Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/b5RxGjBBSjqALIy1ipftu5E7Kog.roa
File: b5RxGjBBSjqALIy1ipftu5E7Kog.roa (raw, json)
Hash identifier: p9590WVrr28kazdZed4WQ0kmR+7n3NXqNm0j6LSRY48=
Subject key identifier: 6F:94:71:1A:30:41:4A:3A:80:2C:8C:B5:8A:97:ED:BB:91:3B:2A:88
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018CC72770399B13EB8BD68211EE82F844C7
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/b5RxGjBBSjqALIy1ipftu5E7Kog.roa
Signing time: Mon 01 Jan 2024 22:31:39 +0000
ROA not before: Mon 01 Jan 2024 22:31:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3343
IP address blocks: 80.250.191.0/24 maxlen: 24
86.110.118.0/24 maxlen: 24
86.110.117.0/24 maxlen: 24
86.110.116.0/24 maxlen: 24
80.250.176.0/23 maxlen: 23
86.110.119.0/24 maxlen: 24
85.143.191.0/24 maxlen: 24
80.250.184.0/24 maxlen: 24
80.250.183.0/24 maxlen: 24
80.250.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 Feb 2024 14:57:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:70:39:9b:13:eb:8b:d6:82:11:ee:82:f8:44:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 22:31:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f94711a30414a3a802c8cb58a97edbb913b2a88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:1e:c4:d8:37:ce:dd:8d:b1:3c:78:70:09:99:
12:b2:f8:25:23:61:e1:27:66:2a:20:54:55:bc:1f:
48:a9:5e:2e:e8:45:77:ea:91:41:ac:eb:a9:4c:3c:
45:c7:68:64:11:d6:e3:6e:bd:eb:52:86:50:a6:86:
c1:bc:b6:3a:41:8a:10:ef:01:97:1e:29:f4:4d:c8:
40:19:21:6a:9d:c4:88:5f:82:44:01:e5:2e:25:e2:
f7:90:7a:0f:20:a8:33:3d:d9:d7:6f:78:fc:ee:87:
8e:e0:a5:4b:0a:5b:9a:e9:29:e0:5d:90:13:9b:d1:
da:12:66:6e:fc:1b:ac:24:04:11:8c:d4:22:0f:bd:
f1:63:24:63:02:d1:6e:52:e8:9a:b4:85:89:77:89:
4f:b2:48:36:bc:01:6a:26:e5:af:e0:51:33:09:61:
ea:bc:47:03:8d:30:c0:93:e6:c3:1f:5a:89:dd:eb:
06:d4:7f:27:b9:53:55:8e:61:4c:5d:ea:f8:86:bc:
9e:f8:c7:10:a7:ec:3f:83:8b:01:f3:c3:66:13:c1:
90:8d:3e:d3:91:cd:56:de:be:f8:be:6c:01:b7:57:
92:2c:fa:c3:83:27:61:a1:ce:ae:e6:5b:b4:be:28:
82:ff:9a:d0:f0:be:76:3d:e8:10:1a:7b:84:fa:45:
d9:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:94:71:1A:30:41:4A:3A:80:2C:8C:B5:8A:97:ED:BB:91:3B:2A:88
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/b5RxGjBBSjqALIy1ipftu5E7Kog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.250.176.0/23
80.250.182.0-80.250.184.255
80.250.191.0/24
85.143.191.0/24
86.110.116.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:23:f4:53:4b:55:2d:22:58:8a:a4:f4:ef:cf:fb:2b:a9:8c:
a4:73:02:33:e7:aa:0d:4e:42:c0:57:e8:e9:66:8c:70:aa:b1:
a4:a5:f2:7b:32:54:32:ce:a4:38:5a:b8:4a:28:ba:9d:01:e1:
0c:eb:d5:f7:d1:c7:4c:a6:fc:13:ee:f1:05:4d:86:82:0b:fc:
7e:14:af:7d:9e:b8:2e:bf:a0:b0:c5:fa:dc:ed:04:41:f9:31:
75:af:d2:72:6f:7e:fe:e2:01:90:f4:88:2f:67:0e:8d:e2:d4:
4c:89:76:f6:ee:d1:f0:b3:62:4f:85:e4:c1:dd:71:9f:df:6a:
e9:e0:f2:ce:17:f4:b0:fa:d2:a2:f7:49:48:45:37:f0:1d:ba:
37:cb:21:e6:e5:2b:31:8b:97:1b:dd:ca:5f:f7:93:c4:30:d1:
5a:3b:ac:ff:0a:92:2c:4b:37:2a:56:38:fd:40:42:5c:20:aa:
90:6e:bb:ef:0f:b7:61:82:ea:19:fb:df:88:06:69:b8:8e:1b:
49:21:51:67:3b:36:ab:5c:56:41:1f:20:0d:59:af:f5:09:9a:
bd:5e:37:9b:e5:e6:d6:5a:b0:0d:79:74:06:cd:6c:44:73:40:
00:e1:5b:3d:32:24:90:b1:1f:6f:e4:2e:e1:47:50:af:ad:e0:
46:2a:c7:ae
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzHJ3A5mxPri9aCEe6C+ETHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjQwMTAxMjIzMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Zjk0NzExYTMwNDE0YTNhODAyYzhjYjU4YTk3ZWRiYjkxM2IyYTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjx7E2DfO3Y2xPHhwCZkSsvglI2Hh
J2YqIFRVvB9IqV4u6EV36pFBrOupTDxFx2hkEdbjbr3rUoZQpobBvLY6QYoQ7wGX
Hin0TchAGSFqncSIX4JEAeUuJeL3kHoPIKgzPdnXb3j87oeO4KVLClua6SngXZAT
m9HaEmZu/BusJAQRjNQiD73xYyRjAtFuUuiatIWJd4lPskg2vAFqJuWv4FEzCWHq
vEcDjTDAk+bDH1qJ3esG1H8nuVNVjmFMXer4hrye+McQp+w/g4sB88NmE8GQjT7T
kc1W3r74vmwBt1eSLPrDgydhoc6u5lu0viiC/5rQ8L52PegQGnuE+kXZuwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFG+UcRowQUo6gCyMtYqX7buROyqIMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvYjVSeEdqQkJTanFBTEl5MWlwZnR1NUU3S29nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBUPqwMAwD
BAFQ+rYDBABQ+rgDBABQ+r8DBABVj78DBAJWbnQwDQYJKoZIhvcNAQELBQADggEB
AFoj9FNLVS0iWIqk9O/P+yupjKRzAjPnqg1OQsBX6OlmjHCqsaSl8nsyVDLOpDha
uEooup0B4Qzr1ffRx0ym/BPu8QVNhoIL/H4Ur32euC6/oLDF+tztBEH5MXWv0nJv
fv7iAZD0iC9nDo3i1EyJdvbu0fCzYk+F5MHdcZ/faung8s4X9LD60qL3SUhFN/Ad
ujfLIeblKzGLlxvdyl/3k8Qw0Vo7rP8KkixLNypWOP1AQlwgqpBuu+8Pt2GC6hn7
34gGabiOG0khUWc7NqtcVkEfIA1Zr/UJmr1eN5vl5tZasA15dAbNbERzQADhWz0y
JJCxH2/kLuFHUK+t4EYqx64=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:01 2024 by rpki-client on console-ams.rpki-client.org