Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/if9zNke-tNOXt2uTgypWnZZD13w.roa
File: if9zNke-tNOXt2uTgypWnZZD13w.roa (raw, json)
Hash identifier: vA3ECTnY5z/dK+713iSVNai4P8VCgC20FgdKdbnqhKs=
Subject key identifier: 89:FF:73:36:47:BE:B4:D3:97:B7:6B:93:83:2A:56:9D:96:43:D7:7C
Certificate issuer: /CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Certificate serial: 0185A12797F948CEC7177AE1C49F3B9F96F8
Authority key identifier: 8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/if9zNke-tNOXt2uTgypWnZZD13w.roa
Signing time: Wed 11 Jan 2023 14:06:44 +0000
ROA not before: Wed 11 Jan 2023 14:06:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.1.245.0/24 maxlen: 24
185.1.244.0/24 maxlen: 24
185.1.246.0/24 maxlen: 24
185.1.248.0/24 maxlen: 24
185.1.252.0/24 maxlen: 24
185.1.253.0/24 maxlen: 24
185.1.183.0/24 maxlen: 24
185.1.182.0/24 maxlen: 24
185.1.187.0/24 maxlen: 24
185.1.192.0/23 maxlen: 23
185.1.197.0/24 maxlen: 24
185.1.210.0/23 maxlen: 23
185.1.208.0/23 maxlen: 23
185.1.220.0/24 maxlen: 24
185.1.48.0/24 maxlen: 24
185.1.47.0/24 maxlen: 24
185.1.46.0/24 maxlen: 24
80.81.192.0/21 maxlen: 21
80.81.203.0/24 maxlen: 24
80.81.202.0/24 maxlen: 24
185.1.8.0/24 maxlen: 24
185.1.119.0/24 maxlen: 24
185.1.131.0/24 maxlen: 24
185.1.170.0/23 maxlen: 23
185.0.4.0/24 maxlen: 24
185.0.7.0/24 maxlen: 24
185.0.6.0/24 maxlen: 24
185.0.5.0/24 maxlen: 24
185.0.8.0/24 maxlen: 24
185.0.17.0/24 maxlen: 24
2001:7f8:13e::/48 maxlen: 48
2001:7f8:44::/48 maxlen: 48
2001:7f8:df::/48 maxlen: 48
2001:7f8:13a::/48 maxlen: 48
2001:7f8:d5::/48 maxlen: 48
2001:7f8:73::/48 maxlen: 48
2001:7f8:3d::/48 maxlen: 48
2001:7f8::/48 maxlen: 48
2001:7f8:36::/48 maxlen: 48
2001:7f8:10a::/48 maxlen: 48
2001:7f8:143::/48 maxlen: 48
2001:7f8:9e::/48 maxlen: 48
2001:7f8:139::/48 maxlen: 48
2001:7f8:13c::/48 maxlen: 48
2001:7f8:32::/48 maxlen: 48
2001:7f8:106::/48 maxlen: 48
2001:7f8:3f::/48 maxlen: 48
2001:7f8:a0::/48 maxlen: 48
2001:7f8:13b::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 21 Jun 2023 09:50:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a1:27:97:f9:48:ce:c7:17:7a:e1:c4:9f:3b:9f:96:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Validity
Not Before: Jan 11 14:06:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89ff733647beb4d397b76b93832a569d9643d77c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:6d:24:7c:32:b8:ab:fe:68:57:b2:ef:95:46:
48:97:3d:db:a0:48:dd:16:6c:59:3a:ec:25:0d:bb:
6b:79:5d:09:a7:8c:da:36:a2:19:03:f0:d4:5e:06:
93:0b:a3:2d:d2:7c:6c:5d:4a:80:df:a9:f8:e7:4c:
1b:32:f5:e7:2e:5f:3b:e4:10:e4:22:ae:d2:7d:ba:
9d:a1:e5:12:ec:11:d9:b2:47:28:73:99:ec:66:7a:
6d:91:a3:62:08:39:e7:d7:e0:5f:69:ed:43:39:f9:
be:52:28:6f:87:07:15:ca:94:f8:ee:0f:d2:8c:df:
38:1e:7e:dd:20:92:3a:67:56:dc:94:ef:3d:13:fa:
7c:19:77:fe:e2:e6:96:46:d8:c9:db:a0:e0:26:6a:
ac:90:52:8e:20:50:19:1c:d2:fc:f0:44:82:87:dc:
0a:d8:ba:61:f2:9e:2e:a0:72:2a:93:ac:72:73:41:
6a:6d:44:ab:b0:5e:09:53:29:68:90:bb:3a:92:ad:
56:fb:fb:dc:95:93:61:16:58:6a:1b:40:e7:f2:54:
7d:ea:23:2a:bc:cc:8e:a1:d1:9e:0f:59:18:7f:25:
27:d5:a8:ca:eb:18:92:4c:86:3f:2c:39:0a:52:37:
46:6d:ef:d3:9b:de:0a:50:e3:2c:a5:51:da:4f:1a:
8a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:FF:73:36:47:BE:B4:D3:97:B7:6B:93:83:2A:56:9D:96:43:D7:7C
X509v3 Authority Key Identifier:
keyid:8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/if9zNke-tNOXt2uTgypWnZZD13w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/i2n8YSi-WRQBrPgrwkYa9jbr6OY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.192.0/21
80.81.202.0/23
185.0.4.0-185.0.8.255
185.0.17.0/24
185.1.8.0/24
185.1.46.0-185.1.48.255
185.1.119.0/24
185.1.131.0/24
185.1.170.0/23
185.1.182.0/23
185.1.187.0/24
185.1.192.0/23
185.1.197.0/24
185.1.208.0/22
185.1.220.0/24
185.1.244.0-185.1.246.255
185.1.248.0/24
185.1.252.0/23
IPv6:
2001:7f8::/48
2001:7f8:32::/48
2001:7f8:36::/48
2001:7f8:3d::/48
2001:7f8:3f::/48
2001:7f8:44::/48
2001:7f8:73::/48
2001:7f8:9e::/48
2001:7f8:a0::/48
2001:7f8:d5::/48
2001:7f8:df::/48
2001:7f8:106::/48
2001:7f8:10a::/48
2001:7f8:139::-2001:7f8:13c:ffff:ffff:ffff:ffff:ffff
2001:7f8:13e::/48
2001:7f8:143::/48
Signature Algorithm: sha256WithRSAEncryption
a6:14:5b:4d:72:c3:fd:02:f2:5a:17:44:b6:00:65:1d:3d:86:
e2:f6:c1:bd:91:cd:d1:c5:5f:17:d7:37:ae:a0:57:42:26:d3:
02:50:11:df:bd:3a:ec:c5:2d:d0:73:1e:74:58:19:07:b6:28:
ef:da:38:5f:b4:ce:46:cf:62:4a:a9:a0:a9:fc:bc:ee:ea:b7:
55:71:94:2d:ac:ca:6e:2f:11:37:b0:1d:87:e2:0a:6b:1a:2a:
52:98:fa:83:83:58:e6:41:ca:58:d6:a0:ff:0b:b0:6c:98:18:
8a:2f:3b:ae:40:41:2d:b0:b1:e8:c7:e1:9b:78:b8:bb:ad:de:
4d:f4:d9:44:8c:62:0b:ce:9b:42:fe:06:0b:a1:f6:20:61:cd:
ea:fc:bd:d5:45:2c:01:20:e3:c1:ad:63:3b:d2:b8:ca:40:5c:
61:7c:7b:a4:7e:78:a1:ac:6e:ab:24:2b:a6:64:f5:6a:42:da:
f0:45:83:12:e2:19:90:49:8d:5b:35:00:67:05:99:a0:17:e5:
5c:01:33:4d:6c:79:28:c1:55:03:20:1a:f7:db:13:a4:65:52:
e5:ab:da:b3:68:c6:64:43:dc:f0:21:3f:3b:7a:08:08:77:96:
cf:36:b3:c8:d1:4a:be:72:49:cd:cf:92:a5:c6:f5:2d:41:17:
0e:17:50:78
-----BEGIN CERTIFICATE-----
MIIGKDCCBRCgAwIBAgISAYWhJ5f5SM7HF3rhxJ87n5b4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNjlmYzYxMjhiZTU5MTQwMWFjZjgyYmMyNDYxYWY2MzZl
YmU4ZTYwHhcNMjMwMTExMTQwNjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWZmNzMzNjQ3YmViNGQzOTdiNzZiOTM4MzJhNTY5ZDk2NDNkNzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkG0kfDK4q/5oV7LvlUZIlz3boEjd
FmxZOuwlDbtreV0Jp4zaNqIZA/DUXgaTC6Mt0nxsXUqA36n450wbMvXnLl875BDk
Iq7SfbqdoeUS7BHZskcoc5nsZnptkaNiCDnn1+Bfae1DOfm+UihvhwcVypT47g/S
jN84Hn7dIJI6Z1bclO89E/p8GXf+4uaWRtjJ26DgJmqskFKOIFAZHNL88ESCh9wK
2Lph8p4uoHIqk6xyc0FqbUSrsF4JUylokLs6kq1W+/vclZNhFlhqG0Dn8lR96iMq
vMyOodGeD1kYfyUn1ajK6xiSTIY/LDkKUjdGbe/Tm94KUOMspVHaTxqKfQIDAQAB
o4IDNDCCAzAwHQYDVR0OBBYEFIn/czZHvrTTl7drk4MqVp2WQ9d8MB8GA1UdIwQY
MBaAFItp/GEovlkUAaz4K8JGGvY26+jmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUt
MjY1ZjJiZDBmOGYzLzEvaWY5ek5rZS10Tk9YdDJ1VGd5cFduWlpEMTN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUtMjY1ZjJiZDBmOGYz
LzEvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBSAYIKwYBBQUHAQcBAf8EggE3MIIBMzCBiwQCAAEwgYQD
BANQUcADBAFQUcowDAMEArkABAMEALkACAMEALkAEQMEALkBCDAMAwQBuQEuAwQA
uQEwAwQAuQF3AwQAuQGDAwQBuQGqAwQBuQG2AwQAuQG7AwQBuQHAAwQAuQHFAwQC
uQHQAwQAuQHcMAwDBAK5AfQDBAC5AfYDBAC5AfgDBAG5AfwwgaIEAgACMIGbAwcA
IAEH+AAAAwcAIAEH+AAyAwcAIAEH+AA2AwcAIAEH+AA9AwcAIAEH+AA/AwcAIAEH
+ABEAwcAIAEH+ABzAwcAIAEH+ACeAwcAIAEH+ACgAwcAIAEH+ADVAwcAIAEH+ADf
AwcAIAEH+AEGAwcAIAEH+AEKMBIDBwAgAQf4ATkDBwAgAQf4ATwDBwAgAQf4AT4D
BwAgAQf4AUMwDQYJKoZIhvcNAQELBQADggEBAKYUW01yw/0C8loXRLYAZR09huL2
wb2RzdHFXxfXN66gV0Im0wJQEd+9OuzFLdBzHnRYGQe2KO/aOF+0zkbPYkqpoKn8
vO7qt1VxlC2sym4vETewHYfiCmsaKlKY+oODWOZByljWoP8LsGyYGIovO65AQS2w
sejH4Zt4uLut3k302USMYgvOm0L+Bguh9iBhzer8vdVFLAEg48GtYzvSuMpAXGF8
e6R+eKGsbqskK6Zk9WpC2vBFgxLiGZBJjVs1AGcFmaAX5VwBM01seSjBVQMgGvfb
E6RlUuWr2rNoxmRD3PAhPzt6CAh3ls82s8jRSr5ySc3PkqXG9S1BFw4XUHg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:50 2024 by rpki-client on console-ams.rpki-client.org