Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/6NbJ9dxjGj-blqEFVMSGpYorvOg.roa
File: 6NbJ9dxjGj-blqEFVMSGpYorvOg.roa (raw, json)
Hash identifier: vy+Y23IhUWB71V3BHcaZcctmrgHdOIvZJ1dTS3c7e7U=
Subject key identifier: E8:D6:C9:F5:DC:63:1A:3F:9B:96:A1:05:54:C4:86:A5:8A:2B:BC:E8
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018C6D66D9F9B9A47B1FBDD2547E52CAB5A6
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/6NbJ9dxjGj-blqEFVMSGpYorvOg.roa
Signing time: Fri 15 Dec 2023 12:15:06 +0000
ROA not before: Fri 15 Dec 2023 12:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3267
IP address blocks: 82.137.137.0/24 maxlen: 24
86.110.96.0/19 maxlen: 19
86.110.96.0/22 maxlen: 22
193.27.214.0/23 maxlen: 24
194.85.32.0/20 maxlen: 20
86.110.101.0/24 maxlen: 24
86.110.102.0/24 maxlen: 24
86.110.103.0/24 maxlen: 24
82.179.128.0/17 maxlen: 17
86.110.112.0/20 maxlen: 20
194.149.64.0/24 maxlen: 24
194.85.174.0/23 maxlen: 23
83.149.192.0/18 maxlen: 24
82.137.176.0/22 maxlen: 22
82.137.184.0/22 maxlen: 22
82.137.180.0/22 maxlen: 22
82.137.188.0/22 maxlen: 22
80.250.160.0/19 maxlen: 24
80.250.172.0/23 maxlen: 23
80.250.170.0/23 maxlen: 23
80.250.176.0/20 maxlen: 20
80.250.175.0/24 maxlen: 24
194.85.160.0/21 maxlen: 21
194.85.168.0/22 maxlen: 22
185.71.96.0/22 maxlen: 22
194.190.241.0/24 maxlen: 24
194.190.242.0/23 maxlen: 23
194.190.244.0/22 maxlen: 22
194.190.248.0/21 maxlen: 21
85.143.224.0/21 maxlen: 21
82.179.64.0/18 maxlen: 18
85.142.64.0/24 maxlen: 24
188.93.107.0/24 maxlen: 24
85.142.78.0/24 maxlen: 24
194.190.224.0/19 maxlen: 24
85.142.8.0/21 maxlen: 21
194.190.232.0/21 maxlen: 24
82.179.32.0/19 maxlen: 19
194.190.240.0/24 maxlen: 24
2a00:db8::/32 maxlen: 48
2a07:a6c0::/29 maxlen: 29
2001:b08:26::/48 maxlen: 48
2a07:a6c4::/32 maxlen: 32
2001:b08:22::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 28 Dec 2023 13:05:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6d:66:d9:f9:b9:a4:7b:1f:bd:d2:54:7e:52:ca:b5:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Dec 15 12:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e8d6c9f5dc631a3f9b96a10554c486a58a2bbce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:5f:99:37:ad:07:57:51:0d:d0:a8:72:4a:23:
e5:88:7c:d3:e7:68:7b:50:ad:e7:14:36:05:b3:34:
43:1f:60:ee:4a:3b:04:ec:f6:03:0a:a1:34:30:4e:
95:f4:95:33:b8:57:90:d5:d8:27:06:4e:6d:04:8c:
47:9f:2d:05:bd:e4:38:50:86:8c:92:62:58:97:94:
f9:f9:ec:14:10:79:72:b4:96:1c:83:0c:7d:0b:e2:
70:c2:58:17:d0:f0:2a:df:7a:42:f0:7f:ba:51:33:
08:b3:b6:9b:bc:24:81:b8:73:a3:4e:43:6b:b8:4f:
cc:d8:5f:ea:0b:ed:61:ca:1f:a8:3a:b1:61:ed:ed:
73:ef:9c:60:a3:93:d0:10:26:50:30:5c:00:fc:4b:
d6:25:82:06:dd:dd:d5:2b:f1:41:07:44:00:d5:57:
b1:d8:0b:ee:ec:18:e7:29:3b:d1:34:f6:19:b6:91:
c9:ef:cc:85:cb:26:79:0f:dc:f0:0f:f7:10:f0:a3:
f6:74:44:5a:b4:3e:98:ae:25:aa:69:bf:5c:63:4e:
46:ac:bf:5d:7a:e2:fe:0e:40:81:05:06:18:82:03:
31:69:2e:5d:10:0e:60:fd:2a:81:1f:cd:c6:84:9d:
91:b5:3f:b2:9f:71:9d:2a:96:14:74:65:37:56:f7:
5a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:D6:C9:F5:DC:63:1A:3F:9B:96:A1:05:54:C4:86:A5:8A:2B:BC:E8
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/6NbJ9dxjGj-blqEFVMSGpYorvOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.250.160.0/19
82.137.137.0/24
82.137.176.0/20
82.179.32.0-82.179.255.255
83.149.192.0/18
85.142.8.0/21
85.142.64.0/24
85.142.78.0/24
85.143.224.0/21
86.110.96.0/19
185.71.96.0/22
188.93.107.0/24
193.27.214.0/23
194.85.32.0/20
194.85.160.0-194.85.171.255
194.85.174.0/23
194.149.64.0/24
194.190.224.0/19
IPv6:
2001:b08:22::/48
2001:b08:26::/48
2a00:db8::/32
2a07:a6c0::/29
Signature Algorithm: sha256WithRSAEncryption
8a:33:0d:74:4e:db:45:35:ee:ff:91:06:d4:7f:16:66:27:81:
8e:e5:00:90:c4:e7:93:cc:58:59:83:be:aa:c3:35:92:24:1d:
c1:87:19:1e:97:58:4d:66:23:41:63:44:fe:97:8d:de:80:da:
aa:d2:c8:c6:d2:c4:3e:25:f2:3f:37:fb:2d:bd:0d:7b:6c:50:
a0:b6:e4:e2:cb:2e:21:d6:29:79:c7:5e:3e:ba:64:e9:a1:55:
9c:a8:ee:5d:63:fa:7f:6a:f3:f1:46:7e:54:c3:59:24:fc:c6:
90:b1:e4:e7:3d:d9:a0:64:02:8b:84:ea:43:c9:ba:2f:81:01:
65:61:97:db:c2:8f:5a:99:e5:3b:01:e3:42:94:7e:38:89:24:
c6:a4:90:8d:88:70:d4:bd:30:5b:4d:3d:1d:f1:37:7c:c0:96:
d1:73:4d:c6:a9:2b:b3:8c:da:f6:e4:2c:bb:47:73:d7:b0:ca:
2e:4b:04:45:3f:2a:bb:e0:00:02:f5:7f:9a:98:66:40:1d:8e:
dd:4d:79:ce:2e:c4:68:73:b7:46:e7:e6:76:7f:b5:f7:6d:10:
63:ce:d8:33:82:96:81:e4:4a:37:68:77:23:4c:60:79:b4:0d:
e2:52:ac:2c:6e:b6:dc:c6:0d:6d:93:a9:28:8d:3c:d7:c8:e0:
b2:ec:a7:9f
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAYxtZtn5uaR7H73SVH5SyrWmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjMxMjE1MTIxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGQ2YzlmNWRjNjMxYTNmOWI5NmExMDU1NGM0ODZhNThhMmJiY2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA61+ZN60HV1EN0KhySiPliHzT52h7
UK3nFDYFszRDH2DuSjsE7PYDCqE0ME6V9JUzuFeQ1dgnBk5tBIxHny0FveQ4UIaM
kmJYl5T5+ewUEHlytJYcgwx9C+JwwlgX0PAq33pC8H+6UTMIs7abvCSBuHOjTkNr
uE/M2F/qC+1hyh+oOrFh7e1z75xgo5PQECZQMFwA/EvWJYIG3d3VK/FBB0QA1Vex
2Avu7BjnKTvRNPYZtpHJ78yFyyZ5D9zwD/cQ8KP2dERatD6YriWqab9cY05GrL9d
euL+DkCBBQYYggMxaS5dEA5g/SqBH83GhJ2RtT+yn3GdKpYUdGU3VvdalQIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFOjWyfXcYxo/m5ahBVTEhqWKK7zoMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvNk5iSjlkeGpHai1ibHFFRlZNU0dwWW9ydk9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBgQQCAAEwewMEBVD6
oAMEAFKJiQMEBFKJsDALAwQFUrMgAwMCUrADBAZTlcADBANVjggDBABVjkADBABV
jk4DBANVj+ADBAVWbmADBAK5R2ADBAC8XWsDBAHBG9YDBATCVSAwDAMEBcJVoAME
AsJVqAMEAcJVrgMEAMKVQAMEBcK+4DAmBAIAAjAgAwcAIAELCAAiAwcAIAELCAAm
AwUAKgANuAMFAyoHpsAwDQYJKoZIhvcNAQELBQADggEBAIozDXRO20U17v+RBtR/
FmYngY7lAJDE55PMWFmDvqrDNZIkHcGHGR6XWE1mI0FjRP6Xjd6A2qrSyMbSxD4l
8j83+y29DXtsUKC25OLLLiHWKXnHXj66ZOmhVZyo7l1j+n9q8/FGflTDWST8xpCx
5Oc92aBkAouE6kPJui+BAWVhl9vCj1qZ5TsB40KUfjiJJMakkI2IcNS9MFtNPR3x
N3zAltFzTcapK7OM2vbkLLtHc9ewyi5LBEU/KrvgAAL1f5qYZkAdjt1Nec4uxGhz
t0bn5nZ/tfdtEGPO2DOCloHkSjdodyNMYHm0DeJSrCxuttzGDW2TqSiNPNfI4LLs
p58=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:46 2024 by rpki-client on console-fra.rpki-client.org