAHDJ8wDBAHDJ9YD
BAHD7kowRgQCAAIwQAMFAyoADxADBQMqAblAAwUAKgJAwQMFAyoDMGADBgQqBGvA
AAMFAyoFFQADBQMqC3KAAwUDKguPgAMFAyoMhMAwDQYJKoZIhvcNAQELBQADggEB
AJC4zAqqW+m4urrJoiikH93+KBKw9ml2mP+VC0oVsoY1IuSr0XidV34HP3edKO9W
xu/EA/8lnIKBncACZ9+a0vnil6LhnYACitTVGGJqJqpLG4xTDx8Y19SFt6N9Pt0g
Vo9peumU9DYLx75wvYrESzTITO4du6tsmmqhnYEPS01t5mLKMBwFkBvs2ZlHogDf
Zkh61BeYOa1nMrJsFi+oEMoDqeCOQ2YnTJpAsDLc4yPWbAhJjFkaVCyYTDZc2CWK
sbGlKeAq+ivn0qYYEn1vAGEdamAnrtPP+eMcmxSh+652A2jQrHYbi+zig8VXm5xD
IwT7oN0zrrEX/D7vvuXvdp8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:11 2024 by rpki-client on console-ams.rpki-client.org