Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/8GHeayD9wys_LVDp0W9vp1GdC78.roa
File: 8GHeayD9wys_LVDp0W9vp1GdC78.roa (raw, json)
Hash identifier: jLCqEiB/yE7npwuNoEDDLcfN1s/nnlA74S+VKN0vv+c=
Subject key identifier: F0:61:DE:6B:20:FD:C3:2B:3F:2D:50:E9:D1:6F:6F:A7:51:9D:0B:BF
Certificate issuer: /CN=0d814a5f08fb47711d7160b027f996dfb612f045
Certificate serial: 018BC812CD88E81EEAD35CDB8096283156DC
Authority key identifier: 0D:81:4A:5F:08:FB:47:71:1D:71:60:B0:27:F9:96:DF:B6:12:F0:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYFKXwj7R3EdcWCwJ_mW37YS8EU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/8GHeayD9wys_LVDp0W9vp1GdC78.roa
Signing time: Mon 13 Nov 2023 09:45:57 +0000
ROA not before: Mon 13 Nov 2023 09:45:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35132
IP address blocks: 178.249.120.0/21 maxlen: 21
185.243.176.0/22 maxlen: 22
217.149.112.0/20 maxlen: 20
185.186.132.0/22 maxlen: 22
109.122.48.0/21 maxlen: 21
62.50.160.0/19 maxlen: 19
185.141.156.0/22 maxlen: 22
185.214.16.0/22 maxlen: 22
37.32.48.0/21 maxlen: 21
89.20.224.0/19 maxlen: 19
93.89.32.0/20 maxlen: 20
185.197.220.0/22 maxlen: 22
109.235.100.0/22 maxlen: 22
95.111.160.0/19 maxlen: 19
188.119.80.0/22 maxlen: 22
2a02:1660::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c8:12:cd:88:e8:1e:ea:d3:5c:db:80:96:28:31:56:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d814a5f08fb47711d7160b027f996dfb612f045
Validity
Not Before: Nov 13 09:45:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f061de6b20fdc32b3f2d50e9d16f6fa7519d0bbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:45:9e:36:08:1a:42:52:bc:20:6f:fe:90:30:
1f:06:42:48:c6:c9:cc:0f:dc:b7:17:28:98:b9:37:
c1:c0:ad:4f:e6:17:d3:fb:b1:e7:fd:78:77:9c:be:
e1:24:38:47:ef:6d:0d:dd:76:74:04:5f:89:ac:14:
44:cb:44:73:0c:30:7f:77:7e:06:5b:54:24:ec:e1:
73:cd:3c:1b:08:26:d1:78:c9:d2:9b:76:b7:f5:a5:
4b:d8:b1:30:c1:79:36:7a:e0:a4:28:41:3a:0b:92:
ee:86:c7:47:05:7a:7f:3f:14:21:8f:85:d8:1a:d1:
5f:f9:ed:6a:72:43:90:9b:cf:47:c5:7b:5f:2c:46:
dc:2e:34:ad:76:86:7b:3a:b7:7e:37:25:3a:91:ab:
f7:9c:e6:af:f7:fc:45:e4:85:b0:c0:da:f3:d6:ef:
47:38:e8:2a:d2:bf:b9:f6:b2:03:76:ef:75:b3:55:
5e:d3:37:11:b8:b3:d8:c4:96:e6:10:9e:9b:b6:c0:
7a:90:bb:84:d2:05:05:1d:05:73:ae:74:50:ba:bf:
f8:ad:05:c0:2c:0e:99:f5:0f:98:c5:d9:84:b7:29:
ba:06:29:37:ee:09:60:48:e1:0a:4a:11:7c:05:69:
a7:97:24:56:d2:99:44:ff:c0:77:f3:8f:dd:7f:6f:
ed:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:61:DE:6B:20:FD:C3:2B:3F:2D:50:E9:D1:6F:6F:A7:51:9D:0B:BF
X509v3 Authority Key Identifier:
keyid:0D:81:4A:5F:08:FB:47:71:1D:71:60:B0:27:F9:96:DF:B6:12:F0:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYFKXwj7R3EdcWCwJ_mW37YS8EU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/8GHeayD9wys_LVDp0W9vp1GdC78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/DYFKXwj7R3EdcWCwJ_mW37YS8EU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.48.0/21
62.50.160.0/19
89.20.224.0/19
93.89.32.0/20
95.111.160.0/19
109.122.48.0/21
109.235.100.0/22
178.249.120.0/21
185.141.156.0/22
185.186.132.0/22
185.197.220.0/22
185.214.16.0/22
185.243.176.0/22
188.119.80.0/22
217.149.112.0/20
IPv6:
2a02:1660::/32
Signature Algorithm: sha256WithRSAEncryption
56:c0:6a:e4:d1:62:a0:76:30:d2:19:43:f4:f3:52:43:8e:49:
aa:68:b3:2e:21:6a:f1:74:3f:8c:b0:ff:ee:db:67:03:58:10:
eb:b7:b9:78:9b:b1:30:c2:b2:21:f1:0f:73:12:98:db:50:b8:
33:4e:d4:d4:8d:c6:cc:4b:20:c8:05:f6:b4:99:65:39:42:55:
f7:9b:29:94:f5:74:b2:02:cc:e6:d9:1e:b9:ed:5d:db:33:5e:
a7:1d:84:2a:95:0f:c4:44:c4:a0:c8:36:a4:98:0e:37:41:54:
db:f1:9f:41:83:9c:fb:94:78:3e:93:ae:78:76:d5:fe:3d:7e:
75:b1:d9:ba:f4:5c:e5:65:cb:8d:9a:ce:06:d2:ba:38:c6:af:
2a:a0:fe:0f:d9:9e:f0:a0:90:e2:a2:38:23:5c:bb:43:dc:4c:
c8:f8:c1:1c:ba:f4:b4:db:55:02:75:f9:4b:24:a8:e0:3f:b5:
3d:0a:08:9c:7d:29:d0:36:b8:39:6b:1c:26:3d:59:bf:54:b4:
c9:76:d7:c6:8e:8a:c5:ef:56:ae:92:05:35:a2:14:46:24:a7:
36:5f:77:e8:a6:54:59:10:b5:88:94:9c:1c:34:48:8c:bb:cf:
9d:f5:58:ba:73:48:87:ea:e3:02:07:28:08:58:07:fd:91:97:
97:f3:20:65
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYvIEs2I6B7q01zbgJYoMVbcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkODE0YTVmMDhmYjQ3NzExZDcxNjBiMDI3Zjk5NmRmYjYx
MmYwNDUwHhcNMjMxMTEzMDk0NTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDYxZGU2YjIwZmRjMzJiM2YyZDUwZTlkMTZmNmZhNzUxOWQwYmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kWeNggaQlK8IG/+kDAfBkJIxsnM
D9y3FyiYuTfBwK1P5hfT+7Hn/Xh3nL7hJDhH720N3XZ0BF+JrBREy0RzDDB/d34G
W1Qk7OFzzTwbCCbReMnSm3a39aVL2LEwwXk2euCkKEE6C5LuhsdHBXp/PxQhj4XY
GtFf+e1qckOQm89HxXtfLEbcLjStdoZ7Ord+NyU6kav3nOav9/xF5IWwwNrz1u9H
OOgq0r+59rIDdu91s1Ve0zcRuLPYxJbmEJ6btsB6kLuE0gUFHQVzrnRQur/4rQXA
LA6Z9Q+YxdmEtym6Bik37glgSOEKShF8BWmnlyRW0plE/8B384/df2/tGQIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFPBh3msg/cMrPy1Q6dFvb6dRnQu/MB8GA1UdIwQY
MBaAFA2BSl8I+0dxHXFgsCf5lt+2EvBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFlGS1h3ajdSM0VkY1dDd0pfbVczN1lTOEVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC84YTY4NGItMDM3NS00MGU1LWI3MjYt
Y2U3OTg1YjU2MDkzLzEvOEdIZWF5RDl3eXNfTFZEcDBXOXZwMUdkQzc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC84YTY4NGItMDM3NS00MGU1LWI3MjYtY2U3OTg1YjU2MDkz
LzEvRFlGS1h3ajdSM0VkY1dDd0pfbVczN1lTOEVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAyUgMAME
BT4yoAMEBVkU4AMEBF1ZIAMEBV9voAMEA216MAMEAm3rZAMEA7L5eAMEArmNnAME
Arm6hAMEArnF3AMEArnWEAMEArnzsAMEArx3UAMEBNmVcDANBAIAAjAHAwUAKgIW
YDANBgkqhkiG9w0BAQsFAAOCAQEAVsBq5NFioHYw0hlD9PNSQ45JqmizLiFq8XQ/
jLD/7ttnA1gQ67e5eJuxMMKyIfEPcxKY21C4M07U1I3GzEsgyAX2tJllOUJV95sp
lPV0sgLM5tkeue1d2zNepx2EKpUPxETEoMg2pJgON0FU2/GfQYOc+5R4PpOueHbV
/j1+dbHZuvRc5WXLjZrOBtK6OMavKqD+D9me8KCQ4qI4I1y7Q9xMyPjBHLr0tNtV
AnX5SySo4D+1PQoInH0p0Da4OWscJj1Zv1S0yXbXxo6Kxe9WrpIFNaIURiSnNl93
6KZUWRC1iJScHDRIjLvPnfVYunNIh+rjAgcoCFgH/ZGXl/MgZQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:49 2024 by rpki-client on console-ams.rpki-client.org