Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/jIKQBF5iJGwRwiOBC6PnQOkhZRM.roa
File: jIKQBF5iJGwRwiOBC6PnQOkhZRM.roa (raw, json)
Hash identifier: LGpbywDt5b1EbdkA/jdJgV8TAN4jY/WxsQg2HPicngE=
Subject key identifier: 8C:82:90:04:5E:62:24:6C:11:C2:23:81:0B:A3:E7:40:E9:21:65:13
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018E6628FA85798BE705B95DFC10C233A38A
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/jIKQBF5iJGwRwiOBC6PnQOkhZRM.roa
Signing time: Fri 22 Mar 2024 12:35:45 +0000
ROA not before: Fri 22 Mar 2024 12:35:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16625
IP address blocks: 84.53.156.0/22 maxlen: 22
84.53.164.0/22 maxlen: 22
84.53.188.0/22 maxlen: 22
88.221.4.0/22 maxlen: 22
88.221.8.0/22 maxlen: 22
88.221.16.0/22 maxlen: 22
88.221.32.0/22 maxlen: 22
88.221.36.0/22 maxlen: 22
88.221.40.0/22 maxlen: 22
88.221.44.0/22 maxlen: 22
88.221.58.0/23 maxlen: 23
88.221.60.0/22 maxlen: 22
88.221.68.0/22 maxlen: 22
88.221.76.0/22 maxlen: 22
88.221.96.0/22 maxlen: 22
88.221.124.0/22 maxlen: 22
88.221.130.0/23 maxlen: 23
88.221.136.0/21 maxlen: 21
88.221.148.0/22 maxlen: 22
88.221.152.0/21 maxlen: 21
88.221.164.0/22 maxlen: 22
88.221.168.0/22 maxlen: 22
88.221.176.0/21 maxlen: 21
88.221.224.0/21 maxlen: 21
88.221.236.0/22 maxlen: 22
88.221.240.0/21 maxlen: 21
88.221.248.0/22 maxlen: 22
92.123.240.0/22 maxlen: 22
95.100.16.0/20 maxlen: 20
95.100.46.0/23 maxlen: 23
95.100.48.0/20 maxlen: 20
95.100.64.0/20 maxlen: 20
95.100.80.0/22 maxlen: 22
95.100.112.0/20 maxlen: 20
95.100.136.0/24 maxlen: 24
95.100.137.0/24 maxlen: 24
95.100.138.0/24 maxlen: 24
95.100.139.0/24 maxlen: 24
95.100.140.0/22 maxlen: 22
95.100.160.0/22 maxlen: 22
95.100.176.0/22 maxlen: 22
95.100.182.0/23 maxlen: 23
95.100.184.0/22 maxlen: 22
95.100.188.0/22 maxlen: 22
95.100.208.0/22 maxlen: 22
95.100.216.0/22 maxlen: 22
95.100.224.0/20 maxlen: 20
95.100.244.0/22 maxlen: 22
95.100.250.0/23 maxlen: 23
95.101.0.0/21 maxlen: 21
95.101.14.0/23 maxlen: 23
95.101.16.0/22 maxlen: 22
95.101.40.0/22 maxlen: 22
95.101.44.0/22 maxlen: 22
95.101.48.0/22 maxlen: 22
95.101.56.0/22 maxlen: 22
95.101.64.0/22 maxlen: 22
95.101.68.0/24 maxlen: 24
95.101.69.0/24 maxlen: 24
95.101.70.0/24 maxlen: 24
95.101.71.0/24 maxlen: 24
95.101.80.0/22 maxlen: 22
95.101.84.0/22 maxlen: 22
95.101.88.0/22 maxlen: 22
95.101.92.0/22 maxlen: 22
95.101.96.0/22 maxlen: 22
95.101.100.0/22 maxlen: 22
95.101.104.0/22 maxlen: 22
95.101.124.0/22 maxlen: 22
95.101.144.0/22 maxlen: 22
95.101.148.0/22 maxlen: 22
95.101.152.0/22 maxlen: 22
95.101.160.0/22 maxlen: 22
95.101.164.0/22 maxlen: 22
95.101.172.0/22 maxlen: 22
95.101.176.0/22 maxlen: 22
95.101.184.0/22 maxlen: 22
95.101.188.0/22 maxlen: 22
95.101.192.0/22 maxlen: 22
95.101.196.0/22 maxlen: 22
95.101.200.0/22 maxlen: 22
95.101.208.0/20 maxlen: 20
95.101.224.0/22 maxlen: 22
95.101.240.0/20 maxlen: 20
195.95.192.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 26 Mar 2024 10:50:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:66:28:fa:85:79:8b:e7:05:b9:5d:fc:10:c2:33:a3:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Mar 22 12:35:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c8290045e62246c11c223810ba3e740e9216513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d9:0d:2b:3e:ef:2e:c2:97:07:05:71:9e:f0:
cf:17:11:1f:3a:65:dd:cb:3c:e3:77:31:18:db:b9:
59:14:3e:7b:44:0e:db:88:23:f4:7a:56:6a:b4:ac:
2c:0e:6c:a9:b4:3b:8e:5d:4f:3d:ea:f1:e0:c3:61:
93:3b:e7:a1:1f:1a:22:cc:98:bc:60:95:d2:51:71:
34:77:17:e7:b8:21:11:82:c6:78:5d:3a:96:17:45:
a6:be:46:f7:1b:b2:07:08:b3:87:aa:4f:13:8d:0b:
f4:6e:c2:2e:11:bd:ec:77:85:f8:0f:4a:80:5a:ab:
a8:be:ab:43:09:e3:55:d9:c9:10:ed:1d:97:ad:6f:
f9:10:bb:b7:17:76:69:b2:fb:4d:ca:e6:13:11:fa:
08:70:a5:64:5f:8b:e8:42:1d:a2:74:31:8f:b5:17:
38:81:cb:fc:2b:3c:5c:a8:00:6a:77:24:0c:51:e1:
37:67:7b:fd:02:86:9f:ab:de:af:f1:f2:d1:99:e3:
65:61:3c:e2:62:9f:2f:71:f5:6c:a3:1c:cb:2c:9f:
84:a5:bd:c2:a7:fb:8a:98:94:cb:28:a8:cf:36:d9:
0e:21:41:ef:10:3d:43:4b:de:50:90:cd:36:da:a6:
53:74:28:10:e5:0d:37:36:5d:d8:12:1f:1f:5c:b5:
8c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:82:90:04:5E:62:24:6C:11:C2:23:81:0B:A3:E7:40:E9:21:65:13
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/jIKQBF5iJGwRwiOBC6PnQOkhZRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.53.156.0/22
84.53.164.0/22
84.53.188.0/22
88.221.4.0-88.221.11.255
88.221.16.0/22
88.221.32.0/20
88.221.58.0-88.221.63.255
88.221.68.0/22
88.221.76.0/22
88.221.96.0/22
88.221.124.0/22
88.221.130.0/23
88.221.136.0/21
88.221.148.0-88.221.159.255
88.221.164.0-88.221.171.255
88.221.176.0/21
88.221.224.0/21
88.221.236.0-88.221.251.255
92.123.240.0/22
95.100.16.0/20
95.100.46.0-95.100.83.255
95.100.112.0/20
95.100.136.0/21
95.100.160.0/22
95.100.176.0/22
95.100.182.0-95.100.191.255
95.100.208.0/22
95.100.216.0/22
95.100.224.0/20
95.100.244.0/22
95.100.250.0/23
95.101.0.0/21
95.101.14.0-95.101.19.255
95.101.40.0-95.101.51.255
95.101.56.0/22
95.101.64.0/21
95.101.80.0-95.101.107.255
95.101.124.0/22
95.101.144.0-95.101.155.255
95.101.160.0/21
95.101.172.0-95.101.179.255
95.101.184.0-95.101.203.255
95.101.208.0-95.101.227.255
95.101.240.0/20
195.95.192.0/22
Signature Algorithm: sha256WithRSAEncryption
44:86:4f:46:9a:95:fc:62:77:13:a4:f5:35:fb:a4:de:f3:c8:
6e:88:85:e9:23:fb:66:87:79:d7:b8:b9:ca:19:e2:32:15:80:
fc:22:cc:ac:c6:3d:58:40:24:c8:45:f0:d3:06:84:82:26:99:
38:a8:07:e7:35:12:f9:62:44:10:6d:b6:f6:9d:88:64:b6:24:
e7:ce:36:4e:24:1f:9b:ce:a6:03:f3:25:63:7e:be:f9:48:a1:
c0:24:ef:62:95:f1:b0:fb:d7:ea:9e:e3:95:2d:c6:75:fa:a5:
6e:d4:ce:d2:8e:f6:0b:06:58:d8:87:54:9d:b6:55:33:57:ad:
39:06:a4:d5:86:a4:04:ee:dd:19:29:50:68:84:0e:09:ac:26:
7b:46:98:c2:87:3f:76:45:99:f1:ee:d4:e4:0f:cc:5a:00:aa:
a2:79:8d:4a:ee:c5:b2:8c:8e:12:4b:5a:12:8a:9d:06:ef:a1:
7f:3b:e3:fd:a6:24:a3:31:ad:d4:64:1d:45:cb:e3:c5:07:73:
b4:ec:b9:e1:90:00:b2:aa:2a:21:d3:f8:91:72:30:39:33:e3:
b1:08:e9:02:88:19:f9:4d:fb:72:f5:ee:11:e4:0c:a3:bc:fa:
39:3d:cb:bd:43:4b:9d:c3:5a:76:e1:12:74:9d:33:dc:55:95:
cc:20:84:47
-----BEGIN CERTIFICATE-----
MIIGfzCCBWegAwIBAgISAY5mKPqFeYvnBbld/BDCM6OKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMzIyMTIzNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzgyOTAwNDVlNjIyNDZjMTFjMjIzODEwYmEzZTc0MGU5MjE2NTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9kNKz7vLsKXBwVxnvDPFxEfOmXd
yzzjdzEY27lZFD57RA7biCP0elZqtKwsDmyptDuOXU896vHgw2GTO+ehHxoizJi8
YJXSUXE0dxfnuCERgsZ4XTqWF0Wmvkb3G7IHCLOHqk8TjQv0bsIuEb3sd4X4D0qA
WquovqtDCeNV2ckQ7R2XrW/5ELu3F3ZpsvtNyuYTEfoIcKVkX4voQh2idDGPtRc4
gcv8KzxcqABqdyQMUeE3Z3v9Aoafq96v8fLRmeNlYTziYp8vcfVsoxzLLJ+Epb3C
p/uKmJTLKKjPNtkOIUHvED1DS95QkM022qZTdCgQ5Q03Nl3YEh8fXLWMbwIDAQAB
o4IDizCCA4cwHQYDVR0OBBYEFIyCkAReYiRsEcIjgQuj50DpIWUTMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvaklLUUJGNWlKR3dSd2lPQkM2UG5RT2toWlJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBnwYIKwYBBQUHAQcBAf8EggGOMIIBijCCAYYEAgABMIIB
fgMEAlQ1nAMEAlQ1pAMEAlQ1vDAMAwQCWN0EAwQCWN0IAwQCWN0QAwQEWN0gMAwD
BAFY3ToDBAZY3QADBAJY3UQDBAJY3UwDBAJY3WADBAJY3XwDBAFY3YIDBANY3Ygw
DAMEAljdlAMEBVjdgDAMAwQCWN2kAwQCWN2oAwQDWN2wAwQDWN3gMAwDBAJY3ewD
BAJY3fgDBAJce/ADBARfZBAwDAMEAV9kLgMEAl9kUAMEBF9kcAMEA19kiAMEAl9k
oAMEAl9ksDAMAwQBX2S2AwQGX2SAAwQCX2TQAwQCX2TYAwQEX2TgAwQCX2T0AwQB
X2T6AwQDX2UAMAwDBAFfZQ4DBAJfZRAwDAMEA19lKAMEAl9lMAMEAl9lOAMEA19l
QDAMAwQEX2VQAwQCX2VoAwQCX2V8MAwDBARfZZADBAJfZZgDBANfZaAwDAMEAl9l
rAMEAl9lsDAMAwQDX2W4AwQCX2XIMAwDBARfZdADBAJfZeADBARfZfADBALDX8Aw
DQYJKoZIhvcNAQELBQADggEBAESGT0aalfxidxOk9TX7pN7zyG6Ihekj+2aHede4
ucoZ4jIVgPwizKzGPVhAJMhF8NMGhIImmTioB+c1EvliRBBttvadiGS2JOfONk4k
H5vOpgPzJWN+vvlIocAk72KV8bD71+qe45UtxnX6pW7UztKO9gsGWNiHVJ22VTNX
rTkGpNWGpATu3RkpUGiEDgmsJntGmMKHP3ZFmfHu1OQPzFoAqqJ5jUruxbKMjhJL
WhKKnQbvoX874/2mJKMxrdRkHUXL48UHc7TsueGQALKqKiHT+JFyMDkz47EI6QKI
GflN+3L17hHkDKO8+jk9y71DS53DWnbhEnSdM9xVlcwghEc=
-----END CERTIFICATE-----
Generated at Tue Mar 26 14:31:42 2024 by rpki-client on console-ams.rpki-client.org