Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/XnonebL3sRv3mEa9au3L7dlzSos.roa
File: XnonebL3sRv3mEa9au3L7dlzSos.roa (raw, json)
Hash identifier: G/WZKCTnJ/iuXHx/P8RCPvbBJblBQBo7zgmhkFBPOYQ=
Subject key identifier: 5E:7A:27:79:B2:F7:B1:1B:F7:98:46:BD:6A:ED:CB:ED:D9:73:4A:8B
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018D9D23BEAC75E765DB7A58835B9DE91698
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/XnonebL3sRv3mEa9au3L7dlzSos.roa
Signing time: Mon 12 Feb 2024 11:46:21 +0000
ROA not before: Mon 12 Feb 2024 11:46:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3267
IP address blocks: 80.250.160.0/19 maxlen: 24
82.137.128.0/18 maxlen: 24
82.137.176.0/20 maxlen: 22
82.179.32.0/19 maxlen: 19
82.179.64.0/18 maxlen: 18
82.179.128.0/17 maxlen: 17
83.149.192.0/18 maxlen: 24
85.142.8.0/21 maxlen: 21
85.142.32.0/21 maxlen: 24
85.142.52.0/22 maxlen: 24
85.142.56.0/22 maxlen: 24
85.142.102.0/23 maxlen: 24
85.142.104.0/21 maxlen: 24
85.142.116.0/22 maxlen: 24
85.142.120.0/21 maxlen: 24
85.142.148.0/23 maxlen: 24
85.142.153.0/24 maxlen: 24
85.142.162.0/23 maxlen: 24
85.143.0.0/20 maxlen: 24
85.143.18.0/23 maxlen: 24
85.143.26.0/24 maxlen: 24
85.143.96.0/22 maxlen: 24
85.143.112.0/22 maxlen: 24
85.143.124.0/22 maxlen: 24
85.143.224.0/21 maxlen: 21
85.143.239.0/24 maxlen: 24
86.110.96.0/19 maxlen: 19
86.110.96.0/22 maxlen: 22
86.110.101.0/24 maxlen: 24
86.110.102.0/24 maxlen: 24
86.110.103.0/24 maxlen: 24
86.110.112.0/20 maxlen: 20
185.71.96.0/22 maxlen: 22
188.93.107.0/24 maxlen: 24
193.27.214.0/23 maxlen: 24
194.85.32.0/20 maxlen: 20
194.85.160.0/21 maxlen: 21
194.85.168.0/22 maxlen: 22
194.85.174.0/23 maxlen: 23
194.149.64.0/24 maxlen: 24
194.190.224.0/19 maxlen: 24
194.190.232.0/21 maxlen: 24
194.190.240.0/24 maxlen: 24
194.190.241.0/24 maxlen: 24
194.190.242.0/23 maxlen: 23
194.190.244.0/22 maxlen: 22
194.190.248.0/21 maxlen: 21
194.226.192.0/20 maxlen: 20
2001:b08:22::/48 maxlen: 48
2001:b08:26::/48 maxlen: 48
2a00:db8::/32 maxlen: 48
2a07:a6c0::/29 maxlen: 29
2a07:a6c4::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 12 Apr 2024 10:07:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9d:23:be:ac:75:e7:65:db:7a:58:83:5b:9d:e9:16:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Feb 12 11:46:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e7a2779b2f7b11bf79846bd6aedcbedd9734a8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:a8:87:9e:ee:30:44:52:c3:f1:fc:71:de:bb:
31:5c:ba:ce:34:cf:6f:8a:9d:7f:c3:1c:c6:61:c0:
df:aa:20:ea:42:3d:09:52:99:8a:cc:44:63:72:90:
0f:f5:0a:be:e3:03:0c:c3:b4:e9:ab:5c:dc:99:18:
68:48:1c:30:d4:76:85:e0:0d:f5:84:21:5d:7e:86:
50:bf:6a:33:80:29:55:b7:a8:82:b5:e9:46:bc:2e:
3d:08:9b:ee:2a:65:f2:28:7a:82:67:26:04:5e:cd:
3e:3d:73:b0:2d:6c:be:7d:42:04:f4:ae:7c:7f:d6:
d4:b2:f2:c5:2e:e9:fc:a1:a2:98:ce:2b:b7:68:1d:
3a:6f:1d:c7:f9:ce:f9:49:52:27:25:ad:67:e2:63:
ca:86:7a:81:b9:c6:c3:17:0d:0d:3c:f0:8d:06:ba:
92:52:4d:c2:3d:72:2b:3d:f4:ab:25:3d:83:6d:27:
39:42:6e:43:b6:e9:77:e0:74:fe:af:79:86:80:d0:
49:74:ed:e2:ab:6d:ad:da:14:7f:ed:c1:54:17:ac:
d6:13:d3:b4:fb:97:e1:9b:fb:03:cf:82:f7:7c:c6:
8b:91:df:5b:a3:c4:99:28:85:d9:73:56:96:1a:df:
9f:16:ee:a2:84:33:c4:ce:29:f9:be:ac:7c:4b:c4:
fe:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:7A:27:79:B2:F7:B1:1B:F7:98:46:BD:6A:ED:CB:ED:D9:73:4A:8B
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/XnonebL3sRv3mEa9au3L7dlzSos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.250.160.0/19
82.137.128.0/18
82.179.32.0-82.179.255.255
83.149.192.0/18
85.142.8.0/21
85.142.32.0/21
85.142.52.0-85.142.59.255
85.142.102.0-85.142.111.255
85.142.116.0-85.142.127.255
85.142.148.0/23
85.142.153.0/24
85.142.162.0/23
85.143.0.0/20
85.143.18.0/23
85.143.26.0/24
85.143.96.0/22
85.143.112.0/22
85.143.124.0/22
85.143.224.0/21
85.143.239.0/24
86.110.96.0/19
185.71.96.0/22
188.93.107.0/24
193.27.214.0/23
194.85.32.0/20
194.85.160.0-194.85.171.255
194.85.174.0/23
194.149.64.0/24
194.190.224.0/19
194.226.192.0/20
IPv6:
2001:b08:22::/48
2001:b08:26::/48
2a00:db8::/32
2a07:a6c0::/29
Signature Algorithm: sha256WithRSAEncryption
2d:f1:ab:55:45:63:10:d1:62:eb:a9:36:37:97:44:bb:1c:c7:
30:27:69:34:4f:df:d0:b6:08:c7:61:94:c7:ba:b1:4b:ec:0d:
da:4c:23:df:cf:fc:84:60:37:44:69:49:59:36:b7:b9:6f:4a:
ba:1a:dd:28:76:0f:36:4f:e5:d1:1b:b2:94:e2:9b:55:75:f1:
57:9a:5f:26:e1:78:e7:6c:9f:e6:84:a7:e4:10:94:59:81:30:
b9:5e:8b:6d:04:fb:99:52:38:f1:1d:c0:5d:a1:12:f9:32:46:
01:5e:da:bc:82:84:ca:28:c5:ed:19:00:86:25:fc:38:cb:e2:
ed:26:ed:1b:0e:47:b7:0e:c3:0c:4e:e4:81:cc:90:1d:1f:2c:
c6:91:a1:e1:cd:6d:e1:c6:72:9d:d4:b9:02:cd:6e:34:60:77:
c8:0a:09:1c:21:eb:33:2a:e2:03:ad:76:ce:14:f1:5a:d3:c6:
dc:37:43:84:9f:ad:ec:b5:8c:37:94:30:c7:41:31:8f:b3:77:
56:e6:4d:b6:4a:a0:15:e6:a8:63:fe:86:9c:0c:ad:2e:69:5e:
2f:6b:b1:03:f9:50:cd:68:93:59:74:f6:01:76:2b:cf:76:a2:
ff:31:3e:fa:4f:5a:fa:1d:ae:5f:c4:76:ac:ff:03:15:d5:69:
de:87:6f:f7
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgISAY2dI76sdedl23pYg1ud6RaYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjQwMjEyMTE0NjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTdhMjc3OWIyZjdiMTFiZjc5ODQ2YmQ2YWVkY2JlZGQ5NzM0YThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqiHnu4wRFLD8fxx3rsxXLrONM9v
ip1/wxzGYcDfqiDqQj0JUpmKzERjcpAP9Qq+4wMMw7Tpq1zcmRhoSBww1HaF4A31
hCFdfoZQv2ozgClVt6iCtelGvC49CJvuKmXyKHqCZyYEXs0+PXOwLWy+fUIE9K58
f9bUsvLFLun8oaKYziu3aB06bx3H+c75SVInJa1n4mPKhnqBucbDFw0NPPCNBrqS
Uk3CPXIrPfSrJT2DbSc5Qm5Dtul34HT+r3mGgNBJdO3iq22t2hR/7cFUF6zWE9O0
+5fhm/sDz4L3fMaLkd9bo8SZKIXZc1aWGt+fFu6ihDPEzin5vqx8S8T+aQIDAQAB
o4IDDjCCAwowHQYDVR0OBBYEFF56J3my97Eb95hGvWrty+3Zc0qLMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvWG5vbmViTDNzUnYzbUVhOWF1M0w3ZGx6U29zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIgYIKwYBBQUHAQcBAf8EggERMIIBDTCB4gQCAAEwgdsD
BAVQ+qADBAZSiYAwCwMEBVKzIAMDAlKwAwQGU5XAAwQDVY4IAwQDVY4gMAwDBAJV
jjQDBAJVjjgwDAMEAVWOZgMEBFWOYDAMAwQCVY50AwQHVY4AAwQBVY6UAwQAVY6Z
AwQBVY6iAwQEVY8AAwQBVY8SAwQAVY8aAwQCVY9gAwQCVY9wAwQCVY98AwQDVY/g
AwQAVY/vAwQFVm5gAwQCuUdgAwQAvF1rAwQBwRvWAwQEwlUgMAwDBAXCVaADBALC
VagDBAHCVa4DBADClUADBAXCvuADBATC4sAwJgQCAAIwIAMHACABCwgAIgMHACAB
CwgAJgMFACoADbgDBQMqB6bAMA0GCSqGSIb3DQEBCwUAA4IBAQAt8atVRWMQ0WLr
qTY3l0S7HMcwJ2k0T9/QtgjHYZTHurFL7A3aTCPfz/yEYDdEaUlZNre5b0q6Gt0o
dg82T+XRG7KU4ptVdfFXml8m4XjnbJ/mhKfkEJRZgTC5XottBPuZUjjxHcBdoRL5
MkYBXtq8goTKKMXtGQCGJfw4y+LtJu0bDke3DsMMTuSBzJAdHyzGkaHhzW3hxnKd
1LkCzW40YHfICgkcIeszKuIDrXbOFPFa08bcN0OEn63stYw3lDDHQTGPs3dW5k22
SqAV5qhj/oacDK0uaV4va7ED+VDNaJNZdPYBdivPdqL/MT76T1r6Ha5fxHas/wMV
1Wneh2/3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:01 2024 by rpki-client on console-ams.rpki-client.org