Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/tWoM-iKRbNkQIM7qalk7Xja-rGI.roa
File: tWoM-iKRbNkQIM7qalk7Xja-rGI.roa (raw, json)
Hash identifier: Lvs37YRgIE9ca9/qonqAjDYvs0/LuWoCd+Iy64VP5XU=
Subject key identifier: B5:6A:0C:FA:22:91:6C:D9:10:20:CE:EA:6A:59:3B:5E:36:BE:AC:62
Certificate issuer: /CN=ac8a0e0b1b21f093333c0748145b1628418cf2b5
Certificate serial: 01879945314810888BBF1B8EE7BA43CF0F28
Authority key identifier: AC:8A:0E:0B:1B:21:F0:93:33:3C:07:48:14:5B:16:28:41:8C:F2:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/tWoM-iKRbNkQIM7qalk7Xja-rGI.roa
Signing time: Wed 19 Apr 2023 11:27:41 +0000
ROA not before: Wed 19 Apr 2023 11:27:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200000
IP address blocks: 185.233.120.0/22 maxlen: 22
185.124.8.0/22 maxlen: 22
185.233.136.0/22 maxlen: 22
37.139.64.0/21 maxlen: 21
185.39.224.0/22 maxlen: 22
185.233.152.0/22 maxlen: 23
185.149.40.0/22 maxlen: 22
185.233.116.0/22 maxlen: 22
185.235.168.0/22 maxlen: 22
45.154.218.0/24 maxlen: 24
109.205.96.0/21 maxlen: 21
173.242.48.0/20 maxlen: 20
91.105.208.0/21 maxlen: 21
46.247.80.0/21 maxlen: 21
185.104.44.0/22 maxlen: 22
185.104.45.0/24 maxlen: 24
185.65.244.0/22 maxlen: 22
217.173.208.0/20 maxlen: 20
185.226.24.0/22 maxlen: 22
185.225.212.0/22 maxlen: 22
185.25.116.0/22 maxlen: 22
185.68.16.0/24 maxlen: 24
185.68.16.0/22 maxlen: 22
185.233.36.0/22 maxlen: 22
185.233.40.0/22 maxlen: 22
185.233.44.0/22 maxlen: 22
185.130.120.0/22 maxlen: 22
185.209.168.0/22 maxlen: 22
185.69.152.0/22 maxlen: 22
185.239.180.0/22 maxlen: 22
185.234.176.0/22 maxlen: 22
2a0c:c80::/29 maxlen: 29
2a0c:6080::/29 maxlen: 29
2a0c:684::/30 maxlen: 30
2a0c:d80::/29 maxlen: 29
2a0c:e80::/29 maxlen: 29
2a04:8000::/29 maxlen: 29
2a0d:6500::/29 maxlen: 29
2a0d:1100::/29 maxlen: 29
2a05:480::/29 maxlen: 29
2a0c:680::/29 maxlen: 29
2a0c:780::/29 maxlen: 29
2a00:7a60::/32 maxlen: 32
2a0c:880::/29 maxlen: 29
2a06:6440::/29 maxlen: 29
2a0c:681::/32 maxlen: 32
2a0c:682::/31 maxlen: 31
2a0c:a80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 24 May 2023 10:14:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:99:45:31:48:10:88:8b:bf:1b:8e:e7:ba:43:cf:0f:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac8a0e0b1b21f093333c0748145b1628418cf2b5
Validity
Not Before: Apr 19 11:27:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b56a0cfa22916cd91020ceea6a593b5e36beac62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:79:e7:ef:5f:3a:b1:d2:35:55:c7:28:04:b0:
23:89:d7:67:63:76:1f:39:f1:83:31:98:b1:ac:e3:
52:f2:d0:b0:18:5a:2d:82:5d:da:b6:f8:98:98:62:
d1:03:54:d8:37:34:46:fe:40:90:7d:82:b8:e0:3a:
de:df:dc:ab:3b:67:61:75:94:b0:dd:b2:19:f8:4b:
3c:10:8a:86:1b:6a:d7:78:d9:43:d1:ec:05:5e:e4:
4e:ce:35:59:81:70:35:1c:fc:d8:06:d7:f7:61:b5:
38:d6:b9:70:58:0e:2c:3a:77:79:d2:82:d3:41:76:
f6:3e:dc:7e:23:5b:0e:17:91:11:20:86:d7:27:b9:
b9:56:79:3b:e1:4c:50:6a:05:b5:e0:fe:ac:0c:d4:
80:74:0c:bd:99:f5:cb:3f:92:30:bc:dd:02:2a:92:
49:4e:7a:8e:ee:fc:fe:e7:9a:a2:03:d2:1c:d3:ef:
cd:97:fc:15:08:ba:27:71:6f:83:fc:e1:fe:d3:d0:
e2:32:dc:0a:8c:f4:ec:e5:39:3d:55:8c:75:25:8b:
64:57:4e:26:4a:b5:67:c1:cb:a7:59:76:34:d4:67:
6d:94:0d:1c:e0:fd:f8:fc:1d:87:06:10:35:6d:b6:
99:3c:33:76:b5:dc:aa:8c:60:cb:19:dc:db:c5:63:
cd:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:6A:0C:FA:22:91:6C:D9:10:20:CE:EA:6A:59:3B:5E:36:BE:AC:62
X509v3 Authority Key Identifier:
keyid:AC:8A:0E:0B:1B:21:F0:93:33:3C:07:48:14:5B:16:28:41:8C:F2:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/tWoM-iKRbNkQIM7qalk7Xja-rGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.64.0/21
45.154.218.0/24
46.247.80.0/21
91.105.208.0/21
109.205.96.0/21
173.242.48.0/20
185.25.116.0/22
185.39.224.0/22
185.65.244.0/22
185.68.16.0/22
185.69.152.0/22
185.104.44.0/22
185.124.8.0/22
185.130.120.0/22
185.149.40.0/22
185.209.168.0/22
185.225.212.0/22
185.226.24.0/22
185.233.36.0-185.233.47.255
185.233.116.0-185.233.123.255
185.233.136.0/22
185.233.152.0/22
185.234.176.0/22
185.235.168.0/22
185.239.180.0/22
217.173.208.0/20
IPv6:
2a00:7a60::/32
2a04:8000::/29
2a05:480::/29
2a06:6440::/29
2a0c:680::/29
2a0c:780::/29
2a0c:880::/29
2a0c:a80::/29
2a0c:c80::/29
2a0c:d80::/29
2a0c:e80::/29
2a0c:6080::/29
2a0d:1100::/29
2a0d:6500::/29
Signature Algorithm: sha256WithRSAEncryption
1c:69:6a:14:c3:7c:24:73:03:56:5d:a9:ee:03:a2:f1:46:ef:
0d:f4:81:57:c5:8d:54:ed:0a:62:a9:ed:b7:2d:04:fc:e1:f5:
02:11:f3:5e:23:37:cf:e6:a2:33:f4:0f:de:92:1b:55:6c:07:
48:18:09:68:b2:89:ba:18:9e:4c:8e:72:ed:b0:c7:42:9c:03:
ec:94:81:e5:d4:12:67:d8:44:14:52:ce:67:2f:3f:5b:02:99:
f4:c4:79:29:eb:75:63:2b:b3:b3:2f:8c:1a:15:fe:70:74:09:
30:37:b1:df:50:fd:f1:bf:a2:9d:a7:67:cc:ae:3a:a6:5f:9e:
51:93:00:86:34:9b:a1:76:19:7f:12:61:06:af:6b:c4:70:0d:
1c:8c:ad:a5:0b:9c:de:78:39:34:68:09:a9:ed:17:08:76:52:
f5:c6:1f:f9:7d:ff:4b:95:57:0e:43:5e:94:eb:c7:ae:3d:b1:
05:50:11:4c:99:ff:4d:81:c5:4a:26:cd:2d:96:ae:2e:27:81:
7a:28:1d:31:18:29:a9:56:51:70:60:ef:b7:03:c8:fd:1b:6f:
ee:39:5b:e2:16:39:10:3e:e1:a4:ee:5b:27:fb:fd:9d:a9:f7:
96:2a:af:ee:b9:93:31:fb:9b:a8:26:51:0d:69:75:76:98:d0:
a9:75:a3:57
-----BEGIN CERTIFICATE-----
MIIGFTCCBP2gAwIBAgISAYeZRTFIEIiLvxuO57pDzw8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOGEwZTBiMWIyMWYwOTMzMzNjMDc0ODE0NWIxNjI4NDE4
Y2YyYjUwHhcNMjMwNDE5MTEyNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTZhMGNmYTIyOTE2Y2Q5MTAyMGNlZWE2YTU5M2I1ZTM2YmVhYzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunnn7186sdI1VccoBLAjiddnY3Yf
OfGDMZixrONS8tCwGFotgl3atviYmGLRA1TYNzRG/kCQfYK44Dre39yrO2dhdZSw
3bIZ+Es8EIqGG2rXeNlD0ewFXuROzjVZgXA1HPzYBtf3YbU41rlwWA4sOnd50oLT
QXb2Ptx+I1sOF5ERIIbXJ7m5Vnk74UxQagW14P6sDNSAdAy9mfXLP5IwvN0CKpJJ
TnqO7vz+55qiA9Ic0+/Nl/wVCLoncW+D/OH+09DiMtwKjPTs5Tk9VYx1JYtkV04m
SrVnwcunWXY01GdtlA0c4P34/B2HBhA1bbaZPDN2tdyqjGDLGdzbxWPNeQIDAQAB
o4IDITCCAx0wHQYDVR0OBBYEFLVqDPoikWzZECDO6mpZO142vqxiMB8GA1UdIwQY
MBaAFKyKDgsbIfCTMzwHSBRbFihBjPK1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcklvT0N4c2g4Sk16UEFkSUZGc1dLRUdNOHJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84Y2U2YTEtMTMwYy00ODBlLWE5MDMt
ZGI4ZWZmMWIxMWEwLzEvdFdvTS1pS1JiTmtRSU03cWFsazdYamEtckdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84Y2U2YTEtMTMwYy00ODBlLWE5MDMtZGI4ZWZmMWIxMWEw
LzEvcklvT0N4c2g4Sk16UEFkSUZGc1dLRUdNOHJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNQYIKwYBBQUHAQcBAf8EggEkMIIBIDCBswQCAAEwgawD
BAMli0ADBAAtmtoDBAMu91ADBANbadADBANtzWADBASt8jADBAK5GXQDBAK5J+AD
BAK5QfQDBAK5RBADBAK5RZgDBAK5aCwDBAK5fAgDBAK5gngDBAK5lSgDBAK50agD
BAK54dQDBAK54hgwDAMEArnpJAMEBLnpIDAMAwQCuel0AwQCuel4AwQCuemIAwQC
uemYAwQCueqwAwQCueuoAwQCue+0AwQE2a3QMGgEAgACMGIDBQAqAHpgAwUDKgSA
AAMFAyoFBIADBQMqBmRAAwUDKgwGgAMFAyoMB4ADBQMqDAiAAwUDKgwKgAMFAyoM
DIADBQMqDA2AAwUDKgwOgAMFAyoMYIADBQMqDREAAwUDKg1lADANBgkqhkiG9w0B
AQsFAAOCAQEAHGlqFMN8JHMDVl2p7gOi8UbvDfSBV8WNVO0KYqntty0E/OH1AhHz
XiM3z+aiM/QP3pIbVWwHSBgJaLKJuhieTI5y7bDHQpwD7JSB5dQSZ9hEFFLOZy8/
WwKZ9MR5Ket1Yyuzsy+MGhX+cHQJMDex31D98b+inadnzK46pl+eUZMAhjSboXYZ
fxJhBq9rxHANHIytpQuc3ng5NGgJqe0XCHZS9cYf+X3/S5VXDkNelOvHrj2xBVAR
TJn/TYHFSibNLZauLieBeigdMRgpqVZRcGDvtwPI/Rtv7jlb4hY5ED7hpO5bJ/v9
nan3liqv7rmTMfubqCZRDWl1dpjQqXWjVw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:43 2024 by rpki-client on console-fra.rpki-client.org