Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/s3gPwAxtQmqz9u9ghzjDL4-xzpw.roa
File: s3gPwAxtQmqz9u9ghzjDL4-xzpw.roa (raw, json)
Hash identifier: 4eEa75CSHsOFXpuXU9Wr+7xHRs6TPvRYNg/H1O2P8uI=
Subject key identifier: B3:78:0F:C0:0C:6D:42:6A:B3:F6:EF:60:87:38:C3:2F:8F:B1:CE:9C
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 018BDDC69756C007A4A2DCFCEAEA9E803310
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/s3gPwAxtQmqz9u9ghzjDL4-xzpw.roa
Signing time: Fri 17 Nov 2023 14:54:21 +0000
ROA not before: Fri 17 Nov 2023 14:54:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13194
IP address blocks: 84.46.139.0/24 maxlen: 24
89.117.69.0/24 maxlen: 24
89.117.93.0/24 maxlen: 24
89.117.92.0/24 maxlen: 24
89.117.14.0/24 maxlen: 24
82.140.177.0/24 maxlen: 24
82.140.180.0/24 maxlen: 24
217.9.248.0/23 maxlen: 23
89.117.225.0/24 maxlen: 24
89.117.223.0/24 maxlen: 24
89.117.221.0/24 maxlen: 24
89.117.220.0/24 maxlen: 24
89.117.125.0/24 maxlen: 24
89.117.127.0/24 maxlen: 24
84.46.204.0/24 maxlen: 24
89.117.138.0/24 maxlen: 24
84.46.207.0/24 maxlen: 24
89.117.141.0/24 maxlen: 24
89.117.156.0/24 maxlen: 24
89.117.165.0/24 maxlen: 24
86.38.245.0/24 maxlen: 24
89.116.124.0/24 maxlen: 24
89.116.129.0/24 maxlen: 24
89.116.143.0/24 maxlen: 24
89.116.151.0/24 maxlen: 24
89.116.155.0/24 maxlen: 24
86.38.215.0/24 maxlen: 24
86.38.230.0/24 maxlen: 24
86.38.228.0/24 maxlen: 24
89.116.232.0/24 maxlen: 24
89.116.235.0/24 maxlen: 24
82.140.130.0/24 maxlen: 24
82.140.128.0/24 maxlen: 24
82.140.129.0/24 maxlen: 24
82.140.159.0/24 maxlen: 24
89.117.10.0/24 maxlen: 24
89.116.162.0/24 maxlen: 24
89.116.160.0/24 maxlen: 24
89.116.176.0/24 maxlen: 24
89.116.174.0/24 maxlen: 24
89.116.178.0/24 maxlen: 24
86.38.34.0/24 maxlen: 24
86.38.41.0/24 maxlen: 24
86.38.52.0/24 maxlen: 24
86.38.62.0/24 maxlen: 24
86.38.73.0/24 maxlen: 24
86.38.74.0/24 maxlen: 24
86.38.72.0/24 maxlen: 24
86.38.75.0/24 maxlen: 24
86.38.1.0/24 maxlen: 24
213.226.161.0/24 maxlen: 24
185.189.154.0/24 maxlen: 24
86.38.152.0/24 maxlen: 24
84.15.0.0/16 maxlen: 24
86.38.153.0/24 maxlen: 24
86.38.81.0/24 maxlen: 24
86.38.84.0/24 maxlen: 24
86.38.97.0/24 maxlen: 24
213.252.220.0/24 maxlen: 24
213.252.223.0/24 maxlen: 24
213.252.224.0/22 maxlen: 22
213.252.234.0/23 maxlen: 23
213.252.236.0/23 maxlen: 23
213.252.252.0/24 maxlen: 24
213.252.254.0/24 maxlen: 24
89.117.243.0/24 maxlen: 24
89.117.248.0/23 maxlen: 24
89.117.247.0/24 maxlen: 24
213.252.192.0/20 maxlen: 20
89.117.255.0/24 maxlen: 24
213.226.128.0/18 maxlen: 24
2a00:f500::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dd:c6:97:56:c0:07:a4:a2:dc:fc:ea:ea:9e:80:33:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Nov 17 14:54:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3780fc00c6d426ab3f6ef608738c32f8fb1ce9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:98:ab:41:14:28:96:26:4e:fa:ec:23:60:02:
e0:f3:ce:4b:7b:22:f4:66:a5:09:76:97:75:3d:c7:
ea:e4:0c:54:8f:14:bc:1b:82:84:ca:df:bf:b2:09:
a6:7c:1b:39:40:60:f0:83:1c:b2:03:3b:df:8a:c6:
ee:31:b4:ff:4d:c5:1c:22:7c:39:3a:aa:f5:eb:ac:
df:d1:8f:e1:11:c2:57:3f:52:5f:63:e3:5c:70:3b:
a0:5a:1b:d0:da:5b:66:f0:f9:55:0d:54:76:52:c2:
7a:37:05:f8:f6:51:01:81:5c:9a:c6:32:4d:bb:c8:
0f:d8:ba:fa:0f:6a:ba:fd:48:35:87:7c:fa:4d:3b:
86:8b:9c:52:79:75:83:2d:ef:18:87:1a:fa:96:a6:
75:1d:54:73:e2:cc:da:e0:50:42:ec:89:c3:7e:f0:
fa:9e:a3:73:04:0f:5d:0d:a4:1a:1c:3f:fc:ab:82:
f7:e5:96:6b:a1:ce:02:2a:79:cf:3b:d8:96:3e:24:
96:ca:c2:26:59:25:69:a5:e4:96:d0:df:2e:14:ac:
f6:e5:79:b2:55:36:40:92:a9:c2:d0:be:c0:2d:fc:
d8:1f:cb:d6:ea:d3:39:56:d4:d8:bc:9b:47:a8:35:
14:27:55:f8:f1:a6:07:ca:c2:00:f0:9d:ec:11:1e:
39:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:78:0F:C0:0C:6D:42:6A:B3:F6:EF:60:87:38:C3:2F:8F:B1:CE:9C
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/s3gPwAxtQmqz9u9ghzjDL4-xzpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.128.0-82.140.130.255
82.140.159.0/24
82.140.177.0/24
82.140.180.0/24
84.15.0.0/16
84.46.139.0/24
84.46.204.0/24
84.46.207.0/24
86.38.1.0/24
86.38.34.0/24
86.38.41.0/24
86.38.52.0/24
86.38.62.0/24
86.38.72.0/22
86.38.81.0/24
86.38.84.0/24
86.38.97.0/24
86.38.152.0/23
86.38.215.0/24
86.38.228.0/24
86.38.230.0/24
86.38.245.0/24
89.116.124.0/24
89.116.129.0/24
89.116.143.0/24
89.116.151.0/24
89.116.155.0/24
89.116.160.0/24
89.116.162.0/24
89.116.174.0/24
89.116.176.0/24
89.116.178.0/24
89.116.232.0/24
89.116.235.0/24
89.117.10.0/24
89.117.14.0/24
89.117.69.0/24
89.117.92.0/23
89.117.125.0/24
89.117.127.0/24
89.117.138.0/24
89.117.141.0/24
89.117.156.0/24
89.117.165.0/24
89.117.220.0/23
89.117.223.0/24
89.117.225.0/24
89.117.243.0/24
89.117.247.0-89.117.249.255
89.117.255.0/24
185.189.154.0/24
213.226.128.0/18
213.252.192.0/20
213.252.220.0/24
213.252.223.0-213.252.227.255
213.252.234.0-213.252.237.255
213.252.252.0/24
213.252.254.0/24
217.9.248.0/23
IPv6:
2a00:f500::/29
Signature Algorithm: sha256WithRSAEncryption
57:9d:1f:64:58:14:c4:dd:98:b8:1c:0b:cd:04:63:c9:4f:72:
c9:62:5c:a3:db:18:a9:e6:48:25:d4:47:f6:34:3b:37:1e:05:
43:31:f5:d7:91:ed:88:9c:2c:bb:97:2f:03:b7:bb:27:2c:90:
6e:0a:05:2c:e1:a2:d5:52:3a:41:ba:4d:16:71:07:aa:15:65:
dd:af:23:66:98:91:ab:f5:b1:60:15:d0:52:e7:92:24:e3:70:
6c:aa:18:c6:56:db:e5:48:d9:45:5d:53:68:c2:d6:ce:76:c3:
eb:fb:1f:8a:90:7b:58:43:e3:70:5e:d7:bc:f5:23:6e:9e:f2:
12:86:85:1d:87:0e:df:3f:9e:67:40:f9:fa:00:64:40:46:fc:
28:6a:8f:07:16:18:65:6f:68:dd:9d:9f:1f:d9:cd:34:3f:84:
a9:c8:d5:53:ee:71:0c:5f:d0:ff:6f:a6:18:35:a1:77:43:ba:
32:6d:cc:ae:bc:55:96:3e:2e:aa:1e:02:94:d3:bc:ab:6f:98:
f8:38:54:46:7b:50:e0:d9:b1:52:13:24:a7:65:7a:3a:cf:df:
21:42:f9:00:3a:0e:03:1d:90:b9:04:61:0c:2f:43:8c:3e:8f:
6f:b7:be:7f:a3:77:85:01:16:6a:ab:a9:bf:04:88:1e:43:90:
a0:d3:79:0d
-----BEGIN CERTIFICATE-----
MIIGkTCCBXmgAwIBAgISAYvdxpdWwAekotz86uqegDMQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjMxMTE3MTQ1NDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzc4MGZjMDBjNmQ0MjZhYjNmNmVmNjA4NzM4YzMyZjhmYjFjZTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJirQRQoliZO+uwjYALg885LeyL0
ZqUJdpd1Pcfq5AxUjxS8G4KEyt+/sgmmfBs5QGDwgxyyAzvfisbuMbT/TcUcInw5
Oqr166zf0Y/hEcJXP1JfY+NccDugWhvQ2ltm8PlVDVR2UsJ6NwX49lEBgVyaxjJN
u8gP2Lr6D2q6/Ug1h3z6TTuGi5xSeXWDLe8Yhxr6lqZ1HVRz4sza4FBC7InDfvD6
nqNzBA9dDaQaHD/8q4L35ZZroc4CKnnPO9iWPiSWysImWSVppeSW0N8uFKz25Xmy
VTZAkqnC0L7ALfzYH8vW6tM5VtTYvJtHqDUUJ1X48aYHysIA8J3sER45cQIDAQAB
o4IDnTCCA5kwHQYDVR0OBBYEFLN4D8AMbUJqs/bvYIc4wy+Psc6cMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvczNnUHdBeHRRbXF6OXU5Z2h6akRMNC14enB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBsQYIKwYBBQUHAQcBAf8EggGgMIIBnDCCAYkEAgABMIIB
gTAMAwQHUoyAAwQAUoyCAwQAUoyfAwQAUoyxAwQAUoy0AwMAVA8DBABULosDBABU
LswDBABULs8DBABWJgEDBABWJiIDBABWJikDBABWJjQDBABWJj4DBAJWJkgDBABW
JlEDBABWJlQDBABWJmEDBAFWJpgDBABWJtcDBABWJuQDBABWJuYDBABWJvUDBABZ
dHwDBABZdIEDBABZdI8DBABZdJcDBABZdJsDBABZdKADBABZdKIDBABZdK4DBABZ
dLADBABZdLIDBABZdOgDBABZdOsDBABZdQoDBABZdQ4DBABZdUUDBAFZdVwDBABZ
dX0DBABZdX8DBABZdYoDBABZdY0DBABZdZwDBABZdaUDBAFZddwDBABZdd8DBABZ
deEDBABZdfMwDAMEAFl19wMEAVl1+AMEAFl1/wMEALm9mgMEBtXigAMEBNX8wAME
ANX83DAMAwQA1fzfAwQC1fzgMAwDBAHV/OoDBAHV/OwDBADV/PwDBADV/P4DBAHZ
CfgwDQQCAAIwBwMFAyoA9QAwDQYJKoZIhvcNAQELBQADggEBAFedH2RYFMTdmLgc
C80EY8lPcsliXKPbGKnmSCXUR/Y0OzceBUMx9deR7YicLLuXLwO3uycskG4KBSzh
otVSOkG6TRZxB6oVZd2vI2aYkav1sWAV0FLnkiTjcGyqGMZW2+VI2UVdU2jC1s52
w+v7H4qQe1hD43Be17z1I26e8hKGhR2HDt8/nmdA+foAZEBG/ChqjwcWGGVvaN2d
nx/ZzTQ/hKnI1VPucQxf0P9vphg1oXdDujJtzK68VZY+LqoeApTTvKtvmPg4VEZ7
UODZsVITJKdlejrP3yFC+QA6DgMdkLkEYQwvQ4w+j2+3vn+jd4UBFmqrqb8EiB5D
kKDTeQ0=
-----END CERTIFICATE-----
Generated at Fri Dec 8 13:10:54 2023 by rpki-client on console-ams.rpki-client.org