Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/b9pVwBgb86NP6aknYJnG0iujkS0.roa
File: b9pVwBgb86NP6aknYJnG0iujkS0.roa (raw, json)
Hash identifier: RNVLseDhD5E31Pvy6z0/I6C0PSy1YUcnY6BC+bWVbk4=
Subject key identifier: 6F:DA:55:C0:18:1B:F3:A3:4F:E9:A9:27:60:99:C6:D2:2B:A3:91:2D
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018D9386B6B816F0F95E439B5B8DBC49862F
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/b9pVwBgb86NP6aknYJnG0iujkS0.roa
Signing time: Sat 10 Feb 2024 14:58:15 +0000
ROA not before: Sat 10 Feb 2024 14:58:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3267
IP address blocks: 80.250.160.0/19 maxlen: 24
82.137.137.0/24 maxlen: 24
82.137.176.0/22 maxlen: 22
82.137.180.0/22 maxlen: 22
82.137.184.0/22 maxlen: 22
82.137.188.0/22 maxlen: 22
82.179.32.0/19 maxlen: 19
82.179.64.0/18 maxlen: 18
82.179.128.0/17 maxlen: 17
83.149.192.0/18 maxlen: 24
85.142.8.0/21 maxlen: 21
85.142.32.0/21 maxlen: 24
85.142.52.0/22 maxlen: 24
85.142.56.0/22 maxlen: 24
85.142.102.0/23 maxlen: 24
85.142.104.0/21 maxlen: 24
85.142.116.0/22 maxlen: 24
85.142.120.0/21 maxlen: 24
85.142.148.0/23 maxlen: 24
85.142.153.0/24 maxlen: 24
85.142.162.0/23 maxlen: 24
85.143.0.0/20 maxlen: 24
85.143.18.0/23 maxlen: 24
85.143.26.0/24 maxlen: 24
85.143.96.0/22 maxlen: 24
85.143.112.0/22 maxlen: 24
85.143.124.0/22 maxlen: 24
85.143.224.0/21 maxlen: 21
85.143.239.0/24 maxlen: 24
86.110.96.0/19 maxlen: 19
86.110.96.0/22 maxlen: 22
86.110.101.0/24 maxlen: 24
86.110.102.0/24 maxlen: 24
86.110.103.0/24 maxlen: 24
86.110.112.0/20 maxlen: 20
185.71.96.0/22 maxlen: 22
188.93.107.0/24 maxlen: 24
193.27.214.0/23 maxlen: 24
194.85.32.0/20 maxlen: 20
194.85.160.0/21 maxlen: 21
194.85.168.0/22 maxlen: 22
194.85.174.0/23 maxlen: 23
194.149.64.0/24 maxlen: 24
194.190.224.0/19 maxlen: 24
194.190.232.0/21 maxlen: 24
194.190.240.0/24 maxlen: 24
194.190.241.0/24 maxlen: 24
194.190.242.0/23 maxlen: 23
194.190.244.0/22 maxlen: 22
194.190.248.0/21 maxlen: 21
194.226.192.0/20 maxlen: 20
2001:b08:22::/48 maxlen: 48
2001:b08:26::/48 maxlen: 48
2a00:db8::/32 maxlen: 48
2a07:a6c0::/29 maxlen: 29
2a07:a6c4::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 11 Feb 2024 13:45:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:93:86:b6:b8:16:f0:f9:5e:43:9b:5b:8d:bc:49:86:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Feb 10 14:58:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6fda55c0181bf3a34fe9a9276099c6d22ba3912d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:0d:f3:59:17:a2:10:d8:6b:87:58:e1:11:9d:
9f:9a:61:99:cf:f0:9a:96:c1:30:35:07:d8:c9:c3:
ac:9d:4f:d3:36:20:66:a7:f3:c0:db:10:f8:a6:d4:
17:cf:5a:53:2c:c0:31:4a:de:e7:ab:94:81:aa:8b:
ce:dc:5d:ed:93:87:30:76:6a:bf:50:98:ed:de:b0:
15:6e:f8:e8:92:98:0a:bd:bd:bf:99:34:79:e1:96:
5e:53:94:03:55:a7:01:e2:39:80:2b:08:9d:e9:df:
97:a3:66:cb:8d:0b:4d:c2:27:17:ea:f0:96:ca:a2:
a5:a4:b9:ee:8c:d2:a8:b6:b1:61:34:49:5e:e5:88:
09:eb:19:71:e3:78:6e:70:13:30:69:d4:2b:3c:57:
37:a2:cc:2a:fe:30:5a:91:5e:9b:92:e2:36:f3:9a:
25:3f:47:a5:c1:15:a1:8b:b1:b2:8c:22:e1:38:bd:
72:21:af:6c:0f:17:8f:9d:95:f1:95:3a:05:09:e7:
24:70:55:39:f8:f5:3c:6b:06:e7:b3:5a:49:d5:a8:
69:7e:b1:a4:a7:94:ca:e5:40:39:21:15:1e:d1:78:
8c:31:e4:7f:a0:12:56:bf:a0:24:b0:af:ef:d1:1e:
37:e1:d2:09:94:cd:3b:43:db:91:02:4d:e8:7a:b0:
d0:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:DA:55:C0:18:1B:F3:A3:4F:E9:A9:27:60:99:C6:D2:2B:A3:91:2D
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/b9pVwBgb86NP6aknYJnG0iujkS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.250.160.0/19
82.137.137.0/24
82.137.176.0/20
82.179.32.0-82.179.255.255
83.149.192.0/18
85.142.8.0/21
85.142.32.0/21
85.142.52.0-85.142.59.255
85.142.102.0-85.142.111.255
85.142.116.0-85.142.127.255
85.142.148.0/23
85.142.153.0/24
85.142.162.0/23
85.143.0.0/20
85.143.18.0/23
85.143.26.0/24
85.143.96.0/22
85.143.112.0/22
85.143.124.0/22
85.143.224.0/21
85.143.239.0/24
86.110.96.0/19
185.71.96.0/22
188.93.107.0/24
193.27.214.0/23
194.85.32.0/20
194.85.160.0-194.85.171.255
194.85.174.0/23
194.149.64.0/24
194.190.224.0/19
194.226.192.0/20
IPv6:
2001:b08:22::/48
2001:b08:26::/48
2a00:db8::/32
2a07:a6c0::/29
Signature Algorithm: sha256WithRSAEncryption
19:39:88:4f:f2:28:3f:3f:8b:a4:e2:8e:e7:20:e7:e9:0c:19:
f9:f8:be:c7:81:ad:60:59:c8:f3:59:72:62:46:8d:2f:79:9c:
1a:ca:ba:d7:36:2a:d7:17:6f:dd:84:05:b0:fd:4f:6b:f2:05:
d7:ff:30:71:c2:ca:31:b0:6a:1a:f6:7c:92:f1:ac:7c:c1:81:
8e:8d:7e:f7:f4:4d:d2:8e:e6:70:2a:e4:54:49:d8:21:d6:c4:
c0:e2:70:da:b2:a5:bb:6d:9b:87:de:63:46:5b:16:f2:e3:be:
5a:ba:d4:38:7e:96:f4:46:93:a4:4d:5e:16:6d:2b:45:2f:99:
1c:bf:e2:2e:87:d8:c1:6b:af:8a:00:d9:43:40:39:32:13:6b:
b8:74:a3:5e:6b:32:37:f5:c6:f3:e7:65:1e:e4:f1:18:61:6f:
bf:03:84:a2:31:76:0b:7b:eb:64:f2:e3:f4:bd:49:ec:37:69:
dd:cc:dd:17:9a:e1:0e:f4:39:5d:07:1f:26:a1:19:7d:a1:e0:
c0:2d:ee:ab:c2:6e:0b:c6:00:e6:22:ae:05:ac:38:7e:3e:32:
27:b4:ec:ff:99:45:07:b8:59:42:5a:48:64:cb:a8:e0:0b:8c:
43:2c:82:0a:ec:98:0c:d4:af:8c:ea:db:57:26:25:08:29:5c:
cd:88:4f:7e
-----BEGIN CERTIFICATE-----
MIIGCDCCBPCgAwIBAgISAY2Thra4FvD5XkObW428SYYvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjQwMjEwMTQ1ODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmRhNTVjMDE4MWJmM2EzNGZlOWE5Mjc2MDk5YzZkMjJiYTM5MTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3g3zWReiENhrh1jhEZ2fmmGZz/Ca
lsEwNQfYycOsnU/TNiBmp/PA2xD4ptQXz1pTLMAxSt7nq5SBqovO3F3tk4cwdmq/
UJjt3rAVbvjokpgKvb2/mTR54ZZeU5QDVacB4jmAKwid6d+Xo2bLjQtNwicX6vCW
yqKlpLnujNKotrFhNEle5YgJ6xlx43hucBMwadQrPFc3oswq/jBakV6bkuI285ol
P0elwRWhi7GyjCLhOL1yIa9sDxePnZXxlToFCeckcFU5+PU8awbns1pJ1ahpfrGk
p5TK5UA5IRUe0XiMMeR/oBJWv6AksK/v0R434dIJlM07Q9uRAk3oerDQKwIDAQAB
o4IDFDCCAxAwHQYDVR0OBBYEFG/aVcAYG/OjT+mpJ2CZxtIro5EtMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvYjlwVndCZ2I4Nk5QNmFrbllKbkcwaXVqa1MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKAYIKwYBBQUHAQcBAf8EggEXMIIBEzCB6AQCAAEwgeED
BAVQ+qADBABSiYkDBARSibAwCwMEBVKzIAMDAlKwAwQGU5XAAwQDVY4IAwQDVY4g
MAwDBAJVjjQDBAJVjjgwDAMEAVWOZgMEBFWOYDAMAwQCVY50AwQHVY4AAwQBVY6U
AwQAVY6ZAwQBVY6iAwQEVY8AAwQBVY8SAwQAVY8aAwQCVY9gAwQCVY9wAwQCVY98
AwQDVY/gAwQAVY/vAwQFVm5gAwQCuUdgAwQAvF1rAwQBwRvWAwQEwlUgMAwDBAXC
VaADBALCVagDBAHCVa4DBADClUADBAXCvuADBATC4sAwJgQCAAIwIAMHACABCwgA
IgMHACABCwgAJgMFACoADbgDBQMqB6bAMA0GCSqGSIb3DQEBCwUAA4IBAQAZOYhP
8ig/P4uk4o7nIOfpDBn5+L7Hga1gWcjzWXJiRo0veZwayrrXNirXF2/dhAWw/U9r
8gXX/zBxwsoxsGoa9nyS8ax8wYGOjX739E3SjuZwKuRUSdgh1sTA4nDasqW7bZuH
3mNGWxby475autQ4fpb0RpOkTV4WbStFL5kcv+Iuh9jBa6+KANlDQDkyE2u4dKNe
azI39cbz52Ue5PEYYW+/A4SiMXYLe+tk8uP0vUnsN2ndzN0XmuEO9DldBx8moRl9
oeDALe6rwm4LxgDmIq4FrDh+PjIntOz/mUUHuFlCWkhky6jgC4xDLIIK7JgM1K+M
6ttXJiUIKVzNiE9+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:01 2024 by rpki-client on console-ams.rpki-client.org