Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/8oO1B42Du8W3XYBgkYmulQkcIp8.roa
File: 8oO1B42Du8W3XYBgkYmulQkcIp8.roa (raw, json)
Hash identifier: xej6h0LuGCxz0jfLXf4S0RP7DpaVcOUFi+cpQITOtgA=
Subject key identifier: F2:83:B5:07:8D:83:BB:C5:B7:5D:80:60:91:89:AE:95:09:1C:22:9F
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018AFFF72F27072AA5ABA15F19D60F84C79B
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/8oO1B42Du8W3XYBgkYmulQkcIp8.roa
Signing time: Thu 05 Oct 2023 13:11:44 +0000
ROA not before: Thu 05 Oct 2023 13:11:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52116
IP address blocks: 188.255.130.0/24 maxlen: 24
188.255.140.0/24 maxlen: 24
188.255.208.0/24 maxlen: 24
188.255.213.0/24 maxlen: 24
188.255.219.0/24 maxlen: 24
188.255.238.0/24 maxlen: 24
188.255.246.0/24 maxlen: 24
188.255.244.0/23 maxlen: 23
188.255.248.0/24 maxlen: 24
188.255.252.0/24 maxlen: 24
109.121.60.0/24 maxlen: 24
188.255.247.0/24 maxlen: 24
188.255.250.0/23 maxlen: 23
188.255.185.0/24 maxlen: 24
188.255.190.0/24 maxlen: 24
212.69.12.0/24 maxlen: 24
178.253.207.0/24 maxlen: 24
178.253.213.0/24 maxlen: 24
178.253.210.0/24 maxlen: 24
178.253.219.0/24 maxlen: 24
178.253.214.0/24 maxlen: 24
178.253.222.0/24 maxlen: 24
93.186.64.0/24 maxlen: 24
93.186.67.0/24 maxlen: 24
93.186.71.0/24 maxlen: 24
93.186.72.0/24 maxlen: 24
212.69.6.0/24 maxlen: 24
212.69.7.0/24 maxlen: 24
178.253.236.0/24 maxlen: 24
178.253.240.0/24 maxlen: 24
81.18.50.0/24 maxlen: 24
81.18.49.0/24 maxlen: 24
81.18.55.0/24 maxlen: 24
81.18.52.0/23 maxlen: 23
81.18.61.0/24 maxlen: 24
79.175.103.0/24 maxlen: 24
79.175.116.0/24 maxlen: 24
79.175.118.0/24 maxlen: 24
79.175.115.0/24 maxlen: 24
188.255.254.0/24 maxlen: 24
188.255.255.0/24 maxlen: 24
178.219.11.0/24 maxlen: 24
178.219.8.0/23 maxlen: 23
185.47.89.0/24 maxlen: 24
185.47.88.0/24 maxlen: 24
185.47.90.0/24 maxlen: 24
77.105.31.0/24 maxlen: 24
80.74.173.0/24 maxlen: 24
77.105.11.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ff:f7:2f:27:07:2a:a5:ab:a1:5f:19:d6:0f:84:c7:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Oct 5 13:11:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f283b5078d83bbc5b75d80609189ae95091c229f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d3:48:05:9b:cb:f9:c0:92:2b:84:fa:8f:6a:
4d:24:b7:03:a1:6e:b6:0a:2a:d5:cb:4f:cc:23:3c:
c5:f2:dc:4c:b1:e0:dd:cd:19:58:77:0b:74:6d:b2:
a7:fe:0f:cf:69:4f:59:68:12:ec:85:4a:c7:be:c9:
ae:41:03:d7:e9:02:a8:85:ad:80:c9:5a:91:3f:55:
8f:06:aa:57:ec:19:84:15:45:97:ba:fe:cd:a0:42:
e0:ca:24:d6:da:e8:a0:6c:76:00:3b:de:18:87:c6:
76:9a:4c:81:34:91:59:aa:82:4d:fe:0a:e0:b9:3c:
b2:b8:bf:63:4b:bf:43:39:60:74:c9:a5:8d:1c:7a:
f0:38:bf:29:a2:0a:87:00:fd:85:d0:19:6e:80:9f:
96:63:87:45:aa:7e:09:46:eb:08:14:05:0d:ba:8c:
ae:c2:d9:b7:2b:88:9b:b2:e1:fd:49:a8:be:b7:80:
84:e9:d7:0d:93:c7:c4:d7:f3:93:64:1a:e4:2d:a0:
d2:a0:91:83:b3:68:17:f8:3c:47:be:80:69:ac:42:
1e:6e:20:a9:dd:07:2a:f4:f6:a3:a6:da:4f:20:6f:
f0:b6:fa:0e:90:d0:ba:18:44:92:0f:50:bc:ec:8d:
77:40:a6:ba:69:a9:84:c5:c2:f4:21:0e:74:d3:61:
5e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:83:B5:07:8D:83:BB:C5:B7:5D:80:60:91:89:AE:95:09:1C:22:9F
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/8oO1B42Du8W3XYBgkYmulQkcIp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.11.0/24
77.105.31.0/24
79.175.103.0/24
79.175.115.0-79.175.116.255
79.175.118.0/24
80.74.173.0/24
81.18.49.0-81.18.50.255
81.18.52.0/23
81.18.55.0/24
81.18.61.0/24
93.186.64.0/24
93.186.67.0/24
93.186.71.0-93.186.72.255
109.121.60.0/24
178.219.8.0/23
178.219.11.0/24
178.253.207.0/24
178.253.210.0/24
178.253.213.0-178.253.214.255
178.253.219.0/24
178.253.222.0/24
178.253.236.0/24
178.253.240.0/24
185.47.88.0-185.47.90.255
188.255.130.0/24
188.255.140.0/24
188.255.185.0/24
188.255.190.0/24
188.255.208.0/24
188.255.213.0/24
188.255.219.0/24
188.255.238.0/24
188.255.244.0-188.255.248.255
188.255.250.0-188.255.252.255
188.255.254.0/23
212.69.6.0/23
212.69.12.0/24
Signature Algorithm: sha256WithRSAEncryption
91:7b:d3:0b:30:06:3a:48:1a:b7:2f:9e:43:76:c6:50:e8:dd:
aa:40:1c:39:f1:3f:4e:ed:43:a7:19:9a:df:80:f6:e0:d1:68:
40:b5:5e:b6:6e:5b:5c:61:30:23:f0:0d:22:dc:c1:86:7b:19:
bb:d8:97:40:f0:66:db:78:4c:ba:bf:70:06:b8:c3:f4:a0:9d:
85:23:88:23:38:49:6b:ae:52:d2:a1:5d:74:4b:83:73:68:8d:
57:e6:52:0a:88:46:da:74:01:b9:ae:b9:96:09:e7:a9:11:eb:
5d:31:4c:7f:30:f0:6d:28:9a:26:85:11:b3:d8:72:0e:f2:6b:
a6:ef:5c:d6:f1:69:67:f2:4e:b9:1b:75:98:c7:19:b6:1e:ba:
24:c7:a8:a8:b9:6a:45:4d:44:d4:ea:1b:68:30:a2:b2:26:ae:
0b:e7:7f:21:1c:d3:e2:b2:95:d6:2d:54:b0:28:97:a3:9b:90:
28:50:50:2b:b4:b3:d1:6d:08:b0:f2:08:df:97:d1:ce:ac:e5:
7e:28:78:83:39:f5:9d:24:91:f3:91:34:cf:07:7b:84:84:1b:
de:04:28:4f:14:b6:fb:ee:e8:78:c3:4e:a3:bf:30:f3:a1:38:
83:de:97:89:1d:97:a0:db:d1:4b:aa:f1:57:c9:08:f9:6d:1e:
fe:f7:b8:13
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgISAYr/9y8nByqlq6FfGdYPhMebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMxMDA1MTMxMTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjgzYjUwNzhkODNiYmM1Yjc1ZDgwNjA5MTg5YWU5NTA5MWMyMjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNNIBZvL+cCSK4T6j2pNJLcDoW62
CirVy0/MIzzF8txMseDdzRlYdwt0bbKn/g/PaU9ZaBLshUrHvsmuQQPX6QKoha2A
yVqRP1WPBqpX7BmEFUWXuv7NoELgyiTW2uigbHYAO94Yh8Z2mkyBNJFZqoJN/grg
uTyyuL9jS79DOWB0yaWNHHrwOL8pogqHAP2F0BlugJ+WY4dFqn4JRusIFAUNuoyu
wtm3K4ibsuH9Sai+t4CE6dcNk8fE1/OTZBrkLaDSoJGDs2gX+DxHvoBprEIebiCp
3Qcq9PajptpPIG/wtvoOkNC6GESSD1C87I13QKa6aamExcL0IQ5002FeywIDAQAB
o4IDIzCCAx8wHQYDVR0OBBYEFPKDtQeNg7vFt12AYJGJrpUJHCKfMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvOG9PMUI0MkR1OFczWFlCZ2tZbXVsUWtjSXA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNwYIKwYBBQUHAQcBAf8EggEmMIIBIjCCAR4EAgABMIIB
FgMEAE1pCwMEAE1pHwMEAE+vZzAMAwQAT69zAwQAT690AwQAT692AwQAUEqtMAwD
BABREjEDBABREjIDBAFREjQDBABREjcDBABREj0DBABdukADBABdukMwDAMEAF26
RwMEAF26SAMEAG15PAMEAbLbCAMEALLbCwMEALL9zwMEALL90jAMAwQAsv3VAwQA
sv3WAwQAsv3bAwQAsv3eAwQAsv3sAwQAsv3wMAwDBAO5L1gDBAC5L1oDBAC8/4ID
BAC8/4wDBAC8/7kDBAC8/74DBAC8/9ADBAC8/9UDBAC8/9sDBAC8/+4wDAMEArz/
9AMEALz/+DAMAwQBvP/6AwQAvP/8AwQBvP/+AwQB1EUGAwQA1EUMMA0GCSqGSIb3
DQEBCwUAA4IBAQCRe9MLMAY6SBq3L55DdsZQ6N2qQBw58T9O7UOnGZrfgPbg0WhA
tV62bltcYTAj8A0i3MGGexm72JdA8GbbeEy6v3AGuMP0oJ2FI4gjOElrrlLSoV10
S4NzaI1X5lIKiEbadAG5rrmWCeepEetdMUx/MPBtKJomhRGz2HIO8mum71zW8Wln
8k65G3WYxxm2Hrokx6iouWpFTUTU6htoMKKyJq4L538hHNPispXWLVSwKJejm5Ao
UFArtLPRbQiw8gjfl9HOrOV+KHiDOfWdJJHzkTTPB3uEhBveBChPFLb77uh4w06j
vzDzoTiD3peJHZeg29FLqvFXyQj5bR7+97gT
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:57 2024 by rpki-client on console-ams.rpki-client.org