Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/8R5mBGmkiQWfQQ58d8kMNPwhP_I.roa
File: 8R5mBGmkiQWfQQ58d8kMNPwhP_I.roa (raw, json)
Hash identifier: 44+64xulQJ6LUiz4caZgIEpjRiIHW6D2z1stboQm3NE=
Subject key identifier: F1:1E:66:04:69:A4:89:05:9F:41:0E:7C:77:C9:0C:34:FC:21:3F:F2
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 018C81A5A768CFEC2EF52DEE1838C160AF2D
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/8R5mBGmkiQWfQQ58d8kMNPwhP_I.roa
Signing time: Tue 19 Dec 2023 10:36:06 +0000
ROA not before: Tue 19 Dec 2023 10:36:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 185.236.232.0/24 maxlen: 24
45.120.176.0/22 maxlen: 24
195.149.87.0/24 maxlen: 24
89.221.225.0/24 maxlen: 24
89.221.224.0/24 maxlen: 24
91.194.161.0/24 maxlen: 24
185.242.84.0/24 maxlen: 24
185.242.85.0/24 maxlen: 24
185.242.87.0/24 maxlen: 24
185.242.86.0/24 maxlen: 24
103.106.0.0/22 maxlen: 24
185.250.150.0/24 maxlen: 24
185.250.149.0/24 maxlen: 24
185.250.148.0/24 maxlen: 24
185.250.151.0/24 maxlen: 24
103.35.188.0/22 maxlen: 24
193.203.202.0/24 maxlen: 24
80.92.205.0/24 maxlen: 24
80.92.204.0/24 maxlen: 24
74.119.192.0/24 maxlen: 24
80.92.206.0/24 maxlen: 24
91.225.218.0/24 maxlen: 24
91.225.217.0/24 maxlen: 24
91.225.219.0/24 maxlen: 24
74.119.195.0/24 maxlen: 24
74.119.194.0/24 maxlen: 24
74.119.193.0/24 maxlen: 24
176.120.64.0/22 maxlen: 24
176.120.64.0/24 maxlen: 24
176.120.72.0/22 maxlen: 24
103.113.68.0/22 maxlen: 24
45.67.231.0/24 maxlen: 24
45.67.230.0/24 maxlen: 24
45.67.229.0/24 maxlen: 24
45.67.228.0/24 maxlen: 24
194.246.115.0/24 maxlen: 24
194.246.114.0/24 maxlen: 24
2a09:7c44::/32 maxlen: 32
2a09:7c45::/32 maxlen: 32
2a09:7c47::/32 maxlen: 32
2a09:7c41::/32 maxlen: 32
2a09:7c42::/32 maxlen: 32
2a09:7c43::/32 maxlen: 32
2a09:7c40::/32 maxlen: 32
2a09:7c46::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:81:a5:a7:68:cf:ec:2e:f5:2d:ee:18:38:c1:60:af:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Dec 19 10:36:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f11e660469a489059f410e7c77c90c34fc213ff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:97:30:f9:c6:21:e8:94:16:30:8a:c5:31:ba:
06:1e:44:e5:c7:ea:7a:a2:30:09:ed:db:37:2b:00:
20:f6:0e:71:d4:c6:35:5c:85:cb:29:81:03:53:24:
83:32:51:7c:e2:cd:57:95:bc:de:8e:47:82:9b:f1:
b2:b3:7a:3a:ff:06:d9:0d:a4:f7:fd:fd:e3:8b:ce:
91:d9:70:a7:61:a9:f2:a3:84:3a:8f:51:4c:5d:f7:
c1:5a:f7:b8:a7:8d:50:29:e6:a3:71:6f:1b:57:2a:
51:c0:36:13:1e:61:49:9e:f5:94:73:b4:8a:09:ae:
d1:4f:7f:99:f8:81:5b:2b:73:e3:ee:65:97:f4:ee:
37:39:9e:b0:05:6e:d0:ed:73:69:b8:ee:cb:7c:44:
8e:8a:ca:23:54:c5:4a:f3:1e:97:d2:4d:40:3e:01:
9a:9d:ea:9a:5c:7d:66:72:5d:ec:1f:f0:70:e8:7d:
a6:19:85:b6:dc:6a:c8:be:f5:3b:da:c7:14:34:9b:
5e:f2:59:38:43:86:28:41:6d:05:61:3e:31:56:65:
c9:ee:63:3f:10:3c:6a:29:af:44:91:a5:53:e8:ab:
72:6b:a7:78:8d:60:75:eb:ef:b9:a2:c5:75:ba:57:
f7:d4:65:bc:14:f3:b9:cd:3c:d3:b0:e4:fd:d3:9a:
f0:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:1E:66:04:69:A4:89:05:9F:41:0E:7C:77:C9:0C:34:FC:21:3F:F2
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/8R5mBGmkiQWfQQ58d8kMNPwhP_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.228.0/22
45.120.176.0/22
74.119.192.0/22
80.92.204.0-80.92.206.255
89.221.224.0/23
91.194.161.0/24
91.225.217.0-91.225.219.255
103.35.188.0/22
103.106.0.0/22
103.113.68.0/22
176.120.64.0/22
176.120.72.0/22
185.236.232.0/24
185.242.84.0/22
185.250.148.0/22
193.203.202.0/24
194.246.114.0/23
195.149.87.0/24
IPv6:
2a09:7c40::/29
Signature Algorithm: sha256WithRSAEncryption
76:65:e3:7b:30:13:84:08:b0:f3:ad:f2:1d:81:12:40:e1:e5:
65:5f:d3:d1:d6:33:06:57:c4:0c:b4:50:e9:8e:70:1e:c5:24:
5a:2e:d1:2d:e6:b3:f0:2c:b0:be:a3:6f:5e:5e:6d:57:4d:38:
87:df:87:48:bd:3f:42:c8:d7:f2:c2:21:23:4c:cc:ab:e1:bf:
52:8f:82:7f:4c:04:2e:a0:7e:b8:e0:a0:4e:b6:62:0b:33:47:
aa:98:74:00:db:6c:32:12:f4:77:76:3d:d6:32:87:5d:51:3f:
4d:eb:21:82:77:8b:5c:00:f8:f5:0f:9e:8f:b1:52:de:90:35:
1c:4e:94:f6:78:e7:3c:d6:9f:4a:f2:85:e5:79:f2:62:8a:18:
a7:49:fc:15:aa:05:2c:e0:f5:74:3b:e6:2f:d7:03:ac:b1:9d:
a6:f5:e5:3d:3a:33:9a:76:8d:df:50:f8:11:c9:7c:37:99:46:
ee:08:46:9f:7f:f4:b6:5d:4c:a5:30:36:38:11:18:9e:be:fe:
93:6d:f2:38:ee:22:0a:d2:da:e5:52:f7:42:5d:65:62:f0:ca:
79:24:19:81:c0:a7:8e:f2:e5:7a:54:7c:63:f1:e5:82:5c:8d:
a6:13:7b:54:7b:2f:cc:1d:b2:74:51:fb:fe:94:7f:08:3e:71:
10:51:10:e6
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYyBpadoz+wu9S3uGDjBYK8tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjMxMjE5MTAzNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTFlNjYwNDY5YTQ4OTA1OWY0MTBlN2M3N2M5MGMzNGZjMjEzZmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpcw+cYh6JQWMIrFMboGHkTlx+p6
ojAJ7ds3KwAg9g5x1MY1XIXLKYEDUySDMlF84s1XlbzejkeCm/Gys3o6/wbZDaT3
/f3ji86R2XCnYanyo4Q6j1FMXffBWve4p41QKeajcW8bVypRwDYTHmFJnvWUc7SK
Ca7RT3+Z+IFbK3Pj7mWX9O43OZ6wBW7Q7XNpuO7LfESOisojVMVK8x6X0k1APgGa
neqaXH1mcl3sH/Bw6H2mGYW23GrIvvU72scUNJte8lk4Q4YoQW0FYT4xVmXJ7mM/
EDxqKa9EkaVT6Ktya6d4jWB16++5osV1ulf31GW8FPO5zTzTsOT905rw8QIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFPEeZgRppIkFn0EOfHfJDDT8IT/yMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvOFI1bUJHbWtpUVdmUVE1OGQ4a01OUHdoUF9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBggQCAAEwfAMEAi1D
5AMEAi14sAMEAkp3wDAMAwQCUFzMAwQAUFzOAwQBWd3gAwQAW8KhMAwDBABb4dkD
BAJb4dgDBAJnI7wDBAJnagADBAJncUQDBAKweEADBAKweEgDBAC57OgDBAK58lQD
BAK5+pQDBADBy8oDBAHC9nIDBADDlVcwDQQCAAIwBwMFAyoJfEAwDQYJKoZIhvcN
AQELBQADggEBAHZl43swE4QIsPOt8h2BEkDh5WVf09HWMwZXxAy0UOmOcB7FJFou
0S3ms/AssL6jb15ebVdNOIffh0i9P0LI1/LCISNMzKvhv1KPgn9MBC6gfrjgoE62
YgszR6qYdADbbDIS9Hd2PdYyh11RP03rIYJ3i1wA+PUPno+xUt6QNRxOlPZ45zzW
n0ryheV58mKKGKdJ/BWqBSzg9XQ75i/XA6yxnab15T06M5p2jd9Q+BHJfDeZRu4I
Rp9/9LZdTKUwNjgRGJ6+/pNt8jjuIgrS2uVS90JdZWLwynkkGYHAp47y5XpUfGPx
5YJcjaYTe1R7L8wdsnRR+/6Ufwg+cRBREOY=
Generated at Thu Dec 21 00:28:42 2023 by rpki-client on console-fra.rpki-client.org