Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/SI9ppo4FB03HwhlG4x0fQIvdCXM.roa
File: SI9ppo4FB03HwhlG4x0fQIvdCXM.roa (raw, json)
Hash identifier: TgVXI+DW3OtcFlMNUM7qWiK4Ozr0y/OlO+pHpKXrjg0=
Subject key identifier: 48:8F:69:A6:8E:05:07:4D:C7:C2:19:46:E3:1D:1F:40:8B:DD:09:73
Certificate issuer: /CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Certificate serial: 01905E5EF0F0D974AA12E862E708C635769A
Authority key identifier: 8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/SI9ppo4FB03HwhlG4x0fQIvdCXM.roa
Signing time: Fri 28 Jun 2024 10:23:18 +0000
ROA not before: Fri 28 Jun 2024 10:23:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 80.81.192.0/21 maxlen: 21
80.81.202.0/24 maxlen: 24
80.81.203.0/24 maxlen: 24
185.0.4.0/24 maxlen: 24
185.0.5.0/24 maxlen: 24
185.0.6.0/24 maxlen: 24
185.0.7.0/24 maxlen: 24
185.0.8.0/24 maxlen: 24
185.0.17.0/24 maxlen: 24
185.0.33.0/24 maxlen: 24
185.0.35.0/24 maxlen: 24
185.1.8.0/24 maxlen: 24
185.1.46.0/24 maxlen: 24
185.1.47.0/24 maxlen: 24
185.1.48.0/24 maxlen: 24
185.1.119.0/24 maxlen: 24
185.1.131.0/24 maxlen: 24
185.1.170.0/23 maxlen: 23
185.1.176.0/24 maxlen: 24
185.1.182.0/24 maxlen: 24
185.1.183.0/24 maxlen: 24
185.1.187.0/24 maxlen: 24
185.1.192.0/23 maxlen: 23
185.1.197.0/24 maxlen: 24
185.1.204.0/24 maxlen: 24
185.1.208.0/23 maxlen: 23
185.1.210.0/23 maxlen: 23
185.1.220.0/24 maxlen: 24
185.1.244.0/24 maxlen: 24
185.1.245.0/24 maxlen: 24
185.1.246.0/24 maxlen: 24
185.1.248.0/24 maxlen: 24
185.1.252.0/24 maxlen: 24
185.1.253.0/24 maxlen: 24
185.176.192.0/24 maxlen: 24
2001:7f8::/48 maxlen: 48
2001:7f8:32::/48 maxlen: 48
2001:7f8:36::/48 maxlen: 48
2001:7f8:3d::/48 maxlen: 48
2001:7f8:3f::/48 maxlen: 48
2001:7f8:44::/48 maxlen: 48
2001:7f8:73::/48 maxlen: 48
2001:7f8:9e::/48 maxlen: 48
2001:7f8:a0::/48 maxlen: 48
2001:7f8:d5::/48 maxlen: 48
2001:7f8:df::/48 maxlen: 48
2001:7f8:106::/48 maxlen: 48
2001:7f8:10a::/48 maxlen: 48
2001:7f8:139::/48 maxlen: 48
2001:7f8:13a::/48 maxlen: 48
2001:7f8:13b::/48 maxlen: 48
2001:7f8:13c::/48 maxlen: 48
2001:7f8:13e::/48 maxlen: 48
2001:7f8:143::/48 maxlen: 48
2001:7f8:14e::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 16 Jul 2024 10:05:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5e:5e:f0:f0:d9:74:aa:12:e8:62:e7:08:c6:35:76:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Validity
Not Before: Jun 28 10:23:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=488f69a68e05074dc7c21946e31d1f408bdd0973
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:36:02:f4:dc:bb:33:73:5c:59:9a:45:85:05:
70:81:cd:25:e9:11:9d:f6:6d:0e:d2:14:a8:be:14:
73:36:ba:80:3f:5b:33:32:a8:eb:60:39:6b:a0:9f:
8e:19:9e:fb:69:b7:ed:0f:b9:06:a8:34:cf:7f:64:
d5:cb:c6:22:be:92:13:a3:db:cb:2d:e3:0a:31:f0:
bd:2d:4d:68:dd:16:19:eb:4a:97:a6:20:5f:04:4e:
c7:5c:c6:5f:2f:55:3b:8c:41:57:8a:b3:99:5f:a7:
7e:b0:60:97:49:6c:9c:f9:f6:af:bc:d3:fe:86:aa:
e0:21:41:a6:aa:85:9a:86:3f:d4:12:c5:27:a1:09:
9d:22:59:f5:51:40:38:3e:65:4f:3d:c7:60:42:5a:
9e:ca:c6:bd:a7:0b:4b:ff:85:10:f6:23:db:7e:d8:
1b:27:f8:f0:62:ae:62:c2:7e:a5:d4:17:01:6a:fd:
e0:aa:5f:ed:0c:e9:5b:e7:fa:ff:db:19:e2:b8:13:
04:75:24:8b:ea:f9:c7:c5:62:c4:dc:28:90:a0:55:
f1:5c:60:49:09:3f:9a:71:3e:08:83:a7:27:75:e9:
1b:fc:36:a4:48:3a:b7:c5:9e:34:d3:34:94:15:78:
1e:4c:6e:d6:f9:59:a7:4e:3f:fc:3c:39:25:3c:f6:
ad:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:8F:69:A6:8E:05:07:4D:C7:C2:19:46:E3:1D:1F:40:8B:DD:09:73
X509v3 Authority Key Identifier:
keyid:8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/SI9ppo4FB03HwhlG4x0fQIvdCXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/i2n8YSi-WRQBrPgrwkYa9jbr6OY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.192.0/21
80.81.202.0/23
185.0.4.0-185.0.8.255
185.0.17.0/24
185.0.33.0/24
185.0.35.0/24
185.1.8.0/24
185.1.46.0-185.1.48.255
185.1.119.0/24
185.1.131.0/24
185.1.170.0/23
185.1.176.0/24
185.1.182.0/23
185.1.187.0/24
185.1.192.0/23
185.1.197.0/24
185.1.204.0/24
185.1.208.0/22
185.1.220.0/24
185.1.244.0-185.1.246.255
185.1.248.0/24
185.1.252.0/23
185.176.192.0/24
IPv6:
2001:7f8::/48
2001:7f8:32::/48
2001:7f8:36::/48
2001:7f8:3d::/48
2001:7f8:3f::/48
2001:7f8:44::/48
2001:7f8:73::/48
2001:7f8:9e::/48
2001:7f8:a0::/48
2001:7f8:d5::/48
2001:7f8:df::/48
2001:7f8:106::/48
2001:7f8:10a::/48
2001:7f8:139::-2001:7f8:13c:ffff:ffff:ffff:ffff:ffff
2001:7f8:13e::/48
2001:7f8:143::/48
2001:7f8:14e::/48
Signature Algorithm: sha256WithRSAEncryption
aa:f0:44:08:56:f2:25:46:46:75:94:a3:0e:12:18:58:b0:35:
1b:6d:39:9c:b9:48:78:33:d5:08:ac:fc:bd:44:ea:af:e4:44:
a6:26:8a:f5:c4:5e:67:3d:92:12:95:e9:16:e8:ae:dc:03:6c:
88:0d:dd:4b:9e:e5:49:c6:dd:cd:51:3b:b5:8b:74:17:34:11:
9a:5d:c4:4b:57:63:d4:30:29:63:f6:69:54:d5:65:0b:c8:13:
7c:0a:dc:eb:72:ae:f1:b2:6c:9e:73:4a:52:56:f4:8e:01:d8:
09:bf:a7:32:bd:31:a2:20:4d:63:1d:c2:78:16:d3:a9:24:97:
9c:75:ce:24:80:b6:74:75:8a:3c:e6:e5:9f:68:7b:c7:40:51:
09:a5:16:fb:2e:82:0f:78:44:3d:38:d4:3c:45:40:f7:c5:40:
e8:44:f4:32:72:55:eb:7a:d6:aa:f9:10:09:75:b4:cd:3d:20:
37:4a:6c:c7:dd:d3:81:7c:42:14:c4:3a:24:0e:26:4d:fd:68:
40:49:dd:15:aa:43:72:c5:50:cd:df:b7:4f:f2:21:0d:00:b8:
2e:64:10:85:00:27:27:3a:de:70:e5:41:82:1f:1a:d0:4e:11:
47:8d:cc:06:03:82:a9:e7:a2:14:75:36:5a:a1:69:cf:e3:4f:
90:9f:8d:16
-----BEGIN CERTIFICATE-----
MIIGTzCCBTegAwIBAgISAZBeXvDw2XSqEuhi5wjGNXaaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNjlmYzYxMjhiZTU5MTQwMWFjZjgyYmMyNDYxYWY2MzZl
YmU4ZTYwHhcNMjQwNjI4MTAyMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODhmNjlhNjhlMDUwNzRkYzdjMjE5NDZlMzFkMWY0MDhiZGQwOTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDYC9Ny7M3NcWZpFhQVwgc0l6RGd
9m0O0hSovhRzNrqAP1szMqjrYDlroJ+OGZ77abftD7kGqDTPf2TVy8YivpITo9vL
LeMKMfC9LU1o3RYZ60qXpiBfBE7HXMZfL1U7jEFXirOZX6d+sGCXSWyc+favvNP+
hqrgIUGmqoWahj/UEsUnoQmdIln1UUA4PmVPPcdgQlqeysa9pwtL/4UQ9iPbftgb
J/jwYq5iwn6l1BcBav3gql/tDOlb5/r/2xniuBMEdSSL6vnHxWLE3CiQoFXxXGBJ
CT+acT4Ig6cndekb/DakSDq3xZ400zSUFXgeTG7W+VmnTj/8PDklPPat4QIDAQAB
o4IDWzCCA1cwHQYDVR0OBBYEFEiPaaaOBQdNx8IZRuMdH0CL3QlzMB8GA1UdIwQY
MBaAFItp/GEovlkUAaz4K8JGGvY26+jmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUt
MjY1ZjJiZDBmOGYzLzEvU0k5cHBvNEZCMDNId2hsRzR4MGZRSXZkQ1hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUtMjY1ZjJiZDBmOGYz
LzEvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbwYIKwYBBQUHAQcBAf8EggFeMIIBWjCBqQQCAAEwgaID
BANQUcADBAFQUcowDAMEArkABAMEALkACAMEALkAEQMEALkAIQMEALkAIwMEALkB
CDAMAwQBuQEuAwQAuQEwAwQAuQF3AwQAuQGDAwQBuQGqAwQAuQGwAwQBuQG2AwQA
uQG7AwQBuQHAAwQAuQHFAwQAuQHMAwQCuQHQAwQAuQHcMAwDBAK5AfQDBAC5AfYD
BAC5AfgDBAG5AfwDBAC5sMAwgasEAgACMIGkAwcAIAEH+AAAAwcAIAEH+AAyAwcA
IAEH+AA2AwcAIAEH+AA9AwcAIAEH+AA/AwcAIAEH+ABEAwcAIAEH+ABzAwcAIAEH
+ACeAwcAIAEH+ACgAwcAIAEH+ADVAwcAIAEH+ADfAwcAIAEH+AEGAwcAIAEH+AEK
MBIDBwAgAQf4ATkDBwAgAQf4ATwDBwAgAQf4AT4DBwAgAQf4AUMDBwAgAQf4AU4w
DQYJKoZIhvcNAQELBQADggEBAKrwRAhW8iVGRnWUow4SGFiwNRttOZy5SHgz1Qis
/L1E6q/kRKYmivXEXmc9khKV6RbortwDbIgN3Uue5UnG3c1RO7WLdBc0EZpdxEtX
Y9QwKWP2aVTVZQvIE3wK3OtyrvGybJ5zSlJW9I4B2Am/pzK9MaIgTWMdwngW06kk
l5x1ziSAtnR1ijzm5Z9oe8dAUQmlFvsugg94RD041DxFQPfFQOhE9DJyVet61qr5
EAl1tM09IDdKbMfd04F8QhTEOiQOJk39aEBJ3RWqQ3LFUM3ft0/yIQ0AuC5kEIUA
Jyc63nDlQYIfGtBOEUeNzAYDgqnnohR1Nlqhac/jT5CfjRY=
-----END CERTIFICATE-----
Generated at Tue Jul 16 12:52:53 2024 by rpki-client on console-ams.rpki-client.org