Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/ghKMuKY3xysaRC_UkB0h_0f0QkQ.roa
File: ghKMuKY3xysaRC_UkB0h_0f0QkQ.roa (raw, json)
Hash identifier: ikAiKuUHpZZb9CiI9q5szPVFm7bEvYw1Htn0sT2Dubk=
Subject key identifier: 82:12:8C:B8:A6:37:C7:2B:1A:44:2F:D4:90:1D:21:FF:47:F4:42:44
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01856F1DC5D59DFB7D1D08F830D0F2B931E0
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/ghKMuKY3xysaRC_UkB0h_0f0QkQ.roa
Signing time: Sun 01 Jan 2023 20:55:00 +0000
ROA not before: Sun 01 Jan 2023 20:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3214
IP address blocks: 80.66.196.0/22 maxlen: 24
92.60.40.0/23 maxlen: 23
92.60.41.0/24 maxlen: 24
92.60.42.0/24 maxlen: 24
92.60.40.0/24 maxlen: 24
185.255.55.0/24 maxlen: 24
185.255.53.0/24 maxlen: 24
185.255.52.0/22 maxlen: 24
45.80.188.0/22 maxlen: 24
62.133.35.0/24 maxlen: 24
62.133.33.0/24 maxlen: 24
62.133.32.0/24 maxlen: 24
62.133.32.0/22 maxlen: 24
45.147.48.0/22 maxlen: 24
45.153.244.0/22 maxlen: 24
95.214.164.0/22 maxlen: 24
185.248.84.0/22 maxlen: 24
185.194.52.0/22 maxlen: 24
91.200.241.0/24 maxlen: 24
45.11.45.0/24 maxlen: 24
141.98.196.0/22 maxlen: 24
147.78.179.0/24 maxlen: 24
147.78.177.0/24 maxlen: 24
147.78.178.0/24 maxlen: 24
147.78.176.0/24 maxlen: 24
147.78.176.0/22 maxlen: 24
185.200.64.0/22 maxlen: 24
45.139.192.0/22 maxlen: 24
185.254.75.0/24 maxlen: 24
185.254.73.0/24 maxlen: 24
45.92.157.0/24 maxlen: 24
185.254.74.0/24 maxlen: 24
185.213.151.0/24 maxlen: 24
185.213.149.0/24 maxlen: 24
185.213.148.0/22 maxlen: 24
185.213.148.0/24 maxlen: 24
194.124.216.0/24 maxlen: 24
45.131.152.0/22 maxlen: 24
194.124.228.0/24 maxlen: 24
194.124.227.0/24 maxlen: 24
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
194.104.152.0/22 maxlen: 24
194.124.213.0/24 maxlen: 24
193.111.90.0/23 maxlen: 24
193.177.220.0/22 maxlen: 24
194.36.222.0/23 maxlen: 24
94.124.116.0/22 maxlen: 24
45.90.210.0/24 maxlen: 24
193.111.30.0/23 maxlen: 24
195.245.219.0/24 maxlen: 24
185.49.32.0/22 maxlen: 24
45.130.23.0/24 maxlen: 24
45.130.21.0/24 maxlen: 24
79.143.140.0/22 maxlen: 24
45.130.22.0/24 maxlen: 24
45.130.20.0/24 maxlen: 24
45.130.20.0/22 maxlen: 24
194.36.24.0/24 maxlen: 24
45.143.233.0/24 maxlen: 24
194.36.25.0/24 maxlen: 24
45.143.232.0/22 maxlen: 24
45.143.235.0/24 maxlen: 24
45.143.234.0/24 maxlen: 24
149.62.44.0/22 maxlen: 24
78.142.192.0/22 maxlen: 24
194.169.180.0/23 maxlen: 24
45.13.199.0/24 maxlen: 24
45.13.198.0/24 maxlen: 24
109.94.168.0/22 maxlen: 24
194.169.54.0/24 maxlen: 24
194.169.54.0/23 maxlen: 24
185.222.216.0/22 maxlen: 24
185.222.216.0/21 maxlen: 24
185.222.220.0/24 maxlen: 24
2a06:4fc0::/29 maxlen: 48
2a07:e900::/29 maxlen: 48
2a09:0:7::/48 maxlen: 48
2a06:57c0::/29 maxlen: 48
2a09:0:4::/48 maxlen: 48
2a09::/29 maxlen: 48
2a0b:4080::/32 maxlen: 48
2a0d:3640::/29 maxlen: 48
2a0c:ed40::/29 maxlen: 48
2a09:0:1::/48 maxlen: 48
2a09:0:1337::/48 maxlen: 64
2a0d:de80::/29 maxlen: 48
2a09:0:6::/48 maxlen: 48
2a09:0:9::/48 maxlen: 48
2a07:fa00::/29 maxlen: 48
2a0d:7540::/29 maxlen: 48
2a03:d9c0::/29 maxlen: 48
2a09:0:3::/48 maxlen: 48
2a10:2600::/29 maxlen: 48
2a0c:59c0::/29 maxlen: 48
2a09:0:11::/48 maxlen: 48
2a0b:89c0::/29 maxlen: 48
2a09:0:8::/48 maxlen: 48
2a0d:4340::/29 maxlen: 48
2a09:0:5::/48 maxlen: 48
2a0e:6200::/29 maxlen: 48
2a07:fe00::/29 maxlen: 48
2a0d:1fc0::/29 maxlen: 48
2a03:d9c0:8000::/48 maxlen: 48
2a03:d9c0:c0de::/48 maxlen: 64
2a0d:4bc0::/29 maxlen: 48
2a09:0:2::/48 maxlen: 48
2a10:480::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:c5:d5:9d:fb:7d:1d:08:f8:30:d0:f2:b9:31:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 1 20:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82128cb8a637c72b1a442fd4901d21ff47f44244
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:a8:f5:af:09:bd:ce:31:11:2b:ec:ac:c6:bd:
a0:7c:20:31:ed:01:31:bf:f8:64:bf:e6:20:ae:cb:
03:fc:47:65:47:f6:e3:f5:59:7a:2c:85:49:05:4d:
18:d2:32:4e:45:28:98:57:aa:0c:63:2d:48:9c:3f:
0a:1f:ea:b7:b0:d7:64:b2:ad:d7:76:7e:24:d7:a8:
76:d7:0c:bd:d6:04:64:51:9b:92:7e:b9:38:f3:e1:
21:7b:77:8c:91:36:ca:eb:e9:ae:e3:b8:3a:ed:b8:
bc:f8:f3:92:3b:a7:05:c5:98:ca:00:24:aa:af:51:
cc:d8:d6:5d:02:d1:11:d6:44:14:67:29:50:8d:82:
c9:74:84:21:ca:10:f6:27:3f:1f:31:ed:ff:3b:fa:
9b:19:3a:71:1e:09:47:ce:76:3d:51:43:31:45:f0:
1a:18:2e:fd:10:f2:7c:59:7e:05:1f:19:80:4e:5e:
08:3b:d5:f2:9f:27:09:46:bc:af:b5:94:18:58:0a:
50:f1:07:f1:19:bb:ed:4e:b5:84:fb:fb:9e:70:7e:
1e:76:ff:de:4b:eb:e4:c3:4e:aa:d4:86:cd:01:6e:
7c:9a:be:87:9f:09:57:72:d4:b3:ac:53:b3:70:bf:
c4:96:51:7d:2e:46:05:77:18:88:e9:e9:4d:64:12:
08:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:12:8C:B8:A6:37:C7:2B:1A:44:2F:D4:90:1D:21:FF:47:F4:42:44
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/ghKMuKY3xysaRC_UkB0h_0f0QkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.45.0/24
45.13.198.0/23
45.80.188.0/22
45.90.210.0/24
45.92.157.0/24
45.130.20.0/22
45.131.152.0/22
45.139.192.0/22
45.143.232.0/22
45.147.48.0/22
45.153.244.0/22
62.133.32.0/22
78.142.192.0/22
79.143.140.0/22
80.66.196.0/22
91.200.241.0/24
92.60.40.0-92.60.42.255
94.124.116.0/22
95.214.164.0/22
109.94.168.0/22
141.98.196.0/22
147.78.176.0/22
149.62.44.0/22
185.49.32.0/22
185.194.52.0/22
185.200.64.0/22
185.213.148.0/22
185.222.216.0/21
185.248.84.0/22
185.254.73.0-185.254.75.255
185.255.52.0/22
193.111.30.0/23
193.111.90.0/23
193.177.220.0/22
194.36.24.0/23
194.36.222.0/23
194.104.152.0/22
194.124.213.0/24
194.124.216.0/24
194.124.227.0-194.124.228.255
194.169.54.0/23
194.169.180.0/23
195.245.219.0/24
195.245.241.0-195.245.242.255
IPv6:
2a03:d9c0::/29
2a06:4fc0::/29
2a06:57c0::/29
2a07:e900::/29
2a07:fa00::/29
2a07:fe00::/29
2a09::/29
2a0b:4080::/32
2a0b:89c0::/29
2a0c:59c0::/29
2a0c:ed40::/29
2a0d:1fc0::/29
2a0d:3640::/29
2a0d:4340::/29
2a0d:4bc0::/29
2a0d:7540::/29
2a0d:de80::/29
2a0e:6200::/29
2a10:480::/29
2a10:2600::/29
Signature Algorithm: sha256WithRSAEncryption
7a:4c:25:50:8b:c2:0a:bf:8d:18:b2:38:d6:77:7d:bd:9c:86:
45:89:28:7e:b2:4a:25:43:ea:a8:b0:f3:38:4f:7f:b9:b5:2b:
e9:04:33:11:08:66:13:29:2d:c9:fe:4c:44:8a:b2:38:73:af:
eb:a3:a9:75:e3:f7:81:50:d8:fc:40:f0:1a:04:8b:99:10:60:
fb:2f:fb:80:34:91:b5:2d:a4:d9:55:b8:70:09:c7:25:9d:f7:
fb:82:f5:68:ba:ba:16:bb:2f:f8:08:a1:69:f4:79:d5:27:13:
7b:f5:e2:d4:a6:5d:a6:b8:14:ab:86:35:a7:01:c2:dc:bc:28:
52:bc:ab:b8:9e:7e:73:25:ce:3f:9e:6d:16:af:d4:2e:8f:e8:
eb:1a:a1:c9:37:34:1c:20:60:9a:8a:36:fe:fd:4c:d8:5a:06:
4a:a5:79:c0:e1:90:aa:b6:8e:df:c6:b5:75:1a:48:05:0a:bb:
e2:f3:b2:3f:9b:98:3e:68:65:31:b6:fc:a9:fa:3a:cf:b2:f0:
00:4a:c4:39:d6:67:c9:eb:a1:14:e4:c0:a7:01:d1:ec:60:7b:
1b:d8:f3:a1:32:ec:4a:b0:cd:ea:56:53:44:04:61:47:97:fd:
b1:dd:6f:d5:3f:ac:15:05:0a:ae:89:96:e6:a7:be:88:db:86:
4b:1a:3a:44
-----BEGIN CERTIFICATE-----
MIIGvzCCBaegAwIBAgISAYVvHcXVnft9HQj4MNDyuTHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMwMTAxMjA1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjEyOGNiOGE2MzdjNzJiMWE0NDJmZDQ5MDFkMjFmZjQ3ZjQ0MjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6j1rwm9zjERK+ysxr2gfCAx7QEx
v/hkv+YgrssD/EdlR/bj9Vl6LIVJBU0Y0jJORSiYV6oMYy1InD8KH+q3sNdksq3X
dn4k16h21wy91gRkUZuSfrk48+Ehe3eMkTbK6+mu47g67bi8+POSO6cFxZjKACSq
r1HM2NZdAtER1kQUZylQjYLJdIQhyhD2Jz8fMe3/O/qbGTpxHglHznY9UUMxRfAa
GC79EPJ8WX4FHxmATl4IO9XynycJRryvtZQYWApQ8QfxGbvtTrWE+/uecH4edv/e
S+vkw06q1IbNAW58mr6HnwlXctSzrFOzcL/EllF9LkYFdxiI6elNZBIIdwIDAQAB
o4IDyzCCA8cwHQYDVR0OBBYEFIISjLimN8crGkQv1JAdIf9H9EJEMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvZ2hLTXVLWTN4eXNhUkNfVWtCMGhfMGYwUWtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB3wYIKwYBBQUHAQcBAf8EggHOMIIByjCCATAEAgABMIIB
KAMEAC0LLQMEAS0NxgMEAi1QvAMEAC1a0gMEAC1cnQMEAi2CFAMEAi2DmAMEAi2L
wAMEAi2P6AMEAi2TMAMEAi2Z9AMEAj6FIAMEAk6OwAMEAk+PjAMEAlBCxAMEAFvI
8TAMAwQDXDwoAwQAXDwqAwQCXnx0AwQCX9akAwQCbV6oAwQCjWLEAwQCk06wAwQC
lT4sAwQCuTEgAwQCucI0AwQCuchAAwQCudWUAwQDud7YAwQCufhUMAwDBAC5/kkD
BAK5/kgDBAK5/zQDBAHBbx4DBAHBb1oDBALBsdwDBAHCJBgDBAHCJN4DBALCaJgD
BADCfNUDBADCfNgwDAMEAMJ84wMEAMJ85AMEAcKpNgMEAcKptAMEAMP12zAMAwQA
w/XxAwQAw/XyMIGTBAIAAjCBjAMFAyoD2cADBQMqBk/AAwUDKgZXwAMFAyoH6QAD
BQMqB/oAAwUDKgf+AAMFAyoJAAADBQAqC0CAAwUDKguJwAMFAyoMWcADBQMqDO1A
AwUDKg0fwAMFAyoNNkADBQMqDUNAAwUDKg1LwAMFAyoNdUADBQMqDd6AAwUDKg5i
AAMFAyoQBIADBQMqECYAMA0GCSqGSIb3DQEBCwUAA4IBAQB6TCVQi8IKv40YsjjW
d329nIZFiSh+skolQ+qosPM4T3+5tSvpBDMRCGYTKS3J/kxEirI4c6/ro6l14/eB
UNj8QPAaBIuZEGD7L/uANJG1LaTZVbhwCcclnff7gvVouroWuy/4CKFp9HnVJxN7
9eLUpl2muBSrhjWnAcLcvChSvKu4nn5zJc4/nm0Wr9Quj+jrGqHJNzQcIGCaijb+
/UzYWgZKpXnA4ZCqto7fxrV1GkgFCrvi87I/m5g+aGUxtvyp+jrPsvAASsQ51mfJ
66EU5MCnAdHsYHsb2POhMuxKsM3qVlNEBGFHl/2x3W/VP6wVBQquiZbmp76I24ZL
GjpE
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:59 2023 by rpki-client on console-fra.rpki-client.org