Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/ChBhuSeLMUQfkpAUGyNDtkwF_68.roa
File: ChBhuSeLMUQfkpAUGyNDtkwF_68.roa (raw, json)
Hash identifier: q8Af5qMuYgT54+DSNkX4KwJBpnMUXJazZhlArfOyv40=
Subject key identifier: 0A:10:61:B9:27:8B:31:44:1F:92:90:14:1B:23:43:B6:4C:05:FF:AF
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018CB0F6DFABE2A037EED84908C905BD6F93
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/ChBhuSeLMUQfkpAUGyNDtkwF_68.roa
Signing time: Thu 28 Dec 2023 15:06:58 +0000
ROA not before: Thu 28 Dec 2023 15:06:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3267
IP address blocks: 82.137.137.0/24 maxlen: 24
86.110.96.0/19 maxlen: 19
86.110.96.0/22 maxlen: 22
86.110.101.0/24 maxlen: 24
86.110.102.0/24 maxlen: 24
86.110.103.0/24 maxlen: 24
86.110.112.0/20 maxlen: 20
82.137.176.0/22 maxlen: 22
82.137.184.0/22 maxlen: 22
82.137.180.0/22 maxlen: 22
82.137.188.0/22 maxlen: 22
85.143.96.0/22 maxlen: 24
85.143.112.0/22 maxlen: 24
85.143.124.0/22 maxlen: 24
194.190.241.0/24 maxlen: 24
194.190.242.0/23 maxlen: 23
194.190.244.0/22 maxlen: 22
194.190.248.0/21 maxlen: 21
85.143.224.0/21 maxlen: 21
85.143.239.0/24 maxlen: 24
188.93.107.0/24 maxlen: 24
194.190.224.0/19 maxlen: 24
194.190.232.0/21 maxlen: 24
194.190.240.0/24 maxlen: 24
85.142.148.0/23 maxlen: 24
85.142.153.0/24 maxlen: 24
85.142.162.0/23 maxlen: 24
193.27.214.0/23 maxlen: 24
85.142.96.0/19 maxlen: 24
194.85.32.0/20 maxlen: 20
82.179.128.0/17 maxlen: 17
194.149.64.0/24 maxlen: 24
194.85.174.0/23 maxlen: 23
85.143.0.0/20 maxlen: 24
83.149.192.0/18 maxlen: 24
85.143.18.0/23 maxlen: 24
85.143.26.0/24 maxlen: 24
80.250.160.0/19 maxlen: 24
80.250.172.0/23 maxlen: 23
80.250.170.0/23 maxlen: 23
80.250.176.0/20 maxlen: 20
80.250.175.0/24 maxlen: 24
194.85.160.0/21 maxlen: 21
194.85.168.0/22 maxlen: 22
185.71.96.0/22 maxlen: 22
82.179.64.0/18 maxlen: 18
85.142.8.0/21 maxlen: 21
82.179.32.0/19 maxlen: 19
2a07:a6c0::/29 maxlen: 29
2a07:a6c4::/32 maxlen: 32
2001:b08:22::/48 maxlen: 48
2a00:db8::/32 maxlen: 48
2001:b08:26::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 29 Dec 2023 08:07:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b0:f6:df:ab:e2:a0:37:ee:d8:49:08:c9:05:bd:6f:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Dec 28 15:06:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a1061b9278b31441f9290141b2343b64c05ffaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:07:0d:9a:1b:58:d1:31:72:82:29:47:d0:5e:
eb:47:ad:2a:bc:49:07:35:b1:ef:fc:3e:de:f6:e4:
f0:4c:65:75:c2:d9:df:d3:59:b2:94:07:1d:15:48:
ea:5a:54:3e:15:4a:8a:cb:8a:bc:69:17:20:ad:72:
63:45:7a:01:47:ba:e1:88:73:f1:53:32:a9:1c:df:
b1:89:cb:03:88:6a:e1:a9:f2:7a:f8:93:e4:ec:32:
51:95:c0:b6:75:d3:aa:12:55:21:6d:f9:2d:4d:08:
60:3f:a0:70:c4:5c:8f:f0:15:bf:28:92:14:37:cb:
d5:d5:f3:fd:92:a6:c4:9c:80:7a:c7:6c:08:8a:83:
ad:7e:d0:b8:90:5f:a1:c5:7f:b3:8c:2f:31:fa:f6:
89:be:d9:65:d1:e3:f9:a8:95:cd:34:0b:be:5b:09:
f5:25:c2:8a:46:c6:10:49:c6:f8:20:2b:05:ea:f4:
6f:1c:a8:c7:82:cd:1c:b8:8e:f8:5f:fa:5c:5a:0f:
17:1d:09:ad:0c:72:23:3a:b1:a2:13:9c:44:97:b6:
6c:56:7e:60:a3:98:2f:92:60:dc:3c:83:44:41:1b:
f6:05:d8:7d:51:07:43:47:99:8f:e1:f2:10:34:07:
eb:44:a4:80:ae:c8:1c:85:3d:b0:fb:57:09:4a:ca:
29:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:10:61:B9:27:8B:31:44:1F:92:90:14:1B:23:43:B6:4C:05:FF:AF
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/ChBhuSeLMUQfkpAUGyNDtkwF_68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.250.160.0/19
82.137.137.0/24
82.137.176.0/20
82.179.32.0-82.179.255.255
83.149.192.0/18
85.142.8.0/21
85.142.96.0/19
85.142.148.0/23
85.142.153.0/24
85.142.162.0/23
85.143.0.0/20
85.143.18.0/23
85.143.26.0/24
85.143.96.0/22
85.143.112.0/22
85.143.124.0/22
85.143.224.0/21
85.143.239.0/24
86.110.96.0/19
185.71.96.0/22
188.93.107.0/24
193.27.214.0/23
194.85.32.0/20
194.85.160.0-194.85.171.255
194.85.174.0/23
194.149.64.0/24
194.190.224.0/19
IPv6:
2001:b08:22::/48
2001:b08:26::/48
2a00:db8::/32
2a07:a6c0::/29
Signature Algorithm: sha256WithRSAEncryption
55:9e:64:b2:9a:41:e9:65:09:c0:82:21:5a:53:2e:80:76:2f:
2e:86:9c:21:4c:b7:6c:62:76:fa:e0:5a:91:99:97:bb:06:94:
3f:03:5e:69:f4:aa:93:91:bd:e7:f6:fb:aa:fa:f7:1f:67:e3:
5c:f5:0f:33:76:9b:d5:7a:20:21:17:7d:d8:64:11:45:02:e5:
c5:15:5a:a3:53:a5:96:79:61:30:85:35:03:07:bb:cc:33:8a:
7f:a1:07:05:61:10:19:2f:a3:af:2f:61:b7:e2:43:62:a6:f1:
49:28:63:f0:15:f5:b3:de:c1:5f:ff:fd:7d:ec:55:64:8a:3b:
24:47:85:5a:07:36:bc:d9:c9:95:eb:06:e7:73:01:0e:e8:a8:
15:49:99:4d:d6:7f:f5:74:da:c5:cd:af:13:d2:99:9e:e6:97:
c8:21:95:d4:f8:75:47:cb:e7:19:ba:4c:7a:49:e0:f4:95:f1:
b5:44:6c:bf:27:b5:07:64:a0:d4:bb:58:60:d3:aa:94:7f:e3:
fb:0f:cc:2a:fe:4c:c2:23:fb:e1:11:85:f2:52:ed:11:1b:f9:
7e:da:2d:9f:38:92:f1:0f:08:ba:2e:c9:2a:e3:70:75:aa:4f:
00:ce:8f:23:8e:28:f1:e3:45:85:9c:d4:1e:b1:e8:14:aa:43:
65:c9:8b:9b
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgISAYyw9t+r4qA37thJCMkFvW+TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjMxMjI4MTUwNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTEwNjFiOTI3OGIzMTQ0MWY5MjkwMTQxYjIzNDNiNjRjMDVmZmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwcNmhtY0TFygilH0F7rR60qvEkH
NbHv/D7e9uTwTGV1wtnf01mylAcdFUjqWlQ+FUqKy4q8aRcgrXJjRXoBR7rhiHPx
UzKpHN+xicsDiGrhqfJ6+JPk7DJRlcC2ddOqElUhbfktTQhgP6BwxFyP8BW/KJIU
N8vV1fP9kqbEnIB6x2wIioOtftC4kF+hxX+zjC8x+vaJvtll0eP5qJXNNAu+Wwn1
JcKKRsYQScb4ICsF6vRvHKjHgs0cuI74X/pcWg8XHQmtDHIjOrGiE5xEl7ZsVn5g
o5gvkmDcPINEQRv2Bdh9UQdDR5mP4fIQNAfrRKSArsgchT2w+1cJSsopFQIDAQAB
o4IC4TCCAt0wHQYDVR0OBBYEFAoQYbknizFEH5KQFBsjQ7ZMBf+vMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvQ2hCaHVTZUxNVVFma3BBVUd5TkR0a3dGXzY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH2BggrBgEFBQcBBwEB/wSB5jCB4zCBuAQCAAEwgbEDBAVQ
+qADBABSiYkDBARSibAwCwMEBVKzIAMDAlKwAwQGU5XAAwQDVY4IAwQFVY5gAwQB
VY6UAwQAVY6ZAwQBVY6iAwQEVY8AAwQBVY8SAwQAVY8aAwQCVY9gAwQCVY9wAwQC
VY98AwQDVY/gAwQAVY/vAwQFVm5gAwQCuUdgAwQAvF1rAwQBwRvWAwQEwlUgMAwD
BAXCVaADBALCVagDBAHCVa4DBADClUADBAXCvuAwJgQCAAIwIAMHACABCwgAIgMH
ACABCwgAJgMFACoADbgDBQMqB6bAMA0GCSqGSIb3DQEBCwUAA4IBAQBVnmSymkHp
ZQnAgiFaUy6Adi8uhpwhTLdsYnb64FqRmZe7BpQ/A15p9KqTkb3n9vuq+vcfZ+Nc
9Q8zdpvVeiAhF33YZBFFAuXFFVqjU6WWeWEwhTUDB7vMM4p/oQcFYRAZL6OvL2G3
4kNipvFJKGPwFfWz3sFf//197FVkijskR4VaBza82cmV6wbncwEO6KgVSZlN1n/1
dNrFza8T0pme5pfIIZXU+HVHy+cZukx6SeD0lfG1RGy/J7UHZKDUu1hg06qUf+P7
D8wq/kzCI/vhEYXyUu0RG/l+2i2fOJLxDwi6Lskq43B1qk8Azo8jjijx40WFnNQe
segUqkNlyYub
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:01 2024 by rpki-client on console-ams.rpki-client.org