Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/4KahkZsMkZEXo0TRHQ8cxDop_Lw.roa
File: 4KahkZsMkZEXo0TRHQ8cxDop_Lw.roa (raw, json)
Hash identifier: aN1nBta8RkDThWfhqkpvBMNbLPbyp/tj8iAaj6P/Yd4=
Subject key identifier: E0:A6:A1:91:9B:0C:91:91:17:A3:44:D1:1D:0F:1C:C4:3A:29:FC:BC
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018CC7276FEA02DD27F4E37007D3F14CC1CA
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/4KahkZsMkZEXo0TRHQ8cxDop_Lw.roa
Signing time: Mon 01 Jan 2024 22:31:39 +0000
ROA not before: Mon 01 Jan 2024 22:31:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3267
IP address blocks: 82.137.137.0/24 maxlen: 24
86.110.96.0/19 maxlen: 19
86.110.96.0/22 maxlen: 22
86.110.101.0/24 maxlen: 24
86.110.102.0/24 maxlen: 24
86.110.103.0/24 maxlen: 24
86.110.112.0/20 maxlen: 20
82.137.176.0/22 maxlen: 22
82.137.184.0/22 maxlen: 22
82.137.180.0/22 maxlen: 22
82.137.188.0/22 maxlen: 22
85.143.96.0/22 maxlen: 24
85.143.112.0/22 maxlen: 24
85.143.124.0/22 maxlen: 24
194.190.241.0/24 maxlen: 24
194.190.242.0/23 maxlen: 23
194.190.244.0/22 maxlen: 22
194.190.248.0/21 maxlen: 21
85.143.224.0/21 maxlen: 21
85.143.239.0/24 maxlen: 24
188.93.107.0/24 maxlen: 24
194.190.224.0/19 maxlen: 24
194.190.232.0/21 maxlen: 24
194.190.240.0/24 maxlen: 24
85.142.148.0/23 maxlen: 24
85.142.153.0/24 maxlen: 24
85.142.162.0/23 maxlen: 24
193.27.214.0/23 maxlen: 24
85.142.104.0/21 maxlen: 24
194.85.32.0/20 maxlen: 20
85.142.102.0/23 maxlen: 24
85.142.116.0/22 maxlen: 24
82.179.128.0/17 maxlen: 17
85.142.120.0/21 maxlen: 24
194.149.64.0/24 maxlen: 24
194.85.174.0/23 maxlen: 23
85.143.0.0/20 maxlen: 24
83.149.192.0/18 maxlen: 24
85.143.18.0/23 maxlen: 24
85.143.26.0/24 maxlen: 24
80.250.160.0/19 maxlen: 24
80.250.172.0/23 maxlen: 23
80.250.170.0/23 maxlen: 23
80.250.176.0/20 maxlen: 20
80.250.175.0/24 maxlen: 24
194.85.160.0/21 maxlen: 21
194.85.168.0/22 maxlen: 22
185.71.96.0/22 maxlen: 22
85.142.32.0/21 maxlen: 24
85.142.52.0/22 maxlen: 24
85.142.56.0/22 maxlen: 24
82.179.64.0/18 maxlen: 18
85.142.8.0/21 maxlen: 21
82.179.32.0/19 maxlen: 19
2a07:a6c0::/29 maxlen: 29
2a07:a6c4::/32 maxlen: 32
2001:b08:22::/48 maxlen: 48
2a00:db8::/32 maxlen: 48
2001:b08:26::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 09 Feb 2024 10:19:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:6f:ea:02:dd:27:f4:e3:70:07:d3:f1:4c:c1:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 22:31:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0a6a1919b0c919117a344d11d0f1cc43a29fcbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:50:11:55:76:f3:8f:dd:03:37:18:e0:f3:cf:
57:7a:5c:4e:ff:73:39:72:26:b0:2d:62:2c:38:16:
89:34:c9:41:8f:9f:0b:4b:01:9b:d3:03:a6:81:44:
cd:0a:c8:5d:d8:5e:25:25:77:4f:17:3e:ba:df:cb:
54:2b:6e:28:fb:ab:49:b3:f5:03:33:71:64:fb:d1:
1f:17:f2:3a:bf:54:72:6f:96:b3:97:61:ac:20:41:
7f:76:45:20:bd:8e:c9:32:75:73:8f:95:c3:90:a7:
ac:70:2b:a6:b5:e5:81:3b:7c:19:18:a4:ed:06:14:
96:17:49:f6:ef:95:b3:30:64:65:76:5a:ca:61:db:
c4:84:c1:9a:d1:0b:e8:6f:03:56:99:bc:56:4c:7b:
90:d7:fa:91:c7:16:47:33:3a:d5:2e:f6:94:28:83:
6a:3f:4d:92:1d:16:fa:b2:6f:b9:36:69:b2:be:3c:
67:22:44:07:6e:0e:42:d6:80:c7:ba:d0:7c:35:6d:
ec:e4:a8:48:1d:89:d0:93:0b:a2:6a:24:3d:4f:b1:
2c:bb:94:94:42:62:5b:f4:fa:31:44:b9:51:91:c5:
61:db:88:ed:52:a5:12:9b:51:83:66:01:35:70:a2:
64:9b:4e:3c:02:af:5c:eb:31:45:b0:ee:8f:1e:ca:
26:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:A6:A1:91:9B:0C:91:91:17:A3:44:D1:1D:0F:1C:C4:3A:29:FC:BC
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/4KahkZsMkZEXo0TRHQ8cxDop_Lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.250.160.0/19
82.137.137.0/24
82.137.176.0/20
82.179.32.0-82.179.255.255
83.149.192.0/18
85.142.8.0/21
85.142.32.0/21
85.142.52.0-85.142.59.255
85.142.102.0-85.142.111.255
85.142.116.0-85.142.127.255
85.142.148.0/23
85.142.153.0/24
85.142.162.0/23
85.143.0.0/20
85.143.18.0/23
85.143.26.0/24
85.143.96.0/22
85.143.112.0/22
85.143.124.0/22
85.143.224.0/21
85.143.239.0/24
86.110.96.0/19
185.71.96.0/22
188.93.107.0/24
193.27.214.0/23
194.85.32.0/20
194.85.160.0-194.85.171.255
194.85.174.0/23
194.149.64.0/24
194.190.224.0/19
IPv6:
2001:b08:22::/48
2001:b08:26::/48
2a00:db8::/32
2a07:a6c0::/29
Signature Algorithm: sha256WithRSAEncryption
74:25:82:84:4a:86:ea:8c:57:45:e3:19:e9:ce:0e:d7:f5:0f:
61:45:f8:99:e8:2d:bc:4d:6d:d6:55:8a:aa:5d:0d:f3:08:a8:
e1:f0:4c:ce:97:45:4e:53:20:20:60:e3:0f:4c:1c:a4:17:60:
b2:27:af:7c:01:64:13:52:c4:9a:9c:44:d0:22:59:90:71:fc:
39:d6:31:5d:fe:44:e2:06:e1:0f:19:77:57:5d:3f:5a:a7:3c:
2f:46:58:28:62:29:aa:da:7a:12:92:39:e1:5a:2f:f3:b7:c4:
b6:fe:02:e3:6a:f6:80:df:9e:34:9a:3c:f4:5b:97:c9:84:88:
44:df:e0:14:34:68:68:b7:23:9d:5e:3b:4b:fa:de:24:a0:eb:
6a:86:da:ef:f1:ec:1a:4a:ad:b8:32:a7:e8:a7:b2:1f:a1:2e:
14:9b:03:72:17:34:02:56:49:94:a4:92:a0:28:eb:a6:a5:04:
7d:32:a4:61:a4:f0:af:43:7f:63:dd:81:36:9a:57:eb:3d:a3:
d7:ab:7d:ae:af:d9:fa:bd:01:31:60:bc:52:bb:c4:5b:33:8a:
bb:3f:6c:bf:79:2f:59:62:18:b3:ca:09:e7:15:42:fd:13:32:
90:a5:6a:88:9d:47:97:4d:f3:fb:7a:42:f6:19:86:ce:fc:8b:
73:12:53:f9
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgISAYzHJ2/qAt0n9ONwB9PxTMHKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjQwMTAxMjIzMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGE2YTE5MTliMGM5MTkxMTdhMzQ0ZDExZDBmMWNjNDNhMjlmY2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFARVXbzj90DNxjg889XelxO/3M5
ciawLWIsOBaJNMlBj58LSwGb0wOmgUTNCshd2F4lJXdPFz6638tUK24o+6tJs/UD
M3Fk+9EfF/I6v1Ryb5azl2GsIEF/dkUgvY7JMnVzj5XDkKescCumteWBO3wZGKTt
BhSWF0n275WzMGRldlrKYdvEhMGa0QvobwNWmbxWTHuQ1/qRxxZHMzrVLvaUKINq
P02SHRb6sm+5NmmyvjxnIkQHbg5C1oDHutB8NW3s5KhIHYnQkwuiaiQ9T7Esu5SU
QmJb9PoxRLlRkcVh24jtUqUSm1GDZgE1cKJkm048Aq9c6zFFsO6PHsom2QIDAQAB
o4IDDjCCAwowHQYDVR0OBBYEFOCmoZGbDJGRF6NE0R0PHMQ6Kfy8MB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvNEthaGtac01rWkVYbzBUUkhROGN4RG9wX0x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIgYIKwYBBQUHAQcBAf8EggERMIIBDTCB4gQCAAEwgdsD
BAVQ+qADBABSiYkDBARSibAwCwMEBVKzIAMDAlKwAwQGU5XAAwQDVY4IAwQDVY4g
MAwDBAJVjjQDBAJVjjgwDAMEAVWOZgMEBFWOYDAMAwQCVY50AwQHVY4AAwQBVY6U
AwQAVY6ZAwQBVY6iAwQEVY8AAwQBVY8SAwQAVY8aAwQCVY9gAwQCVY9wAwQCVY98
AwQDVY/gAwQAVY/vAwQFVm5gAwQCuUdgAwQAvF1rAwQBwRvWAwQEwlUgMAwDBAXC
VaADBALCVagDBAHCVa4DBADClUADBAXCvuAwJgQCAAIwIAMHACABCwgAIgMHACAB
CwgAJgMFACoADbgDBQMqB6bAMA0GCSqGSIb3DQEBCwUAA4IBAQB0JYKESobqjFdF
4xnpzg7X9Q9hRfiZ6C28TW3WVYqqXQ3zCKjh8EzOl0VOUyAgYOMPTBykF2CyJ698
AWQTUsSanETQIlmQcfw51jFd/kTiBuEPGXdXXT9apzwvRlgoYimq2noSkjnhWi/z
t8S2/gLjavaA3540mjz0W5fJhIhE3+AUNGhotyOdXjtL+t4koOtqhtrv8ewaSq24
Mqfop7IfoS4UmwNyFzQCVkmUpJKgKOumpQR9MqRhpPCvQ39j3YE2mlfrPaPXq32u
r9n6vQExYLxSu8RbM4q7P2y/eS9ZYhizygnnFUL9EzKQpWqInUeXTfP7ekL2GYbO
/ItzElP5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:01 2024 by rpki-client on console-ams.rpki-client.org