Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/1-pupK7IrTJ2ogq1KssF5kV1H1MU.roa
File: 1-pupK7IrTJ2ogq1KssF5kV1H1MU.roa (raw, json)
Hash identifier: khKDR0M3HD2me3nfZ9pvwQyfKLvSGQKiTNO7vfR3ZEw=
Subject key identifier: FA:9B:A9:2B:B2:2B:4C:9D:A8:82:AD:4A:B2:C1:79:91:5D:47:D4:C5
Certificate issuer: /CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Certificate serial: 018669B5F44AFF1155F4B2040FC018322C1A
Authority key identifier: E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/1-pupK7IrTJ2ogq1KssF5kV1H1MU.roa
Signing time: Sun 19 Feb 2023 12:46:17 +0000
ROA not before: Sun 19 Feb 2023 12:46:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202940
IP address blocks: 89.208.56.0/21 maxlen: 21
89.208.0.0/21 maxlen: 21
89.208.4.0/22 maxlen: 24
188.191.224.0/21 maxlen: 21
188.191.224.0/24 maxlen: 24
188.191.225.0/24 maxlen: 24
188.191.226.0/24 maxlen: 24
188.191.228.0/24 maxlen: 24
188.191.229.0/24 maxlen: 24
188.191.227.0/24 maxlen: 24
188.191.230.0/24 maxlen: 24
185.175.34.0/23 maxlen: 23
185.175.32.0/22 maxlen: 22
185.175.32.0/23 maxlen: 23
89.208.128.0/21 maxlen: 21
185.184.246.0/23 maxlen: 23
89.208.135.0/24 maxlen: 24
185.184.244.0/23 maxlen: 23
185.184.244.0/22 maxlen: 22
89.208.134.0/23 maxlen: 24
185.149.253.0/24 maxlen: 24
185.149.252.0/22 maxlen: 22
185.149.252.0/24 maxlen: 24
185.149.254.0/24 maxlen: 24
185.149.255.0/24 maxlen: 24
185.180.102.0/24 maxlen: 24
185.180.103.0/24 maxlen: 24
185.180.100.0/22 maxlen: 24
185.180.100.0/24 maxlen: 24
185.167.110.0/24 maxlen: 24
185.167.108.0/23 maxlen: 23
185.167.108.0/24 maxlen: 24
185.167.108.0/22 maxlen: 22
185.167.109.0/24 maxlen: 24
185.167.111.0/24 maxlen: 24
147.236.176.0/20 maxlen: 20
147.234.23.0/24 maxlen: 24
217.175.92.0/22 maxlen: 22
217.175.95.0/24 maxlen: 24
185.182.77.0/24 maxlen: 24
185.182.78.0/24 maxlen: 24
185.182.76.0/22 maxlen: 22
185.182.76.0/24 maxlen: 24
217.175.82.0/24 maxlen: 24
217.175.80.0/20 maxlen: 20
217.175.80.0/22 maxlen: 22
217.175.80.0/24 maxlen: 24
217.175.84.0/22 maxlen: 22
217.175.88.0/22 maxlen: 22
147.236.116.0/22 maxlen: 24
147.236.120.0/21 maxlen: 21
147.236.144.0/22 maxlen: 24
147.236.144.0/21 maxlen: 21
147.236.144.0/20 maxlen: 20
147.236.148.0/22 maxlen: 22
141.226.121.0/24 maxlen: 24
141.226.120.0/22 maxlen: 23
147.236.152.0/23 maxlen: 23
147.236.152.0/22 maxlen: 22
147.236.152.0/21 maxlen: 21
147.236.154.0/23 maxlen: 23
147.236.156.0/24 maxlen: 24
147.236.156.0/22 maxlen: 24
147.236.157.0/24 maxlen: 24
185.182.79.0/24 maxlen: 24
185.108.82.0/24 maxlen: 24
185.108.80.0/24 maxlen: 24
185.108.80.0/22 maxlen: 23
185.108.83.0/24 maxlen: 24
147.236.104.0/21 maxlen: 21
2a00:7c40::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 28 Mar 2023 20:42:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:69:b5:f4:4a:ff:11:55:f4:b2:04:0f:c0:18:32:2c:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Validity
Not Before: Feb 19 12:46:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa9ba92bb22b4c9da882ad4ab2c179915d47d4c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3c:00:05:66:8d:98:e7:40:71:3b:5e:3f:46:
bb:c8:ab:49:e9:17:64:82:37:44:da:30:a6:45:ef:
4f:3a:0d:03:f8:97:1b:6f:8e:cd:ec:0c:ff:2f:3d:
ca:9d:56:3b:16:f3:a3:24:b3:e5:83:9f:f3:20:29:
cd:1a:3b:37:22:f2:a4:61:12:96:28:fc:3d:e8:c0:
25:e0:dd:16:70:02:24:25:3c:3c:0f:47:d8:35:3c:
97:a8:d6:b0:5f:27:18:29:46:42:fc:2f:5f:1f:35:
1c:1f:45:e7:e7:cd:41:fb:0b:fb:fc:20:6c:6c:14:
c9:2c:0f:a6:60:66:4d:58:d4:f3:ac:f1:3a:00:23:
17:23:a1:5a:f3:28:d3:56:10:76:d4:4e:04:e8:54:
81:65:70:ad:07:fa:64:ba:4d:f5:e5:04:56:36:e9:
46:98:9e:38:d0:d8:6c:24:4d:9d:3a:b0:19:82:3d:
a4:d7:d5:03:d9:58:ef:1b:44:a1:df:b4:39:7f:b1:
75:b8:1f:ad:c8:23:ff:e2:78:35:c3:08:69:76:91:
e8:b1:54:2d:cb:57:1f:45:0a:9c:db:05:b3:20:38:
ac:16:da:97:f5:3f:09:f3:a2:58:bc:e2:8b:f7:77:
04:ab:8a:5a:15:74:a0:24:05:30:a3:a2:ca:83:56:
87:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:9B:A9:2B:B2:2B:4C:9D:A8:82:AD:4A:B2:C1:79:91:5D:47:D4:C5
X509v3 Authority Key Identifier:
keyid:E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/1-pupK7IrTJ2ogq1KssF5kV1H1MU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/6KhR3a5aZMw4glOVvppQfalat88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.208.0.0/21
89.208.56.0/21
89.208.128.0/21
141.226.120.0/22
147.234.23.0/24
147.236.104.0/21
147.236.116.0-147.236.127.255
147.236.144.0/20
147.236.176.0/20
185.108.80.0/22
185.149.252.0/22
185.167.108.0/22
185.175.32.0/22
185.180.100.0/22
185.182.76.0/22
185.184.244.0/22
188.191.224.0/21
217.175.80.0/20
IPv6:
2a00:7c40::/32
Signature Algorithm: sha256WithRSAEncryption
2b:d9:36:52:0f:23:75:c4:35:50:aa:06:5c:ec:94:44:fe:19:
b8:5b:22:1c:fb:49:e1:a6:ea:a7:0e:17:f8:a9:bc:bb:7d:1b:
65:ce:08:f2:1d:1c:5b:28:5c:3d:38:2e:7a:d9:94:98:02:7b:
d8:16:cc:46:67:04:74:5b:be:1b:06:15:de:05:b3:b9:73:c9:
22:d7:d3:14:69:c3:70:24:70:00:0b:f8:69:a1:c5:9d:41:10:
d4:f2:eb:a2:bc:ef:4c:db:86:52:9a:d9:6d:db:26:aa:f0:52:
e1:aa:52:af:69:59:95:a0:f9:2e:88:6b:15:13:29:14:e7:de:
ef:f0:a6:02:7c:a5:11:55:aa:8d:51:64:29:02:24:17:50:8d:
99:f3:d8:58:04:f6:0a:65:77:61:a5:ad:82:40:b9:79:6d:8b:
b8:93:72:85:6b:c9:cd:48:19:d9:96:7d:97:9c:6c:0f:c9:92:
29:cd:44:00:a9:4e:40:92:04:64:82:79:94:dd:84:29:55:53:
0b:22:80:bd:ce:84:2c:f3:ca:6d:90:ad:72:39:d1:43:9d:12:
c4:cd:b0:c8:79:fa:22:16:0c:e9:c4:ee:56:1c:a8:9f:2a:ce:
a7:2a:14:36:4e:c3:25:14:d9:99:7d:07:75:3c:bf:ff:bb:69:
87:6a:d9:9a
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYZptfRK/xFV9LIED8AYMiwaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YTg1MWRkYWU1YTY0Y2MzODgyNTM5NWJlOWE1MDdkYTk1
YWI3Y2YwHhcNMjMwMjE5MTI0NjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTliYTkyYmIyMmI0YzlkYTg4MmFkNGFiMmMxNzk5MTVkNDdkNGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDwABWaNmOdAcTteP0a7yKtJ6Rdk
gjdE2jCmRe9POg0D+Jcbb47N7Az/Lz3KnVY7FvOjJLPlg5/zICnNGjs3IvKkYRKW
KPw96MAl4N0WcAIkJTw8D0fYNTyXqNawXycYKUZC/C9fHzUcH0Xn581B+wv7/CBs
bBTJLA+mYGZNWNTzrPE6ACMXI6Fa8yjTVhB21E4E6FSBZXCtB/pkuk315QRWNulG
mJ440NhsJE2dOrAZgj2k19UD2VjvG0Sh37Q5f7F1uB+tyCP/4ng1wwhpdpHosVQt
y1cfRQqc2wWzIDisFtqX9T8J86JYvOKL93cEq4paFXSgJAUwo6LKg1aHBwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFPqbqSuyK0ydqIKtSrLBeZFdR9TFMB8GA1UdIwQY
MBaAFOioUd2uWmTMOIJTlb6aUH2pWrfPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEt
MTEwYzg3OGRjZDI5LzEvMS1wdXBLN0lyVEoyb2dxMUtzc0Y1a1YxSDFNVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDgvMzYzOGQ3LTNlYzMtNDU5NS1hNjMxLTExMGM4NzhkY2Qy
OS8xLzZLaFIzYTVhWk13NGdsT1Z2cHBRZmFsYXQ4OC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBngYIKwYBBQUHAQcBAf8EgY4wgYswegQCAAEwdAMEA1nQ
AAMEA1nQOAMEA1nQgAMEAo3ieAMEAJPqFwMEA5PsaDAMAwQCk+x0AwQHk+wAAwQE
k+yQAwQEk+ywAwQCuWxQAwQCuZX8AwQCuadsAwQCua8gAwQCubRkAwQCubZMAwQC
ubj0AwQDvL/gAwQE2a9QMA0EAgACMAcDBQAqAHxAMA0GCSqGSIb3DQEBCwUAA4IB
AQAr2TZSDyN1xDVQqgZc7JRE/hm4WyIc+0nhpuqnDhf4qby7fRtlzgjyHRxbKFw9
OC562ZSYAnvYFsxGZwR0W74bBhXeBbO5c8ki19MUacNwJHAAC/hpocWdQRDU8uui
vO9M24ZSmtlt2yaq8FLhqlKvaVmVoPkuiGsVEykU597v8KYCfKURVaqNUWQpAiQX
UI2Z89hYBPYKZXdhpa2CQLl5bYu4k3KFa8nNSBnZln2XnGwPyZIpzUQAqU5AkgRk
gnmU3YQpVVMLIoC9zoQs88ptkK1yOdFDnRLEzbDIefoiFgzpxO5WHKifKs6nKhQ2
TsMlFNmZfQd1PL//u2mHatma
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:30 2024 by rpki-client on console-ams.rpki-client.org