Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/5A8xf3WbJk8x87RW97KL6WfcmE8.roa
File: 5A8xf3WbJk8x87RW97KL6WfcmE8.roa (raw, json)
Hash identifier: 2jhlticzDSCKCBGIwotbDxM/h+cvMRnbOyDcyHZRjaY=
Subject key identifier: E4:0F:31:7F:75:9B:26:4F:31:F3:B4:56:F7:B2:8B:E9:67:DC:98:4F
Certificate issuer: /CN=822b30d89b1bcff699f641f88026942d16a72bcc
Certificate serial: 0188349735D044D3F5C4C8D36E2720F28CA5
Authority key identifier: 82:2B:30:D8:9B:1B:CF:F6:99:F6:41:F8:80:26:94:2D:16:A7:2B:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gisw2Jsbz_aZ9kH4gCaULRanK8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/5A8xf3WbJk8x87RW97KL6WfcmE8.roa
Signing time: Fri 19 May 2023 15:18:24 +0000
ROA not before: Fri 19 May 2023 15:18:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3243
IP address blocks: 85.240.0.0/13 maxlen: 24
37.189.0.0/16 maxlen: 24
213.13.0.0/16 maxlen: 24
144.64.0.0/16 maxlen: 24
198.56.128.0/17 maxlen: 24
2.80.0.0/14 maxlen: 24
188.80.0.0/14 maxlen: 24
194.65.0.0/16 maxlen: 24
81.193.0.0/16 maxlen: 24
185.2.84.0/22 maxlen: 24
212.55.128.0/19 maxlen: 24
82.154.0.0/15 maxlen: 24
188.250.0.0/15 maxlen: 24
176.78.0.0/15 maxlen: 24
168.182.128.0/17 maxlen: 24
2001:8a0:4000::/34 maxlen: 34
2001:8a0:c000::/34 maxlen: 34
2001:8a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:34:97:35:d0:44:d3:f5:c4:c8:d3:6e:27:20:f2:8c:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=822b30d89b1bcff699f641f88026942d16a72bcc
Validity
Not Before: May 19 15:18:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e40f317f759b264f31f3b456f7b28be967dc984f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8b:ca:f2:1a:a5:b9:6b:f5:3f:d4:8a:48:09:
ce:29:f7:35:b8:d5:86:95:b8:2d:b3:cd:b9:7c:3c:
33:ce:3a:c2:bb:c6:ae:e6:63:71:ce:a7:68:cc:04:
ec:2c:09:a6:59:a5:17:4e:f9:32:bc:99:56:85:ec:
a9:99:1e:00:07:21:20:d7:30:eb:b5:2d:61:1c:7d:
0e:f6:19:bd:94:4f:33:5b:13:2c:7a:be:22:52:82:
32:5a:26:e2:9f:c1:a9:37:a2:38:0a:e5:5c:0b:a0:
3b:cb:f6:0a:40:a6:06:bd:83:90:10:91:ad:89:d6:
d6:87:5e:9c:dd:fb:e0:4c:87:65:7c:15:bb:f9:a5:
96:66:f5:c1:bb:2f:df:09:05:5b:75:5b:01:b1:f8:
ce:a5:89:c4:ce:e2:86:73:6a:ed:c5:ec:58:a4:47:
8c:7d:d4:ac:6f:06:e9:72:dc:e8:8b:4e:2a:60:f1:
0f:86:52:e3:8f:7d:ed:3d:9b:19:42:ce:bf:ee:04:
f2:17:bd:ed:f7:37:ad:bb:96:11:d9:b0:26:d3:22:
84:03:f9:ea:21:2e:93:b2:fc:97:c6:56:07:6b:9e:
08:91:18:63:84:f0:4e:be:b2:49:e0:20:f0:e1:67:
16:dd:25:3f:8b:fa:45:dd:15:93:47:dd:b1:10:a3:
ff:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:0F:31:7F:75:9B:26:4F:31:F3:B4:56:F7:B2:8B:E9:67:DC:98:4F
X509v3 Authority Key Identifier:
keyid:82:2B:30:D8:9B:1B:CF:F6:99:F6:41:F8:80:26:94:2D:16:A7:2B:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gisw2Jsbz_aZ9kH4gCaULRanK8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/5A8xf3WbJk8x87RW97KL6WfcmE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/gisw2Jsbz_aZ9kH4gCaULRanK8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.80.0.0/14
37.189.0.0/16
81.193.0.0/16
82.154.0.0/15
85.240.0.0/13
144.64.0.0/16
168.182.128.0/17
176.78.0.0/15
185.2.84.0/22
188.80.0.0/14
188.250.0.0/15
194.65.0.0/16
198.56.128.0/17
212.55.128.0/19
213.13.0.0/16
IPv6:
2001:8a0::/32
Signature Algorithm: sha256WithRSAEncryption
cc:41:e5:09:f6:d3:cb:7c:f6:54:23:7a:ab:9d:03:bc:60:84:
a8:bf:f0:28:f9:28:81:37:bf:a3:2e:25:91:f2:bb:f6:49:5b:
0f:a6:43:8d:77:db:c3:0a:b6:8a:09:71:e6:32:67:3b:79:cc:
21:ce:47:6f:b2:e2:e4:3a:f1:e0:1f:56:d4:6d:58:97:31:2d:
43:24:1b:25:4f:05:99:ef:12:dc:91:f3:6c:67:08:50:fc:41:
1e:18:c0:41:a9:d6:06:07:0d:d0:02:c7:a0:58:d3:2b:ee:0c:
1d:22:52:2b:48:64:93:b8:a6:80:a3:0d:b3:29:84:a7:ec:0d:
6d:9a:fe:54:a2:52:6c:c7:6e:31:7f:42:f0:49:30:fa:68:05:
09:35:b5:9c:18:ab:fc:f4:e8:36:94:4b:43:72:20:a0:6f:0f:
a1:cb:26:f4:f5:82:b0:6e:ae:e4:ae:2a:0c:78:d8:6c:ab:95:
67:0a:03:e1:1c:c8:85:ea:51:51:2a:fe:ba:82:ed:11:dc:d9:
f8:43:dd:d6:95:14:ba:e0:87:fe:40:11:d5:e1:29:c9:9f:ba:
55:55:d7:6b:d6:77:aa:85:15:2a:81:f6:fe:6b:5a:cc:4c:50:
a2:1a:6d:79:3f:b2:4b:b2:8a:2a:ef:f7:0b:58:79:e4:09:e9:
e9:26:ea:1b
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYg0lzXQRNP1xMjTbicg8oylMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMmIzMGQ4OWIxYmNmZjY5OWY2NDFmODgwMjY5NDJkMTZh
NzJiY2MwHhcNMjMwNTE5MTUxODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDBmMzE3Zjc1OWIyNjRmMzFmM2I0NTZmN2IyOGJlOTY3ZGM5ODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsovK8hqluWv1P9SKSAnOKfc1uNWG
lbgts825fDwzzjrCu8au5mNxzqdozATsLAmmWaUXTvkyvJlWheypmR4AByEg1zDr
tS1hHH0O9hm9lE8zWxMser4iUoIyWibin8GpN6I4CuVcC6A7y/YKQKYGvYOQEJGt
idbWh16c3fvgTIdlfBW7+aWWZvXBuy/fCQVbdVsBsfjOpYnEzuKGc2rtxexYpEeM
fdSsbwbpctzoi04qYPEPhlLjj33tPZsZQs6/7gTyF73t9zetu5YR2bAm0yKEA/nq
IS6TsvyXxlYHa54IkRhjhPBOvrJJ4CDw4WcW3SU/i/pF3RWTR92xEKP/2QIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFOQPMX91myZPMfO0Vveyi+ln3JhPMB8GA1UdIwQY
MBaAFIIrMNibG8/2mfZB+IAmlC0WpyvMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2lzdzJKc2J6X2FaOWtINGdDYVVMUmFuSzh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9lNjg3NzAtZWRmMi00MzU4LWI4MjEt
OTE0ZDVkYzUxOTdmLzEvNUE4eGYzV2JKazh4ODdSVzk3S0w2V2ZjbUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9lNjg3NzAtZWRmMi00MzU4LWI4MjEtOTE0ZDVkYzUxOTdm
LzEvZ2lzdzJKc2J6X2FaOWtINGdDYVVMUmFuSzh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBVBAIAATBPAwMCAlADAwAl
vQMDAFHBAwMBUpoDAwNV8AMDAJBAAwQHqLaAAwMBsE4DBAK5AlQDAwK8UAMDAbz6
AwMAwkEDBAfGOIADBAXUN4ADAwDVDTANBAIAAjAHAwUAIAEIoDANBgkqhkiG9w0B
AQsFAAOCAQEAzEHlCfbTy3z2VCN6q50DvGCEqL/wKPkogTe/oy4lkfK79klbD6ZD
jXfbwwq2iglx5jJnO3nMIc5Hb7Li5Drx4B9W1G1YlzEtQyQbJU8Fme8S3JHzbGcI
UPxBHhjAQanWBgcN0ALHoFjTK+4MHSJSK0hkk7imgKMNsymEp+wNbZr+VKJSbMdu
MX9C8Ekw+mgFCTW1nBir/PToNpRLQ3IgoG8Pocsm9PWCsG6u5K4qDHjYbKuVZwoD
4RzIhepRUSr+uoLtEdzZ+EPd1pUUuuCH/kAR1eEpyZ+6VVXXa9Z3qoUVKoH2/mta
zExQohpteT+yS7KKKu/3C1h55Anp6SbqGw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:11 2024 by rpki-client on console-ams.rpki-client.org