Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/vNM0NFb3KvtmaIdSO667IxfUEdg.roa
File: vNM0NFb3KvtmaIdSO667IxfUEdg.roa (raw, json)
Hash identifier: BuydyokuXnsOuSPA4YFbIC9UF0krgTqmb/Ygr2JzcNA=
Subject key identifier: BC:D3:34:34:56:F7:2A:FB:66:68:87:52:3B:AE:BB:23:17:D4:11:D8
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018EDD0048C5541CD28616DE79412D82B932
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/vNM0NFb3KvtmaIdSO667IxfUEdg.roa
Signing time: Sun 14 Apr 2024 14:26:07 +0000
ROA not before: Sun 14 Apr 2024 14:26:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3267
IP address blocks: 80.250.160.0/19 maxlen: 24
82.137.128.0/18 maxlen: 24
82.137.176.0/20 maxlen: 22
82.179.32.0/20 maxlen: 24
82.179.63.0/24 maxlen: 24
82.179.64.0/19 maxlen: 24
82.179.140.0/23 maxlen: 23
83.149.192.0/18 maxlen: 24
85.142.8.0/21 maxlen: 21
85.142.16.0/20 maxlen: 24
85.142.32.0/21 maxlen: 24
85.142.52.0/22 maxlen: 24
85.142.56.0/22 maxlen: 24
85.142.102.0/23 maxlen: 24
85.142.104.0/21 maxlen: 24
85.142.116.0/22 maxlen: 24
85.142.120.0/21 maxlen: 24
85.142.148.0/23 maxlen: 24
85.142.153.0/24 maxlen: 24
85.142.162.0/23 maxlen: 24
85.143.0.0/20 maxlen: 24
85.143.18.0/23 maxlen: 24
85.143.26.0/24 maxlen: 24
85.143.96.0/22 maxlen: 24
85.143.112.0/22 maxlen: 24
85.143.124.0/22 maxlen: 24
85.143.224.0/21 maxlen: 21
85.143.239.0/24 maxlen: 24
86.110.96.0/24 maxlen: 24
86.110.101.0/24 maxlen: 24
86.110.102.0/23 maxlen: 24
185.71.96.0/22 maxlen: 22
185.141.124.0/22 maxlen: 22
188.93.107.0/24 maxlen: 24
193.27.214.0/23 maxlen: 24
194.85.32.0/20 maxlen: 20
194.85.168.0/23 maxlen: 23
194.85.174.0/23 maxlen: 23
194.149.64.0/24 maxlen: 24
194.190.232.0/21 maxlen: 24
194.190.240.0/23 maxlen: 24
194.190.247.0/24 maxlen: 24
194.190.249.0/24 maxlen: 24
194.190.254.0/23 maxlen: 23
194.226.192.0/19 maxlen: 24
195.209.224.0/22 maxlen: 22
195.209.234.0/24 maxlen: 24
195.209.236.0/23 maxlen: 23
195.209.240.0/22 maxlen: 22
2001:b08:22::/48 maxlen: 48
2001:b08:26::/48 maxlen: 48
2a00:db8::/32 maxlen: 48
2a07:a6c0::/29 maxlen: 29
2a07:a6c4::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 12 Aug 2024 12:22:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:dd:00:48:c5:54:1c:d2:86:16:de:79:41:2d:82:b9:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Apr 14 14:26:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bcd3343456f72afb666887523baebb2317d411d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:46:4d:03:ca:62:b8:63:f2:7a:03:3a:0b:5d:
fb:19:83:64:df:ec:66:bb:9b:25:7c:22:e5:23:18:
e1:ff:11:89:f9:4a:55:99:4b:80:81:ec:97:c0:06:
cc:79:f9:93:71:53:7f:c2:ac:e2:a7:07:13:92:18:
59:40:73:f2:e0:f7:22:d8:84:f9:d8:ad:f5:da:46:
cf:85:c2:aa:1b:66:31:c1:9e:48:4a:b9:77:6d:49:
37:32:6b:ee:ae:1a:d2:45:ec:80:c6:3a:36:f8:81:
c0:f0:30:c6:12:e9:89:9c:a6:c8:23:a8:cd:9a:44:
28:38:f0:c2:c8:cc:bb:53:ef:62:ee:3f:b0:76:3f:
f9:0d:4b:3f:cc:1d:e3:9e:3e:e0:fe:13:d0:8b:d0:
df:3b:93:c8:8e:1d:5c:5c:30:21:22:bb:08:d0:08:
36:de:ef:40:c4:87:c7:49:3d:f5:2f:ef:d3:8b:cb:
72:13:f6:32:42:35:0e:e5:4a:8f:09:33:4e:37:44:
f0:40:c6:aa:87:e1:2e:3c:81:cc:5c:8c:d4:ee:ee:
32:e4:35:99:e2:b7:21:e9:50:da:23:4a:c1:21:02:
ad:0b:ba:84:b1:91:eb:6b:f9:22:5e:00:e4:48:8d:
72:d8:7b:95:20:56:66:d4:e1:2a:ec:d9:bf:fc:fb:
dc:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:D3:34:34:56:F7:2A:FB:66:68:87:52:3B:AE:BB:23:17:D4:11:D8
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/vNM0NFb3KvtmaIdSO667IxfUEdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.250.160.0/19
82.137.128.0/18
82.179.32.0/20
82.179.63.0-82.179.95.255
82.179.140.0/23
83.149.192.0/18
85.142.8.0-85.142.39.255
85.142.52.0-85.142.59.255
85.142.102.0-85.142.111.255
85.142.116.0-85.142.127.255
85.142.148.0/23
85.142.153.0/24
85.142.162.0/23
85.143.0.0/20
85.143.18.0/23
85.143.26.0/24
85.143.96.0/22
85.143.112.0/22
85.143.124.0/22
85.143.224.0/21
85.143.239.0/24
86.110.96.0/24
86.110.101.0-86.110.103.255
185.71.96.0/22
185.141.124.0/22
188.93.107.0/24
193.27.214.0/23
194.85.32.0/20
194.85.168.0/23
194.85.174.0/23
194.149.64.0/24
194.190.232.0-194.190.241.255
194.190.247.0/24
194.190.249.0/24
194.190.254.0/23
194.226.192.0/19
195.209.224.0/22
195.209.234.0/24
195.209.236.0/23
195.209.240.0/22
IPv6:
2001:b08:22::/48
2001:b08:26::/48
2a00:db8::/32
2a07:a6c0::/29
Signature Algorithm: sha256WithRSAEncryption
51:9e:f8:60:ae:5b:93:09:40:19:ee:b5:b5:1e:82:86:0a:04:
80:2b:d7:af:10:7e:74:59:a0:3d:4e:26:a5:c2:22:d1:37:25:
b2:a4:ec:c7:18:74:8a:7b:f6:af:c3:1b:10:1e:b8:d1:2e:bd:
24:8a:df:db:a7:a8:cd:3e:b7:0a:b8:7b:cf:d6:ba:dc:07:62:
6d:55:c7:e6:fb:ce:82:4e:3e:78:bb:ce:85:71:a3:d6:3e:f8:
fa:b4:10:27:bb:b9:02:47:ec:36:6e:49:cc:b1:f7:b8:70:39:
79:ae:da:fb:61:c9:d0:b2:85:83:3e:07:d7:9c:b3:fd:5f:5a:
a8:dd:87:99:91:fd:a0:53:34:b3:4b:df:9f:a6:ef:2c:ab:22:
ab:13:fc:5a:b3:3e:81:57:45:30:9a:c0:dd:f3:3c:3d:a2:ac:
cf:9a:cb:4c:f7:e7:39:7b:25:28:17:ce:6b:01:01:5b:59:5b:
af:48:8a:fe:c8:a9:25:34:b6:fc:2e:8c:78:5d:03:1b:11:8f:
d4:c3:58:4a:46:ab:d4:89:72:5a:b9:46:53:66:6e:86:68:06:
66:8b:f7:f3:40:cb:32:0e:e9:23:79:25:4d:dc:22:5d:d6:d2:
63:a5:4a:16:de:ac:b1:5b:4f:4b:71:d5:93:42:18:63:89:9a:
41:f2:5e:7b
-----BEGIN CERTIFICATE-----
MIIGUTCCBTmgAwIBAgISAY7dAEjFVBzShhbeeUEtgrkyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjQwNDE0MTQyNjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2QzMzQzNDU2ZjcyYWZiNjY2ODg3NTIzYmFlYmIyMzE3ZDQxMWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkZNA8piuGPyegM6C137GYNk3+xm
u5slfCLlIxjh/xGJ+UpVmUuAgeyXwAbMefmTcVN/wqzipwcTkhhZQHPy4Pci2IT5
2K312kbPhcKqG2YxwZ5ISrl3bUk3MmvurhrSReyAxjo2+IHA8DDGEumJnKbII6jN
mkQoOPDCyMy7U+9i7j+wdj/5DUs/zB3jnj7g/hPQi9DfO5PIjh1cXDAhIrsI0Ag2
3u9AxIfHST31L+/Ti8tyE/YyQjUO5UqPCTNON0TwQMaqh+EuPIHMXIzU7u4y5DWZ
4rch6VDaI0rBIQKtC7qEsZHra/kiXgDkSI1y2HuVIFZm1OEq7Nm//PvcCQIDAQAB
o4IDXTCCA1kwHQYDVR0OBBYEFLzTNDRW9yr7ZmiHUjuuuyMX1BHYMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvdk5NME5GYjNLdnRtYUlkU082NjdJeGZVRWRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBcQYIKwYBBQUHAQcBAf8EggFgMIIBXDCCATAEAgABMIIB
KAMEBVD6oAMEBlKJgAMEBFKzIDAMAwQAUrM/AwQFUrNAAwQBUrOMAwQGU5XAMAwD
BANVjggDBANVjiAwDAMEAlWONAMEAlWOODAMAwQBVY5mAwQEVY5gMAwDBAJVjnQD
BAdVjgADBAFVjpQDBABVjpkDBAFVjqIDBARVjwADBAFVjxIDBABVjxoDBAJVj2AD
BAJVj3ADBAJVj3wDBANVj+ADBABVj+8DBABWbmAwDAMEAFZuZQMEA1ZuYAMEArlH
YAMEArmNfAMEALxdawMEAcEb1gMEBMJVIAMEAcJVqAMEAcJVrgMEAMKVQDAMAwQD
wr7oAwQBwr7wAwQAwr73AwQAwr75AwQBwr7+AwQFwuLAAwQCw9HgAwQAw9HqAwQB
w9HsAwQCw9HwMCYEAgACMCADBwAgAQsIACIDBwAgAQsIACYDBQAqAA24AwUDKgem
wDANBgkqhkiG9w0BAQsFAAOCAQEAUZ74YK5bkwlAGe61tR6ChgoEgCvXrxB+dFmg
PU4mpcIi0TclsqTsxxh0inv2r8MbEB640S69JIrf26eozT63Crh7z9a63AdibVXH
5vvOgk4+eLvOhXGj1j74+rQQJ7u5AkfsNm5JzLH3uHA5ea7a+2HJ0LKFgz4H15yz
/V9aqN2HmZH9oFM0s0vfn6bvLKsiqxP8WrM+gVdFMJrA3fM8PaKsz5rLTPfnOXsl
KBfOawEBW1lbr0iK/sipJTS2/C6MeF0DGxGP1MNYSkar1IlyWrlGU2ZuhmgGZov3
80DLMg7pI3klTdwiXdbSY6VKFt6ssVtPS3HVk0IYY4maQfJeew==
-----END CERTIFICATE-----
Generated at Mon Aug 12 14:09:09 2024 by rpki-client on console-fra.rpki-client.org