Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/0IkZee7AT7JiD3ySYbR58EOOYEU.roa
File: 0IkZee7AT7JiD3ySYbR58EOOYEU.roa (raw, json)
Hash identifier: JqgAvbFTjpVUY3uQ1HL5WFG4OMBGVhF0SG+k4cuMYzg=
Subject key identifier: D0:89:19:79:EE:C0:4F:B2:62:0F:7C:92:61:B4:79:F0:43:8E:60:45
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 01856F94CAFE89A813FAE44DA8A936D41A87
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/0IkZee7AT7JiD3ySYbR58EOOYEU.roa
Signing time: Sun 01 Jan 2023 23:05:00 +0000
ROA not before: Sun 01 Jan 2023 23:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206065
IP address blocks: 185.21.76.0/22 maxlen: 24
217.66.211.0/24 maxlen: 24
217.66.208.0/24 maxlen: 24
185.70.60.0/22 maxlen: 24
79.132.217.0/24 maxlen: 24
79.132.219.0/24 maxlen: 24
188.75.92.0/24 maxlen: 24
188.75.94.0/24 maxlen: 24
188.75.102.0/23 maxlen: 23
188.75.107.0/24 maxlen: 24
188.75.110.0/23 maxlen: 23
81.29.243.0/24 maxlen: 24
81.29.248.0/21 maxlen: 24
86.109.32.0/23 maxlen: 23
81.29.250.0/24 maxlen: 24
81.29.250.0/23 maxlen: 23
81.29.251.0/24 maxlen: 24
81.29.254.0/24 maxlen: 24
188.75.122.0/23 maxlen: 23
86.109.41.0/24 maxlen: 24
185.142.233.0/24 maxlen: 24
86.109.56.0/23 maxlen: 23
79.132.213.0/24 maxlen: 24
185.142.234.0/23 maxlen: 24
46.32.9.0/24 maxlen: 24
46.32.5.0/24 maxlen: 24
46.32.14.0/24 maxlen: 24
87.247.180.0/23 maxlen: 24
176.221.65.0/24 maxlen: 24
80.71.113.0/24 maxlen: 24
80.71.124.0/23 maxlen: 23
80.71.122.0/23 maxlen: 23
80.71.127.0/24 maxlen: 24
185.12.62.0/24 maxlen: 24
188.136.220.0/23 maxlen: 23
37.114.252.0/24 maxlen: 24
37.114.248.0/21 maxlen: 24
37.114.253.0/24 maxlen: 24
37.114.254.0/24 maxlen: 24
185.104.228.0/24 maxlen: 24
37.114.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 15 Jan 2023 09:47:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:ca:fe:89:a8:13:fa:e4:4d:a8:a9:36:d4:1a:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Jan 1 23:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0891979eec04fb2620f7c9261b479f0438e6045
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e5:63:c6:d7:c2:ea:c4:02:f5:9f:3f:9a:7e:
e4:49:ee:d5:83:22:cc:4e:58:b3:d4:a5:72:b0:0e:
a7:df:39:12:55:ad:f6:55:d1:55:36:42:b1:e4:58:
58:5b:f2:9f:6c:67:6c:07:c2:6e:cc:eb:25:b2:b0:
08:e9:4a:be:b1:31:c9:46:8d:01:17:95:7d:f1:96:
e4:07:e9:6b:79:66:01:27:90:6a:9d:41:f2:ec:d4:
b2:a5:17:51:2e:75:01:93:ae:7d:f4:16:52:92:96:
91:6a:02:68:f0:66:bf:a3:7f:30:58:6f:40:f8:7e:
d3:ef:d8:92:93:67:3a:d8:7b:d8:c4:8e:6f:fb:9a:
73:e4:4b:27:8d:7f:02:0d:a6:6a:2e:29:a4:a2:d7:
66:9d:a0:71:ac:2d:64:86:18:8b:4c:88:e7:fc:d0:
39:33:a7:eb:12:7d:7f:e8:6d:43:b8:b9:f5:51:84:
ee:71:2d:a3:80:77:fb:30:2c:66:82:5a:70:d1:51:
78:f4:0e:b3:da:e1:bb:d2:d9:98:96:26:52:9e:fc:
53:64:ab:1e:b1:2f:3c:04:b3:9a:62:3f:79:84:3e:
89:6e:0e:a9:35:27:0a:48:9a:28:94:84:ff:dd:2c:
32:33:24:c4:70:d4:61:e2:77:ee:db:37:63:5e:7c:
73:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:89:19:79:EE:C0:4F:B2:62:0F:7C:92:61:B4:79:F0:43:8E:60:45
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/0IkZee7AT7JiD3ySYbR58EOOYEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.248.0/21
46.32.5.0/24
46.32.9.0/24
46.32.14.0/24
79.132.213.0/24
79.132.217.0/24
79.132.219.0/24
80.71.113.0/24
80.71.122.0-80.71.125.255
80.71.127.0/24
81.29.243.0/24
81.29.248.0/21
86.109.32.0/23
86.109.41.0/24
86.109.56.0/23
87.247.180.0/23
176.221.65.0/24
185.12.62.0/24
185.21.76.0/22
185.70.60.0/22
185.104.228.0/24
185.142.233.0-185.142.235.255
188.75.92.0/24
188.75.94.0/24
188.75.102.0/23
188.75.107.0/24
188.75.110.0/23
188.75.122.0/23
188.136.220.0/23
217.66.208.0/24
217.66.211.0/24
Signature Algorithm: sha256WithRSAEncryption
63:e8:aa:5a:29:fc:96:dd:06:f0:62:7f:52:df:70:ae:48:f0:
d7:64:9e:22:ee:0b:26:49:29:96:87:29:ac:7d:33:ea:79:e6:
48:82:46:99:cd:8e:2f:08:e8:a5:84:2b:4e:88:25:6b:9a:bc:
5f:cf:03:b9:24:f5:51:56:4e:51:f6:23:0e:f1:c4:39:f1:05:
16:d0:93:53:5d:ec:31:cc:7e:28:bf:4f:77:a2:0c:1f:7e:9d:
4e:c0:7f:54:78:1e:c0:86:47:5f:f0:e7:bf:83:af:98:96:69:
3d:bc:78:92:e3:95:5d:76:b0:71:c5:28:f6:e9:64:f1:7a:5f:
1f:81:00:43:0a:dc:78:25:87:c6:10:6f:5e:81:54:c8:25:79:
11:91:f1:56:86:e3:57:47:11:e4:17:2b:67:1f:eb:f6:73:09:
82:13:c4:14:b7:e2:b7:df:90:3f:c2:da:92:8a:98:c5:f4:e4:
21:04:e7:6c:09:29:f6:df:8b:5e:3a:03:ca:a6:5e:46:74:04:
f1:6c:06:0f:e5:d9:1c:c4:3a:50:af:98:53:a0:71:9c:bd:2c:
b1:a7:95:e6:32:b9:f5:78:14:da:59:5c:dc:ec:f4:0d:ca:8c:
7e:a5:50:a7:f8:bd:16:41:e1:e4:27:75:8e:30:0e:48:67:5e:
64:d8:be:7a
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAYVvlMr+iagT+uRNqKk21BqHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjMwMTAxMjMwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDg5MTk3OWVlYzA0ZmIyNjIwZjdjOTI2MWI0NzlmMDQzOGU2MDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0eVjxtfC6sQC9Z8/mn7kSe7VgyLM
Tliz1KVysA6n3zkSVa32VdFVNkKx5FhYW/KfbGdsB8JuzOslsrAI6Uq+sTHJRo0B
F5V98ZbkB+lreWYBJ5BqnUHy7NSypRdRLnUBk6599BZSkpaRagJo8Ga/o38wWG9A
+H7T79iSk2c62HvYxI5v+5pz5EsnjX8CDaZqLimkotdmnaBxrC1khhiLTIjn/NA5
M6frEn1/6G1DuLn1UYTucS2jgHf7MCxmglpw0VF49A6z2uG70tmYliZSnvxTZKse
sS88BLOaYj95hD6Jbg6pNScKSJoolIT/3SwyMyTEcNRh4nfu2zdjXnxzFwIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFNCJGXnuwE+yYg98kmG0efBDjmBFMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvMElrWmVlN0FUN0ppRDN5U1liUjU4RU9PWUVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcoDBAMl
cvgDBAAuIAUDBAAuIAkDBAAuIA4DBABPhNUDBABPhNkDBABPhNsDBABQR3EwDAME
AVBHegMEAVBHfAMEAFBHfwMEAFEd8wMEA1Ed+AMEAVZtIAMEAFZtKQMEAVZtOAME
AVf3tAMEALDdQQMEALkMPgMEArkVTAMEArlGPAMEALlo5DAMAwQAuY7pAwQCuY7o
AwQAvEtcAwQAvEteAwQBvEtmAwQAvEtrAwQBvEtuAwQBvEt6AwQBvIjcAwQA2ULQ
AwQA2ULTMA0GCSqGSIb3DQEBCwUAA4IBAQBj6KpaKfyW3QbwYn9S33CuSPDXZJ4i
7gsmSSmWhymsfTPqeeZIgkaZzY4vCOilhCtOiCVrmrxfzwO5JPVRVk5R9iMO8cQ5
8QUW0JNTXewxzH4ov093ogwffp1OwH9UeB7Ahkdf8Oe/g6+Ylmk9vHiS45VddrBx
xSj26WTxel8fgQBDCtx4JYfGEG9egVTIJXkRkfFWhuNXRxHkFytnH+v2cwmCE8QU
t+K335A/wtqSipjF9OQhBOdsCSn234teOgPKpl5GdATxbAYP5dkcxDpQr5hToHGc
vSyxp5XmMrn1eBTaWVzc7PQNyox+pVCn+L0WQeHkJ3WOMA5IZ15k2L56
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:01 2024 by rpki-client on console-fra.rpki-client.org