Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/IpscEASpfgTNbFTE8jUud6dO3Hs.roa
File: IpscEASpfgTNbFTE8jUud6dO3Hs.roa (raw, json)
Hash identifier: GjdGRwIhgYaH9yUKHmay8OdeaQZ1O+psQB48GX7emso=
Subject key identifier: 22:9B:1C:10:04:A9:7E:04:CD:6C:54:C4:F2:35:2E:77:A7:4E:DC:7B
Certificate issuer: /CN=77b8cf454b0962d16a4855808fd3abc15852bbd8
Certificate serial: 01856C65CCF98DC1E94787FEE4DD4DFE2535
Authority key identifier: 77:B8:CF:45:4B:09:62:D1:6A:48:55:80:8F:D3:AB:C1:58:52:BB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d7jPRUsJYtFqSFWAj9OrwVhSu9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/IpscEASpfgTNbFTE8jUud6dO3Hs.roa
Signing time: Sun 01 Jan 2023 08:14:48 +0000
ROA not before: Sun 01 Jan 2023 08:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8426
IP address blocks: 185.39.232.0/23 maxlen: 24
212.49.192.0/18 maxlen: 24
194.88.132.0/23 maxlen: 24
194.112.32.0/19 maxlen: 24
195.102.0.0/16 maxlen: 24
89.206.128.0/17 maxlen: 24
195.58.192.0/19 maxlen: 24
62.173.64.0/18 maxlen: 24
185.77.74.0/24 maxlen: 24
185.77.72.0/22 maxlen: 24
195.8.64.0/19 maxlen: 24
212.188.128.0/17 maxlen: 24
195.245.201.0/24 maxlen: 24
194.119.128.0/18 maxlen: 24
80.168.0.0/16 maxlen: 24
185.78.204.0/22 maxlen: 24
89.206.216.0/22 maxlen: 22
89.206.218.0/23 maxlen: 23
89.206.216.0/23 maxlen: 23
81.171.128.0/17 maxlen: 24
217.158.0.0/16 maxlen: 24
185.77.200.0/22 maxlen: 24
213.2.0.0/16 maxlen: 24
213.253.0.0/18 maxlen: 24
195.157.0.0/16 maxlen: 24
79.123.0.0/17 maxlen: 24
212.126.128.0/19 maxlen: 24
185.22.164.0/23 maxlen: 24
62.231.128.0/19 maxlen: 24
195.216.0.0/19 maxlen: 24
213.165.128.0/19 maxlen: 24
212.169.0.0/18 maxlen: 24
212.125.64.0/19 maxlen: 24
176.52.208.0/21 maxlen: 24
2001:67c:1089::/48 maxlen: 48
2001:a88::/32 maxlen: 32
2001:67c:27dc::/48 maxlen: 48
2001:67c:1088::/47 maxlen: 48
2a02:e100::/29 maxlen: 29
2a00:ed0::/32 maxlen: 32
2a00:62e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:32:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:cc:f9:8d:c1:e9:47:87:fe:e4:dd:4d:fe:25:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77b8cf454b0962d16a4855808fd3abc15852bbd8
Validity
Not Before: Jan 1 08:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=229b1c1004a97e04cd6c54c4f2352e77a74edc7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:bd:f6:8d:94:4e:ea:76:5f:70:80:1d:d1:55:
35:21:b7:5e:71:37:e0:35:4c:19:c0:4d:00:9e:fa:
83:ff:a2:ec:b2:a7:e4:22:4f:81:e6:14:96:3e:f9:
eb:55:06:ff:3a:ad:91:4d:0b:fb:5e:be:81:e3:d4:
02:17:2b:0b:e9:07:4f:77:39:35:7c:33:2f:9c:3d:
7f:a7:88:d8:91:cc:17:e9:5a:46:32:bc:01:d1:f6:
25:2d:7e:98:56:98:fe:6a:2a:99:d2:78:34:22:e6:
d1:7f:7a:d2:fb:c7:fc:cc:1e:a8:90:fc:d7:f7:48:
a3:11:29:d1:45:cb:c7:78:57:5d:da:d7:0a:13:5c:
c8:27:76:ce:82:c8:eb:99:e2:d9:e0:5d:aa:3a:ae:
55:72:53:07:09:e7:20:45:d5:51:63:d0:06:31:83:
3f:e4:b6:43:09:83:25:53:94:cc:e1:44:52:6f:34:
ad:89:0a:83:b5:e3:37:82:b9:01:4e:44:09:2d:4d:
53:01:4c:ad:5a:9e:78:7e:2f:d6:4b:b0:28:75:69:
f3:b6:ec:c0:03:36:53:3f:61:29:72:58:d3:ce:c9:
28:59:5c:c7:5f:b9:dd:0c:7e:65:82:a0:6f:29:08:
96:46:af:78:3a:66:ec:82:5b:68:d5:ea:51:fc:14:
3e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:9B:1C:10:04:A9:7E:04:CD:6C:54:C4:F2:35:2E:77:A7:4E:DC:7B
X509v3 Authority Key Identifier:
keyid:77:B8:CF:45:4B:09:62:D1:6A:48:55:80:8F:D3:AB:C1:58:52:BB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7jPRUsJYtFqSFWAj9OrwVhSu9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/IpscEASpfgTNbFTE8jUud6dO3Hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/d7jPRUsJYtFqSFWAj9OrwVhSu9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.173.64.0/18
62.231.128.0/19
79.123.0.0/17
80.168.0.0/16
81.171.128.0/17
89.206.128.0/17
176.52.208.0/21
185.22.164.0/23
185.39.232.0/23
185.77.72.0/22
185.77.200.0/22
185.78.204.0/22
194.88.132.0/23
194.112.32.0/19
194.119.128.0/18
195.8.64.0/19
195.58.192.0/19
195.102.0.0/16
195.157.0.0/16
195.216.0.0/19
195.245.201.0/24
212.49.192.0/18
212.125.64.0/19
212.126.128.0/19
212.169.0.0/18
212.188.128.0/17
213.2.0.0/16
213.165.128.0/19
213.253.0.0/18
217.158.0.0/16
IPv6:
2001:67c:1088::/47
2001:67c:27dc::/48
2001:a88::/32
2a00:ed0::/32
2a00:62e0::/32
2a02:e100::/29
Signature Algorithm: sha256WithRSAEncryption
67:16:da:88:f0:4a:da:d6:ff:64:dd:d3:d5:b1:94:3e:ea:24:
dc:c8:21:b3:83:b0:b4:24:f7:90:4d:8e:ca:8a:48:7c:97:4c:
ac:e3:2f:b4:e4:af:96:f1:75:46:83:64:cf:6d:db:be:98:bf:
1c:d1:cb:76:c4:0b:29:ae:5b:44:e9:13:6a:70:40:2c:ff:90:
38:16:81:97:d3:85:5e:48:62:8e:58:39:02:b1:5d:be:9d:53:
fd:1d:e6:de:f6:81:17:58:a2:73:97:6f:0e:81:39:ed:74:59:
7b:90:8d:4b:76:d7:4c:62:14:d1:6d:58:91:47:61:b3:7b:ae:
ad:4a:e7:44:db:4e:92:5f:87:54:09:d2:f2:92:c3:de:c8:8a:
e2:3b:ae:02:41:06:c8:8f:ac:61:46:3f:8d:53:a8:01:20:2c:
9e:c7:56:32:a3:56:fd:34:dc:4b:0a:55:1a:bd:f9:2d:c6:b5:
62:c7:fa:df:fe:4f:08:60:74:96:ad:41:b9:fe:5d:e8:2d:36:
13:c2:06:35:20:df:63:32:40:d6:4f:49:63:3c:44:30:8a:04:
39:79:02:83:da:0f:dc:6b:55:39:10:61:66:7b:31:f2:8d:d4:
39:57:17:58:a5:db:83:45:f8:27:17:6d:0c:ed:67:79:92:dc:
eb:25:f4:22
-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgISAYVsZcz5jcHpR4f+5N1N/iU1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YjhjZjQ1NGIwOTYyZDE2YTQ4NTU4MDhmZDNhYmMxNTg1
MmJiZDgwHhcNMjMwMTAxMDgxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjliMWMxMDA0YTk3ZTA0Y2Q2YzU0YzRmMjM1MmU3N2E3NGVkYzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoL32jZRO6nZfcIAd0VU1IbdecTfg
NUwZwE0AnvqD/6LssqfkIk+B5hSWPvnrVQb/Oq2RTQv7Xr6B49QCFysL6QdPdzk1
fDMvnD1/p4jYkcwX6VpGMrwB0fYlLX6YVpj+aiqZ0ng0IubRf3rS+8f8zB6okPzX
90ijESnRRcvHeFdd2tcKE1zIJ3bOgsjrmeLZ4F2qOq5VclMHCecgRdVRY9AGMYM/
5LZDCYMlU5TM4URSbzStiQqDteM3grkBTkQJLU1TAUytWp54fi/WS7AodWnztuzA
AzZTP2EpcljTzskoWVzHX7ndDH5lgqBvKQiWRq94Ombsglto1epR/BQ+WQIDAQAB
o4IC7jCCAuowHQYDVR0OBBYEFCKbHBAEqX4EzWxUxPI1LnenTtx7MB8GA1UdIwQY
MBaAFHe4z0VLCWLRakhVgI/Tq8FYUrvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDdqUFJVc0pZdEZxU0ZXQWo5T3J3VmhTdTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jMTcxY2EtNGIxYi00MTg3LWJhNDYt
YTRmYzllMjQ1OGVjLzEvSXBzY0VBU3BmZ1ROYkZURThqVXVkNmRPM0hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jMTcxY2EtNGIxYi00MTg3LWJhNDYtYTRmYzllMjQ1OGVj
LzEvZDdqUFJVc0pZdEZxU0ZXQWo5T3J3VmhTdTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAgYIKwYBBQUHAQcBAf8EgfIwge8wgbYEAgABMIGvAwQG
Pq1AAwQFPueAAwQHT3sAAwMAUKgDBAdRq4ADBAdZzoADBAOwNNADBAG5FqQDBAG5
J+gDBAK5TUgDBAK5TcgDBAK5TswDBAHCWIQDBAXCcCADBAbCd4ADBAXDCEADBAXD
OsADAwDDZgMDAMOdAwQFw9gAAwQAw/XJAwQG1DHAAwQF1H1AAwQF1H6AAwQG1KkA
AwQH1LyAAwMA1QIDBAXVpYADBAbV/QADAwDZnjA0BAIAAjAuAwcBIAEGfBCIAwcA
IAEGfCfcAwUAIAEKiAMFACoADtADBQAqAGLgAwUDKgLhADANBgkqhkiG9w0BAQsF
AAOCAQEAZxbaiPBK2tb/ZN3T1bGUPuok3Mghs4OwtCT3kE2OyopIfJdMrOMvtOSv
lvF1RoNkz23bvpi/HNHLdsQLKa5bROkTanBALP+QOBaBl9OFXkhijlg5ArFdvp1T
/R3m3vaBF1iic5dvDoE57XRZe5CNS3bXTGIU0W1YkUdhs3uurUrnRNtOkl+HVAnS
8pLD3siK4juuAkEGyI+sYUY/jVOoASAsnsdWMqNW/TTcSwpVGr35Lca1Ysf63/5P
CGB0lq1Buf5d6C02E8IGNSDfYzJA1k9JYzxEMIoEOXkCg9oP3GtVORBhZnsx8o3U
OVcXWKXbg0X4JxdtDO1neZLc6yX0Ig==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:54 2024 by rpki-client on console-fra.rpki-client.org