Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/PGw2Kz1K2TGG6i3LDlVEGwC1heo.roa
File: PGw2Kz1K2TGG6i3LDlVEGwC1heo.roa (raw, json)
Hash identifier: CgGACOCW8DtfBqFHj0vaPhtbvluo8ZLjgxtoHvNVkkg=
Subject key identifier: 3C:6C:36:2B:3D:4A:D9:31:86:EA:2D:CB:0E:55:44:1B:00:B5:85:EA
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018ED2775B17BAB9989E51DA8F3432A22354
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/PGw2Kz1K2TGG6i3LDlVEGwC1heo.roa
Signing time: Fri 12 Apr 2024 13:20:21 +0000
ROA not before: Fri 12 Apr 2024 13:20:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3267
IP address blocks: 80.250.160.0/19 maxlen: 24
82.137.128.0/18 maxlen: 24
82.137.176.0/20 maxlen: 22
82.179.32.0/20 maxlen: 24
82.179.63.0/24 maxlen: 24
82.179.64.0/19 maxlen: 24
82.179.140.0/23 maxlen: 23
83.149.192.0/18 maxlen: 24
85.142.8.0/21 maxlen: 21
85.142.32.0/21 maxlen: 24
85.142.52.0/22 maxlen: 24
85.142.56.0/22 maxlen: 24
85.142.102.0/23 maxlen: 24
85.142.104.0/21 maxlen: 24
85.142.116.0/22 maxlen: 24
85.142.120.0/21 maxlen: 24
85.142.148.0/23 maxlen: 24
85.142.153.0/24 maxlen: 24
85.142.162.0/23 maxlen: 24
85.143.0.0/20 maxlen: 24
85.143.18.0/23 maxlen: 24
85.143.26.0/24 maxlen: 24
85.143.96.0/22 maxlen: 24
85.143.112.0/22 maxlen: 24
85.143.124.0/22 maxlen: 24
85.143.224.0/21 maxlen: 21
85.143.239.0/24 maxlen: 24
86.110.96.0/19 maxlen: 19
86.110.96.0/22 maxlen: 22
86.110.101.0/24 maxlen: 24
86.110.102.0/24 maxlen: 24
86.110.103.0/24 maxlen: 24
86.110.112.0/20 maxlen: 20
185.71.96.0/22 maxlen: 22
188.93.107.0/24 maxlen: 24
193.27.214.0/23 maxlen: 24
194.85.32.0/20 maxlen: 20
194.85.160.0/21 maxlen: 21
194.85.168.0/22 maxlen: 22
194.85.174.0/23 maxlen: 23
194.149.64.0/24 maxlen: 24
194.190.224.0/19 maxlen: 24
194.190.232.0/21 maxlen: 24
194.190.240.0/24 maxlen: 24
194.190.241.0/24 maxlen: 24
194.190.242.0/23 maxlen: 23
194.190.244.0/22 maxlen: 22
194.190.248.0/21 maxlen: 21
194.226.192.0/20 maxlen: 20
2001:b08:22::/48 maxlen: 48
2001:b08:26::/48 maxlen: 48
2a00:db8::/32 maxlen: 48
2a07:a6c0::/29 maxlen: 29
2a07:a6c4::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 13 Apr 2024 12:45:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d2:77:5b:17:ba:b9:98:9e:51:da:8f:34:32:a2:23:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Apr 12 13:20:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c6c362b3d4ad93186ea2dcb0e55441b00b585ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:4a:4e:68:43:f0:52:48:33:52:93:8a:f0:b3:
7a:62:5e:d2:0f:50:cc:2c:37:e5:cf:af:17:81:32:
63:43:e5:44:11:65:66:93:16:76:bc:46:f5:1b:f3:
45:2d:5d:e7:2d:64:b3:00:a8:ee:f5:13:d6:4f:c4:
8c:db:72:3a:05:6d:3c:34:70:c4:55:81:0e:2b:52:
a3:4b:4a:82:35:03:b0:72:f7:c3:98:0f:bb:d1:7b:
a6:fb:7f:ce:96:2c:bb:2e:b3:19:06:d2:c4:c3:c0:
ec:76:6f:71:ca:de:49:0f:9a:06:ed:e2:0c:3f:81:
e7:a0:bf:fb:2b:4f:5a:ee:5b:8a:dd:ca:9e:be:97:
ff:76:59:89:72:a1:c4:38:9d:69:94:01:ec:1b:01:
0a:41:ed:06:ee:df:39:5e:a4:c0:71:2d:32:02:d7:
e2:dc:b9:7c:ae:5c:4f:c3:e1:25:94:37:cb:f2:9f:
55:d4:10:64:76:c5:91:0e:15:49:2d:ec:d9:a2:bb:
9a:39:6b:2e:3f:73:65:d8:1f:03:6b:a8:dc:f5:c7:
af:c0:e0:da:96:cf:78:24:5a:7f:c0:77:84:9d:e7:
56:8d:14:d4:dc:40:f1:2d:37:ea:b4:b1:6f:f0:7e:
b8:3a:6a:fd:2b:05:40:d4:b1:a0:c6:67:fc:e6:4e:
aa:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:6C:36:2B:3D:4A:D9:31:86:EA:2D:CB:0E:55:44:1B:00:B5:85:EA
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/PGw2Kz1K2TGG6i3LDlVEGwC1heo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.250.160.0/19
82.137.128.0/18
82.179.32.0/20
82.179.63.0-82.179.95.255
82.179.140.0/23
83.149.192.0/18
85.142.8.0/21
85.142.32.0/21
85.142.52.0-85.142.59.255
85.142.102.0-85.142.111.255
85.142.116.0-85.142.127.255
85.142.148.0/23
85.142.153.0/24
85.142.162.0/23
85.143.0.0/20
85.143.18.0/23
85.143.26.0/24
85.143.96.0/22
85.143.112.0/22
85.143.124.0/22
85.143.224.0/21
85.143.239.0/24
86.110.96.0/19
185.71.96.0/22
188.93.107.0/24
193.27.214.0/23
194.85.32.0/20
194.85.160.0-194.85.171.255
194.85.174.0/23
194.149.64.0/24
194.190.224.0/19
194.226.192.0/20
IPv6:
2001:b08:22::/48
2001:b08:26::/48
2a00:db8::/32
2a07:a6c0::/29
Signature Algorithm: sha256WithRSAEncryption
80:01:cc:c6:33:89:56:32:00:81:50:c2:e0:45:04:3e:3f:b8:
10:0a:40:ff:00:3a:f3:8b:dc:da:55:4e:b4:4b:60:37:20:89:
39:d4:09:f2:bd:7f:82:30:47:ae:fc:a6:6d:29:23:0c:0f:b0:
7c:d3:be:6f:09:ff:40:69:1e:53:c7:38:b2:b5:4a:dc:b8:31:
a6:ea:ad:96:8b:5b:7e:77:2e:3a:58:2e:19:db:f2:cb:c8:e6:
02:41:98:db:54:a1:ef:0d:5e:75:6c:a8:f4:f5:9a:bd:a0:13:
77:41:6c:de:4c:67:da:90:6a:4a:d6:11:4a:e4:ac:83:8f:e0:
c7:d9:cf:f9:d6:99:d4:b8:5a:0b:fb:f8:2d:ad:e8:e6:dc:a2:
0a:3b:cf:21:bf:ac:43:e2:51:b7:59:2b:db:cc:7a:90:1d:9b:
b2:7a:9f:e7:32:6b:cf:76:e0:1b:e8:43:c8:0c:00:8e:6e:8b:
af:17:d4:b8:32:ce:86:ad:ba:7d:10:0c:04:10:b5:27:e2:30:
1a:8e:8c:c4:d0:5d:c5:7d:01:1e:91:64:a4:a9:92:82:48:b8:
c0:b6:4e:33:b1:35:11:dd:2d:ac:2d:bd:73:40:54:61:8e:4d:
5c:18:de:76:60:c1:4f:fc:6d:34:ab:c7:8d:80:d4:c5:5f:83:
28:df:b9:e1
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAY7Sd1sXurmYnlHajzQyoiNUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjQwNDEyMTMyMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzZjMzYyYjNkNGFkOTMxODZlYTJkY2IwZTU1NDQxYjAwYjU4NWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUpOaEPwUkgzUpOK8LN6Yl7SD1DM
LDflz68XgTJjQ+VEEWVmkxZ2vEb1G/NFLV3nLWSzAKju9RPWT8SM23I6BW08NHDE
VYEOK1KjS0qCNQOwcvfDmA+70Xum+3/Oliy7LrMZBtLEw8Dsdm9xyt5JD5oG7eIM
P4HnoL/7K09a7luK3cqevpf/dlmJcqHEOJ1plAHsGwEKQe0G7t85XqTAcS0yAtfi
3Ll8rlxPw+EllDfL8p9V1BBkdsWRDhVJLezZoruaOWsuP3Nl2B8Da6jc9cevwODa
ls94JFp/wHeEnedWjRTU3EDxLTfqtLFv8H64Omr9KwVA1LGgxmf85k6qDQIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFDxsNis9Stkxhuotyw5VRBsAtYXqMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvUEd3Mkt6MUsyVEdHNmkzTERsVkVHd0MxaGVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCB7wQCAAEwgegD
BAVQ+qADBAZSiYADBARSsyAwDAMEAFKzPwMEBVKzQAMEAVKzjAMEBlOVwAMEA1WO
CAMEA1WOIDAMAwQCVY40AwQCVY44MAwDBAFVjmYDBARVjmAwDAMEAlWOdAMEB1WO
AAMEAVWOlAMEAFWOmQMEAVWOogMEBFWPAAMEAVWPEgMEAFWPGgMEAlWPYAMEAlWP
cAMEAlWPfAMEA1WP4AMEAFWP7wMEBVZuYAMEArlHYAMEALxdawMEAcEb1gMEBMJV
IDAMAwQFwlWgAwQCwlWoAwQBwlWuAwQAwpVAAwQFwr7gAwQEwuLAMCYEAgACMCAD
BwAgAQsIACIDBwAgAQsIACYDBQAqAA24AwUDKgemwDANBgkqhkiG9w0BAQsFAAOC
AQEAgAHMxjOJVjIAgVDC4EUEPj+4EApA/wA684vc2lVOtEtgNyCJOdQJ8r1/gjBH
rvymbSkjDA+wfNO+bwn/QGkeU8c4srVK3LgxpuqtlotbfncuOlguGdvyy8jmAkGY
21Sh7w1edWyo9PWavaATd0Fs3kxn2pBqStYRSuSsg4/gx9nP+daZ1LhaC/v4La3o
5tyiCjvPIb+sQ+JRt1kr28x6kB2bsnqf5zJrz3bgG+hDyAwAjm6LrxfUuDLOhq26
fRAMBBC1J+IwGo6MxNBdxX0BHpFkpKmSgki4wLZOM7E1Ed0trC29c0BUYY5NXBje
dmDBT/xtNKvHjYDUxV+DKN+54Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:46 2024 by rpki-client on console-fra.rpki-client.org