Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/PQhmBBiaToLXMqE-blwy8mxtOh0.roa
File: PQhmBBiaToLXMqE-blwy8mxtOh0.roa (raw, json)
Hash identifier: vAZEqFBk224KSwZyRLSCm0xqt/jnZQMMhRNoSHDuMcA=
Subject key identifier: 3D:08:66:04:18:9A:4E:82:D7:32:A1:3E:6E:5C:32:F2:6C:6D:3A:1D
Certificate issuer: /CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Certificate serial: 018CC6B9126BEB38E0D374C2436BF9973418
Authority key identifier: 1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/PQhmBBiaToLXMqE-blwy8mxtOh0.roa
Signing time: Mon 01 Jan 2024 20:31:06 +0000
ROA not before: Mon 01 Jan 2024 20:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207990
IP address blocks: 185.125.192.0/22 maxlen: 32
84.39.224.0/21 maxlen: 32
93.114.8.0/23 maxlen: 32
93.114.10.0/23 maxlen: 32
93.114.12.0/22 maxlen: 32
92.43.84.0/22 maxlen: 32
95.215.36.0/22 maxlen: 32
45.142.92.0/22 maxlen: 32
185.229.250.0/24 maxlen: 32
203.166.152.0/22 maxlen: 32
203.166.148.0/22 maxlen: 32
188.119.116.0/22 maxlen: 32
89.249.51.0/24 maxlen: 32
94.176.112.0/20 maxlen: 32
91.132.184.0/22 maxlen: 32
185.38.102.0/24 maxlen: 32
150.129.92.0/22 maxlen: 32
43.240.140.0/22 maxlen: 32
203.109.60.0/22 maxlen: 32
89.38.132.0/23 maxlen: 32
83.229.76.0/22 maxlen: 32
119.13.192.0/20 maxlen: 32
119.13.208.0/20 maxlen: 32
83.229.104.0/22 maxlen: 32
121.91.80.0/21 maxlen: 32
185.90.243.0/24 maxlen: 32
78.138.40.0/24 maxlen: 32
78.138.50.0/24 maxlen: 32
78.138.48.0/24 maxlen: 32
78.138.47.0/24 maxlen: 32
89.19.42.0/23 maxlen: 32
93.180.224.0/20 maxlen: 32
103.204.124.0/22 maxlen: 32
209.20.176.0/21 maxlen: 32
185.131.220.0/24 maxlen: 32
93.180.192.0/20 maxlen: 32
93.115.12.0/23 maxlen: 32
89.34.78.0/23 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:12:6b:eb:38:e0:d3:74:c2:43:6b:f9:97:34:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Validity
Not Before: Jan 1 20:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d086604189a4e82d732a13e6e5c32f26c6d3a1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a7:fd:81:8b:fd:5f:bb:36:ca:07:fc:57:e4:
64:ae:6b:0b:42:dc:91:b9:c0:13:9f:17:33:84:4c:
a5:93:81:32:b1:d9:cf:7c:62:18:9e:22:cd:8f:0f:
7b:fd:4e:7f:bc:61:63:63:31:93:1b:6c:65:7f:50:
fe:4f:a4:46:3d:c3:35:ae:0d:39:55:33:f1:f8:de:
f6:e2:33:10:49:7f:ca:dc:a1:03:84:86:fd:7a:23:
1f:7c:e9:24:98:19:09:ad:65:70:18:fa:c4:55:fe:
79:cc:1e:fb:a1:9f:c1:e0:72:f3:4c:2b:3b:eb:d1:
d0:fe:37:e6:31:dd:aa:76:85:6b:ec:33:31:4c:ff:
c4:54:e8:5e:14:8c:b9:65:09:97:7d:56:29:c7:29:
b1:b9:49:25:de:a2:08:75:0e:82:0a:94:0b:f0:85:
26:1c:95:ea:02:cd:07:91:5c:67:33:73:91:47:49:
0f:53:cd:04:90:21:b5:b5:56:04:d3:99:cc:e2:b2:
ae:f6:0f:f7:14:c2:00:ba:db:06:89:68:1f:cc:4a:
39:03:7e:3d:40:b9:f0:92:93:41:47:08:f8:2c:bb:
fb:a7:ba:ab:ca:a7:d9:a4:26:e3:f4:28:39:c1:e9:
bc:2f:e1:d3:8c:eb:d6:42:8c:d2:90:37:e6:7a:19:
19:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:08:66:04:18:9A:4E:82:D7:32:A1:3E:6E:5C:32:F2:6C:6D:3A:1D
X509v3 Authority Key Identifier:
keyid:1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/PQhmBBiaToLXMqE-blwy8mxtOh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.240.140.0/22
45.142.92.0/22
78.138.40.0/24
78.138.47.0-78.138.48.255
78.138.50.0/24
83.229.76.0/22
83.229.104.0/22
84.39.224.0/21
89.19.42.0/23
89.34.78.0/23
89.38.132.0/23
89.249.51.0/24
91.132.184.0/22
92.43.84.0/22
93.114.8.0/21
93.115.12.0/23
93.180.192.0/20
93.180.224.0/20
94.176.112.0/20
95.215.36.0/22
103.204.124.0/22
119.13.192.0/19
121.91.80.0/21
150.129.92.0/22
185.38.102.0/24
185.90.243.0/24
185.125.192.0/22
185.131.220.0/24
185.229.250.0/24
188.119.116.0/22
203.109.60.0/22
203.166.148.0-203.166.155.255
209.20.176.0/21
Signature Algorithm: sha256WithRSAEncryption
2c:b8:40:0d:a5:c2:5d:6d:78:5b:62:eb:95:42:89:b3:5c:a6:
07:de:61:f3:89:b0:2c:52:96:5f:33:b2:d9:ed:aa:a6:13:13:
59:6b:8d:df:6e:4a:0c:7c:ff:36:64:50:76:ed:cb:54:2c:14:
0e:90:b5:6b:20:77:58:84:94:59:06:ca:32:b8:6c:2a:c8:19:
02:a7:bc:30:e9:33:c9:6f:04:54:2b:12:99:4a:08:d4:47:d8:
a0:07:b1:b8:3f:92:a2:6a:ea:7e:62:24:6e:6c:92:17:ae:57:
5c:b9:f0:33:1d:48:cf:09:38:61:b1:c5:85:38:e6:16:a1:b3:
c4:f4:31:28:a8:42:92:44:91:e2:cc:d6:ad:2e:e7:bb:0f:0d:
7f:a0:3a:e1:b4:00:c3:73:f5:67:0f:95:06:2d:55:cb:73:9f:
c9:fc:a5:92:5c:f1:83:e0:3d:05:e2:f5:5b:c3:5d:72:37:07:
99:10:5f:32:80:b4:6a:fe:38:52:e0:36:e8:38:a8:48:cf:b2:
94:c8:38:39:52:0d:02:e2:7d:6a:ae:61:11:20:2e:86:5c:43:
a2:fd:33:bf:f1:7f:ad:c6:54:5f:f6:90:36:61:e5:cf:c6:46:
61:21:1f:96:c5:9b:65:95:9d:13:15:e9:08:df:cf:2b:82:6d:
ef:36:89:41
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAYzGuRJr6zjg03TCQ2v5lzQYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYTUxYTBiYzBmMGFmZWJiZjZkNWQ5MjdmZTFmOTgxNmY1
MjM1MmQwHhcNMjQwMTAxMjAzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDA4NjYwNDE4OWE0ZTgyZDczMmExM2U2ZTVjMzJmMjZjNmQzYTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6f9gYv9X7s2ygf8V+RkrmsLQtyR
ucATnxczhEylk4EysdnPfGIYniLNjw97/U5/vGFjYzGTG2xlf1D+T6RGPcM1rg05
VTPx+N724jMQSX/K3KEDhIb9eiMffOkkmBkJrWVwGPrEVf55zB77oZ/B4HLzTCs7
69HQ/jfmMd2qdoVr7DMxTP/EVOheFIy5ZQmXfVYpxymxuUkl3qIIdQ6CCpQL8IUm
HJXqAs0HkVxnM3ORR0kPU80EkCG1tVYE05nM4rKu9g/3FMIAutsGiWgfzEo5A349
QLnwkpNBRwj4LLv7p7qryqfZpCbj9Cg5wem8L+HTjOvWQozSkDfmehkZgQIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFD0IZgQYmk6C1zKhPm5cMvJsbTodMB8GA1UdIwQY
MBaAFBulGgvA8K/rv21dkn/h+YFvUjUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQt
ODcxZjllZDcwOGUwLzEvUFFobUJCaWFUb0xYTXFFLWJsd3k4bXh0T2gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQtODcxZjllZDcwOGUw
LzEvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBAIr
8IwDBAItjlwDBABOiigwDAMEAE6KLwMEAE6KMAMEAE6KMgMEAlPlTAMEAlPlaAME
A1Qn4AMEAVkTKgMEAVkiTgMEAVkmhAMEAFn5MwMEAluEuAMEAlwrVAMEA11yCAME
AV1zDAMEBF20wAMEBF204AMEBF6wcAMEAl/XJAMEAmfMfAMEBXcNwAMEA3lbUAME
ApaBXAMEALkmZgMEALla8wMEArl9wAMEALmD3AMEALnl+gMEArx3dAMEAsttPDAM
AwQCy6aUAwQCy6aYAwQD0RSwMA0GCSqGSIb3DQEBCwUAA4IBAQAsuEANpcJdbXhb
YuuVQomzXKYH3mHzibAsUpZfM7LZ7aqmExNZa43fbkoMfP82ZFB27ctULBQOkLVr
IHdYhJRZBsoyuGwqyBkCp7ww6TPJbwRUKxKZSgjUR9igB7G4P5Kiaup+YiRubJIX
rldcufAzHUjPCThhscWFOOYWobPE9DEoqEKSRJHizNatLue7Dw1/oDrhtADDc/Vn
D5UGLVXLc5/J/KWSXPGD4D0F4vVbw11yNweZEF8ygLRq/jhS4DboOKhIz7KUyDg5
Ug0C4n1qrmERIC6GXEOi/TO/8X+txlRf9pA2YeXPxkZhIR+WxZtllZ0TFekI388r
gm3vNolB
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:28:31 2025 by rpki-client