Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/1-wyB7-OD6mvVO23GK0rArJdMfFE.roa
File: 1-wyB7-OD6mvVO23GK0rArJdMfFE.roa (raw, json)
Hash identifier: eE0+KT5OHYMLWIAvnuFf2wQw16UCrM4TNM5e4K9Hies=
Subject key identifier: FB:0C:81:EF:E3:83:EA:6B:D5:3B:6D:C6:2B:4A:C0:AC:97:4C:7C:51
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 018570CBE3EF24ED5E262886C997A05F4265
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/1-wyB7-OD6mvVO23GK0rArJdMfFE.roa
Signing time: Mon 02 Jan 2023 04:44:48 +0000
ROA not before: Mon 02 Jan 2023 04:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24589
IP address blocks: 176.103.176.0/20 maxlen: 20
176.103.184.0/24 maxlen: 24
176.103.192.0/21 maxlen: 21
84.38.136.0/21 maxlen: 21
185.47.11.0/24 maxlen: 24
185.47.10.0/24 maxlen: 24
87.99.64.0/24 maxlen: 24
87.99.64.0/19 maxlen: 19
87.99.67.0/24 maxlen: 24
87.99.66.0/24 maxlen: 24
87.99.65.0/24 maxlen: 24
91.90.224.0/19 maxlen: 29
91.90.225.0/24 maxlen: 24
91.90.231.0/24 maxlen: 24
91.90.230.0/24 maxlen: 24
91.90.238.0/24 maxlen: 24
91.90.237.0/25 maxlen: 25
91.90.236.0/24 maxlen: 24
193.238.212.0/22 maxlen: 22
193.238.212.128/25 maxlen: 25
193.238.216.0/21 maxlen: 21
194.9.212.0/24 maxlen: 24
194.9.212.0/22 maxlen: 22
91.233.214.0/23 maxlen: 23
31.42.80.0/20 maxlen: 20
176.106.96.0/21 maxlen: 21
195.69.88.0/22 maxlen: 22
87.99.95.0/24 maxlen: 24
91.90.255.0/24 maxlen: 24
176.106.48.0/20 maxlen: 20
185.220.196.0/22 maxlen: 22
91.90.252.64/29 maxlen: 29
109.229.192.0/19 maxlen: 19
213.110.64.0/19 maxlen: 19
88.135.128.0/19 maxlen: 19
109.197.208.0/21 maxlen: 21
109.197.208.0/24 maxlen: 24
193.111.244.0/22 maxlen: 22
83.243.88.0/21 maxlen: 21
176.106.160.0/20 maxlen: 20
171.25.218.0/23 maxlen: 23
176.106.176.0/21 maxlen: 21
2a01:8ca0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:e3:ef:24:ed:5e:26:28:86:c9:97:a0:5f:42:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Jan 2 04:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb0c81efe383ea6bd53b6dc62b4ac0ac974c7c51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ef:fe:81:a6:e2:2a:ce:2a:44:5c:ed:96:67:
54:35:b6:5b:cd:09:94:b2:25:2c:db:49:5a:59:45:
64:69:58:e3:3c:48:b3:e5:a0:08:82:b3:66:71:72:
ca:b9:e3:9e:bc:6c:7a:8d:99:52:c1:88:dd:e2:5c:
01:e5:26:8e:83:cd:9b:e4:2d:d6:14:20:c5:16:da:
8e:a3:21:c1:37:df:03:38:9d:44:61:1d:37:bc:7b:
bc:b8:3b:df:13:f2:a5:c3:71:45:a0:40:b3:85:85:
f0:cd:d0:06:16:02:ec:b7:46:a4:a3:8c:f4:3a:6b:
ae:3c:2d:6f:77:9c:49:00:44:ab:11:b0:e9:07:e7:
21:e6:1c:75:ca:63:14:32:bd:7b:71:8c:ff:20:ca:
e7:c4:f8:dc:65:dd:51:c9:d9:3f:bf:8c:fd:fe:3e:
aa:8b:3a:69:31:7b:a9:8d:b9:7d:44:4d:bc:ad:4d:
59:8b:24:8f:88:d6:e4:ee:92:a0:50:bd:a7:a5:02:
1e:77:49:59:c2:59:89:67:8f:e3:e0:1a:70:4a:01:
f2:27:cf:e2:ae:40:fc:72:95:70:27:47:ab:e3:b0:
29:ab:20:72:be:13:02:0c:0a:62:e0:b8:1b:19:6f:
4f:9e:02:64:0c:8b:4c:f9:64:d4:6b:82:3c:56:3f:
37:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:0C:81:EF:E3:83:EA:6B:D5:3B:6D:C6:2B:4A:C0:AC:97:4C:7C:51
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/1-wyB7-OD6mvVO23GK0rArJdMfFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.80.0/20
83.243.88.0/21
84.38.136.0/21
87.99.64.0/19
88.135.128.0/19
91.90.224.0/19
91.233.214.0/23
109.197.208.0/21
109.229.192.0/19
171.25.218.0/23
176.103.176.0-176.103.199.255
176.106.48.0/20
176.106.96.0/21
176.106.160.0-176.106.183.255
185.47.10.0/23
185.220.196.0/22
193.111.244.0/22
193.238.212.0-193.238.223.255
194.9.212.0/22
195.69.88.0/22
213.110.64.0/19
IPv6:
2a01:8ca0::/32
Signature Algorithm: sha256WithRSAEncryption
21:6b:47:f1:aa:83:8c:5b:ff:72:dd:e7:af:12:f8:af:7e:c7:
6a:88:c6:a7:83:ec:05:30:4c:0a:a0:5c:0f:83:c3:bc:67:64:
0c:9d:10:7b:b0:3d:bb:09:4b:1d:3c:37:9a:ec:ae:5f:2c:10:
3d:eb:0b:f7:f3:a2:dc:de:5f:25:95:c4:f9:f5:b3:aa:1b:87:
50:df:9b:9a:46:41:ff:99:4b:05:17:00:9c:80:1b:d9:f9:ff:
e8:50:50:a1:bc:13:b4:41:81:54:51:29:92:b9:7d:ca:5d:c8:
53:b7:8d:f3:9a:1e:19:9a:65:13:e4:00:29:18:f8:31:92:3e:
86:b3:d4:39:c4:81:0b:76:3f:40:b4:5e:4b:de:5d:28:d3:cb:
61:7b:b4:5b:0f:cd:6a:68:67:47:d2:ef:93:87:91:8e:4e:87:
1e:43:61:9b:44:f5:73:72:9b:d6:d4:8e:17:9e:6b:0d:45:53:
07:53:61:71:06:00:7e:ae:5a:9c:c0:ca:a2:f9:05:b5:18:73:
d0:d1:ec:3f:fa:71:f5:0f:4c:65:97:45:12:f0:4b:d7:8b:cc:
f5:1c:c5:c5:54:50:7e:0b:78:fb:3d:d7:8e:32:79:26:3a:04:
fe:69:7e:fa:15:2b:0c:5b:3b:1e:4c:f5:e1:86:d8:18:b8:8e:
44:47:77:bc
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYVwy+PvJO1eJiiGyZegX0JlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4
ZjY2Y2MwHhcNMjMwMTAyMDQ0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjBjODFlZmUzODNlYTZiZDUzYjZkYzYyYjRhYzBhYzk3NGM3YzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAje/+gabiKs4qRFztlmdUNbZbzQmU
siUs20laWUVkaVjjPEiz5aAIgrNmcXLKueOevGx6jZlSwYjd4lwB5SaOg82b5C3W
FCDFFtqOoyHBN98DOJ1EYR03vHu8uDvfE/Klw3FFoECzhYXwzdAGFgLst0ako4z0
OmuuPC1vd5xJAESrEbDpB+ch5hx1ymMUMr17cYz/IMrnxPjcZd1Rydk/v4z9/j6q
izppMXupjbl9RE28rU1ZiySPiNbk7pKgUL2npQIed0lZwlmJZ4/j4BpwSgHyJ8/i
rkD8cpVwJ0er47ApqyByvhMCDApi4LgbGW9PngJkDItM+WTUa4I8Vj83kQIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFPsMge/jg+pr1TttxitKwKyXTHxRMB8GA1UdIwQY
MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt
YTFiOTZiOWI3MGY4LzEvMS13eUI3LU9ENm12Vk8yM0dLMHJBckpkTWZGRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzMvM2VkMDBhLTE1ZWUtNDY2NC1hN2YxLWExYjk2YjliNzBm
OC8xL2lLM1p0bkgzbzI2eU5uNDBfdVM4c1R1UFpzdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBwgYIKwYBBQUHAQcBAf8EgbIwga8wgZ0EAgABMIGWAwQE
HypQAwQDU/NYAwQDVCaIAwQFV2NAAwQFWIeAAwQFW1rgAwQBW+nWAwQDbcXQAwQF
beXAAwQBqxnaMAwDBASwZ7ADBAOwZ8ADBASwajADBAOwamAwDAMEBbBqoAMEA7Bq
sAMEAbkvCgMEArncxAMEAsFv9DAMAwQCwe7UAwQFwe7AAwQCwgnUAwQCw0VYAwQF
1W5AMA0EAgACMAcDBQAqAYygMA0GCSqGSIb3DQEBCwUAA4IBAQAha0fxqoOMW/9y
3eevEvivfsdqiMang+wFMEwKoFwPg8O8Z2QMnRB7sD27CUsdPDea7K5fLBA96wv3
86Lc3l8llcT59bOqG4dQ35uaRkH/mUsFFwCcgBvZ+f/oUFChvBO0QYFUUSmSuX3K
XchTt43zmh4ZmmUT5AApGPgxkj6Gs9Q5xIELdj9AtF5L3l0o08the7RbD81qaGdH
0u+Th5GOToceQ2GbRPVzcpvW1I4XnmsNRVMHU2FxBgB+rlqcwMqi+QW1GHPQ0ew/
+nH1D0xll0US8EvXi8z1HMXFVFB+C3j7PdeOMnkmOgT+aX76FSsMWzseTPXhhtgY
uI5ER3e8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:49 2024 by rpki-client on console-fra.rpki-client.org