Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/L8x68fXESom8MjkJVUPzPGKjNoc.roa
File: L8x68fXESom8MjkJVUPzPGKjNoc.roa (raw, json)
Hash identifier: Ksb8PbfPRSW3gtpGAU8E/u8hTQZjSscR24evhskA/rM=
Subject key identifier: 2F:CC:7A:F1:F5:C4:4A:89:BC:32:39:09:55:43:F3:3C:62:A3:36:87
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 018AFB9ECF99E637CDEC4E0954D569A0743D
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/L8x68fXESom8MjkJVUPzPGKjNoc.roa
Signing time: Wed 04 Oct 2023 16:56:43 +0000
ROA not before: Wed 04 Oct 2023 16:56:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8447
IP address blocks: 213.147.160.0/19 maxlen: 19
192.164.128.0/19 maxlen: 19
178.188.0.0/14 maxlen: 14
85.90.128.0/19 maxlen: 19
213.33.63.0/24 maxlen: 24
193.187.212.0/22 maxlen: 22
213.157.128.0/19 maxlen: 19
192.164.64.0/21 maxlen: 21
193.80.0.0/15 maxlen: 15
193.187.216.0/21 maxlen: 21
193.187.224.0/20 maxlen: 20
192.164.80.0/20 maxlen: 20
212.16.32.0/19 maxlen: 19
193.187.240.0/22 maxlen: 22
213.225.0.0/18 maxlen: 18
192.164.96.0/19 maxlen: 19
213.33.0.0/17 maxlen: 17
192.164.224.0/19 maxlen: 19
93.111.0.0/16 maxlen: 16
212.124.128.0/19 maxlen: 19
195.3.64.0/18 maxlen: 18
188.20.0.0/14 maxlen: 14
89.144.192.0/18 maxlen: 18
46.74.0.0/15 maxlen: 23
192.164.208.0/20 maxlen: 20
176.66.0.0/18 maxlen: 18
80.240.224.0/20 maxlen: 20
194.96.0.0/16 maxlen: 16
80.89.96.0/20 maxlen: 20
195.170.64.0/19 maxlen: 19
192.164.0.0/19 maxlen: 19
88.116.217.0/24 maxlen: 24
81.5.192.0/18 maxlen: 18
192.164.32.0/22 maxlen: 22
193.154.0.0/16 maxlen: 16
192.164.40.0/21 maxlen: 21
192.164.39.0/24 maxlen: 24
176.66.128.0/17 maxlen: 17
192.164.48.0/20 maxlen: 20
92.248.0.0/17 maxlen: 17
212.197.128.0/18 maxlen: 18
193.83.0.0/16 maxlen: 16
80.120.0.0/14 maxlen: 14
62.46.0.0/15 maxlen: 15
194.152.160.0/19 maxlen: 19
212.88.160.0/19 maxlen: 19
195.230.32.0/19 maxlen: 19
212.183.0.0/17 maxlen: 17
80.75.56.0/21 maxlen: 21
213.240.64.0/18 maxlen: 18
93.82.0.0/15 maxlen: 15
188.45.0.0/16 maxlen: 16
91.112.0.0/14 maxlen: 14
194.166.0.0/16 maxlen: 16
80.75.34.0/24 maxlen: 24
80.75.32.0/19 maxlen: 19
88.116.0.0/15 maxlen: 15
62.116.32.0/19 maxlen: 19
194.48.124.0/22 maxlen: 22
194.48.128.0/21 maxlen: 21
194.48.136.0/22 maxlen: 22
194.48.136.0/24 maxlen: 24
217.149.160.0/20 maxlen: 20
212.60.160.0/19 maxlen: 19
195.64.0.0/19 maxlen: 19
194.118.0.0/16 maxlen: 16
194.152.96.0/19 maxlen: 19
212.88.0.0/19 maxlen: 19
84.20.160.0/19 maxlen: 19
46.206.0.0/15 maxlen: 15
2001:4bb8::/29 maxlen: 29
2001:890::/29 maxlen: 29
2001:870::/29 maxlen: 29
2001:850::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 05 Oct 2023 08:56:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fb:9e:cf:99:e6:37:cd:ec:4e:09:54:d5:69:a0:74:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Oct 4 16:56:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2fcc7af1f5c44a89bc3239095543f33c62a33687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:9a:d6:30:ca:48:79:f4:bf:4a:95:87:6c:eb:
77:12:40:1a:28:45:0b:de:ea:df:80:d4:15:b0:d6:
18:4c:51:52:7d:8b:d1:ae:de:79:c0:3d:4d:0d:a5:
f6:4d:11:04:1a:ce:05:b1:c0:41:1b:d2:f0:db:bf:
f6:f8:27:98:84:66:20:33:b2:df:29:82:73:6d:6b:
c6:4f:d0:32:18:b0:c3:b7:a8:2e:fe:0b:7d:5c:a1:
66:be:b2:d7:c2:b5:0b:89:19:14:5a:23:4b:ad:17:
9f:31:ae:81:a2:2d:b9:be:82:c9:f5:79:9e:69:e5:
55:0f:82:e8:04:f2:b1:8b:d9:3d:c6:c0:32:e9:aa:
2a:7c:d3:4e:5d:2b:1d:e1:16:37:58:77:3d:70:66:
44:54:81:28:da:e1:37:45:86:e2:ab:1a:b0:4b:49:
d8:a4:a5:35:43:c4:8f:d6:07:8a:aa:02:2d:47:a4:
7f:7d:de:26:cd:1f:e7:55:0f:9c:c3:3a:19:b7:35:
d9:14:be:a1:ad:7d:c5:a5:09:90:d5:e2:21:57:62:
56:06:d4:de:3b:4f:62:0a:26:ac:74:27:f9:84:50:
2f:03:7c:87:f1:ae:48:59:60:e0:83:f5:79:66:ac:
fc:96:62:32:ee:b5:e6:8d:3e:57:df:3f:fc:5f:12:
22:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:CC:7A:F1:F5:C4:4A:89:BC:32:39:09:55:43:F3:3C:62:A3:36:87
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/L8x68fXESom8MjkJVUPzPGKjNoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.74.0.0/15
46.206.0.0/15
62.46.0.0/15
62.116.32.0/19
80.75.32.0/19
80.89.96.0/20
80.120.0.0/14
80.240.224.0/20
81.5.192.0/18
84.20.160.0/19
85.90.128.0/19
88.116.0.0/15
89.144.192.0/18
91.112.0.0/14
92.248.0.0/17
93.82.0.0/15
93.111.0.0/16
176.66.0.0/18
176.66.128.0/17
178.188.0.0/14
188.20.0.0/14
188.45.0.0/16
192.164.0.0-192.164.35.255
192.164.39.0-192.164.71.255
192.164.80.0-192.164.159.255
192.164.208.0-192.164.255.255
193.80.0.0/15
193.83.0.0/16
193.154.0.0/16
193.187.212.0-193.187.243.255
194.48.124.0-194.48.139.255
194.96.0.0/16
194.118.0.0/16
194.152.96.0/19
194.152.160.0/19
194.166.0.0/16
195.3.64.0/18
195.64.0.0/19
195.170.64.0/19
195.230.32.0/19
212.16.32.0/19
212.60.160.0/19
212.88.0.0/19
212.88.160.0/19
212.124.128.0/19
212.183.0.0/17
212.197.128.0/18
213.33.0.0/17
213.147.160.0/19
213.157.128.0/19
213.225.0.0/18
213.240.64.0/18
217.149.160.0/20
IPv6:
2001:850::/29
2001:870::/29
2001:890::/29
2001:4bb8::/29
Signature Algorithm: sha256WithRSAEncryption
0a:af:cf:3b:80:e6:d2:cc:49:64:d8:3e:4d:96:5e:c1:c8:e4:
85:8b:77:b2:31:22:5e:9f:4e:f5:f8:17:02:93:f7:e6:62:78:
ab:d7:cb:21:7c:0d:80:04:e4:49:aa:93:b7:43:e3:bc:39:3d:
78:a0:77:82:f1:96:66:1b:08:b7:e4:b5:4f:9f:ad:d0:8a:c6:
7f:ff:c5:10:40:04:45:1e:91:68:cb:42:7c:e0:9e:d2:d1:1b:
c4:de:cb:7f:43:2f:0d:c6:0b:df:4e:bd:4e:14:53:99:3e:c6:
5b:61:b3:e3:0b:76:0f:3b:67:e2:a1:a4:37:10:de:da:37:92:
a4:69:6e:7d:23:7a:d5:0b:19:88:32:1e:36:ea:7d:3d:cd:8d:
b1:72:9a:b1:7c:28:0c:95:4e:42:44:90:40:a6:a9:f1:17:74:
0e:3f:16:2b:ef:a6:ef:6f:4e:36:45:ca:b5:fd:4a:3f:85:d9:
42:a7:d0:b3:9e:d6:95:26:c4:5a:c6:05:3c:de:24:f0:02:c7:
93:2b:3a:9f:e1:17:1a:23:6f:a2:b6:1a:b1:be:bb:ab:86:8c:
c3:eb:b3:ea:07:60:c4:45:d1:39:df:6e:a6:7a:d3:86:fe:79:
ce:66:4d:60:88:b0:df:8e:3c:c7:a7:b1:99:e9:60:15:9a:ec:
4e:18:7d:37
-----BEGIN CERTIFICATE-----
MIIGgDCCBWigAwIBAgISAYr7ns+Z5jfN7E4JVNVpoHQ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjMxMDA0MTY1NjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmNjN2FmMWY1YzQ0YTg5YmMzMjM5MDk1NTQzZjMzYzYyYTMzNjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5rWMMpIefS/SpWHbOt3EkAaKEUL
3urfgNQVsNYYTFFSfYvRrt55wD1NDaX2TREEGs4FscBBG9Lw27/2+CeYhGYgM7Lf
KYJzbWvGT9AyGLDDt6gu/gt9XKFmvrLXwrULiRkUWiNLrRefMa6Boi25voLJ9Xme
aeVVD4LoBPKxi9k9xsAy6aoqfNNOXSsd4RY3WHc9cGZEVIEo2uE3RYbiqxqwS0nY
pKU1Q8SP1geKqgItR6R/fd4mzR/nVQ+cwzoZtzXZFL6hrX3FpQmQ1eIhV2JWBtTe
O09iCiasdCf5hFAvA3yH8a5IWWDgg/V5Zqz8lmIy7rXmjT5X3z/8XxIivwIDAQAB
o4IDjDCCA4gwHQYDVR0OBBYEFC/MevH1xEqJvDI5CVVD8zxiozaHMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvTDh4NjhmWEVTb204TWprSlZVUHpQR0tqTm9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBoAYIKwYBBQUHAQcBAf8EggGPMIIBizCCAWMEAgABMIIB
WwMDAS5KAwMBLs4DAwE+LgMEBT50IAMEBVBLIAMEBFBZYAMDAlB4AwQEUPDgAwQG
UQXAAwQFVBSgAwQFVVqAAwMBWHQDBAZZkMADAwJbcAMEB1z4AAMDAV1SAwMAXW8D
BAawQgADBAewQoADAwKyvAMDArwUAwMAvC0wCwMDAsCkAwQCwKQgMAwDBADApCcD
BAPApEAwDAMEBMCkUAMEBcCkgDALAwQEwKTQAwMAwKQDAwHBUAMDAMFTAwMAwZow
DAMEAsG71AMEAsG78DAMAwQCwjB8AwQCwjCIAwMAwmADAwDCdgMEBcKYYAMEBcKY
oAMDAMKmAwQGwwNAAwQFw0AAAwQFw6pAAwQFw+YgAwQF1BAgAwQF1DygAwQF1FgA
AwQF1FigAwQF1HyAAwQH1LcAAwQG1MWAAwQH1SEAAwQF1ZOgAwQF1Z2AAwQG1eEA
AwQG1fBAAwQE2ZWgMCIEAgACMBwDBQMgAQhQAwUDIAEIcAMFAyABCJADBQMgAUu4
MA0GCSqGSIb3DQEBCwUAA4IBAQAKr887gObSzElk2D5Nll7ByOSFi3eyMSJen071
+BcCk/fmYnir18shfA2ABORJqpO3Q+O8OT14oHeC8ZZmGwi35LVPn63QisZ//8UQ
QARFHpFoy0J84J7S0RvE3st/Qy8NxgvfTr1OFFOZPsZbYbPjC3YPO2fioaQ3EN7a
N5KkaW59I3rVCxmIMh426n09zY2xcpqxfCgMlU5CRJBApqnxF3QOPxYr76bvb042
Rcq1/Uo/hdlCp9CzntaVJsRaxgU83iTwAseTKzqf4RcaI2+ithqxvrurhozD67Pq
B2DERdE5326metOG/nnOZk1giLDfjjzHp7GZ6WAVmuxOGH03
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:38 2024 by rpki-client on console-fra.rpki-client.org