Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/0BaLYkjcnZ4P3za5QNZNBPaarYA.roa
File: 0BaLYkjcnZ4P3za5QNZNBPaarYA.roa (raw, json)
Hash identifier: claW/+W4MS2MS0JdiM4BqJiVH3VwQWDkfrR8MU6Ex8w=
Subject key identifier: D0:16:8B:62:48:DC:9D:9E:0F:DF:36:B9:40:D6:4D:04:F6:9A:AD:80
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 018E17D9EB2B6D18B3E870DF9008925877C8
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/0BaLYkjcnZ4P3za5QNZNBPaarYA.roa
Signing time: Thu 07 Mar 2024 07:39:01 +0000
ROA not before: Thu 07 Mar 2024 07:39:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8359
IP address blocks: 62.118.0.0/16 maxlen: 24
62.168.224.0/19 maxlen: 19
80.83.237.0/24 maxlen: 24
81.91.32.0/19 maxlen: 19
81.91.41.0/24 maxlen: 24
81.195.0.0/16 maxlen: 24
82.96.192.0/18 maxlen: 18
83.237.0.0/16 maxlen: 16
85.140.0.0/15 maxlen: 24
85.235.32.0/19 maxlen: 19
89.175.0.0/16 maxlen: 16
89.175.248.0/21 maxlen: 21
91.76.0.0/14 maxlen: 14
93.90.224.0/20 maxlen: 20
93.90.224.0/22 maxlen: 22
94.140.128.0/19 maxlen: 19
109.198.224.0/19 maxlen: 19
141.105.24.0/21 maxlen: 21
176.222.17.0/24 maxlen: 24
178.141.0.0/16 maxlen: 16
178.155.0.0/17 maxlen: 17
185.168.236.0/22 maxlen: 22
193.104.128.0/24 maxlen: 24
195.34.0.0/19 maxlen: 19
195.34.15.0/24 maxlen: 24
195.34.32.0/19 maxlen: 19
195.34.36.0/24 maxlen: 24
195.34.38.0/24 maxlen: 24
195.34.42.0/24 maxlen: 24
212.188.0.0/17 maxlen: 17
213.87.0.0/16 maxlen: 16
213.87.64.0/22 maxlen: 22
213.87.70.0/23 maxlen: 23
213.87.76.0/23 maxlen: 23
213.87.80.0/20 maxlen: 20
213.87.100.0/24 maxlen: 24
213.87.104.0/24 maxlen: 24
213.87.105.0/24 maxlen: 24
213.87.106.0/23 maxlen: 23
213.87.128.0/19 maxlen: 19
213.87.160.0/22 maxlen: 22
213.87.200.0/22 maxlen: 22
213.87.204.0/22 maxlen: 22
213.87.208.0/23 maxlen: 23
213.87.240.0/22 maxlen: 22
213.87.244.0/23 maxlen: 23
213.87.246.0/24 maxlen: 24
213.87.248.0/22 maxlen: 22
213.147.32.0/19 maxlen: 19
213.176.228.0/22 maxlen: 22
217.74.244.0/22 maxlen: 22
217.74.248.0/21 maxlen: 21
2a00:1fa0::/29 maxlen: 29
2a00:1fa0::/33 maxlen: 33
2a00:1fa0:8000::/33 maxlen: 33
2a00:1fa2::/33 maxlen: 33
2a00:1fa3::/33 maxlen: 33
2a00:1fa3:8000::/40 maxlen: 40
2a02:28::/29 maxlen: 29
2a02:28::/32 maxlen: 32
2a02:28:1::/48 maxlen: 48
2a02:28:a::/48 maxlen: 48
2a02:29::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 12 Mar 2024 07:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:17:d9:eb:2b:6d:18:b3:e8:70:df:90:08:92:58:77:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Mar 7 07:39:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0168b6248dc9d9e0fdf36b940d64d04f69aad80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:75:04:d6:fc:0b:ce:d6:d5:5f:f2:71:8b:42:
5c:6a:80:28:ba:8d:31:06:19:27:e8:b4:eb:42:5a:
9f:9a:7e:d7:10:2f:2b:1e:3d:7b:58:92:a6:7d:65:
b5:cd:14:7d:b8:d5:96:de:3a:1d:44:6f:45:fb:a2:
34:34:3a:92:e6:c4:81:55:8a:ae:d0:e7:81:c4:96:
c8:bd:c9:c9:3c:95:cd:9c:96:57:de:3f:3d:27:45:
90:6e:de:f7:b2:95:bc:13:80:1e:f6:cd:bc:46:52:
d5:bb:08:01:44:e7:0c:a9:5f:21:d8:34:d6:fc:ec:
25:08:34:27:cc:fd:ef:22:bf:07:84:bd:97:ba:73:
a5:c1:84:56:af:d3:34:cc:ac:ba:72:72:a7:71:71:
1f:2e:21:28:b6:51:23:8d:81:63:5c:dd:c2:c1:df:
e2:0e:18:e3:c2:87:28:bc:a2:78:70:70:1c:34:aa:
67:58:34:3a:45:40:0d:38:90:ff:3b:43:4f:4d:6f:
38:2c:07:0e:01:58:cb:2f:94:11:ec:33:68:23:df:
ee:19:52:b1:89:48:a6:cd:49:5d:a8:88:11:75:8f:
59:85:89:de:bf:e8:d9:f4:8d:5c:5d:fb:51:b5:7a:
a6:7d:d8:2a:71:4f:5e:54:a6:cc:16:4e:42:1a:54:
d7:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:16:8B:62:48:DC:9D:9E:0F:DF:36:B9:40:D6:4D:04:F6:9A:AD:80
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/0BaLYkjcnZ4P3za5QNZNBPaarYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.118.0.0/16
62.168.224.0/19
80.83.237.0/24
81.91.32.0/19
81.195.0.0/16
82.96.192.0/18
83.237.0.0/16
85.140.0.0/15
85.235.32.0/19
89.175.0.0/16
91.76.0.0/14
93.90.224.0/20
94.140.128.0/19
109.198.224.0/19
141.105.24.0/21
176.222.17.0/24
178.141.0.0/16
178.155.0.0/17
185.168.236.0/22
193.104.128.0/24
195.34.0.0/18
212.188.0.0/17
213.87.0.0/16
213.147.32.0/19
213.176.228.0/22
217.74.244.0-217.74.255.255
IPv6:
2a00:1fa0::/29
2a02:28::/29
Signature Algorithm: sha256WithRSAEncryption
2e:6c:cc:4f:49:61:45:6b:d3:4f:a7:ef:35:2b:4d:58:70:69:
9c:8b:ec:53:74:f4:27:9f:8f:30:56:1b:8e:6b:ec:e6:00:56:
25:d4:5f:08:f5:a4:e6:19:3e:62:e4:09:ed:88:81:69:b5:9f:
0b:f0:f7:c4:9a:bd:bb:49:d0:5b:40:24:fe:bc:5a:40:92:04:
3e:75:cc:7a:d3:4a:ac:eb:c7:d6:93:a3:f7:b0:c3:06:37:b2:
75:a2:47:b6:00:ae:f0:e7:d3:c5:bc:28:a7:40:59:f3:c7:0a:
84:4e:00:e7:fa:98:c5:86:61:2b:b5:44:db:85:13:e0:c7:0d:
7e:0c:ca:ca:10:1a:24:bf:5b:bf:9b:6e:12:73:02:96:44:07:
9e:bd:af:3b:4b:0a:1a:6e:43:c4:23:1b:de:7b:a5:8b:66:3e:
3c:bf:27:7a:5c:de:98:b2:32:22:b9:df:54:92:68:cd:42:55:
46:c1:d9:c9:95:9e:87:95:92:e9:d6:4e:ad:96:e0:9c:4a:9a:
a5:d9:81:8b:45:27:15:2b:61:af:b1:b8:d8:0c:cf:80:51:17:
14:72:66:cf:fe:05:62:73:f0:2a:c4:41:83:d5:d9:42:91:72:
8d:7e:19:a8:1b:23:fa:c0:c0:b8:fc:94:8c:ec:b6:6c:70:0e:
b3:b6:4f:bd
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAY4X2esrbRiz6HDfkAiSWHfIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjQwMzA3MDczOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDE2OGI2MjQ4ZGM5ZDllMGZkZjM2Yjk0MGQ2NGQwNGY2OWFhZDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknUE1vwLztbVX/Jxi0JcaoAouo0x
Bhkn6LTrQlqfmn7XEC8rHj17WJKmfWW1zRR9uNWW3jodRG9F+6I0NDqS5sSBVYqu
0OeBxJbIvcnJPJXNnJZX3j89J0WQbt73spW8E4Ae9s28RlLVuwgBROcMqV8h2DTW
/OwlCDQnzP3vIr8HhL2XunOlwYRWr9M0zKy6cnKncXEfLiEotlEjjYFjXN3Cwd/i
DhjjwocovKJ4cHAcNKpnWDQ6RUANOJD/O0NPTW84LAcOAVjLL5QR7DNoI9/uGVKx
iUimzUldqIgRdY9ZhYnev+jZ9I1cXftRtXqmfdgqcU9eVKbMFk5CGlTXFQIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFNAWi2JI3J2eD982uUDWTQT2mq2AMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvMEJhTFlramNuWjRQM3phNVFOWk5CUGFhcllBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBogQCAAEwgZsDAwA+
dgMEBT6o4AMEAFBT7QMEBVFbIAMDAFHDAwQGUmDAAwMAU+0DAwFVjAMEBVXrIAMD
AFmvAwMCW0wDBARdWuADBAVejIADBAVtxuADBAONaRgDBACw3hEDAwCyjQMEB7Kb
AAMEArmo7AMEAMFogAMEBsMiAAMEB9S8AAMDANVXAwQF1ZMgAwQC1bDkMAsDBALZ
SvQDAwDZSjAUBAIAAjAOAwUDKgAfoAMFAyoCACgwDQYJKoZIhvcNAQELBQADggEB
AC5szE9JYUVr00+n7zUrTVhwaZyL7FN09CefjzBWG45r7OYAViXUXwj1pOYZPmLk
Ce2IgWm1nwvw98SavbtJ0FtAJP68WkCSBD51zHrTSqzrx9aTo/ewwwY3snWiR7YA
rvDn08W8KKdAWfPHCoROAOf6mMWGYSu1RNuFE+DHDX4MysoQGiS/W7+bbhJzApZE
B569rztLChpuQ8QjG957pYtmPjy/J3pc3piyMiK531SSaM1CVUbB2cmVnoeVkunW
Tq2W4JxKmqXZgYtFJxUrYa+xuNgMz4BRFxRyZs/+BWJz8CrEQYPV2UKRco1+Gagb
I/rAwLj8lIzstmxwDrO2T70=
-----END CERTIFICATE-----
Generated at Tue Mar 12 11:26:59 2024 by rpki-client on console-fra.rpki-client.org