Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/jxLoiu5wDlxjdeTgQX-zQdPmreM.roa
File: jxLoiu5wDlxjdeTgQX-zQdPmreM.roa (raw, json)
Hash identifier: OWkLmfaLrg+2qLOGAa1YvnB8+XfN8juqa4Z+DiD9QYw=
Subject key identifier: 8F:12:E8:8A:EE:70:0E:5C:63:75:E4:E0:41:7F:B3:41:D3:E6:AD:E3
Certificate issuer: /CN=ac8a0e0b1b21f093333c0748145b1628418cf2b5
Certificate serial: 01864F201F67432F9E081EEF3954BC561AE4
Authority key identifier: AC:8A:0E:0B:1B:21:F0:93:33:3C:07:48:14:5B:16:28:41:8C:F2:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/jxLoiu5wDlxjdeTgQX-zQdPmreM.roa
Signing time: Tue 14 Feb 2023 08:52:30 +0000
ROA not before: Tue 14 Feb 2023 08:52:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200000
IP address blocks: 185.233.120.0/22 maxlen: 22
185.124.8.0/22 maxlen: 22
185.233.136.0/22 maxlen: 22
37.139.64.0/21 maxlen: 21
185.39.224.0/22 maxlen: 22
185.233.152.0/22 maxlen: 23
185.149.40.0/22 maxlen: 22
185.233.116.0/22 maxlen: 22
185.235.168.0/22 maxlen: 22
45.154.218.0/24 maxlen: 24
109.205.96.0/21 maxlen: 21
173.242.48.0/20 maxlen: 20
185.104.44.0/22 maxlen: 22
185.104.45.0/24 maxlen: 24
185.65.244.0/22 maxlen: 22
217.173.208.0/20 maxlen: 20
185.226.24.0/22 maxlen: 22
185.225.212.0/22 maxlen: 22
185.25.116.0/22 maxlen: 22
185.68.16.0/24 maxlen: 24
185.68.16.0/22 maxlen: 22
185.233.36.0/22 maxlen: 22
185.233.40.0/22 maxlen: 22
185.233.44.0/22 maxlen: 22
185.130.120.0/22 maxlen: 22
185.209.168.0/22 maxlen: 22
185.69.152.0/22 maxlen: 22
185.239.180.0/22 maxlen: 22
185.234.176.0/22 maxlen: 22
2a0c:c80::/29 maxlen: 29
2a0c:6080::/29 maxlen: 29
2a0c:684::/30 maxlen: 30
2a0c:d80::/29 maxlen: 29
2a0c:e80::/29 maxlen: 29
2a04:8000::/29 maxlen: 29
2a0d:6500::/29 maxlen: 29
2a0d:1100::/29 maxlen: 29
2a05:480::/29 maxlen: 29
2a0c:680::/29 maxlen: 29
2a0c:780::/29 maxlen: 29
2a00:7a60::/32 maxlen: 32
2a0c:880::/29 maxlen: 29
2a06:6440::/29 maxlen: 29
2a0c:681::/32 maxlen: 32
2a0c:682::/31 maxlen: 31
2a0c:a80::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 28 Mar 2023 13:35:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4f:20:1f:67:43:2f:9e:08:1e:ef:39:54:bc:56:1a:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac8a0e0b1b21f093333c0748145b1628418cf2b5
Validity
Not Before: Feb 14 08:52:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f12e88aee700e5c6375e4e0417fb341d3e6ade3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0b:78:f9:ea:9f:e5:2e:ea:84:52:e0:80:aa:
e2:a1:ed:22:a1:54:59:59:2e:ba:b5:9c:3a:7e:69:
e1:3f:87:7a:e6:cc:c2:58:0a:93:2a:9a:85:ab:d0:
7a:13:b5:e3:f8:c8:d2:00:ee:c6:53:fb:44:f9:9b:
5c:46:79:93:c6:f4:ce:ae:8a:4a:5d:6f:f2:1e:11:
96:98:df:5d:d2:dc:4a:ed:59:4f:df:1d:b5:77:36:
45:b3:fa:2f:c8:f3:55:c0:c1:b5:48:f9:5e:38:7c:
a1:44:fb:7b:6c:db:6a:c3:70:0b:b3:03:58:6f:d4:
d5:9a:ce:0b:08:a2:bf:04:8f:e3:a2:eb:ed:b7:74:
95:20:be:42:81:39:06:1f:cf:0b:9a:1f:67:de:79:
45:84:b9:e4:18:17:c2:04:10:3d:bb:26:47:0b:27:
d9:2c:f7:19:ed:7e:77:0b:88:4b:9b:26:cd:2e:68:
da:33:f1:01:2d:7b:a0:e6:e7:9b:cb:a5:59:19:a5:
f1:11:1d:62:d6:29:32:e2:f6:4e:c5:bc:f4:4a:ec:
c2:97:58:9a:d9:99:9a:d1:23:da:05:96:d9:f1:13:
25:94:60:33:d8:4a:40:d1:a7:39:3d:85:8b:d3:1f:
c1:05:24:b4:6d:d1:31:52:2a:4c:c5:66:68:0c:24:
05:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:12:E8:8A:EE:70:0E:5C:63:75:E4:E0:41:7F:B3:41:D3:E6:AD:E3
X509v3 Authority Key Identifier:
keyid:AC:8A:0E:0B:1B:21:F0:93:33:3C:07:48:14:5B:16:28:41:8C:F2:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/jxLoiu5wDlxjdeTgQX-zQdPmreM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.64.0/21
45.154.218.0/24
109.205.96.0/21
173.242.48.0/20
185.25.116.0/22
185.39.224.0/22
185.65.244.0/22
185.68.16.0/22
185.69.152.0/22
185.104.44.0/22
185.124.8.0/22
185.130.120.0/22
185.149.40.0/22
185.209.168.0/22
185.225.212.0/22
185.226.24.0/22
185.233.36.0-185.233.47.255
185.233.116.0-185.233.123.255
185.233.136.0/22
185.233.152.0/22
185.234.176.0/22
185.235.168.0/22
185.239.180.0/22
217.173.208.0/20
IPv6:
2a00:7a60::/32
2a04:8000::/29
2a05:480::/29
2a06:6440::/29
2a0c:680::/29
2a0c:780::/29
2a0c:880::/29
2a0c:a80::/29
2a0c:c80::/29
2a0c:d80::/29
2a0c:e80::/29
2a0c:6080::/29
2a0d:1100::/29
2a0d:6500::/29
Signature Algorithm: sha256WithRSAEncryption
29:a8:75:3f:7e:bd:9f:0a:74:24:61:83:d4:23:89:d6:7c:4d:
7b:b9:13:4d:59:d2:b3:6c:e5:6e:44:6c:28:ac:fc:bb:c4:74:
c6:7e:ab:4d:5d:39:7e:53:c7:52:29:70:62:3a:a9:b2:a9:9e:
d3:47:88:39:b2:0d:ba:78:92:9b:01:81:64:fb:25:45:b3:87:
0c:41:03:b6:3d:81:f5:96:44:e7:d8:6e:57:23:97:d5:a2:e4:
a0:0d:94:c7:0b:5c:a4:20:72:17:ad:12:45:48:d1:78:dc:fd:
70:96:30:e4:23:ba:9c:96:b8:86:ac:a3:77:19:e8:e7:a4:c3:
10:e4:25:92:ba:6c:83:bb:5d:ac:d8:01:a5:26:23:dd:63:0b:
88:18:36:10:50:b4:77:09:01:be:1d:2e:eb:55:65:28:8a:3a:
83:36:99:fe:2a:85:44:a1:31:f4:a0:45:4e:23:0f:f5:b5:80:
54:95:ef:cf:bd:a0:bb:dd:c2:62:de:1e:8a:1e:99:6f:1a:c9:
0f:67:5f:81:ec:53:3e:5f:69:5b:89:f0:e4:e7:83:53:a6:3d:
bc:80:16:c8:a3:72:d3:b6:09:fe:32:2d:eb:a7:66:02:bc:f3:
a7:b0:bc:6d:92:7f:39:ae:02:c0:62:c2:30:73:58:47:17:b6:
22:d2:06:8c
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgISAYZPIB9nQy+eCB7vOVS8VhrkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOGEwZTBiMWIyMWYwOTMzMzNjMDc0ODE0NWIxNjI4NDE4
Y2YyYjUwHhcNMjMwMjE0MDg1MjMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjEyZTg4YWVlNzAwZTVjNjM3NWU0ZTA0MTdmYjM0MWQzZTZhZGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAt4+eqf5S7qhFLggKrioe0ioVRZ
WS66tZw6fmnhP4d65szCWAqTKpqFq9B6E7Xj+MjSAO7GU/tE+ZtcRnmTxvTOropK
XW/yHhGWmN9d0txK7VlP3x21dzZFs/ovyPNVwMG1SPleOHyhRPt7bNtqw3ALswNY
b9TVms4LCKK/BI/jouvtt3SVIL5CgTkGH88Lmh9n3nlFhLnkGBfCBBA9uyZHCyfZ
LPcZ7X53C4hLmybNLmjaM/EBLXug5ueby6VZGaXxER1i1iky4vZOxbz0SuzCl1ia
2Zma0SPaBZbZ8RMllGAz2EpA0ac5PYWL0x/BBSS0bdExUipMxWZoDCQFfQIDAQAB
o4IDFTCCAxEwHQYDVR0OBBYEFI8S6IrucA5cY3Xk4EF/s0HT5q3jMB8GA1UdIwQY
MBaAFKyKDgsbIfCTMzwHSBRbFihBjPK1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcklvT0N4c2g4Sk16UEFkSUZGc1dLRUdNOHJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84Y2U2YTEtMTMwYy00ODBlLWE5MDMt
ZGI4ZWZmMWIxMWEwLzEvanhMb2l1NXdEbHhqZGVUZ1FYLXpRZFBtcmVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84Y2U2YTEtMTMwYy00ODBlLWE5MDMtZGI4ZWZmMWIxMWEw
LzEvcklvT0N4c2g4Sk16UEFkSUZGc1dLRUdNOHJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKQYIKwYBBQUHAQcBAf8EggEYMIIBFDCBpwQCAAEwgaAD
BAMli0ADBAAtmtoDBANtzWADBASt8jADBAK5GXQDBAK5J+ADBAK5QfQDBAK5RBAD
BAK5RZgDBAK5aCwDBAK5fAgDBAK5gngDBAK5lSgDBAK50agDBAK54dQDBAK54hgw
DAMEArnpJAMEBLnpIDAMAwQCuel0AwQCuel4AwQCuemIAwQCuemYAwQCueqwAwQC
ueuoAwQCue+0AwQE2a3QMGgEAgACMGIDBQAqAHpgAwUDKgSAAAMFAyoFBIADBQMq
BmRAAwUDKgwGgAMFAyoMB4ADBQMqDAiAAwUDKgwKgAMFAyoMDIADBQMqDA2AAwUD
KgwOgAMFAyoMYIADBQMqDREAAwUDKg1lADANBgkqhkiG9w0BAQsFAAOCAQEAKah1
P369nwp0JGGD1COJ1nxNe7kTTVnSs2zlbkRsKKz8u8R0xn6rTV05flPHUilwYjqp
sqme00eIObINuniSmwGBZPslRbOHDEEDtj2B9ZZE59huVyOX1aLkoA2UxwtcpCBy
F60SRUjReNz9cJYw5CO6nJa4hqyjdxno56TDEOQlkrpsg7tdrNgBpSYj3WMLiBg2
EFC0dwkBvh0u61VlKIo6gzaZ/iqFRKEx9KBFTiMP9bWAVJXvz72gu93CYt4eih6Z
bxrJD2dfgexTPl9pW4nw5OeDU6Y9vIAWyKNy07YJ/jIt66dmArzzp7C8bZJ/Oa4C
wGLCMHNYRxe2ItIGjA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:43 2024 by rpki-client on console-fra.rpki-client.org