Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/s8VXtFvFzYDluPXaePlsaHmtiNE.roa
File: s8VXtFvFzYDluPXaePlsaHmtiNE.roa (raw, json)
Hash identifier: NyMACh3Q/Du7OI5gKZgxNa4WBhCbxwLPbwEs4Bzg1vw=
Subject key identifier: B3:C5:57:B4:5B:C5:CD:80:E5:B8:F5:DA:78:F9:6C:68:79:AD:88:D1
Certificate issuer: /CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Certificate serial: 0186E4961DEEF5695F3067279A2810B91882
Authority key identifier: 5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/s8VXtFvFzYDluPXaePlsaHmtiNE.roa
Signing time: Wed 15 Mar 2023 09:24:48 +0000
ROA not before: Wed 15 Mar 2023 09:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34244
IP address blocks: 94.46.136.0/22 maxlen: 22
178.236.65.48/29 maxlen: 29
178.255.112.0/22 maxlen: 22
178.236.73.112/29 maxlen: 29
178.236.73.176/29 maxlen: 29
193.221.219.0/24 maxlen: 24
178.236.72.28/30 maxlen: 30
193.221.120.0/24 maxlen: 24
193.221.123.0/24 maxlen: 24
178.236.72.48/28 maxlen: 28
178.236.72.88/29 maxlen: 29
178.236.74.88/29 maxlen: 29
185.121.44.0/22 maxlen: 22
45.93.232.0/22 maxlen: 22
128.127.184.0/21 maxlen: 21
94.46.240.0/22 maxlen: 22
81.92.220.0/22 maxlen: 22
178.236.73.160/29 maxlen: 29
178.236.73.224/29 maxlen: 29
185.247.236.0/22 maxlen: 22
92.39.32.0/20 maxlen: 20
31.170.28.0/22 maxlen: 22
31.170.26.0/23 maxlen: 23
81.92.196.0/22 maxlen: 22
45.8.152.0/22 maxlen: 22
155.137.24.0/21 maxlen: 21
178.236.73.200/29 maxlen: 29
193.221.93.0/24 maxlen: 24
37.221.104.0/22 maxlen: 22
185.197.224.0/22 maxlen: 22
188.66.48.0/22 maxlen: 22
45.152.172.0/22 maxlen: 22
178.236.73.80/29 maxlen: 29
141.98.236.0/22 maxlen: 22
185.186.32.0/22 maxlen: 22
185.176.28.0/22 maxlen: 22
185.216.152.0/22 maxlen: 22
5.180.0.0/22 maxlen: 22
185.223.236.0/22 maxlen: 22
185.240.208.0/22 maxlen: 22
31.170.24.0/21 maxlen: 21
195.210.52.0/23 maxlen: 23
178.236.73.128/29 maxlen: 29
45.131.188.0/22 maxlen: 22
85.30.128.0/18 maxlen: 18
185.4.8.0/22 maxlen: 22
178.236.64.0/20 maxlen: 20
45.14.4.0/22 maxlen: 22
2a02:80::/32 maxlen: 32
2a02:80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 15 Mar 2023 13:22:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e4:96:1d:ee:f5:69:5f:30:67:27:9a:28:10:b9:18:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Validity
Not Before: Mar 15 09:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3c557b45bc5cd80e5b8f5da78f96c6879ad88d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b4:72:37:76:73:77:36:7e:56:e0:91:81:32:
91:87:ae:24:1c:e6:8e:9f:1f:b3:6d:85:ee:1e:b5:
3a:46:1d:07:5b:b8:3c:f2:95:12:b2:4b:06:a4:75:
c6:be:39:71:ea:f1:01:79:1b:4d:ee:21:53:d8:6b:
f2:12:f7:fb:ed:42:7f:fa:37:6a:3c:e9:ee:30:35:
9a:b9:10:44:3c:9b:dc:2d:db:44:e7:22:ec:59:59:
b2:20:e7:2c:27:76:22:5e:3c:c7:f5:75:66:0f:9a:
dd:95:f9:3a:a3:fa:a8:97:5e:4b:bb:55:43:12:23:
be:5c:af:13:7b:b5:78:d4:11:a7:d7:13:05:e7:37:
d5:f2:ae:0a:b8:e3:18:2f:aa:4a:80:fb:32:23:ca:
6e:ab:f3:8a:f8:6b:bc:30:a7:87:24:1d:ed:bb:20:
09:2f:7f:6e:8c:bc:3a:0d:c4:7b:1a:de:2c:61:10:
d2:bd:5e:ad:ba:b4:a2:49:98:74:33:05:a2:ff:df:
01:21:42:d5:9d:fe:a5:d0:d6:16:dd:eb:5a:ea:c4:
84:71:f0:09:a1:ae:90:ed:18:8d:04:66:3c:96:20:
fd:f4:2c:48:e9:30:28:5a:32:cb:28:16:03:ad:21:
0f:55:62:0d:ed:8c:c5:f2:7e:69:4d:cf:d7:10:2e:
4f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C5:57:B4:5B:C5:CD:80:E5:B8:F5:DA:78:F9:6C:68:79:AD:88:D1
X509v3 Authority Key Identifier:
keyid:5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/s8VXtFvFzYDluPXaePlsaHmtiNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/Xx-gbV262kPeRPTksdyUkrsofJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.0.0/22
31.170.24.0/21
37.221.104.0/22
45.8.152.0/22
45.14.4.0/22
45.93.232.0/22
45.131.188.0/22
45.152.172.0/22
81.92.196.0/22
81.92.220.0/22
85.30.128.0/18
92.39.32.0/20
94.46.136.0/22
94.46.240.0/22
128.127.184.0/21
141.98.236.0/22
155.137.24.0/21
178.236.64.0/20
178.255.112.0/22
185.4.8.0/22
185.121.44.0/22
185.176.28.0/22
185.186.32.0/22
185.197.224.0/22
185.216.152.0/22
185.223.236.0/22
185.240.208.0/22
185.247.236.0/22
188.66.48.0/22
193.221.93.0/24
193.221.120.0/24
193.221.123.0/24
193.221.219.0/24
195.210.52.0/23
IPv6:
2a02:80::/29
Signature Algorithm: sha256WithRSAEncryption
a7:8e:fe:5c:33:2f:f7:f4:ff:e4:20:f9:08:38:08:34:da:4a:
15:0e:83:42:e2:ea:fe:da:83:0a:46:d1:0a:fc:06:6a:27:75:
ee:b1:e1:cc:55:21:c2:4a:1b:0e:e6:fb:0f:74:e0:01:1d:56:
72:c8:5d:51:8a:58:86:2a:8e:d8:d0:97:cb:fe:0f:5e:07:a8:
48:fd:9f:d4:e4:7e:e1:98:b3:e5:b4:0b:66:0e:8f:2f:c6:68:
d4:c8:32:0b:4f:4c:29:9e:c8:ee:67:2e:b3:ce:09:97:d5:a3:
9d:a1:46:de:88:e4:e6:bf:04:60:08:43:a3:09:8d:21:82:82:
19:07:5e:f2:36:36:cf:90:d4:39:1f:f3:f6:1b:63:d8:f2:bf:
41:b2:f5:8f:fb:ca:5c:65:14:b8:75:d5:a6:35:dc:6e:59:46:
0f:b6:e8:cf:17:65:2d:47:15:d1:70:8f:3a:20:9e:5d:62:51:
4f:a0:5d:3b:25:bd:d4:e2:bc:30:60:42:28:b8:48:72:91:75:
6b:d9:83:3e:23:74:4b:47:b8:3f:61:e8:7f:50:41:12:28:78:
6e:5f:d0:67:86:61:aa:05:7b:22:90:3c:11:e0:0a:f6:9b:9e:
4d:f9:c0:4a:ed:5e:92:cc:12:2a:fe:9f:6d:b7:ad:b1:5e:03:
78:21:e3:17
-----BEGIN CERTIFICATE-----
MIIF1zCCBL+gAwIBAgISAYbklh3u9WlfMGcnmigQuRiCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWZhMDZkNWRiYWRhNDNkZTQ0ZjRlNGIxZGM5NDkyYmIy
ODdjOWQwHhcNMjMwMzE1MDkyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2M1NTdiNDViYzVjZDgwZTViOGY1ZGE3OGY5NmM2ODc5YWQ4OGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7RyN3ZzdzZ+VuCRgTKRh64kHOaO
nx+zbYXuHrU6Rh0HW7g88pUSsksGpHXGvjlx6vEBeRtN7iFT2GvyEvf77UJ/+jdq
POnuMDWauRBEPJvcLdtE5yLsWVmyIOcsJ3YiXjzH9XVmD5rdlfk6o/qol15Lu1VD
EiO+XK8Te7V41BGn1xMF5zfV8q4KuOMYL6pKgPsyI8puq/OK+Gu8MKeHJB3tuyAJ
L39ujLw6DcR7Gt4sYRDSvV6turSiSZh0MwWi/98BIULVnf6l0NYW3eta6sSEcfAJ
oa6Q7RiNBGY8liD99CxI6TAoWjLLKBYDrSEPVWIN7YzF8n5pTc/XEC5PPwIDAQAB
o4IC4zCCAt8wHQYDVR0OBBYEFLPFV7Rbxc2A5bj12nj5bGh5rYjRMB8GA1UdIwQY
MBaAFF8foG1dutpD3kT05LHclJK7KHydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHgtZ2JWMjYya1BlUlBUa3NkeVVrcnNvZkowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84NDdkMTctYmE3Yy00ZWFlLTlkNTUt
MjU4NDZkNTlmZDYwLzEvczhWWHRGdkZ6WURsdVBYYWVQbHNhSG10aU5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84NDdkMTctYmE3Yy00ZWFlLTlkNTUtMjU4NDZkNTlmZDYw
LzEvWHgtZ2JWMjYya1BlUlBUa3NkeVVrcnNvZkowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH4BggrBgEFBQcBBwEB/wSB6DCB5TCB0wQCAAEwgcwDBAIF
tAADBAMfqhgDBAIl3WgDBAItCJgDBAItDgQDBAItXegDBAItg7wDBAItmKwDBAJR
XMQDBAJRXNwDBAZVHoADBARcJyADBAJeLogDBAJeLvADBAOAf7gDBAKNYuwDBAOb
iRgDBASy7EADBAKy/3ADBAK5BAgDBAK5eSwDBAK5sBwDBAK5uiADBAK5xeADBAK5
2JgDBAK53+wDBAK58NADBAK59+wDBAK8QjADBADB3V0DBADB3XgDBADB3XsDBADB
3dsDBAHD0jQwDQQCAAIwBwMFAyoCAIAwDQYJKoZIhvcNAQELBQADggEBAKeO/lwz
L/f0/+Qg+Qg4CDTaShUOg0Li6v7agwpG0Qr8Bmonde6x4cxVIcJKGw7m+w904AEd
VnLIXVGKWIYqjtjQl8v+D14HqEj9n9TkfuGYs+W0C2YOjy/GaNTIMgtPTCmeyO5n
LrPOCZfVo52hRt6I5Oa/BGAIQ6MJjSGCghkHXvI2Ns+Q1Dkf8/YbY9jyv0Gy9Y/7
ylxlFLh11aY13G5ZRg+26M8XZS1HFdFwjzognl1iUU+gXTslvdTivDBgQii4SHKR
dWvZgz4jdEtHuD9h6H9QQRIoeG5f0GeGYaoFeyKQPBHgCvabnk35wErtXpLMEir+
n223rbFeA3gh4xc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:05 2024 by rpki-client on console-ams.rpki-client.org