Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/8xQkfJXwVKubbkuKatkeXMMuW7g.roa
File: 8xQkfJXwVKubbkuKatkeXMMuW7g.roa (raw, json)
Hash identifier: vDPMX8WRYmprWYkpE+3BxCCKUk8ywXi5/pWToppxlhY=
Subject key identifier: F3:14:24:7C:95:F0:54:AB:9B:6E:4B:8A:6A:D9:1E:5C:C3:2E:5B:B8
Certificate issuer: /CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Certificate serial: 018CC80184A67708E7B0CABA553DCA82082A
Authority key identifier: B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/8xQkfJXwVKubbkuKatkeXMMuW7g.roa
Signing time: Tue 02 Jan 2024 02:29:51 +0000
ROA not before: Tue 02 Jan 2024 02:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34636
IP address blocks: 185.237.11.0/24 maxlen: 24
185.237.9.0/24 maxlen: 24
185.237.10.0/24 maxlen: 24
185.237.8.0/24 maxlen: 24
185.237.8.0/22 maxlen: 22
185.189.122.0/23 maxlen: 23
185.189.122.0/24 maxlen: 24
185.189.123.0/24 maxlen: 24
185.189.120.0/24 maxlen: 24
185.189.120.0/22 maxlen: 22
185.189.120.0/23 maxlen: 23
185.189.121.0/24 maxlen: 24
185.132.80.0/24 maxlen: 24
185.132.80.0/23 maxlen: 23
185.132.80.0/22 maxlen: 22
185.132.82.0/23 maxlen: 23
185.132.83.0/24 maxlen: 24
185.67.102.0/24 maxlen: 24
185.67.103.0/24 maxlen: 24
185.67.100.0/22 maxlen: 22
185.67.100.0/24 maxlen: 24
185.67.101.0/24 maxlen: 24
185.233.14.0/24 maxlen: 24
185.233.15.0/24 maxlen: 24
185.233.12.0/22 maxlen: 22
185.233.12.0/24 maxlen: 24
185.233.13.0/24 maxlen: 24
88.135.41.0/24 maxlen: 24
88.135.42.0/23 maxlen: 23
88.135.42.0/24 maxlen: 24
88.135.40.0/22 maxlen: 22
88.135.40.0/24 maxlen: 24
88.135.40.0/23 maxlen: 23
88.135.43.0/24 maxlen: 24
88.135.44.0/24 maxlen: 24
88.135.46.0/24 maxlen: 24
88.135.47.0/24 maxlen: 24
2a04:f080::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 19 Feb 2024 18:28:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:84:a6:77:08:e7:b0:ca:ba:55:3d:ca:82:08:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Validity
Not Before: Jan 2 02:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f314247c95f054ab9b6e4b8a6ad91e5cc32e5bb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c3:c4:d7:7f:b5:06:8e:88:81:a6:ee:be:a7:
29:64:e8:6e:04:1b:d8:76:a5:22:11:78:a1:fb:19:
54:b6:26:bf:f7:a9:17:dd:dc:91:71:3b:e7:40:06:
2c:6e:40:7d:77:93:ac:96:47:bc:db:81:fb:37:0a:
bd:4c:14:31:ac:cc:77:1c:5a:95:71:ba:7c:6c:56:
36:dd:7e:ef:9f:fa:d7:85:f4:92:83:89:0d:37:b1:
f6:d3:98:32:a7:c8:d8:7a:8b:92:a4:30:08:5a:41:
8f:05:51:6f:43:24:63:54:a8:fa:19:8d:4a:87:c8:
6e:ec:f4:fc:9f:9c:64:97:82:9a:96:a9:aa:77:99:
e3:19:28:63:2e:8e:8c:2c:77:ca:4d:46:b0:c6:03:
8c:56:91:57:87:bd:c3:27:e8:fa:3d:59:8d:b0:80:
92:82:3e:12:7b:14:83:9a:55:61:81:18:f9:54:fb:
f5:b4:86:45:68:f9:11:e5:8e:cb:b3:2f:ed:97:eb:
9f:5f:6a:c5:87:7e:ba:02:bc:b8:1d:29:8a:4d:bb:
cb:78:20:c0:91:27:4b:73:f0:f7:0f:fb:9e:1d:a9:
91:fd:82:78:55:f4:4a:8e:fa:15:ae:34:4b:c4:1d:
03:34:ec:4c:f1:a1:58:fb:aa:59:77:5c:1e:79:3e:
f1:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:14:24:7C:95:F0:54:AB:9B:6E:4B:8A:6A:D9:1E:5C:C3:2E:5B:B8
X509v3 Authority Key Identifier:
keyid:B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/8xQkfJXwVKubbkuKatkeXMMuW7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/ttFBGNvSJymNqoDHrKsR7qbWPiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.40.0-88.135.44.255
88.135.46.0/23
185.67.100.0/22
185.132.80.0/22
185.189.120.0/22
185.233.12.0/22
185.237.8.0/22
IPv6:
2a04:f080::/29
Signature Algorithm: sha256WithRSAEncryption
36:1a:42:a8:f8:4b:46:3e:04:e9:e0:c0:2c:b0:9a:49:a5:6d:
d2:49:d8:15:da:ca:4f:99:8a:98:38:d5:d3:e3:28:a3:c2:f6:
41:98:67:31:35:3d:51:ec:34:37:22:d1:38:8b:98:45:10:bf:
b8:b4:70:06:b7:79:f1:10:d2:ef:98:b9:bd:72:70:7f:9c:46:
76:96:fd:ac:b0:7a:87:dc:37:38:48:12:e5:8e:13:75:92:3e:
18:00:15:94:86:0b:d3:4f:99:1e:6a:b2:c1:e0:cf:1a:de:76:
4b:8a:8a:64:b6:66:10:25:62:bc:27:5c:29:73:ee:f1:67:90:
e2:6e:74:2a:4e:2d:41:9d:7d:77:2c:02:0a:fc:ae:e0:69:0c:
aa:fb:a3:98:61:13:90:1e:ac:96:00:eb:ac:c7:27:46:ea:51:
0c:42:0b:f4:fb:0c:5c:b1:c9:11:69:c5:46:ae:f7:c9:b8:59:
58:ae:e1:7f:ee:7d:53:6a:5f:af:66:44:2c:15:ca:62:5b:12:
ff:85:1e:ba:72:4e:54:6a:cb:8b:86:c7:bd:55:eb:6c:e1:be:
b8:03:f7:6b:54:ee:07:ff:a1:18:89:ef:78:9a:dc:65:a7:01:
2a:36:38:84:c1:03:09:82:96:ad:59:c0:6b:d8:19:4a:7a:40:
50:07:b3:24
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYzIAYSmdwjnsMq6VT3KgggqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZDE0MTE4ZGJkMjI3Mjk4ZGFhODBjN2FjYWIxMWVlYTZk
NjNlMjEwHhcNMjQwMTAyMDIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzE0MjQ3Yzk1ZjA1NGFiOWI2ZTRiOGE2YWQ5MWU1Y2MzMmU1YmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8PE13+1Bo6IgabuvqcpZOhuBBvY
dqUiEXih+xlUtia/96kX3dyRcTvnQAYsbkB9d5Oslke824H7Nwq9TBQxrMx3HFqV
cbp8bFY23X7vn/rXhfSSg4kNN7H205gyp8jYeouSpDAIWkGPBVFvQyRjVKj6GY1K
h8hu7PT8n5xkl4Kalqmqd5njGShjLo6MLHfKTUawxgOMVpFXh73DJ+j6PVmNsICS
gj4SexSDmlVhgRj5VPv1tIZFaPkR5Y7Lsy/tl+ufX2rFh366Ary4HSmKTbvLeCDA
kSdLc/D3D/ueHamR/YJ4VfRKjvoVrjRLxB0DNOxM8aFY+6pZd1weeT7xnQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFPMUJHyV8FSrm25LimrZHlzDLlu4MB8GA1UdIwQY
MBaAFLbRQRjb0icpjaqAx6yrEe6m1j4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMt
MGUzN2UxMWQwZWMzLzEvOHhRa2ZKWHdWS3ViYmt1S2F0a2VYTU11VzdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMtMGUzN2UxMWQwZWMz
LzEvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyMAwDBANYhygD
BABYhywDBAFYhy4DBAK5Q2QDBAK5hFADBAK5vXgDBAK56QwDBAK57QgwDQQCAAIw
BwMFAyoE8IAwDQYJKoZIhvcNAQELBQADggEBADYaQqj4S0Y+BOngwCywmkmlbdJJ
2BXayk+Zipg41dPjKKPC9kGYZzE1PVHsNDci0TiLmEUQv7i0cAa3efEQ0u+Yub1y
cH+cRnaW/ayweofcNzhIEuWOE3WSPhgAFZSGC9NPmR5qssHgzxredkuKimS2ZhAl
YrwnXClz7vFnkOJudCpOLUGdfXcsAgr8ruBpDKr7o5hhE5AerJYA66zHJ0bqUQxC
C/T7DFyxyRFpxUau98m4WViu4X/ufVNqX69mRCwVymJbEv+FHrpyTlRqy4uGx71V
62zhvrgD92tU7gf/oRiJ73ia3GWnASo2OITBAwmClq1ZwGvYGUp6QFAHsyQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:53 2025 by rpki-client