Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/Kd3L0t4m5jtZkJ-y3mn3y1Rz5vU.roa
File: Kd3L0t4m5jtZkJ-y3mn3y1Rz5vU.roa (raw, json)
Hash identifier: WTzdYW2/unUR/ToZQrrrgRT0JDGnkhfqX+hkSWcGztU=
Subject key identifier: 29:DD:CB:D2:DE:26:E6:3B:59:90:9F:B2:DE:69:F7:CB:54:73:E6:F5
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018B3E91D48B5439A980BAC076765319CA52
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/Kd3L0t4m5jtZkJ-y3mn3y1Rz5vU.roa
Signing time: Tue 17 Oct 2023 16:57:06 +0000
ROA not before: Tue 17 Oct 2023 16:57:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3267
IP address blocks: 82.137.137.0/24 maxlen: 24
86.110.96.0/19 maxlen: 19
86.110.96.0/22 maxlen: 22
86.110.101.0/24 maxlen: 24
86.110.102.0/24 maxlen: 24
86.110.103.0/24 maxlen: 24
86.110.112.0/20 maxlen: 20
82.137.176.0/22 maxlen: 22
82.137.184.0/22 maxlen: 22
82.137.180.0/22 maxlen: 22
82.137.188.0/22 maxlen: 22
194.190.241.0/24 maxlen: 24
194.190.242.0/23 maxlen: 23
194.190.244.0/22 maxlen: 22
194.190.248.0/21 maxlen: 21
85.143.224.0/21 maxlen: 21
188.93.107.0/24 maxlen: 24
194.190.224.0/21 maxlen: 21
194.190.224.0/19 maxlen: 19
194.190.224.0/20 maxlen: 20
194.190.232.0/22 maxlen: 22
194.190.239.0/24 maxlen: 24
194.190.240.0/24 maxlen: 24
194.190.236.0/23 maxlen: 23
194.190.238.0/24 maxlen: 24
193.27.214.0/24 maxlen: 24
193.27.214.0/23 maxlen: 23
194.85.32.0/20 maxlen: 20
82.179.128.0/17 maxlen: 17
194.85.174.0/23 maxlen: 23
83.149.192.0/18 maxlen: 24
80.250.164.0/22 maxlen: 22
80.250.160.0/19 maxlen: 19
80.250.162.0/24 maxlen: 24
80.250.163.0/24 maxlen: 24
80.250.160.0/23 maxlen: 23
80.250.172.0/23 maxlen: 23
80.250.168.0/22 maxlen: 22
80.250.168.0/24 maxlen: 24
80.250.169.0/24 maxlen: 24
80.250.170.0/23 maxlen: 23
80.250.176.0/20 maxlen: 20
80.250.175.0/24 maxlen: 24
194.85.160.0/21 maxlen: 21
194.85.168.0/22 maxlen: 22
185.71.96.0/22 maxlen: 22
82.179.64.0/18 maxlen: 18
85.142.64.0/24 maxlen: 24
85.142.78.0/24 maxlen: 24
82.179.32.0/19 maxlen: 19
2a07:a6c0::/29 maxlen: 29
2a00:db8::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 17 Nov 2023 08:17:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3e:91:d4:8b:54:39:a9:80:ba:c0:76:76:53:19:ca:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Oct 17 16:57:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29ddcbd2de26e63b59909fb2de69f7cb5473e6f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a7:f4:31:31:64:a8:55:be:0c:ff:1a:73:c0:
fe:15:f2:42:c8:4f:22:ac:f9:c1:8d:7c:12:51:28:
6d:85:26:71:4f:df:01:f9:eb:31:4d:cb:f8:7f:7d:
81:be:05:4f:ca:13:55:d7:99:b6:ab:30:76:68:36:
fd:21:41:ea:28:e2:ef:af:7e:88:70:b8:15:5a:7e:
52:cd:48:98:bd:63:62:00:f1:94:65:d4:ce:52:0b:
65:98:c3:a4:fb:3c:4e:89:38:55:7d:c1:c5:cc:7a:
72:2d:1d:0c:ae:c1:4b:b7:80:42:d9:c0:d5:ff:d9:
13:a4:8e:7b:e6:1f:26:db:ed:7c:fa:87:44:07:2f:
e9:01:c1:5a:48:38:a3:b3:16:45:48:57:a8:c7:22:
d6:fb:e0:7b:68:19:97:d7:bc:63:6e:4b:e4:a9:62:
58:0e:0b:0c:c4:9e:3c:dd:af:c9:38:fd:e3:c2:e2:
db:d4:49:70:1c:f7:40:4d:8e:20:c5:3c:0b:f2:a0:
c3:89:74:f1:87:ff:0c:06:7e:f2:4d:e9:5f:41:01:
91:4a:89:01:04:71:39:e8:09:78:82:4a:ea:5f:70:
e7:b9:bf:2b:22:4a:e6:ae:de:b0:e3:90:5c:e7:6d:
0b:f4:92:43:72:b0:19:51:53:42:fc:28:de:26:ba:
06:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:DD:CB:D2:DE:26:E6:3B:59:90:9F:B2:DE:69:F7:CB:54:73:E6:F5
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/Kd3L0t4m5jtZkJ-y3mn3y1Rz5vU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.250.160.0/19
82.137.137.0/24
82.137.176.0/20
82.179.32.0-82.179.255.255
83.149.192.0/18
85.142.64.0/24
85.142.78.0/24
85.143.224.0/21
86.110.96.0/19
185.71.96.0/22
188.93.107.0/24
193.27.214.0/23
194.85.32.0/20
194.85.160.0-194.85.171.255
194.85.174.0/23
194.190.224.0/19
IPv6:
2a00:db8::/32
2a07:a6c0::/29
Signature Algorithm: sha256WithRSAEncryption
41:a6:9f:ce:28:86:b0:ad:f9:50:a2:e0:f7:d5:20:54:69:01:
50:ba:4c:eb:91:ce:5e:1d:7a:4a:0a:78:6d:fd:f2:c4:59:dd:
02:d7:2b:65:06:83:0d:f5:60:a7:65:b3:93:5f:57:7b:65:38:
d9:dc:69:0a:bf:53:b2:6d:7e:a4:4d:06:36:69:51:3a:a8:ac:
53:52:f5:27:35:86:6e:8c:89:b5:c5:91:25:59:55:7b:f4:ce:
e3:70:c1:81:f5:68:e8:5d:7b:5b:8d:7f:09:75:ce:06:81:90:
cc:c1:99:b7:5a:10:e7:7d:19:71:26:c4:5c:2d:48:4f:0f:ea:
34:2b:f6:c2:6c:0d:11:3f:c0:86:66:2a:3a:5e:65:e0:83:ab:
29:f4:c3:8b:34:bd:8c:42:8a:32:78:54:1b:2b:7a:5a:69:13:
f2:64:36:a9:32:2d:d2:4a:49:5f:e6:dd:55:53:d6:b8:d5:ca:
73:c1:02:2c:7a:99:7f:70:a1:20:01:eb:dc:e5:b6:bd:84:40:
f7:08:90:92:1c:e1:54:17:a7:42:66:8e:7f:f5:cb:1f:ab:bb:
50:73:f6:16:f0:3e:54:4f:06:77:04:86:38:0c:ad:8c:ab:24:
81:2e:9c:a6:e7:10:f1:06:c1:b4:1b:99:db:eb:f2:1a:da:75:
1a:23:37:81
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAYs+kdSLVDmpgLrAdnZTGcpSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjMxMDE3MTY1NzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWRkY2JkMmRlMjZlNjNiNTk5MDlmYjJkZTY5ZjdjYjU0NzNlNmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6f0MTFkqFW+DP8ac8D+FfJCyE8i
rPnBjXwSUShthSZxT98B+esxTcv4f32BvgVPyhNV15m2qzB2aDb9IUHqKOLvr36I
cLgVWn5SzUiYvWNiAPGUZdTOUgtlmMOk+zxOiThVfcHFzHpyLR0MrsFLt4BC2cDV
/9kTpI575h8m2+18+odEBy/pAcFaSDijsxZFSFeoxyLW++B7aBmX17xjbkvkqWJY
DgsMxJ483a/JOP3jwuLb1ElwHPdATY4gxTwL8qDDiXTxh/8MBn7yTelfQQGRSokB
BHE56Al4gkrqX3Dnub8rIkrmrt6w45Bc520L9JJDcrAZUVNC/CjeJroGwwIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFCndy9LeJuY7WZCfst5p98tUc+b1MB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvS2QzTDB0NG01anRaa0oteTNtbjN5MVJ6NXZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB1BAIAATBvAwQFUPqg
AwQAUomJAwQEUomwMAsDBAVSsyADAwJSsAMEBlOVwAMEAFWOQAMEAFWOTgMEA1WP
4AMEBVZuYAMEArlHYAMEALxdawMEAcEb1gMEBMJVIDAMAwQFwlWgAwQCwlWoAwQB
wlWuAwQFwr7gMBQEAgACMA4DBQAqAA24AwUDKgemwDANBgkqhkiG9w0BAQsFAAOC
AQEAQaafziiGsK35UKLg99UgVGkBULpM65HOXh16Sgp4bf3yxFndAtcrZQaDDfVg
p2Wzk19Xe2U42dxpCr9Tsm1+pE0GNmlROqisU1L1JzWGboyJtcWRJVlVe/TO43DB
gfVo6F17W41/CXXOBoGQzMGZt1oQ530ZcSbEXC1ITw/qNCv2wmwNET/AhmYqOl5l
4IOrKfTDizS9jEKKMnhUGyt6WmkT8mQ2qTIt0kpJX+bdVVPWuNXKc8ECLHqZf3Ch
IAHr3OW2vYRA9wiQkhzhVBenQmaOf/XLH6u7UHP2FvA+VE8GdwSGOAytjKskgS6c
pucQ8QbBtBuZ2+vyGtp1GiM3gQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:46 2024 by rpki-client on console-fra.rpki-client.org