Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/ZSj5cQFyQujl8sW5blPV1RG3nt0.roa
File: ZSj5cQFyQujl8sW5blPV1RG3nt0.roa (raw, json)
Hash identifier: 8EbwX1WdJbPhx/5WK1dX9z0gd4Vkhza5birSVAgp/DY=
Subject key identifier: 65:28:F9:71:01:72:42:E8:E5:F2:C5:B9:6E:53:D5:D5:11:B7:9E:DD
Certificate issuer: /CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Certificate serial: 0188DD5C74D80F3CE8BFDE513B9C493AC8F5
Authority key identifier: 8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/ZSj5cQFyQujl8sW5blPV1RG3nt0.roa
Signing time: Wed 21 Jun 2023 09:50:03 +0000
ROA not before: Wed 21 Jun 2023 09:50:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.1.245.0/24 maxlen: 24
185.1.244.0/24 maxlen: 24
185.1.246.0/24 maxlen: 24
185.1.248.0/24 maxlen: 24
185.1.252.0/24 maxlen: 24
185.1.253.0/24 maxlen: 24
185.1.176.0/24 maxlen: 24
185.1.183.0/24 maxlen: 24
185.1.182.0/24 maxlen: 24
185.1.187.0/24 maxlen: 24
185.1.192.0/23 maxlen: 23
185.1.197.0/24 maxlen: 24
185.1.204.0/24 maxlen: 24
185.1.210.0/23 maxlen: 23
185.1.208.0/23 maxlen: 23
185.1.220.0/24 maxlen: 24
185.1.48.0/24 maxlen: 24
185.1.47.0/24 maxlen: 24
185.1.46.0/24 maxlen: 24
80.81.192.0/21 maxlen: 21
80.81.203.0/24 maxlen: 24
80.81.202.0/24 maxlen: 24
185.1.8.0/24 maxlen: 24
185.1.119.0/24 maxlen: 24
185.1.131.0/24 maxlen: 24
185.1.170.0/23 maxlen: 23
185.0.4.0/24 maxlen: 24
185.0.7.0/24 maxlen: 24
185.0.6.0/24 maxlen: 24
185.0.5.0/24 maxlen: 24
185.0.8.0/24 maxlen: 24
185.0.17.0/24 maxlen: 24
185.0.33.0/24 maxlen: 24
2001:7f8:13e::/48 maxlen: 48
2001:7f8:44::/48 maxlen: 48
2001:7f8:df::/48 maxlen: 48
2001:7f8:13a::/48 maxlen: 48
2001:7f8:d5::/48 maxlen: 48
2001:7f8:73::/48 maxlen: 48
2001:7f8:3d::/48 maxlen: 48
2001:7f8::/48 maxlen: 48
2001:7f8:36::/48 maxlen: 48
2001:7f8:10a::/48 maxlen: 48
2001:7f8:143::/48 maxlen: 48
2001:7f8:9e::/48 maxlen: 48
2001:7f8:139::/48 maxlen: 48
2001:7f8:13c::/48 maxlen: 48
2001:7f8:32::/48 maxlen: 48
2001:7f8:106::/48 maxlen: 48
2001:7f8:3f::/48 maxlen: 48
2001:7f8:a0::/48 maxlen: 48
2001:7f8:13b::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 01 Aug 2023 09:09:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:dd:5c:74:d8:0f:3c:e8:bf:de:51:3b:9c:49:3a:c8:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Validity
Not Before: Jun 21 09:50:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6528f971017242e8e5f2c5b96e53d5d511b79edd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:df:3d:19:ef:81:df:bb:dd:e5:f7:50:25:bb:
8f:ee:fe:1b:ab:49:68:a8:a2:83:2b:0c:a2:14:84:
6c:bb:34:c3:f4:fb:c7:8a:35:01:d6:a9:1b:6c:c2:
d5:a5:68:23:be:3d:b5:55:e1:30:e8:ec:3a:40:df:
55:82:c5:1e:ac:cf:19:6e:96:1d:6c:41:0a:63:af:
2a:be:c6:ec:56:24:e5:f4:bb:bc:29:90:34:36:4b:
e6:3b:52:44:07:23:43:2c:c4:07:2e:e2:aa:fe:68:
e4:24:b0:c7:fb:27:5b:a8:32:2b:d9:e5:cb:bb:85:
60:81:08:3f:45:62:a9:02:21:d6:6d:34:84:69:40:
f2:d2:82:53:18:b1:09:1d:13:c9:f6:e9:17:d9:09:
1a:fa:37:72:fa:2a:fd:b5:bb:74:30:3e:1d:8f:7a:
3c:0e:e7:ec:fc:b0:f5:3b:61:b3:11:77:a8:ae:40:
01:52:00:ec:99:f7:f4:09:86:3f:b5:ff:55:dd:d3:
9c:86:53:cc:ee:02:8d:30:44:84:9a:eb:9b:16:4e:
d7:99:8c:1e:e9:75:95:70:2b:70:70:a2:bd:6b:dd:
3e:e9:fd:0c:8e:a6:27:b3:a1:63:92:61:46:d8:48:
5e:e9:a6:59:2e:b7:33:e2:c8:80:10:ab:04:4d:54:
aa:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:28:F9:71:01:72:42:E8:E5:F2:C5:B9:6E:53:D5:D5:11:B7:9E:DD
X509v3 Authority Key Identifier:
keyid:8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/ZSj5cQFyQujl8sW5blPV1RG3nt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/i2n8YSi-WRQBrPgrwkYa9jbr6OY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.192.0/21
80.81.202.0/23
185.0.4.0-185.0.8.255
185.0.17.0/24
185.0.33.0/24
185.1.8.0/24
185.1.46.0-185.1.48.255
185.1.119.0/24
185.1.131.0/24
185.1.170.0/23
185.1.176.0/24
185.1.182.0/23
185.1.187.0/24
185.1.192.0/23
185.1.197.0/24
185.1.204.0/24
185.1.208.0/22
185.1.220.0/24
185.1.244.0-185.1.246.255
185.1.248.0/24
185.1.252.0/23
IPv6:
2001:7f8::/48
2001:7f8:32::/48
2001:7f8:36::/48
2001:7f8:3d::/48
2001:7f8:3f::/48
2001:7f8:44::/48
2001:7f8:73::/48
2001:7f8:9e::/48
2001:7f8:a0::/48
2001:7f8:d5::/48
2001:7f8:df::/48
2001:7f8:106::/48
2001:7f8:10a::/48
2001:7f8:139::-2001:7f8:13c:ffff:ffff:ffff:ffff:ffff
2001:7f8:13e::/48
2001:7f8:143::/48
Signature Algorithm: sha256WithRSAEncryption
97:11:da:83:98:fb:5f:d7:13:85:2d:83:89:f2:3f:15:d7:d7:
9b:2e:f6:80:8f:83:c4:82:bf:ef:4c:a7:c1:a7:a4:24:b8:3c:
20:43:63:63:d9:34:d1:85:c2:e0:5a:2f:20:3b:6c:f2:9f:39:
30:d7:b6:32:7f:41:f6:74:74:33:30:ea:db:46:3f:2a:e4:e6:
b5:c2:cf:b5:0d:16:fa:96:90:2a:90:d9:ad:ee:fd:64:03:66:
20:00:1e:27:b2:c0:34:87:06:51:cc:ea:1b:2e:aa:d0:d1:89:
07:25:3d:16:96:05:9a:00:eb:54:0e:0d:fd:0a:e7:d5:52:33:
cd:fe:3e:5b:3f:e9:9b:ae:6b:45:da:16:25:76:04:ab:cf:7b:
cc:29:db:57:7a:37:bd:06:aa:77:5d:4c:77:5f:e9:a0:8a:4a:
33:bf:a8:74:ab:21:70:34:1e:3a:fd:2f:98:81:9a:84:c9:8b:
25:57:7d:b0:ef:b9:92:bc:ad:45:b8:8e:62:f0:34:27:b2:80:
ea:0d:cd:00:be:64:2b:0a:44:bc:5b:ee:fd:6c:b3:b1:06:61:
75:5b:4e:0e:37:4c:48:19:25:f7:2c:24:5f:04:6c:bc:af:e6:
f0:b0:84:79:f7:74:c7:82:a0:d4:be:43:f6:8d:0e:5a:7c:b5:
95:91:d2:58
-----BEGIN CERTIFICATE-----
MIIGOjCCBSKgAwIBAgISAYjdXHTYDzzov95RO5xJOsj1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNjlmYzYxMjhiZTU5MTQwMWFjZjgyYmMyNDYxYWY2MzZl
YmU4ZTYwHhcNMjMwNjIxMDk1MDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTI4Zjk3MTAxNzI0MmU4ZTVmMmM1Yjk2ZTUzZDVkNTExYjc5ZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt989Ge+B37vd5fdQJbuP7v4bq0lo
qKKDKwyiFIRsuzTD9PvHijUB1qkbbMLVpWgjvj21VeEw6Ow6QN9VgsUerM8ZbpYd
bEEKY68qvsbsViTl9Lu8KZA0NkvmO1JEByNDLMQHLuKq/mjkJLDH+ydbqDIr2eXL
u4VggQg/RWKpAiHWbTSEaUDy0oJTGLEJHRPJ9ukX2Qka+jdy+ir9tbt0MD4dj3o8
Dufs/LD1O2GzEXeorkABUgDsmff0CYY/tf9V3dOchlPM7gKNMESEmuubFk7XmYwe
6XWVcCtwcKK9a90+6f0MjqYns6FjkmFG2Ehe6aZZLrcz4siAEKsETVSqOQIDAQAB
o4IDRjCCA0IwHQYDVR0OBBYEFGUo+XEBckLo5fLFuW5T1dURt57dMB8GA1UdIwQY
MBaAFItp/GEovlkUAaz4K8JGGvY26+jmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUt
MjY1ZjJiZDBmOGYzLzEvWlNqNWNRRnlRdWpsOHNXNWJsUFYxUkczbnQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUtMjY1ZjJiZDBmOGYz
LzEvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBWgYIKwYBBQUHAQcBAf8EggFJMIIBRTCBnQQCAAEwgZYD
BANQUcADBAFQUcowDAMEArkABAMEALkACAMEALkAEQMEALkAIQMEALkBCDAMAwQB
uQEuAwQAuQEwAwQAuQF3AwQAuQGDAwQBuQGqAwQAuQGwAwQBuQG2AwQAuQG7AwQB
uQHAAwQAuQHFAwQAuQHMAwQCuQHQAwQAuQHcMAwDBAK5AfQDBAC5AfYDBAC5AfgD
BAG5AfwwgaIEAgACMIGbAwcAIAEH+AAAAwcAIAEH+AAyAwcAIAEH+AA2AwcAIAEH
+AA9AwcAIAEH+AA/AwcAIAEH+ABEAwcAIAEH+ABzAwcAIAEH+ACeAwcAIAEH+ACg
AwcAIAEH+ADVAwcAIAEH+ADfAwcAIAEH+AEGAwcAIAEH+AEKMBIDBwAgAQf4ATkD
BwAgAQf4ATwDBwAgAQf4AT4DBwAgAQf4AUMwDQYJKoZIhvcNAQELBQADggEBAJcR
2oOY+1/XE4Utg4nyPxXX15su9oCPg8SCv+9Mp8GnpCS4PCBDY2PZNNGFwuBaLyA7
bPKfOTDXtjJ/QfZ0dDMw6ttGPyrk5rXCz7UNFvqWkCqQ2a3u/WQDZiAAHieywDSH
BlHM6hsuqtDRiQclPRaWBZoA61QODf0K59VSM83+Pls/6Zuua0XaFiV2BKvPe8wp
21d6N70GqnddTHdf6aCKSjO/qHSrIXA0Hjr9L5iBmoTJiyVXfbDvuZK8rUW4jmLw
NCeygOoNzQC+ZCsKRLxb7v1ss7EGYXVbTg43TEgZJfcsJF8EbLyv5vCwhHn3dMeC
oNS+Q/aNDlp8tZWR0lg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:45 2024 by rpki-client on console-fra.rpki-client.org