Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/f8DeRlasN15orh8NMfgBnqaLzYo.roa
File: f8DeRlasN15orh8NMfgBnqaLzYo.roa (raw, json)
Hash identifier: 66f/TOvJtLjhLk3tCLF5eoflUxAKs0P8F6w7rElU6zQ=
Subject key identifier: 7F:C0:DE:46:56:AC:37:5E:68:AE:1F:0D:31:F8:01:9E:A6:8B:CD:8A
Certificate issuer: /CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Certificate serial: 0190BB012CF3F53D4448218AD426F9A9F366
Authority key identifier: 8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/f8DeRlasN15orh8NMfgBnqaLzYo.roa
Signing time: Tue 16 Jul 2024 10:05:34 +0000
ROA not before: Tue 16 Jul 2024 10:05:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 80.81.192.0/21 maxlen: 21
80.81.202.0/24 maxlen: 24
80.81.203.0/24 maxlen: 24
185.0.4.0/24 maxlen: 24
185.0.5.0/24 maxlen: 24
185.0.6.0/24 maxlen: 24
185.0.7.0/24 maxlen: 24
185.0.8.0/24 maxlen: 24
185.0.17.0/24 maxlen: 24
185.0.33.0/24 maxlen: 24
185.0.35.0/24 maxlen: 24
185.1.8.0/24 maxlen: 24
185.1.46.0/24 maxlen: 24
185.1.47.0/24 maxlen: 24
185.1.48.0/24 maxlen: 24
185.1.119.0/24 maxlen: 24
185.1.131.0/24 maxlen: 24
185.1.170.0/23 maxlen: 23
185.1.176.0/24 maxlen: 24
185.1.182.0/24 maxlen: 24
185.1.183.0/24 maxlen: 24
185.1.187.0/24 maxlen: 24
185.1.192.0/23 maxlen: 23
185.1.197.0/24 maxlen: 24
185.1.204.0/24 maxlen: 24
185.1.208.0/23 maxlen: 23
185.1.210.0/23 maxlen: 23
185.1.220.0/24 maxlen: 24
185.1.244.0/24 maxlen: 24
185.1.245.0/24 maxlen: 24
185.1.246.0/24 maxlen: 24
185.1.248.0/24 maxlen: 24
185.1.252.0/24 maxlen: 24
185.1.253.0/24 maxlen: 24
185.176.192.0/24 maxlen: 24
2001:7f8::/48 maxlen: 48
2001:7f8:32::/48 maxlen: 48
2001:7f8:36::/48 maxlen: 48
2001:7f8:3d::/48 maxlen: 48
2001:7f8:3f::/48 maxlen: 48
2001:7f8:44::/48 maxlen: 48
2001:7f8:73::/48 maxlen: 48
2001:7f8:9e::/48 maxlen: 48
2001:7f8:a0::/48 maxlen: 48
2001:7f8:d5::/48 maxlen: 48
2001:7f8:df::/48 maxlen: 48
2001:7f8:106::/48 maxlen: 48
2001:7f8:10a::/48 maxlen: 48
2001:7f8:139::/48 maxlen: 48
2001:7f8:13a::/48 maxlen: 48
2001:7f8:13b::/48 maxlen: 48
2001:7f8:13c::/48 maxlen: 48
2001:7f8:13e::/48 maxlen: 48
2001:7f8:143::/48 maxlen: 48
2001:7f8:14e::/48 maxlen: 48
2a02:c50:4000::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 25 Sep 2024 08:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bb:01:2c:f3:f5:3d:44:48:21:8a:d4:26:f9:a9:f3:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Validity
Not Before: Jul 16 10:05:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7fc0de4656ac375e68ae1f0d31f8019ea68bcd8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ba:bf:06:da:75:0f:f7:2b:10:03:9b:ba:57:
69:54:8b:62:a0:5d:0f:2c:ff:2e:19:22:d9:76:45:
25:7f:7c:de:31:00:f9:30:6e:3d:aa:0d:c5:43:79:
65:82:37:a2:1f:52:e5:be:1a:f7:7b:d1:a1:fe:95:
e9:ec:d1:bb:10:60:29:15:ea:3c:ac:f9:70:4c:1c:
38:fa:f1:94:ac:10:cf:0c:66:ed:3c:fc:f7:31:ff:
d6:93:80:a7:d4:b1:d8:cb:50:73:79:a7:12:54:de:
b5:bf:f0:d9:9c:8a:7d:d4:8e:a6:d4:12:35:90:d8:
bd:9f:d3:27:67:55:50:ac:dc:e7:bc:2b:99:f7:3a:
22:ea:37:fc:83:5a:31:6a:4c:86:1e:5b:59:c2:5b:
aa:e7:8c:84:05:27:e4:13:7e:57:12:50:ad:fe:9f:
cf:ce:38:75:78:85:46:65:d5:f2:d0:dc:27:92:3e:
ac:5d:89:09:47:70:5f:d0:88:4c:75:ec:48:b7:69:
26:dc:95:39:d1:15:d8:d8:43:05:ea:42:af:f8:f4:
be:cb:48:b7:f4:24:53:5c:a3:22:49:4e:01:2b:56:
aa:c4:25:ed:0c:e4:8e:b4:ff:90:0f:bc:f7:8c:c3:
59:cf:c6:e7:b4:63:52:0a:26:93:32:fd:90:0f:5d:
8e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:C0:DE:46:56:AC:37:5E:68:AE:1F:0D:31:F8:01:9E:A6:8B:CD:8A
X509v3 Authority Key Identifier:
keyid:8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/f8DeRlasN15orh8NMfgBnqaLzYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/i2n8YSi-WRQBrPgrwkYa9jbr6OY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.192.0/21
80.81.202.0/23
185.0.4.0-185.0.8.255
185.0.17.0/24
185.0.33.0/24
185.0.35.0/24
185.1.8.0/24
185.1.46.0-185.1.48.255
185.1.119.0/24
185.1.131.0/24
185.1.170.0/23
185.1.176.0/24
185.1.182.0/23
185.1.187.0/24
185.1.192.0/23
185.1.197.0/24
185.1.204.0/24
185.1.208.0/22
185.1.220.0/24
185.1.244.0-185.1.246.255
185.1.248.0/24
185.1.252.0/23
185.176.192.0/24
IPv6:
2001:7f8::/48
2001:7f8:32::/48
2001:7f8:36::/48
2001:7f8:3d::/48
2001:7f8:3f::/48
2001:7f8:44::/48
2001:7f8:73::/48
2001:7f8:9e::/48
2001:7f8:a0::/48
2001:7f8:d5::/48
2001:7f8:df::/48
2001:7f8:106::/48
2001:7f8:10a::/48
2001:7f8:139::-2001:7f8:13c:ffff:ffff:ffff:ffff:ffff
2001:7f8:13e::/48
2001:7f8:143::/48
2001:7f8:14e::/48
2a02:c50:4000::/48
Signature Algorithm: sha256WithRSAEncryption
00:e8:f1:c4:51:84:7e:7d:b0:f1:21:65:13:d6:fe:e7:2b:e9:
1e:86:ca:ed:0d:72:0f:68:53:61:3d:bc:85:67:94:f0:7d:b2:
fe:7b:e5:ec:a7:c2:c0:a7:87:48:e5:1a:ec:61:92:ef:8d:7f:
21:f8:d1:74:58:42:0d:83:6e:13:04:f7:d8:b6:5a:2b:6b:19:
cb:d9:0d:c0:7b:20:ed:26:87:95:58:f3:a9:db:c6:de:b7:44:
67:17:bb:b8:3e:f9:c5:4d:4c:41:7c:ea:c6:59:17:2c:92:22:
f6:57:f2:58:b0:46:97:37:99:00:55:dd:f3:b9:6d:bf:ec:d7:
fb:e0:c7:11:7a:2a:23:25:e8:a4:de:94:21:89:9f:cc:b8:53:
e5:ac:68:c2:c0:2b:d9:00:68:dd:74:1e:94:73:c1:8e:92:a3:
f9:6f:b0:77:9e:a1:bb:e4:75:b9:83:b0:8a:9d:b0:ff:61:7b:
39:e2:af:32:1e:7d:fb:4e:4c:59:82:d3:88:94:fe:8b:84:34:
95:5c:ad:64:29:8c:c5:88:8c:7a:25:e1:20:5a:f0:ea:91:d3:
d8:d3:e1:84:b4:d1:84:fe:f1:57:bb:55:97:84:7e:b1:de:09:
82:c4:36:07:6f:85:0d:af:50:25:c3:b5:5b:dd:fa:5e:c8:55:
65:b8:4c:5f
-----BEGIN CERTIFICATE-----
MIIGWDCCBUCgAwIBAgISAZC7ASzz9T1ESCGK1Cb5qfNmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNjlmYzYxMjhiZTU5MTQwMWFjZjgyYmMyNDYxYWY2MzZl
YmU4ZTYwHhcNMjQwNzE2MTAwNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmMwZGU0NjU2YWMzNzVlNjhhZTFmMGQzMWY4MDE5ZWE2OGJjZDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7q/Btp1D/crEAObuldpVItioF0P
LP8uGSLZdkUlf3zeMQD5MG49qg3FQ3llgjeiH1Llvhr3e9Gh/pXp7NG7EGApFeo8
rPlwTBw4+vGUrBDPDGbtPPz3Mf/Wk4Cn1LHYy1BzeacSVN61v/DZnIp91I6m1BI1
kNi9n9MnZ1VQrNznvCuZ9zoi6jf8g1oxakyGHltZwluq54yEBSfkE35XElCt/p/P
zjh1eIVGZdXy0Nwnkj6sXYkJR3Bf0IhMdexIt2km3JU50RXY2EMF6kKv+PS+y0i3
9CRTXKMiSU4BK1aqxCXtDOSOtP+QD7z3jMNZz8bntGNSCiaTMv2QD12OTwIDAQAB
o4IDZDCCA2AwHQYDVR0OBBYEFH/A3kZWrDdeaK4fDTH4AZ6mi82KMB8GA1UdIwQY
MBaAFItp/GEovlkUAaz4K8JGGvY26+jmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUt
MjY1ZjJiZDBmOGYzLzEvZjhEZVJsYXNOMTVvcmg4Tk1mZ0JucWFMellvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUtMjY1ZjJiZDBmOGYz
LzEvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBeAYIKwYBBQUHAQcBAf8EggFnMIIBYzCBqQQCAAEwgaID
BANQUcADBAFQUcowDAMEArkABAMEALkACAMEALkAEQMEALkAIQMEALkAIwMEALkB
CDAMAwQBuQEuAwQAuQEwAwQAuQF3AwQAuQGDAwQBuQGqAwQAuQGwAwQBuQG2AwQA
uQG7AwQBuQHAAwQAuQHFAwQAuQHMAwQCuQHQAwQAuQHcMAwDBAK5AfQDBAC5AfYD
BAC5AfgDBAG5AfwDBAC5sMAwgbQEAgACMIGtAwcAIAEH+AAAAwcAIAEH+AAyAwcA
IAEH+AA2AwcAIAEH+AA9AwcAIAEH+AA/AwcAIAEH+ABEAwcAIAEH+ABzAwcAIAEH
+ACeAwcAIAEH+ACgAwcAIAEH+ADVAwcAIAEH+ADfAwcAIAEH+AEGAwcAIAEH+AEK
MBIDBwAgAQf4ATkDBwAgAQf4ATwDBwAgAQf4AT4DBwAgAQf4AUMDBwAgAQf4AU4D
BwAqAgxQQAAwDQYJKoZIhvcNAQELBQADggEBAADo8cRRhH59sPEhZRPW/ucr6R6G
yu0Ncg9oU2E9vIVnlPB9sv575eynwsCnh0jlGuxhku+NfyH40XRYQg2DbhME99i2
WitrGcvZDcB7IO0mh5VY86nbxt63RGcXu7g++cVNTEF86sZZFyySIvZX8liwRpc3
mQBV3fO5bb/s1/vgxxF6KiMl6KTelCGJn8y4U+WsaMLAK9kAaN10HpRzwY6So/lv
sHeeobvkdbmDsIqdsP9heznirzIefftOTFmC04iU/ouENJVcrWQpjMWIjHol4SBa
8OqR09jT4YS00YT+8Ve7VZeEfrHeCYLENgdvhQ2vUCXDtVvd+l7IVWW4TF8=
-----END CERTIFICATE-----
Generated at Wed Sep 25 09:41:00 2024 by rpki-client on console-fra.rpki-client.org