Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/vSHx-c6cKIvuOEXf76VVcw65QA8.roa
File: vSHx-c6cKIvuOEXf76VVcw65QA8.roa (raw, json)
Hash identifier: Cocky56EJM7tt59suSMiTDH4KQxLGfWH43A9SuTXsgU=
Subject key identifier: BD:21:F1:F9:CE:9C:28:8B:EE:38:45:DF:EF:A5:55:73:0E:B9:40:0F
Certificate issuer: /CN=7fcad89df1bf99a36f290cc3ef0f1e7b4d027533
Certificate serial: 018F7676C54933CD8D3253ABC535F7CDBFA9
Authority key identifier: 7F:CA:D8:9D:F1:BF:99:A3:6F:29:0C:C3:EF:0F:1E:7B:4D:02:75:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f8rYnfG_maNvKQzD7w8ee00CdTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/vSHx-c6cKIvuOEXf76VVcw65QA8.roa
Signing time: Tue 14 May 2024 09:37:25 +0000
ROA not before: Tue 14 May 2024 09:37:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204601
IP address blocks: 5.8.248.0/24 maxlen: 24
45.81.224.0/22 maxlen: 22
45.82.68.0/22 maxlen: 22
45.82.176.0/22 maxlen: 22
45.87.0.0/22 maxlen: 22
45.136.84.0/24 maxlen: 24
45.136.85.0/24 maxlen: 24
45.136.86.0/24 maxlen: 24
45.136.87.0/24 maxlen: 24
45.137.64.0/22 maxlen: 22
46.18.107.0/24 maxlen: 24
46.21.250.0/24 maxlen: 24
77.220.212.0/22 maxlen: 22
77.220.212.0/24 maxlen: 24
77.220.213.0/24 maxlen: 24
77.220.214.0/24 maxlen: 24
77.220.215.0/24 maxlen: 24
81.31.197.0/24 maxlen: 24
91.201.25.0/24 maxlen: 24
91.208.127.0/24 maxlen: 24
91.209.226.0/24 maxlen: 24
91.228.56.0/24 maxlen: 24
94.124.78.0/24 maxlen: 24
178.159.38.0/24 maxlen: 24
178.159.39.0/24 maxlen: 24
178.159.42.0/24 maxlen: 24
178.159.43.0/24 maxlen: 24
185.23.108.0/24 maxlen: 24
185.51.121.0/24 maxlen: 24
185.51.246.0/24 maxlen: 24
185.51.247.0/24 maxlen: 24
185.93.6.0/24 maxlen: 24
185.107.237.0/24 maxlen: 24
185.201.252.0/24 maxlen: 24
185.204.109.0/24 maxlen: 24
185.229.251.0/24 maxlen: 24
185.232.164.0/24 maxlen: 24
185.235.128.0/24 maxlen: 24
185.235.129.0/24 maxlen: 24
185.235.130.0/24 maxlen: 24
185.235.131.0/24 maxlen: 24
185.241.52.0/24 maxlen: 24
185.241.53.0/24 maxlen: 24
185.241.54.0/24 maxlen: 24
185.241.55.0/24 maxlen: 24
185.244.216.0/22 maxlen: 22
185.244.216.0/24 maxlen: 24
185.244.217.0/24 maxlen: 24
185.244.218.0/24 maxlen: 24
185.244.219.0/24 maxlen: 24
185.250.204.0/24 maxlen: 24
185.250.205.0/24 maxlen: 24
185.250.206.0/24 maxlen: 24
185.250.207.0/24 maxlen: 24
193.22.21.0/24 maxlen: 24
193.56.8.0/24 maxlen: 24
193.163.7.0/24 maxlen: 24
193.163.113.0/24 maxlen: 24
194.29.53.0/24 maxlen: 24
212.8.244.0/24 maxlen: 24
212.8.246.0/24 maxlen: 24
212.23.221.0/24 maxlen: 24
212.86.101.0/24 maxlen: 24
212.86.102.0/24 maxlen: 24
212.86.108.0/24 maxlen: 24
212.86.109.0/24 maxlen: 24
212.86.114.0/24 maxlen: 24
212.86.115.0/24 maxlen: 24
212.162.152.0/22 maxlen: 24
213.166.68.0/24 maxlen: 24
213.166.69.0/24 maxlen: 24
213.166.70.0/24 maxlen: 24
213.166.71.0/24 maxlen: 24
2a07:5980::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 15 May 2024 12:41:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:76:76:c5:49:33:cd:8d:32:53:ab:c5:35:f7:cd:bf:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fcad89df1bf99a36f290cc3ef0f1e7b4d027533
Validity
Not Before: May 14 09:37:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd21f1f9ce9c288bee3845dfefa555730eb9400f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f4:fa:f9:a9:ba:ea:35:33:19:b8:2e:24:e4:
d2:62:ad:ff:d4:9f:2c:44:c1:d6:69:07:5c:d4:63:
0a:e4:7e:e4:84:af:f4:82:0b:95:5c:d8:c7:14:02:
56:80:a2:96:0a:6a:a4:93:99:17:54:0f:ff:7d:44:
93:18:bb:99:20:da:78:16:7a:cb:e4:78:ec:33:6d:
72:ce:01:eb:55:70:db:62:51:82:a8:55:18:9e:23:
a0:57:3c:e7:34:00:48:f9:61:3f:2f:fd:ff:6f:91:
2b:b0:c2:5d:bc:f4:da:8c:1c:a6:c5:1f:fe:04:e3:
1f:02:ea:fb:81:68:23:be:71:5b:85:cd:ee:4b:28:
62:09:70:6a:3d:48:87:f6:3b:52:c6:d2:3f:80:d3:
05:23:ee:da:bf:26:31:c9:67:8f:05:32:93:4a:71:
6a:6b:44:97:72:86:0c:64:bc:87:fd:f2:ef:40:08:
d6:e3:51:87:e0:a1:51:34:f4:29:57:76:8c:6b:4a:
2b:ac:4d:7c:f4:71:1c:7e:c9:66:42:69:27:bd:bf:
8e:9e:f3:e0:8e:fc:bf:ff:d5:a7:df:90:c0:8c:7c:
3b:09:ef:4b:ca:b8:6a:ff:60:95:2e:e8:95:13:34:
85:03:72:26:a2:b9:4c:b2:8e:e9:92:57:bb:87:b0:
5f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:21:F1:F9:CE:9C:28:8B:EE:38:45:DF:EF:A5:55:73:0E:B9:40:0F
X509v3 Authority Key Identifier:
keyid:7F:CA:D8:9D:F1:BF:99:A3:6F:29:0C:C3:EF:0F:1E:7B:4D:02:75:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8rYnfG_maNvKQzD7w8ee00CdTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/vSHx-c6cKIvuOEXf76VVcw65QA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/f8rYnfG_maNvKQzD7w8ee00CdTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.248.0/24
45.81.224.0/22
45.82.68.0/22
45.82.176.0/22
45.87.0.0/22
45.136.84.0/22
45.137.64.0/22
46.18.107.0/24
46.21.250.0/24
77.220.212.0/22
81.31.197.0/24
91.201.25.0/24
91.208.127.0/24
91.209.226.0/24
91.228.56.0/24
94.124.78.0/24
178.159.38.0/23
178.159.42.0/23
185.23.108.0/24
185.51.121.0/24
185.51.246.0/23
185.93.6.0/24
185.107.237.0/24
185.201.252.0/24
185.204.109.0/24
185.229.251.0/24
185.232.164.0/24
185.235.128.0/22
185.241.52.0/22
185.244.216.0/22
185.250.204.0/22
193.22.21.0/24
193.56.8.0/24
193.163.7.0/24
193.163.113.0/24
194.29.53.0/24
212.8.244.0/24
212.8.246.0/24
212.23.221.0/24
212.86.101.0-212.86.102.255
212.86.108.0/23
212.86.114.0/23
212.162.152.0/22
213.166.68.0/22
IPv6:
2a07:5980::/29
Signature Algorithm: sha256WithRSAEncryption
19:f8:4f:b3:35:eb:4b:5d:e1:0d:94:49:64:94:b3:3f:1c:75:
1d:36:0f:15:19:54:47:b1:31:59:de:f0:33:fb:55:89:fe:e9:
00:bb:50:e9:88:97:53:47:cf:fc:2f:44:c5:e1:e3:85:97:8a:
29:74:23:6b:b8:0d:11:39:60:01:36:a5:3b:bf:e9:27:a9:b3:
8f:d4:27:d4:32:7f:b2:56:a8:59:51:79:58:2a:fc:85:9c:d7:
18:f8:98:57:8e:59:76:f9:53:71:ce:b2:f0:60:ea:45:d1:bf:
6d:6c:5c:ad:a6:b2:60:e7:ce:01:09:06:d8:28:cb:a9:e5:5f:
65:8e:f0:a0:05:f3:18:9e:3c:17:62:18:75:e6:8a:36:8a:c8:
bd:23:ca:66:d6:da:64:dc:4e:16:39:8b:24:f3:4e:fd:14:f4:
09:1e:e8:97:63:58:9f:fa:99:2f:db:45:e4:5f:63:35:91:d6:
e7:0e:d7:83:af:3b:97:03:d5:d8:48:09:71:c9:73:37:6d:b0:
2c:43:32:76:f5:5c:9d:0b:0e:d9:c0:97:55:98:a7:8f:cf:1c:
9b:bb:62:5e:28:bb:ac:65:b5:59:d8:d1:17:c9:56:2a:64:4b:
e0:d4:eb:2d:5b:90:72:bc:f7:9d:ee:59:ce:83:ef:55:4c:15:
2a:56:43:07
-----BEGIN CERTIFICATE-----
MIIGIDCCBQigAwIBAgISAY92dsVJM82NMlOrxTX3zb+pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmY2FkODlkZjFiZjk5YTM2ZjI5MGNjM2VmMGYxZTdiNGQw
Mjc1MzMwHhcNMjQwNTE0MDkzNzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDIxZjFmOWNlOWMyODhiZWUzODQ1ZGZlZmE1NTU3MzBlYjk0MDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPT6+am66jUzGbguJOTSYq3/1J8s
RMHWaQdc1GMK5H7khK/0gguVXNjHFAJWgKKWCmqkk5kXVA//fUSTGLuZINp4FnrL
5HjsM21yzgHrVXDbYlGCqFUYniOgVzznNABI+WE/L/3/b5ErsMJdvPTajBymxR/+
BOMfAur7gWgjvnFbhc3uSyhiCXBqPUiH9jtSxtI/gNMFI+7avyYxyWePBTKTSnFq
a0SXcoYMZLyH/fLvQAjW41GH4KFRNPQpV3aMa0orrE189HEcfslmQmknvb+OnvPg
jvy//9Wn35DAjHw7Ce9Lyrhq/2CVLuiVEzSFA3ImorlMso7pkle7h7BfDwIDAQAB
o4IDLDCCAygwHQYDVR0OBBYEFL0h8fnOnCiL7jhF3++lVXMOuUAPMB8GA1UdIwQY
MBaAFH/K2J3xv5mjbykMw+8PHntNAnUzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjhyWW5mR19tYU52S1F6RDd3OGVlMDBDZFRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85ZjhiMTYtMjg0Zi00NTEyLWIzZGMt
MDE1ZDlmMWI0YjUwLzEvdlNIeC1jNmNLSXZ1T0VYZjc2VlZjdzY1UUE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85ZjhiMTYtMjg0Zi00NTEyLWIzZGMtMDE1ZDlmMWI0YjUw
LzEvZjhyWW5mR19tYU52S1F6RDd3OGVlMDBDZFRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQAYIKwYBBQUHAQcBAf8EggEvMIIBKzCCARgEAgABMIIB
EAMEAAUI+AMEAi1R4AMEAi1SRAMEAi1SsAMEAi1XAAMEAi2IVAMEAi2JQAMEAC4S
awMEAC4V+gMEAk3c1AMEAFEfxQMEAFvJGQMEAFvQfwMEAFvR4gMEAFvkOAMEAF58
TgMEAbKfJgMEAbKfKgMEALkXbAMEALkzeQMEAbkz9gMEALldBgMEALlr7QMEALnJ
/AMEALnMbQMEALnl+wMEALnopAMEArnrgAMEArnxNAMEArn02AMEArn6zAMEAMEW
FQMEAME4CAMEAMGjBwMEAMGjcQMEAMIdNQMEANQI9AMEANQI9gMEANQX3TAMAwQA
1FZlAwQA1FZmAwQB1FZsAwQB1FZyAwQC1KKYAwQC1aZEMA0EAgACMAcDBQMqB1mA
MA0GCSqGSIb3DQEBCwUAA4IBAQAZ+E+zNetLXeENlElklLM/HHUdNg8VGVRHsTFZ
3vAz+1WJ/ukAu1DpiJdTR8/8L0TF4eOFl4opdCNruA0ROWABNqU7v+knqbOP1CfU
Mn+yVqhZUXlYKvyFnNcY+JhXjll2+VNxzrLwYOpF0b9tbFytprJg584BCQbYKMup
5V9ljvCgBfMYnjwXYhh15oo2isi9I8pm1tpk3E4WOYsk8079FPQJHuiXY1if+pkv
20XkX2M1kdbnDteDrzuXA9XYSAlxyXM3bbAsQzJ29VydCw7ZwJdVmKePzxybu2Je
KLusZbVZ2NEXyVYqZEvg1OstW5ByvPed7lnOg+9VTBUqVkMH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:12 2024 by rpki-client on console-fra.rpki-client.org