Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/iwastpGfgQALLRooYlFD-RYqKOc.roa
File: iwastpGfgQALLRooYlFD-RYqKOc.roa (raw, json)
Hash identifier: oQztYoc2gie8/jMSZhD1ks7pPrEat2brtPYc+fgAY24=
Subject key identifier: 8B:06:AC:B6:91:9F:81:00:0B:2D:1A:28:62:51:43:F9:16:2A:28:E7
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018CC801D3561AF2BB25BB8F9487608043A3
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/iwastpGfgQALLRooYlFD-RYqKOc.roa
Signing time: Tue 02 Jan 2024 02:30:11 +0000
ROA not before: Tue 02 Jan 2024 02:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8888
IP address blocks: 80.66.196.0/22 maxlen: 24
141.98.196.0/22 maxlen: 24
94.124.116.0/22 maxlen: 24
185.200.64.0/22 maxlen: 24
149.62.44.0/22 maxlen: 24
45.90.210.0/24 maxlen: 24
193.111.30.0/23 maxlen: 24
195.245.219.0/24 maxlen: 24
45.139.192.0/22 maxlen: 24
45.92.157.0/24 maxlen: 24
45.131.152.0/22 maxlen: 24
45.130.20.0/22 maxlen: 24
195.245.242.0/24 maxlen: 24
195.245.241.0/24 maxlen: 24
194.104.152.0/22 maxlen: 24
194.36.24.0/24 maxlen: 24
45.143.233.0/24 maxlen: 24
95.214.164.0/22 maxlen: 24
45.143.232.0/22 maxlen: 24
45.143.235.0/24 maxlen: 24
45.143.234.0/24 maxlen: 24
194.169.54.0/24 maxlen: 24
194.169.54.0/23 maxlen: 24
185.222.216.0/21 maxlen: 24
185.194.52.0/22 maxlen: 24
2a09:0:15::/48 maxlen: 48
2a06:57c0::/29 maxlen: 48
2a09::/29 maxlen: 128
2a07:fa00::/29 maxlen: 48
2a0d:7540::/29 maxlen: 48
2a0d:3640::/29 maxlen: 48
2a0c:ed40::/29 maxlen: 48
2a06:4fc0::/29 maxlen: 48
2a0d:4340::/29 maxlen: 48
2a0d:de80::/29 maxlen: 48
2a0e:6200::/29 maxlen: 48
2a07:e900::/29 maxlen: 48
2a0d:1fc0::/29 maxlen: 48
2a10:2600::/29 maxlen: 48
2a0d:4bc0::/29 maxlen: 48
2a09:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 30 Jan 2024 11:02:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:d3:56:1a:f2:bb:25:bb:8f:94:87:60:80:43:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 2 02:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b06acb6919f81000b2d1a28625143f9162a28e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:86:e0:58:3f:4d:2d:21:ec:90:95:e5:71:83:
50:12:93:ba:c9:55:75:c4:5e:51:50:b7:f3:f7:b6:
46:88:d1:cb:54:84:41:38:e9:d4:35:37:a5:50:59:
0d:9d:0a:d6:56:e2:28:31:6f:d2:57:31:6f:14:b9:
89:b0:7f:ff:99:4f:48:6f:f8:43:2f:02:32:5e:4f:
bc:d6:ac:1d:46:94:6b:7e:e7:8a:e3:bd:3a:7e:3e:
d5:7f:0b:f9:78:7d:55:c8:8d:ec:8c:77:40:c7:4e:
c3:76:0b:3f:a2:b6:51:d5:ff:54:1f:9d:83:16:90:
34:89:3b:77:22:7a:35:17:c9:4c:d7:e7:40:cc:4c:
f6:ba:30:66:c9:f3:be:38:83:fc:ea:59:68:a0:ae:
25:be:8d:90:f1:59:5f:a0:c2:33:de:09:a8:22:d8:
68:1e:75:35:6f:3d:47:d9:b5:94:0a:11:ef:ef:c3:
9a:64:f8:03:99:67:d5:37:44:f9:a1:f9:27:bd:64:
3a:30:33:77:1e:70:1d:75:db:fc:24:de:cb:8c:6b:
cd:82:ba:bf:79:a7:b4:1c:2b:bc:fc:d0:51:42:87:
a4:82:64:df:38:27:61:0f:7a:c6:61:5a:8b:6c:22:
33:27:18:e7:51:9b:b8:e2:56:b4:eb:20:86:b5:23:
58:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:06:AC:B6:91:9F:81:00:0B:2D:1A:28:62:51:43:F9:16:2A:28:E7
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/iwastpGfgQALLRooYlFD-RYqKOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.210.0/24
45.92.157.0/24
45.130.20.0/22
45.131.152.0/22
45.139.192.0/22
45.143.232.0/22
80.66.196.0/22
94.124.116.0/22
95.214.164.0/22
141.98.196.0/22
149.62.44.0/22
185.194.52.0/22
185.200.64.0/22
185.222.216.0/21
193.111.30.0/23
194.36.24.0/24
194.104.152.0/22
194.169.54.0/23
195.245.219.0/24
195.245.241.0-195.245.242.255
IPv6:
2a06:4fc0::/29
2a06:57c0::/29
2a07:e900::/29
2a07:fa00::/29
2a09::/29
2a0c:ed40::/29
2a0d:1fc0::/29
2a0d:3640::/29
2a0d:4340::/29
2a0d:4bc0::/29
2a0d:7540::/29
2a0d:de80::/29
2a0e:6200::/29
2a10:2600::/29
Signature Algorithm: sha256WithRSAEncryption
6d:79:82:8a:e4:b7:aa:fc:c7:f9:fa:66:6d:75:70:46:0c:0b:
c7:18:01:e6:b5:b1:b8:85:3e:88:3d:79:51:2c:bd:be:e3:30:
4f:29:2f:88:68:87:22:98:6b:c0:19:cf:9e:49:7e:1c:9e:9d:
56:7a:db:d0:d5:be:fb:13:c6:4c:20:f5:9c:bf:3a:73:4c:05:
41:eb:c1:51:f3:0f:b5:1b:1f:de:ac:d6:38:a3:ca:76:5c:0c:
54:61:38:18:f8:35:e3:0d:d4:d4:f4:a5:be:9e:75:6b:da:23:
74:62:c4:fc:fd:be:a4:45:29:86:42:33:d2:35:e5:e3:63:9f:
2b:72:31:96:9e:35:14:2d:60:74:57:06:f3:60:82:3b:ac:89:
08:de:37:78:4c:e0:c4:9c:e8:c6:50:20:db:d9:c7:4c:a6:37:
ab:87:64:aa:f5:86:ec:a8:8e:36:b0:d1:2d:93:72:da:e0:a6:
57:af:39:2d:65:27:d6:09:77:a5:67:c7:97:fa:80:2a:3e:c2:
8c:e1:a3:ec:54:6b:9d:8a:81:74:69:7f:7d:d5:64:55:6d:f2:
a2:de:76:b5:1a:9f:0a:07:fc:44:d4:57:fb:d2:20:4e:17:28:
d8:d5:b8:e6:b6:55:9f:f4:06:27:36:78:b5:ca:78:d3:c8:9e:
f9:3f:0e:9e
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAYzIAdNWGvK7JbuPlIdggEOjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwMTAyMDIzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjA2YWNiNjkxOWY4MTAwMGIyZDFhMjg2MjUxNDNmOTE2MmEyOGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4YbgWD9NLSHskJXlcYNQEpO6yVV1
xF5RULfz97ZGiNHLVIRBOOnUNTelUFkNnQrWVuIoMW/SVzFvFLmJsH//mU9Ib/hD
LwIyXk+81qwdRpRrfueK4706fj7Vfwv5eH1VyI3sjHdAx07Ddgs/orZR1f9UH52D
FpA0iTt3Ino1F8lM1+dAzEz2ujBmyfO+OIP86llooK4lvo2Q8VlfoMIz3gmoItho
HnU1bz1H2bWUChHv78OaZPgDmWfVN0T5ofknvWQ6MDN3HnAdddv8JN7LjGvNgrq/
eae0HCu8/NBRQoekgmTfOCdhD3rGYVqLbCIzJxjnUZu44la06yCGtSNYpQIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFIsGrLaRn4EACy0aKGJRQ/kWKijnMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvaXdhc3RwR2ZnUUFMTFJvb1lsRkQtUllxS09jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBwYIKwYBBQUHAQcBAf8EgfcwgfQwgYcEAgABMIGAAwQA
LVrSAwQALVydAwQCLYIUAwQCLYOYAwQCLYvAAwQCLY/oAwQCUELEAwQCXnx0AwQC
X9akAwQCjWLEAwQClT4sAwQCucI0AwQCuchAAwQDud7YAwQBwW8eAwQAwiQYAwQC
wmiYAwQBwqk2AwQAw/XbMAwDBADD9fEDBADD9fIwaAQCAAIwYgMFAyoGT8ADBQMq
BlfAAwUDKgfpAAMFAyoH+gADBQMqCQAAAwUDKgztQAMFAyoNH8ADBQMqDTZAAwUD
Kg1DQAMFAyoNS8ADBQMqDXVAAwUDKg3egAMFAyoOYgADBQMqECYAMA0GCSqGSIb3
DQEBCwUAA4IBAQBteYKK5Leq/Mf5+mZtdXBGDAvHGAHmtbG4hT6IPXlRLL2+4zBP
KS+IaIcimGvAGc+eSX4cnp1WetvQ1b77E8ZMIPWcvzpzTAVB68FR8w+1Gx/erNY4
o8p2XAxUYTgY+DXjDdTU9KW+nnVr2iN0YsT8/b6kRSmGQjPSNeXjY58rcjGWnjUU
LWB0VwbzYII7rIkI3jd4TODEnOjGUCDb2cdMpjerh2Sq9YbsqI42sNEtk3La4KZX
rzktZSfWCXelZ8eX+oAqPsKM4aPsVGudioF0aX991WRVbfKi3na1Gp8KB/xE1Ff7
0iBOFyjY1bjmtlWf9AYnNni1ynjTyJ75Pw6e
-----END CERTIFICATE-----
Generated at Tue Jan 30 13:50:33 2024 by rpki-client on console-fra.rpki-client.org