Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/8whQ32dH6mJIBwX3VE4IakKcBN4.roa
File: 8whQ32dH6mJIBwX3VE4IakKcBN4.roa (raw, json)
Hash identifier: +39ut10O4dPXvBGlU9iYJ6PjIL7kMyTPY1DMwzUIdxg=
Subject key identifier: F3:08:50:DF:67:47:EA:62:48:07:05:F7:54:4E:08:6A:42:9C:04:DE
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 018D53840DE111B6C3A48DE666FE3B02826A
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/8whQ32dH6mJIBwX3VE4IakKcBN4.roa
Signing time: Mon 29 Jan 2024 04:39:39 +0000
ROA not before: Mon 29 Jan 2024 04:39:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50131
IP address blocks: 45.142.156.0/24 maxlen: 32
45.142.157.0/24 maxlen: 32
45.142.158.0/23 maxlen: 32
45.145.72.0/23 maxlen: 32
45.145.74.0/23 maxlen: 32
45.150.164.0/22 maxlen: 32
45.150.226.0/23 maxlen: 32
45.151.132.0/22 maxlen: 32
45.154.212.0/22 maxlen: 32
94.154.114.0/24 maxlen: 32
178.22.30.0/24 maxlen: 32
188.93.139.0/24 maxlen: 32
193.218.200.0/23 maxlen: 32
193.221.94.0/23 maxlen: 32
194.124.218.0/23 maxlen: 32
194.124.224.0/23 maxlen: 32
194.147.98.0/23 maxlen: 32
194.147.100.0/23 maxlen: 32
212.18.111.0/24 maxlen: 32
217.114.47.0/24 maxlen: 32
2a0e:da40:4000::/34 maxlen: 128
Validation: Failed, certificate revoked on Wed 31 Jan 2024 21:13:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:53:84:0d:e1:11:b6:c3:a4:8d:e6:66:fe:3b:02:82:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Jan 29 04:39:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f30850df6747ea62480705f7544e086a429c04de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:de:9b:35:b7:2e:e4:e4:8c:0a:25:2c:f9:6d:
ec:60:15:44:7d:2c:8c:c0:e3:3b:37:01:08:fc:4a:
d2:dd:21:25:36:29:f8:f5:00:b0:91:07:4e:b4:78:
dd:88:cb:d2:fa:5b:82:c4:69:4f:e5:a3:28:ac:56:
15:5d:d1:d0:70:4a:5e:da:b6:2d:31:20:38:cd:0b:
4d:db:c3:5f:47:e5:4a:97:00:61:ad:19:c3:67:f9:
8e:ac:5a:24:b2:ae:5e:1c:15:24:d5:ca:57:e5:55:
3b:f0:d5:8b:09:f0:89:e4:3a:11:fa:80:c7:35:8a:
c8:cc:11:fe:d4:22:0e:26:17:f3:f3:65:d8:dc:31:
7e:27:6a:8c:8c:85:61:58:74:c7:4b:a0:1f:09:f3:
ae:52:3b:d4:6b:aa:64:16:08:36:23:45:3c:e7:95:
a8:0f:00:4e:7f:e2:84:f5:fb:10:e1:01:6b:7b:fe:
fa:ef:54:8a:38:06:bb:ad:d9:0e:a1:a8:0d:bf:94:
84:76:2d:1b:dd:44:60:d2:40:d3:52:fc:9b:a5:24:
f6:a2:bc:a1:6b:fd:67:d7:7e:e2:e9:f9:53:ef:71:
fb:54:73:aa:a0:dc:d3:76:13:c5:2e:86:86:5e:2f:
b0:46:27:60:72:39:98:19:17:40:55:9a:68:d7:e0:
d2:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:08:50:DF:67:47:EA:62:48:07:05:F7:54:4E:08:6A:42:9C:04:DE
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/8whQ32dH6mJIBwX3VE4IakKcBN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.156.0/22
45.145.72.0/22
45.150.164.0/22
45.150.226.0/23
45.151.132.0/22
45.154.212.0/22
94.154.114.0/24
178.22.30.0/24
188.93.139.0/24
193.218.200.0/23
193.221.94.0/23
194.124.218.0/23
194.124.224.0/23
194.147.98.0-194.147.101.255
212.18.111.0/24
217.114.47.0/24
IPv6:
2a0e:da40:4000::/34
Signature Algorithm: sha256WithRSAEncryption
8e:9e:ac:45:75:8e:6b:bf:07:b0:1e:ef:bb:8c:05:aa:98:c1:
b3:8d:fd:06:56:a8:8e:86:e4:94:4c:17:5d:5e:34:d5:fe:40:
8f:f0:41:22:47:38:10:53:15:98:71:6d:4b:73:fb:bc:16:96:
66:1d:e7:78:95:d5:ee:61:ad:74:92:da:3d:b7:59:a9:38:00:
9d:3b:c2:c6:41:72:85:10:88:fb:27:bc:32:ac:b7:ef:ca:89:
a8:97:d7:8e:05:d4:e0:0f:ef:92:70:f3:d8:f1:8c:eb:fc:94:
bd:a2:30:0d:f5:8d:81:c0:e2:6c:76:df:d4:6e:04:82:b0:a0:
e6:24:67:e5:52:bc:d8:64:f7:41:5f:73:f6:4d:ad:64:a8:53:
b1:eb:ee:07:f2:53:17:d7:86:7e:13:00:56:12:0f:49:10:ff:
c6:95:e2:92:32:8b:09:eb:10:51:ae:d8:80:58:f0:82:3f:42:
0b:c8:c8:5a:77:ea:28:cd:e5:29:d8:56:38:18:0d:07:82:e9:
d1:5d:f9:96:18:a0:fc:d9:7f:73:f7:0c:f0:8f:e1:a0:ad:1f:
38:6f:39:0d:9a:59:01:2a:fd:93:1a:96:02:30:77:f5:e8:25:
a7:2d:8c:36:70:35:e3:e1:0f:48:6a:da:bc:c3:5c:bf:22:5b:
96:e2:d0:df
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAY1ThA3hEbbDpI3mZv47AoJqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjQwMTI5MDQzOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzA4NTBkZjY3NDdlYTYyNDgwNzA1Zjc1NDRlMDg2YTQyOWMwNGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst6bNbcu5OSMCiUs+W3sYBVEfSyM
wOM7NwEI/ErS3SElNin49QCwkQdOtHjdiMvS+luCxGlP5aMorFYVXdHQcEpe2rYt
MSA4zQtN28NfR+VKlwBhrRnDZ/mOrFoksq5eHBUk1cpX5VU78NWLCfCJ5DoR+oDH
NYrIzBH+1CIOJhfz82XY3DF+J2qMjIVhWHTHS6AfCfOuUjvUa6pkFgg2I0U855Wo
DwBOf+KE9fsQ4QFre/7671SKOAa7rdkOoagNv5SEdi0b3URg0kDTUvybpST2oryh
a/1n137i6flT73H7VHOqoNzTdhPFLoaGXi+wRidgcjmYGRdAVZpo1+DSxwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFPMIUN9nR+piSAcF91ROCGpCnATeMB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvOHdoUTMyZEg2bUpJQndYM1ZFNElha0tjQk40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDBuBAIAATBoAwQCLY6c
AwQCLZFIAwQCLZakAwQBLZbiAwQCLZeEAwQCLZrUAwQAXppyAwQAshYeAwQAvF2L
AwQBwdrIAwQBwd1eAwQBwnzaAwQBwnzgMAwDBAHCk2IDBAHCk2QDBADUEm8DBADZ
ci8wDgQCAAIwCAMGBioO2kBAMA0GCSqGSIb3DQEBCwUAA4IBAQCOnqxFdY5rvwew
Hu+7jAWqmMGzjf0GVqiOhuSUTBddXjTV/kCP8EEiRzgQUxWYcW1Lc/u8FpZmHed4
ldXuYa10kto9t1mpOACdO8LGQXKFEIj7J7wyrLfvyomol9eOBdTgD++ScPPY8Yzr
/JS9ojAN9Y2BwOJsdt/UbgSCsKDmJGflUrzYZPdBX3P2Ta1kqFOx6+4H8lMX14Z+
EwBWEg9JEP/GleKSMosJ6xBRrtiAWPCCP0ILyMhad+oozeUp2FY4GA0HgunRXfmW
GKD82X9z9wzwj+GgrR84bzkNmlkBKv2TGpYCMHf16CWnLYw2cDXj4Q9Iatq8w1y/
IluW4tDf
-----END CERTIFICATE-----
Generated at Thu Feb 1 00:16:40 2024 by rpki-client on console-fra.rpki-client.org