Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/185eb3-2ab2-45b5-aa33-015ea5019520/1/jlEzmxL0BCH-k_XoBF09x3UnqYo.roa
File: jlEzmxL0BCH-k_XoBF09x3UnqYo.roa (raw, json)
Hash identifier: h5ry0GG3RxR1cnqtooEEaZnKCR2uOBM0s5Elu0olhBE=
Subject key identifier: 8E:51:33:9B:12:F4:04:21:FE:93:F5:E8:04:5D:3D:C7:75:27:A9:8A
Certificate issuer: /CN=a8e4918fc7fdfb73bba8cf58d4cb5fe449cf83f6
Certificate serial: 018EE7B02B8447C4D4E19E0C4AFBA335CD1F
Authority key identifier: A8:E4:91:8F:C7:FD:FB:73:BB:A8:CF:58:D4:CB:5F:E4:49:CF:83:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qOSRj8f9-3O7qM9Y1Mtf5EnPg_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/185eb3-2ab2-45b5-aa33-015ea5019520/1/jlEzmxL0BCH-k_XoBF09x3UnqYo.roa
Signing time: Tue 16 Apr 2024 16:14:26 +0000
ROA not before: Tue 16 Apr 2024 16:14:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20773
IP address blocks: 37.61.208.0/20 maxlen: 24
37.61.212.0/24 maxlen: 24
37.61.214.0/24 maxlen: 24
37.61.215.0/24 maxlen: 24
37.61.221.0/24 maxlen: 24
37.61.223.0/24 maxlen: 24
78.138.96.0/21 maxlen: 24
78.138.104.0/22 maxlen: 24
78.138.126.0/23 maxlen: 24
85.195.64.0/18 maxlen: 24
85.195.75.0/24 maxlen: 24
85.195.76.0/24 maxlen: 24
85.195.82.0/24 maxlen: 24
85.195.83.0/24 maxlen: 24
85.195.85.0/24 maxlen: 24
85.195.86.0/24 maxlen: 24
85.195.88.0/24 maxlen: 24
85.195.89.0/24 maxlen: 24
85.195.90.0/24 maxlen: 24
85.195.91.0/24 maxlen: 24
85.195.92.0/24 maxlen: 24
85.195.93.0/24 maxlen: 24
85.195.95.0/24 maxlen: 24
85.195.96.0/24 maxlen: 24
85.195.98.0/24 maxlen: 24
85.195.99.0/24 maxlen: 24
85.195.100.0/24 maxlen: 24
85.195.102.0/24 maxlen: 24
85.195.103.0/24 maxlen: 24
85.195.107.0/24 maxlen: 24
85.195.109.0/24 maxlen: 24
85.195.110.0/24 maxlen: 24
85.195.114.0/24 maxlen: 24
85.195.115.0/24 maxlen: 24
85.195.116.0/24 maxlen: 24
85.195.119.0/24 maxlen: 24
85.195.120.0/24 maxlen: 24
85.195.124.0/24 maxlen: 24
85.195.127.0/24 maxlen: 24
87.119.195.0/24 maxlen: 24
87.119.220.0/22 maxlen: 24
92.42.104.0/21 maxlen: 24
92.204.160.0/19 maxlen: 24
92.204.162.0/24 maxlen: 24
92.204.186.0/24 maxlen: 24
92.204.194.0/23 maxlen: 23
92.204.240.0/20 maxlen: 24
92.205.32.0/21 maxlen: 24
92.205.112.0/20 maxlen: 24
92.205.152.0/22 maxlen: 24
146.0.224.0/19 maxlen: 24
146.0.226.0/24 maxlen: 24
146.0.227.0/24 maxlen: 24
146.0.228.0/24 maxlen: 24
146.0.230.0/24 maxlen: 24
146.0.232.0/24 maxlen: 24
146.0.234.0/24 maxlen: 24
146.0.235.0/24 maxlen: 24
146.0.236.0/24 maxlen: 24
146.0.237.0/24 maxlen: 24
146.0.245.0/24 maxlen: 24
146.0.247.0/24 maxlen: 24
146.0.249.0/24 maxlen: 24
146.0.250.0/24 maxlen: 24
146.0.251.0/24 maxlen: 24
146.0.255.0/24 maxlen: 24
185.19.216.0/22 maxlen: 24
185.19.216.0/24 maxlen: 24
185.19.217.0/24 maxlen: 24
185.19.218.0/24 maxlen: 24
185.19.219.0/24 maxlen: 24
185.136.156.0/22 maxlen: 24
185.136.158.0/24 maxlen: 24
185.136.160.0/21 maxlen: 24
185.136.160.0/22 maxlen: 24
185.136.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Sep 2024 12:33:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e7:b0:2b:84:47:c4:d4:e1:9e:0c:4a:fb:a3:35:cd:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8e4918fc7fdfb73bba8cf58d4cb5fe449cf83f6
Validity
Not Before: Apr 16 16:14:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e51339b12f40421fe93f5e8045d3dc77527a98a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c4:26:7f:f9:6a:50:a8:76:a6:a0:74:24:d3:
0f:63:64:63:56:87:2b:25:1b:f2:12:f7:9b:57:02:
10:7e:71:e6:8d:db:20:49:52:20:ae:91:6a:86:70:
c0:6f:a2:46:11:b1:bc:65:d5:41:01:93:58:f4:12:
aa:bf:40:5f:db:d3:13:1d:69:c7:b7:c3:e4:c8:91:
82:40:08:50:ad:d2:6a:63:d5:df:48:61:f1:8a:2b:
5e:f6:33:d1:ce:8c:8d:d9:fd:40:38:ee:ee:b2:b7:
27:85:89:13:ce:3e:b0:04:47:d2:9d:9f:1e:27:d3:
b5:0d:70:88:e2:f9:b3:5d:b9:90:39:7d:2e:97:6d:
bd:6f:fb:90:f7:45:24:66:5d:7c:ab:fa:8f:b6:d6:
46:80:9a:96:27:bd:10:aa:dd:c3:d9:ed:61:5a:57:
95:35:22:7a:12:31:8f:d3:f0:7d:7d:2d:d4:dd:98:
57:89:20:0c:d5:c4:05:79:93:8f:24:54:7c:06:fa:
78:5f:84:96:3d:ee:31:7d:17:48:d7:b2:9f:df:4b:
bb:f3:73:41:3b:da:ed:3b:e0:a3:54:35:25:68:ee:
75:62:66:14:52:e4:b3:69:ea:12:f4:fa:53:a6:5a:
99:6a:ed:ff:22:fa:35:b6:e8:76:7f:52:11:19:2b:
99:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:51:33:9B:12:F4:04:21:FE:93:F5:E8:04:5D:3D:C7:75:27:A9:8A
X509v3 Authority Key Identifier:
keyid:A8:E4:91:8F:C7:FD:FB:73:BB:A8:CF:58:D4:CB:5F:E4:49:CF:83:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qOSRj8f9-3O7qM9Y1Mtf5EnPg_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/185eb3-2ab2-45b5-aa33-015ea5019520/1/jlEzmxL0BCH-k_XoBF09x3UnqYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/185eb3-2ab2-45b5-aa33-015ea5019520/1/qOSRj8f9-3O7qM9Y1Mtf5EnPg_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.61.208.0/20
78.138.96.0-78.138.107.255
78.138.126.0/23
85.195.64.0/18
87.119.195.0/24
87.119.220.0/22
92.42.104.0/21
92.204.160.0/19
92.204.194.0/23
92.204.240.0/20
92.205.32.0/21
92.205.112.0/20
92.205.152.0/22
146.0.224.0/19
185.19.216.0/22
185.136.156.0-185.136.167.255
Signature Algorithm: sha256WithRSAEncryption
be:d5:35:68:84:50:da:ec:eb:7e:1b:2e:ee:94:6c:24:9d:4d:
de:d1:ab:3e:7c:e2:3e:86:41:05:43:93:cf:26:cb:06:e2:03:
fd:fc:72:ca:39:a7:da:b1:9b:20:59:e1:4a:90:b4:e6:7d:73:
44:64:77:ba:92:4e:9f:a9:ce:f6:f9:7f:8c:45:90:3c:61:11:
23:b4:8d:bb:d9:42:f6:84:4c:56:92:5f:1c:73:1a:ee:42:a3:
6f:58:43:70:e6:15:8e:a2:b4:0c:69:a0:8b:04:c6:5e:4b:f0:
c4:f7:a7:53:b6:3c:a4:e6:27:58:8e:99:62:3a:82:83:f6:df:
92:00:0d:28:57:2b:18:89:83:b7:b1:3b:e3:17:4a:95:00:4f:
95:e9:22:14:32:ff:d1:7c:c9:2a:59:5e:d9:84:2b:a3:fa:14:
f7:65:ad:38:d3:9b:71:b0:67:cb:9d:9a:62:6b:8c:54:12:20:
57:dc:37:5b:89:ae:0f:9f:d4:15:8a:e9:18:0a:f7:64:fa:c1:
cb:b4:b2:04:b3:5c:31:3a:1a:a9:44:46:79:b8:ed:7e:02:60:
49:33:07:ae:67:f9:70:ff:cf:3d:62:4a:2d:d3:e6:85:b7:e7:
54:15:15:16:be:09:c6:67:b5:d7:ee:71:1e:76:57:97:f2:60:
19:26:9d:74
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAY7nsCuER8TU4Z4MSvujNc0fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ZTQ5MThmYzdmZGZiNzNiYmE4Y2Y1OGQ0Y2I1ZmU0NDlj
ZjgzZjYwHhcNMjQwNDE2MTYxNDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTUxMzM5YjEyZjQwNDIxZmU5M2Y1ZTgwNDVkM2RjNzc1MjdhOThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsQmf/lqUKh2pqB0JNMPY2RjVocr
JRvyEvebVwIQfnHmjdsgSVIgrpFqhnDAb6JGEbG8ZdVBAZNY9BKqv0Bf29MTHWnH
t8PkyJGCQAhQrdJqY9XfSGHxiite9jPRzoyN2f1AOO7usrcnhYkTzj6wBEfSnZ8e
J9O1DXCI4vmzXbmQOX0ul229b/uQ90UkZl18q/qPttZGgJqWJ70Qqt3D2e1hWleV
NSJ6EjGP0/B9fS3U3ZhXiSAM1cQFeZOPJFR8Bvp4X4SWPe4xfRdI17Kf30u783NB
O9rtO+CjVDUlaO51YmYUUuSzaeoS9PpTplqZau3/Ivo1tuh2f1IRGSuZCwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFI5RM5sS9AQh/pP16ARdPcd1J6mKMB8GA1UdIwQY
MBaAFKjkkY/H/ftzu6jPWNTLX+RJz4P2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcU9TUmo4ZjktM083cU05WTFNdGY1RW5QZ19ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8xODVlYjMtMmFiMi00NWI1LWFhMzMt
MDE1ZWE1MDE5NTIwLzEvamxFem14TDBCQ0gta19Yb0JGMDl4M1VucVlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8xODVlYjMtMmFiMi00NWI1LWFhMzMtMDE1ZWE1MDE5NTIw
LzEvcU9TUmo4ZjktM083cU05WTFNdGY1RW5QZ19ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEBCU90DAM
AwQFTopgAwQCTopoAwQBTop+AwQGVcNAAwQAV3fDAwQCV3fcAwQDXCpoAwQFXMyg
AwQBXMzCAwQEXMzwAwQDXM0gAwQEXM1wAwQCXM2YAwQFkgDgAwQCuRPYMAwDBAK5
iJwDBAO5iKAwDQYJKoZIhvcNAQELBQADggEBAL7VNWiEUNrs634bLu6UbCSdTd7R
qz584j6GQQVDk88mywbiA/38cso5p9qxmyBZ4UqQtOZ9c0Rkd7qSTp+pzvb5f4xF
kDxhESO0jbvZQvaETFaSXxxzGu5Co29YQ3DmFY6itAxpoIsExl5L8MT3p1O2PKTm
J1iOmWI6goP235IADShXKxiJg7exO+MXSpUAT5XpIhQy/9F8ySpZXtmEK6P6FPdl
rTjTm3GwZ8udmmJrjFQSIFfcN1uJrg+f1BWK6RgK92T6wcu0sgSzXDE6GqlERnm4
7X4CYEkzB65n+XD/zz1iSi3T5oW351QVFRa+CcZntdfucR52V5fyYBkmnXQ=
-----END CERTIFICATE-----
Generated at Tue Sep 10 16:43:58 2024 by rpki-client on console-ams.rpki-client.org