Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/8oVIIynl5w2D5o2mhdaVqqEJkCc.roa
File: 8oVIIynl5w2D5o2mhdaVqqEJkCc.roa (raw, json)
Hash identifier: WyMXonVjLW9dr9x54uAtMtJO43RsTberZyh3O+YsE8E=
Subject key identifier: F2:85:48:23:29:E5:E7:0D:83:E6:8D:A6:85:D6:95:AA:A1:09:90:27
Certificate issuer: /CN=84bfc451fc4f2411addd00a9fbb17346ad6e8996
Certificate serial: 018CC649E9BAD8F2D8FCE39BDA390C9855EF
Authority key identifier: 84:BF:C4:51:FC:4F:24:11:AD:DD:00:A9:FB:B1:73:46:AD:6E:89:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/8oVIIynl5w2D5o2mhdaVqqEJkCc.roa
Signing time: Mon 01 Jan 2024 18:29:41 +0000
ROA not before: Mon 01 Jan 2024 18:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207375
IP address blocks: 89.33.17.0/24 maxlen: 24
89.33.30.0/24 maxlen: 24
188.240.70.0/24 maxlen: 24
188.213.86.0/23 maxlen: 23
188.211.172.0/22 maxlen: 22
31.14.182.0/24 maxlen: 24
31.14.180.0/23 maxlen: 23
176.223.144.0/20 maxlen: 20
194.145.194.0/23 maxlen: 23
89.32.240.0/21 maxlen: 21
86.105.232.0/24 maxlen: 24
178.239.16.0/22 maxlen: 22
89.35.76.0/24 maxlen: 24
86.107.186.0/23 maxlen: 23
89.35.91.0/24 maxlen: 24
89.35.88.0/24 maxlen: 24
84.247.44.0/23 maxlen: 25
89.33.65.0/24 maxlen: 24
37.156.70.0/24 maxlen: 24
37.156.69.0/24 maxlen: 24
89.35.34.0/24 maxlen: 24
188.212.112.0/22 maxlen: 22
89.35.163.0/24 maxlen: 24
217.148.134.0/23 maxlen: 23
188.212.157.0/24 maxlen: 24
89.37.40.0/24 maxlen: 24
85.204.109.0/24 maxlen: 24
86.105.24.0/24 maxlen: 24
89.32.171.0/24 maxlen: 24
89.46.40.0/23 maxlen: 23
93.113.72.0/21 maxlen: 21
89.47.176.0/23 maxlen: 23
89.47.178.0/24 maxlen: 24
89.47.182.0/24 maxlen: 24
89.47.180.0/23 maxlen: 23
89.35.248.0/24 maxlen: 24
2a00:bba0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 08 Feb 2024 13:33:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:e9:ba:d8:f2:d8:fc:e3:9b:da:39:0c:98:55:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84bfc451fc4f2411addd00a9fbb17346ad6e8996
Validity
Not Before: Jan 1 18:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f285482329e5e70d83e68da685d695aaa1099027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0d:22:7a:82:69:6e:e3:62:68:be:d6:21:3d:
13:83:8b:34:34:dc:3c:6d:e0:fc:c5:25:4d:7c:ad:
1e:09:4f:1b:95:cc:01:0f:2c:a8:a1:66:83:3c:ab:
81:a8:49:70:34:78:01:a4:d6:a5:a1:c9:c5:fa:00:
7d:17:03:60:dc:33:f4:0d:45:1c:2f:3d:05:a8:41:
11:e1:17:c9:18:4c:b7:40:1f:12:ee:ed:8b:0f:6a:
25:5b:77:cf:9a:99:22:ea:7e:d1:f9:a4:a9:db:d0:
2a:de:17:63:71:35:53:38:0b:d3:ef:41:e8:7d:b2:
26:71:c0:65:c3:47:8f:b1:0b:83:ff:a1:d3:46:81:
59:a8:cb:53:75:f2:9f:54:60:ba:1d:d4:f6:52:04:
d1:60:9c:39:bc:00:9e:ad:90:dc:e7:14:1d:8d:09:
49:ed:43:2f:44:36:97:dc:bb:b9:1b:1b:5b:f9:85:
21:91:8e:ad:84:d0:b1:76:93:b8:c5:61:5e:27:e7:
d3:4e:b5:27:3a:0f:94:4a:7c:67:37:4a:7e:7c:9d:
65:c2:d1:d6:ac:64:d8:79:9d:73:ab:73:ee:0b:2f:
6c:32:3f:0d:84:98:cf:cf:d7:f9:d7:21:42:5c:d4:
ee:d5:99:13:ba:51:44:1d:8f:08:ee:1e:6a:68:2e:
3f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:85:48:23:29:E5:E7:0D:83:E6:8D:A6:85:D6:95:AA:A1:09:90:27
X509v3 Authority Key Identifier:
keyid:84:BF:C4:51:FC:4F:24:11:AD:DD:00:A9:FB:B1:73:46:AD:6E:89:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/8oVIIynl5w2D5o2mhdaVqqEJkCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hL_EUfxPJBGt3QCp-7FzRq1uiZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.180.0-31.14.182.255
37.156.69.0-37.156.70.255
84.247.44.0/23
85.204.109.0/24
86.105.24.0/24
86.105.232.0/24
86.107.186.0/23
89.32.171.0/24
89.32.240.0/21
89.33.17.0/24
89.33.30.0/24
89.33.65.0/24
89.35.34.0/24
89.35.76.0/24
89.35.88.0/24
89.35.91.0/24
89.35.163.0/24
89.35.248.0/24
89.37.40.0/24
89.46.40.0/23
89.47.176.0-89.47.178.255
89.47.180.0-89.47.182.255
93.113.72.0/21
176.223.144.0/20
178.239.16.0/22
188.211.172.0/22
188.212.112.0/22
188.212.157.0/24
188.213.86.0/23
188.240.70.0/24
194.145.194.0/23
217.148.134.0/23
IPv6:
2a00:bba0::/32
Signature Algorithm: sha256WithRSAEncryption
1a:b4:85:15:6f:f0:73:22:5a:6e:47:ac:64:11:cb:38:dd:55:
81:7e:39:f7:44:ef:d1:77:6f:a3:fa:65:3d:07:13:d8:c4:2f:
e6:dc:47:11:52:ab:95:9b:33:cd:1b:8b:d1:c4:ca:56:9a:97:
68:37:d5:8b:f8:e7:6c:fe:5f:36:e3:ed:ca:5b:5f:c8:83:8d:
47:f4:37:88:a2:80:e2:a7:12:ab:7a:fb:81:f5:b7:9d:00:12:
2f:80:94:8d:9b:32:d5:22:48:61:b7:79:62:f9:42:1e:a6:a0:
6a:26:c1:d0:8a:c6:af:75:18:4e:e4:3e:cc:fb:a2:63:5e:48:
13:54:6c:2d:b6:65:0c:b4:19:d8:9e:a6:e9:3d:1d:42:c5:c2:
8e:64:c6:09:ec:86:7d:94:78:72:42:d9:db:af:bd:f8:ac:77:
5c:2e:97:b9:73:c0:90:52:68:d3:d1:cd:07:50:8d:f1:51:75:
cf:06:55:82:87:07:61:fb:94:59:94:e0:df:30:f7:d7:df:42:
ba:e3:0e:2f:ed:7b:bc:7c:a8:04:fe:0c:ec:01:dd:0c:aa:9d:
90:5d:79:94:0e:ae:00:b3:57:86:b6:36:f2:fe:6d:61:de:0a:
bb:44:a8:b7:5c:0f:c7:66:4c:35:99:ff:d6:d4:cf:d0:df:8d:
c4:ea:43:9e
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgISAYzGSem62PLY/OOb2jkMmFXvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YmZjNDUxZmM0ZjI0MTFhZGRkMDBhOWZiYjE3MzQ2YWQ2
ZTg5OTYwHhcNMjQwMTAxMTgyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjg1NDgyMzI5ZTVlNzBkODNlNjhkYTY4NWQ2OTVhYWExMDk5MDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmA0ieoJpbuNiaL7WIT0Tg4s0NNw8
beD8xSVNfK0eCU8blcwBDyyooWaDPKuBqElwNHgBpNalocnF+gB9FwNg3DP0DUUc
Lz0FqEER4RfJGEy3QB8S7u2LD2olW3fPmpki6n7R+aSp29Aq3hdjcTVTOAvT70Ho
fbImccBlw0ePsQuD/6HTRoFZqMtTdfKfVGC6HdT2UgTRYJw5vACerZDc5xQdjQlJ
7UMvRDaX3Lu5Gxtb+YUhkY6thNCxdpO4xWFeJ+fTTrUnOg+USnxnN0p+fJ1lwtHW
rGTYeZ1zq3PuCy9sMj8NhJjPz9f51yFCXNTu1ZkTulFEHY8I7h5qaC4/yQIDAQAB
o4IC+DCCAvQwHQYDVR0OBBYEFPKFSCMp5ecNg+aNpoXWlaqhCZAnMB8GA1UdIwQY
MBaAFIS/xFH8TyQRrd0Aqfuxc0atbomWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExfRVVmeFBKQkd0M1FDcC03RnpScTF1aVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9iN2JlNjQtODZkNC00NDNiLTk2ODYt
ZjY2MzE3OTc3OTY4LzEvOG9WSUl5bmw1dzJENW8ybWhkYVZxcUVKa0NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9iN2JlNjQtODZkNC00NDNiLTk2ODYtZjY2MzE3OTc3OTY4
LzEvaExfRVVmeFBKQkd0M1FDcC03RnpScTF1aVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDAYIKwYBBQUHAQcBAf8EgfwwgfkwgecEAgABMIHgMAwD
BAIfDrQDBAAfDrYwDAMEACWcRQMEACWcRgMEAVT3LAMEAFXMbQMEAFZpGAMEAFZp
6AMEAVZrugMEAFkgqwMEA1kg8AMEAFkhEQMEAFkhHgMEAFkhQQMEAFkjIgMEAFkj
TAMEAFkjWAMEAFkjWwMEAFkjowMEAFkj+AMEAFklKAMEAVkuKDAMAwQEWS+wAwQA
WS+yMAwDBAJZL7QDBABZL7YDBANdcUgDBASw35ADBAKy7xADBAK806wDBAK81HAD
BAC81J0DBAG81VYDBAC88EYDBAHCkcIDBAHZlIYwDQQCAAIwBwMFACoAu6AwDQYJ
KoZIhvcNAQELBQADggEBABq0hRVv8HMiWm5HrGQRyzjdVYF+OfdE79F3b6P6ZT0H
E9jEL+bcRxFSq5WbM80bi9HEylaal2g31Yv452z+Xzbj7cpbX8iDjUf0N4iigOKn
Eqt6+4H1t50AEi+AlI2bMtUiSGG3eWL5Qh6moGomwdCKxq91GE7kPsz7omNeSBNU
bC22ZQy0Gdiepuk9HULFwo5kxgnshn2UeHJC2duvvfisd1wul7lzwJBSaNPRzQdQ
jfFRdc8GVYKHB2H7lFmU4N8w99ffQrrjDi/te7x8qAT+DOwB3QyqnZBdeZQOrgCz
V4a2NvL+bWHeCrtEqLdcD8dmTDWZ/9bUz9DfjcTqQ54=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:10 2024 by rpki-client on console-ams.rpki-client.org