Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/1-LiCQg9aTOo8uim3OsCZaD35pGs.roa
File: 1-LiCQg9aTOo8uim3OsCZaD35pGs.roa (raw, json)
Hash identifier: mWIloevfj26R3T3QikTsO9z0FgbyQHUPcaG+ilMserA=
Subject key identifier: F8:B8:82:42:0F:5A:4C:EA:3C:BA:29:B7:3A:C0:99:68:3D:F9:A4:6B
Certificate issuer: /CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
Certificate serial: 01856B936300B54B43EC933BAE58177D74B9
Authority key identifier: C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/1-LiCQg9aTOo8uim3OsCZaD35pGs.roa
Signing time: Sun 01 Jan 2023 04:24:59 +0000
ROA not before: Sun 01 Jan 2023 04:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60032
IP address blocks: 193.56.168.0/22 maxlen: 22
45.152.184.0/22 maxlen: 22
194.36.137.0/24 maxlen: 24
45.129.48.0/22 maxlen: 22
185.107.84.0/22 maxlen: 24
185.61.144.0/22 maxlen: 22
109.70.16.0/21 maxlen: 22
45.85.176.0/22 maxlen: 22
45.11.148.0/22 maxlen: 22
194.36.221.0/24 maxlen: 24
80.240.176.0/21 maxlen: 21
185.163.60.0/22 maxlen: 22
80.240.188.0/22 maxlen: 22
45.90.224.0/22 maxlen: 22
185.203.180.0/22 maxlen: 22
194.36.169.0/24 maxlen: 24
5.252.60.0/22 maxlen: 22
194.36.167.0/24 maxlen: 24
188.92.64.0/21 maxlen: 22
5.252.88.0/22 maxlen: 22
185.13.180.0/22 maxlen: 22
95.214.44.0/22 maxlen: 22
2.59.68.0/22 maxlen: 22
2.59.72.0/22 maxlen: 22
193.8.116.0/22 maxlen: 22
185.229.176.0/22 maxlen: 22
128.127.16.0/21 maxlen: 22
185.253.36.0/22 maxlen: 22
212.104.240.0/20 maxlen: 20
185.128.140.0/22 maxlen: 23
194.182.112.0/20 maxlen: 22
2a06:4280::/29 maxlen: 32
2a02:cfc0::/29 maxlen: 32
2a02:79e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:93:63:00:b5:4b:43:ec:93:3b:ae:58:17:7d:74:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
Validity
Not Before: Jan 1 04:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8b882420f5a4cea3cba29b73ac099683df9a46b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:db:f9:23:90:b7:56:84:9d:f6:62:ec:f0:67:
94:4a:aa:74:15:61:bc:a1:ee:36:21:dc:0a:60:2c:
3a:91:ab:95:30:af:86:38:fb:57:7c:10:1d:57:94:
a8:95:88:a2:b9:e2:9f:af:35:66:bd:e1:ea:7b:61:
36:ef:88:2a:03:55:01:fc:bc:68:ef:24:5b:79:15:
09:64:f9:03:cf:3a:ce:76:dc:0a:10:b9:97:82:b7:
f5:f9:3d:26:62:36:19:cc:3e:f7:53:6a:11:0e:b2:
ea:06:03:f0:5e:88:70:16:84:77:d7:ac:f9:68:ba:
93:02:9b:c2:d5:4c:13:7b:d6:b7:12:80:18:63:3b:
85:17:c5:e7:98:70:e3:77:69:54:4d:c2:bc:3d:7c:
73:f1:7b:f2:f0:c4:1b:8f:84:e3:28:bb:ea:5a:4e:
fd:cf:62:8f:23:57:e5:e8:ba:73:57:25:13:10:0d:
6c:9b:84:0f:a0:77:2f:98:8a:ae:9c:88:e0:ff:96:
f1:b7:b1:95:08:a4:b1:79:19:aa:1b:c9:52:c9:f0:
c8:59:c4:a7:23:5b:73:d2:9d:81:32:5d:99:4d:01:
58:7e:0a:c3:08:6e:16:3c:80:f9:50:0c:e2:54:57:
60:51:c7:76:77:2c:fb:bd:c8:03:ae:7e:d2:03:12:
f8:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:B8:82:42:0F:5A:4C:EA:3C:BA:29:B7:3A:C0:99:68:3D:F9:A4:6B
X509v3 Authority Key Identifier:
keyid:C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/1-LiCQg9aTOo8uim3OsCZaD35pGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/yGjKghR-0id7S8xppShbrnNfLkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.68.0-2.59.75.255
5.252.60.0/22
5.252.88.0/22
45.11.148.0/22
45.85.176.0/22
45.90.224.0/22
45.129.48.0/22
45.152.184.0/22
80.240.176.0/21
80.240.188.0/22
95.214.44.0/22
109.70.16.0/21
128.127.16.0/21
185.13.180.0/22
185.61.144.0/22
185.107.84.0/22
185.128.140.0/22
185.163.60.0/22
185.203.180.0/22
185.229.176.0/22
185.253.36.0/22
188.92.64.0/21
193.8.116.0/22
193.56.168.0/22
194.36.137.0/24
194.36.167.0/24
194.36.169.0/24
194.36.221.0/24
194.182.112.0/20
212.104.240.0/20
IPv6:
2a02:79e0::/32
2a02:cfc0::/29
2a06:4280::/29
Signature Algorithm: sha256WithRSAEncryption
bb:b9:e5:6a:0e:81:41:81:28:11:bf:2a:66:d9:5f:d2:f5:cb:
db:56:70:a1:3f:9e:aa:e6:16:2a:2f:d2:6b:7e:12:6b:11:c5:
84:4f:19:40:bf:c8:c1:51:75:c3:11:c5:66:6c:4d:88:d0:8d:
2b:bd:f7:e1:87:26:d6:a0:94:46:20:57:d5:52:3c:3a:6a:67:
df:55:a3:bf:53:81:f2:9c:70:5a:8d:7a:09:a5:44:ee:82:c4:
9b:53:c2:a6:e5:21:10:eb:c5:c5:92:78:d7:ca:f1:3b:a1:e3:
08:ab:0b:f0:43:63:5b:3d:a5:1f:e9:86:c8:dd:a3:44:f2:8a:
d1:17:44:9f:f1:66:cc:7d:2f:9e:8a:e0:79:ca:4f:87:bf:d0:
22:d5:f9:b4:f9:b7:80:20:36:2a:ed:c1:fb:2a:d7:5c:2b:f2:
70:50:89:ab:3e:49:88:00:74:ec:47:22:d7:06:0d:0d:bc:d5:
33:b4:c3:e3:27:03:3e:55:6b:11:d9:4b:7b:ec:f9:49:52:a7:
3b:6a:2a:8f:7d:ed:e8:97:95:2a:1a:52:ae:8d:9e:64:62:49:
b6:89:7b:13:f5:a4:15:fb:0c:2e:f7:8b:b4:bf:73:bd:53:9d:
f7:04:b2:cf:3d:f7:da:1f:7c:68:64:e9:5a:a4:cd:8c:f5:b5:
71:3a:9f:e1
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAYVrk2MAtUtD7JM7rlgXfXS5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NjhjYTgyMTQ3ZWQyMjc3YjRiY2M2OWE1Mjg1YmFlNzM1
ZjJlNDQwHhcNMjMwMTAxMDQyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGI4ODI0MjBmNWE0Y2VhM2NiYTI5YjczYWMwOTk2ODNkZjlhNDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9v5I5C3VoSd9mLs8GeUSqp0FWG8
oe42IdwKYCw6kauVMK+GOPtXfBAdV5SolYiiueKfrzVmveHqe2E274gqA1UB/Lxo
7yRbeRUJZPkDzzrOdtwKELmXgrf1+T0mYjYZzD73U2oRDrLqBgPwXohwFoR316z5
aLqTApvC1UwTe9a3EoAYYzuFF8XnmHDjd2lUTcK8PXxz8Xvy8MQbj4TjKLvqWk79
z2KPI1fl6LpzVyUTEA1sm4QPoHcvmIqunIjg/5bxt7GVCKSxeRmqG8lSyfDIWcSn
I1tz0p2BMl2ZTQFYfgrDCG4WPID5UAziVFdgUcd2dyz7vcgDrn7SAxL45QIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFPi4gkIPWkzqPLoptzrAmWg9+aRrMB8GA1UdIwQY
MBaAFMhoyoIUftIne0vMaaUoW65zXy5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTIt
NjY4NDkwMTk2MjdlLzEvMS1MaUNRZzlhVE9vOHVpbTNPc0NaYUQzNXBHcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2EvMDQyYzMzLWFiNmItNDhiZS1hNDkyLTY2ODQ5MDE5NjI3
ZS8xL3lHaktnaFItMGlkN1M4eHBwU2hicm5OZkxrUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB9gYIKwYBBQUHAQcBAf8EgeYwgeMwgcMEAgABMIG8MAwD
BAICO0QDBAICO0gDBAIF/DwDBAIF/FgDBAItC5QDBAItVbADBAItWuADBAItgTAD
BAItmLgDBANQ8LADBAJQ8LwDBAJf1iwDBANtRhADBAOAfxADBAK5DbQDBAK5PZAD
BAK5a1QDBAK5gIwDBAK5ozwDBAK5y7QDBAK55bADBAK5/SQDBAO8XEADBALBCHQD
BALBOKgDBADCJIkDBADCJKcDBADCJKkDBADCJN0DBATCtnADBATUaPAwGwQCAAIw
FQMFACoCeeADBQMqAs/AAwUDKgZCgDANBgkqhkiG9w0BAQsFAAOCAQEAu7nlag6B
QYEoEb8qZtlf0vXL21ZwoT+equYWKi/Sa34SaxHFhE8ZQL/IwVF1wxHFZmxNiNCN
K7334Ycm1qCURiBX1VI8Ompn31Wjv1OB8pxwWo16CaVE7oLEm1PCpuUhEOvFxZJ4
18rxO6HjCKsL8ENjWz2lH+mGyN2jRPKK0RdEn/FmzH0vnorgecpPh7/QItX5tPm3
gCA2Ku3B+yrXXCvycFCJqz5JiAB07Eci1wYNDbzVM7TD4ycDPlVrEdlLe+z5SVKn
O2oqj33t6JeVKhpSro2eZGJJtol7E/WkFfsMLveLtL9zvVOd9wSyzz332h98aGTp
WqTNjPW1cTqf4Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:56 2024 by rpki-client on console-fra.rpki-client.org