Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/h1NLcRIvMhqALARKZMqgpOE4FRo.roa
File: h1NLcRIvMhqALARKZMqgpOE4FRo.roa (raw, json)
Hash identifier: gOlMDiXjcXtDz7MgBhL84pQHLuSoHP6GyUlxaRFPXdM=
Subject key identifier: 87:53:4B:71:12:2F:32:1A:80:2C:04:4A:64:CA:A0:A4:E1:38:15:1A
Certificate issuer: /CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Certificate serial: 01856FCBB17C8B5EBF39FAFCF82743BA71F9
Authority key identifier: 8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/h1NLcRIvMhqALARKZMqgpOE4FRo.roa
Signing time: Mon 02 Jan 2023 00:04:58 +0000
ROA not before: Mon 02 Jan 2023 00:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.1.48.0/24 maxlen: 24
185.1.47.0/24 maxlen: 24
185.1.46.0/24 maxlen: 24
80.81.192.0/21 maxlen: 21
80.81.203.0/24 maxlen: 24
80.81.202.0/24 maxlen: 24
185.1.8.0/24 maxlen: 24
185.1.119.0/24 maxlen: 24
185.1.131.0/24 maxlen: 24
185.1.170.0/23 maxlen: 23
185.1.245.0/24 maxlen: 24
185.1.244.0/24 maxlen: 24
185.1.246.0/24 maxlen: 24
185.1.248.0/24 maxlen: 24
185.1.252.0/24 maxlen: 24
185.1.253.0/24 maxlen: 24
185.0.4.0/24 maxlen: 24
185.0.7.0/24 maxlen: 24
185.0.6.0/24 maxlen: 24
185.0.5.0/24 maxlen: 24
185.0.8.0/24 maxlen: 24
185.1.183.0/24 maxlen: 24
185.1.182.0/24 maxlen: 24
185.1.187.0/24 maxlen: 24
185.1.192.0/23 maxlen: 23
185.1.197.0/24 maxlen: 24
185.1.210.0/23 maxlen: 23
185.1.208.0/23 maxlen: 23
185.1.220.0/24 maxlen: 24
2001:7f8:10a::/48 maxlen: 48
2001:7f8:9e::/48 maxlen: 48
2001:7f8:13e::/48 maxlen: 48
2001:7f8:139::/48 maxlen: 48
2001:7f8:13c::/48 maxlen: 48
2001:7f8:32::/48 maxlen: 48
2001:7f8:106::/48 maxlen: 48
2001:7f8:44::/48 maxlen: 48
2001:7f8:df::/64 maxlen: 64
2001:7f8:3f::/48 maxlen: 48
2001:7f8:13a::/48 maxlen: 48
2001:7f8:d5::/48 maxlen: 48
2001:7f8:73::/48 maxlen: 48
2001:7f8:3d::/48 maxlen: 48
2001:7f8:a0::/48 maxlen: 48
2001:7f8::/48 maxlen: 48
2001:7f8:13b::/48 maxlen: 48
2001:7f8:36::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 11 Jan 2023 14:05:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:b1:7c:8b:5e:bf:39:fa:fc:f8:27:43:ba:71:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Validity
Not Before: Jan 2 00:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87534b71122f321a802c044a64caa0a4e138151a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a6:55:4f:49:77:6b:da:3b:3b:78:a9:a5:99:
4d:a7:f6:cf:6b:06:b0:03:32:13:b1:f8:85:89:bd:
f6:55:99:f9:99:86:ed:2d:a1:2b:09:da:05:88:67:
85:5e:97:a6:f5:85:42:a2:01:35:6d:67:74:5d:e0:
84:c3:46:b4:1c:cd:91:0b:1e:18:0f:17:2e:8a:9f:
3f:f6:24:c6:2e:9d:62:4c:af:95:d6:eb:83:30:2d:
ab:45:ad:87:ea:c2:4d:b9:04:57:c9:7b:9b:61:6a:
07:fe:7b:3a:f2:c8:a2:df:79:0f:b7:f6:64:4a:fa:
03:9a:67:27:99:13:d1:ba:d3:19:a8:3b:20:fe:c8:
85:58:bc:8a:c2:16:1d:88:26:b4:8b:5d:2b:81:ad:
4b:cb:84:87:1f:62:97:61:d0:54:9c:ea:01:5c:2f:
fd:7d:90:69:5c:b3:9a:ee:73:10:3c:39:d3:da:fe:
4a:38:7c:0d:c6:07:e1:b1:0f:c5:b0:3d:2f:e7:23:
fc:d9:5d:45:9a:19:6c:38:6a:9e:eb:e4:e4:7e:dd:
8a:56:9b:17:09:1d:7e:5d:a2:fe:35:00:14:9c:c8:
b8:76:9c:a7:32:a0:bc:7f:bd:ee:78:a4:ac:59:f6:
db:1b:b0:c3:69:a0:65:6a:a3:6a:90:73:9f:e5:a0:
a4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:53:4B:71:12:2F:32:1A:80:2C:04:4A:64:CA:A0:A4:E1:38:15:1A
X509v3 Authority Key Identifier:
keyid:8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/h1NLcRIvMhqALARKZMqgpOE4FRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/i2n8YSi-WRQBrPgrwkYa9jbr6OY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.192.0/21
80.81.202.0/23
185.0.4.0-185.0.8.255
185.1.8.0/24
185.1.46.0-185.1.48.255
185.1.119.0/24
185.1.131.0/24
185.1.170.0/23
185.1.182.0/23
185.1.187.0/24
185.1.192.0/23
185.1.197.0/24
185.1.208.0/22
185.1.220.0/24
185.1.244.0-185.1.246.255
185.1.248.0/24
185.1.252.0/23
IPv6:
2001:7f8::/48
2001:7f8:32::/48
2001:7f8:36::/48
2001:7f8:3d::/48
2001:7f8:3f::/48
2001:7f8:44::/48
2001:7f8:73::/48
2001:7f8:9e::/48
2001:7f8:a0::/48
2001:7f8:d5::/48
2001:7f8:df::/64
2001:7f8:106::/48
2001:7f8:10a::/48
2001:7f8:139::-2001:7f8:13c:ffff:ffff:ffff:ffff:ffff
2001:7f8:13e::/48
Signature Algorithm: sha256WithRSAEncryption
0c:d5:d8:8c:56:5f:eb:3b:58:bc:1b:38:3b:72:d5:83:b0:6f:
33:d3:0d:69:52:2c:98:16:f7:85:57:12:55:5a:d3:25:14:ad:
a0:b5:f0:6b:31:54:04:11:b6:47:76:1a:68:f3:a9:2b:c9:df:
a0:62:4e:d8:bd:cc:c6:75:d6:eb:36:d5:8c:e4:83:81:79:c9:
44:20:de:d6:cc:ec:24:4f:84:d3:1d:b7:57:11:a2:67:c1:0a:
7c:5c:ea:cb:13:08:b5:bb:18:ff:9c:3c:20:08:5a:1d:97:4b:
60:d5:f0:9e:b6:95:ea:4b:85:9e:56:1b:0e:85:11:97:64:4e:
1f:57:4a:1b:74:af:cd:56:fb:38:6a:ab:e3:ba:2e:11:ef:39:
3c:cc:38:ba:d8:e6:05:04:a2:fe:4e:2a:bf:58:07:52:c4:b3:
f1:62:81:2b:93:f7:9e:da:81:5f:1f:cb:a8:93:c7:fc:07:5a:
40:a4:6f:82:b3:49:66:6f:78:fe:99:17:49:e4:07:9a:47:57:
94:61:a7:12:2a:02:53:e1:01:9b:d3:25:1d:67:24:69:65:87:
23:2e:76:d8:9b:b5:31:14:31:86:ae:65:f5:a3:67:ec:43:1a:
b8:d3:18:39:d2:1a:92:fa:66:4b:82:aa:b5:aa:22:31:39:77:
30:7e:d0:98
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgISAYVvy7F8i16/Ofr8+CdDunH5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNjlmYzYxMjhiZTU5MTQwMWFjZjgyYmMyNDYxYWY2MzZl
YmU4ZTYwHhcNMjMwMTAyMDAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzUzNGI3MTEyMmYzMjFhODAyYzA0NGE2NGNhYTBhNGUxMzgxNTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKZVT0l3a9o7O3ippZlNp/bPawaw
AzITsfiFib32VZn5mYbtLaErCdoFiGeFXpem9YVCogE1bWd0XeCEw0a0HM2RCx4Y
Dxcuip8/9iTGLp1iTK+V1uuDMC2rRa2H6sJNuQRXyXubYWoH/ns68sii33kPt/Zk
SvoDmmcnmRPRutMZqDsg/siFWLyKwhYdiCa0i10rga1Ly4SHH2KXYdBUnOoBXC/9
fZBpXLOa7nMQPDnT2v5KOHwNxgfhsQ/FsD0v5yP82V1FmhlsOGqe6+Tkft2KVpsX
CR1+XaL+NQAUnMi4dpynMqC8f73ueKSsWfbbG7DDaaBlaqNqkHOf5aCkvwIDAQAB
o4IDJjCCAyIwHQYDVR0OBBYEFIdTS3ESLzIagCwESmTKoKThOBUaMB8GA1UdIwQY
MBaAFItp/GEovlkUAaz4K8JGGvY26+jmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUt
MjY1ZjJiZDBmOGYzLzEvaDFOTGNSSXZNaHFBTEFSS1pNcWdwT0U0RlJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUtMjY1ZjJiZDBmOGYz
LzEvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOgYIKwYBBQUHAQcBAf8EggEpMIIBJTCBhAQCAAEwfgME
A1BRwAMEAVBRyjAMAwQCuQAEAwQAuQAIAwQAuQEIMAwDBAG5AS4DBAC5ATADBAC5
AXcDBAC5AYMDBAG5AaoDBAG5AbYDBAC5AbsDBAG5AcADBAC5AcUDBAK5AdADBAC5
AdwwDAMEArkB9AMEALkB9gMEALkB+AMEAbkB/DCBmwQCAAIwgZQDBwAgAQf4AAAD
BwAgAQf4ADIDBwAgAQf4ADYDBwAgAQf4AD0DBwAgAQf4AD8DBwAgAQf4AEQDBwAg
AQf4AHMDBwAgAQf4AJ4DBwAgAQf4AKADBwAgAQf4ANUDCQAgAQf4AN8AAAMHACAB
B/gBBgMHACABB/gBCjASAwcAIAEH+AE5AwcAIAEH+AE8AwcAIAEH+AE+MA0GCSqG
SIb3DQEBCwUAA4IBAQAM1diMVl/rO1i8Gzg7ctWDsG8z0w1pUiyYFveFVxJVWtMl
FK2gtfBrMVQEEbZHdhpo86kryd+gYk7YvczGddbrNtWM5IOBeclEIN7WzOwkT4TT
HbdXEaJnwQp8XOrLEwi1uxj/nDwgCFodl0tg1fCetpXqS4WeVhsOhRGXZE4fV0ob
dK/NVvs4aqvjui4R7zk8zDi62OYFBKL+Tiq/WAdSxLPxYoErk/ee2oFfH8uok8f8
B1pApG+Cs0lmb3j+mRdJ5AeaR1eUYacSKgJT4QGb0yUdZyRpZYcjLnbYm7UxFDGG
rmX1o2fsQxq40xg50hqS+mZLgqq1qiIxOXcwftCY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:45 2024 by rpki-client on console-fra.rpki-client.org