Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/W32CkOYSL_zonflf687fGstWTcg.roa
File: W32CkOYSL_zonflf687fGstWTcg.roa (raw, json)
Hash identifier: k7VgRIUnsEKNsRktdk8W86TVy4C+Hldp91R1aXrjz1w=
Subject key identifier: 5B:7D:82:90:E6:12:2F:FC:E8:9D:F9:5F:EB:CE:DF:1A:CB:56:4D:C8
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018BE2EEC88B3E09CE98417B30DBD9667E19
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/W32CkOYSL_zonflf687fGstWTcg.roa
Signing time: Sat 18 Nov 2023 14:56:21 +0000
ROA not before: Sat 18 Nov 2023 14:56:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3267
IP address blocks: 82.137.137.0/24 maxlen: 24
86.110.96.0/19 maxlen: 19
86.110.96.0/22 maxlen: 22
86.110.101.0/24 maxlen: 24
86.110.102.0/24 maxlen: 24
86.110.103.0/24 maxlen: 24
86.110.112.0/20 maxlen: 20
82.137.176.0/22 maxlen: 22
82.137.184.0/22 maxlen: 22
82.137.180.0/22 maxlen: 22
82.137.188.0/22 maxlen: 22
194.190.241.0/24 maxlen: 24
194.190.242.0/23 maxlen: 23
194.190.244.0/22 maxlen: 22
194.190.248.0/21 maxlen: 21
85.143.224.0/21 maxlen: 21
188.93.107.0/24 maxlen: 24
194.190.224.0/21 maxlen: 21
194.190.224.0/19 maxlen: 19
194.190.224.0/20 maxlen: 20
194.190.232.0/22 maxlen: 22
194.190.239.0/24 maxlen: 24
194.190.240.0/24 maxlen: 24
194.190.236.0/23 maxlen: 23
194.190.238.0/24 maxlen: 24
193.27.214.0/24 maxlen: 24
193.27.214.0/23 maxlen: 23
194.85.32.0/20 maxlen: 20
82.179.128.0/17 maxlen: 17
194.85.174.0/23 maxlen: 23
83.149.192.0/18 maxlen: 24
80.250.164.0/22 maxlen: 22
80.250.160.0/19 maxlen: 19
80.250.162.0/24 maxlen: 24
80.250.163.0/24 maxlen: 24
80.250.160.0/23 maxlen: 23
80.250.172.0/23 maxlen: 23
80.250.168.0/22 maxlen: 22
80.250.168.0/24 maxlen: 24
80.250.169.0/24 maxlen: 24
80.250.170.0/23 maxlen: 23
80.250.176.0/20 maxlen: 20
80.250.175.0/24 maxlen: 24
194.85.160.0/21 maxlen: 21
194.85.168.0/22 maxlen: 22
185.71.96.0/22 maxlen: 22
82.179.64.0/18 maxlen: 18
85.142.64.0/24 maxlen: 24
85.142.78.0/24 maxlen: 24
85.142.8.0/21 maxlen: 21
82.179.32.0/19 maxlen: 19
2a07:a6c0::/29 maxlen: 29
2a00:db8::/32 maxlen: 48
2001:b08:26::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 21 Nov 2023 08:24:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e2:ee:c8:8b:3e:09:ce:98:41:7b:30:db:d9:66:7e:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Nov 18 14:56:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b7d8290e6122ffce89df95febcedf1acb564dc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:27:82:b9:dd:fc:68:a1:78:50:12:9d:b5:e5:
1b:bf:73:b8:bf:13:15:30:13:f3:df:38:2e:50:32:
b0:b3:6d:93:51:41:36:0b:cb:8e:08:7a:e4:ac:fd:
54:6b:7a:aa:bb:82:26:1a:59:10:4f:5d:1d:40:ca:
c6:59:77:2d:ad:46:01:e0:f3:0f:88:2a:fa:92:46:
39:c9:7b:54:4f:7e:58:da:88:d2:27:a0:e2:5d:5a:
ec:c7:71:08:92:d2:8e:11:d7:53:73:6a:8e:1c:9f:
fe:ce:9a:ee:0a:7a:6e:6d:bc:9f:a1:a4:65:4a:4c:
df:6e:38:1f:2b:c2:5d:39:a6:44:52:0a:3d:55:5a:
d9:57:e5:ac:0b:0f:ff:17:0a:1d:6c:c0:5d:de:d2:
fb:a9:b7:74:a8:7e:91:da:ab:dc:22:cc:d6:ab:4c:
23:fb:52:bf:a2:90:97:23:f2:53:06:e7:14:92:09:
b4:fb:66:fe:ab:8e:38:20:54:71:7a:79:a7:5b:93:
0c:54:f1:bc:fa:bc:21:ef:17:64:da:df:da:14:5f:
11:56:8c:c5:7d:61:42:66:57:54:b7:d6:08:1d:04:
da:3f:d4:ed:36:40:69:fc:0f:d3:1e:d4:b2:8e:e3:
87:d7:4b:c8:fe:10:e6:93:68:01:56:bc:fc:3f:ba:
3c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:7D:82:90:E6:12:2F:FC:E8:9D:F9:5F:EB:CE:DF:1A:CB:56:4D:C8
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/W32CkOYSL_zonflf687fGstWTcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.250.160.0/19
82.137.137.0/24
82.137.176.0/20
82.179.32.0-82.179.255.255
83.149.192.0/18
85.142.8.0/21
85.142.64.0/24
85.142.78.0/24
85.143.224.0/21
86.110.96.0/19
185.71.96.0/22
188.93.107.0/24
193.27.214.0/23
194.85.32.0/20
194.85.160.0-194.85.171.255
194.85.174.0/23
194.190.224.0/19
IPv6:
2001:b08:26::/48
2a00:db8::/32
2a07:a6c0::/29
Signature Algorithm: sha256WithRSAEncryption
7e:ab:28:e0:e1:06:6b:1a:48:ad:f2:08:4c:66:02:7b:12:ce:
ed:6c:df:28:93:52:8b:fc:6c:72:97:c5:fe:5f:e4:78:92:d3:
52:0c:cd:cd:e7:49:41:37:b2:1f:bf:24:fd:c5:3d:84:07:3f:
bd:7e:7d:42:95:a2:09:b4:87:37:11:42:83:76:ad:dd:c8:9e:
0e:b2:bb:87:c9:1c:0f:13:a9:12:83:15:da:6c:5f:b5:3c:f3:
4b:b0:39:b6:c1:25:92:b8:13:d6:51:b7:94:e5:91:71:0e:fc:
04:b5:6a:b6:42:5f:45:80:28:f4:b3:9a:5d:2f:89:04:85:0f:
9d:d8:3b:7d:b7:57:05:58:1c:1c:6d:39:ad:d5:6c:5a:c0:97:
54:b2:43:b5:00:51:93:9b:c7:32:e4:2c:49:3a:6d:cc:41:04:
7f:a0:62:9a:7c:6e:b6:dc:d6:a7:bd:a3:b8:11:0c:e2:3f:1a:
f1:e4:e4:12:bc:6a:56:36:bb:3b:e4:d3:e5:33:65:a6:df:e5:
16:19:59:e2:1b:a8:08:02:2f:b5:8c:16:96:76:0b:e0:24:36:
89:28:00:14:e6:44:de:f6:01:27:a3:92:84:cb:de:c6:75:bb:
0a:39:f2:96:bf:52:a4:17:cd:29:e4:5e:e2:d8:4d:e4:cd:7b:
36:62:ab:71
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAYvi7siLPgnOmEF7MNvZZn4ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjMxMTE4MTQ1NjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjdkODI5MGU2MTIyZmZjZTg5ZGY5NWZlYmNlZGYxYWNiNTY0ZGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCeCud38aKF4UBKdteUbv3O4vxMV
MBPz3zguUDKws22TUUE2C8uOCHrkrP1Ua3qqu4ImGlkQT10dQMrGWXctrUYB4PMP
iCr6kkY5yXtUT35Y2ojSJ6DiXVrsx3EIktKOEddTc2qOHJ/+zpruCnpubbyfoaRl
SkzfbjgfK8JdOaZEUgo9VVrZV+WsCw//FwodbMBd3tL7qbd0qH6R2qvcIszWq0wj
+1K/opCXI/JTBucUkgm0+2b+q444IFRxenmnW5MMVPG8+rwh7xdk2t/aFF8RVozF
fWFCZldUt9YIHQTaP9TtNkBp/A/THtSyjuOH10vI/hDmk2gBVrz8P7o8cwIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFFt9gpDmEi/86J35X+vO3xrLVk3IMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvVzMyQ2tPWVNMX3pvbmZsZjY4N2ZHc3RXVGNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDB7BAIAATB1AwQFUPqg
AwQAUomJAwQEUomwMAsDBAVSsyADAwJSsAMEBlOVwAMEA1WOCAMEAFWOQAMEAFWO
TgMEA1WP4AMEBVZuYAMEArlHYAMEALxdawMEAcEb1gMEBMJVIDAMAwQFwlWgAwQC
wlWoAwQBwlWuAwQFwr7gMB0EAgACMBcDBwAgAQsIACYDBQAqAA24AwUDKgemwDAN
BgkqhkiG9w0BAQsFAAOCAQEAfqso4OEGaxpIrfIITGYCexLO7WzfKJNSi/xscpfF
/l/keJLTUgzNzedJQTeyH78k/cU9hAc/vX59QpWiCbSHNxFCg3at3cieDrK7h8kc
DxOpEoMV2mxftTzzS7A5tsElkrgT1lG3lOWRcQ78BLVqtkJfRYAo9LOaXS+JBIUP
ndg7fbdXBVgcHG05rdVsWsCXVLJDtQBRk5vHMuQsSTptzEEEf6BimnxuttzWp72j
uBEM4j8a8eTkErxqVja7O+TT5TNlpt/lFhlZ4huoCAIvtYwWlnYL4CQ2iSgAFOZE
3vYBJ6OShMvexnW7Cjnylr9SpBfNKeRe4thN5M17NmKrcQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:46 2024 by rpki-client on console-fra.rpki-client.org