Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/lIkmrQnX2eTGOrFjnlkZY1xCc6g.roa
File: lIkmrQnX2eTGOrFjnlkZY1xCc6g.roa (raw, json)
Hash identifier: dV4x7VbWBV3UhGReZSjeOGaBk4CsUB0w8CrRFoDIOpU=
Subject key identifier: 94:89:26:AD:09:D7:D9:E4:C6:3A:B1:63:9E:59:19:63:5C:42:73:A8
Certificate issuer: /CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Certificate serial: 018CC3B68E8D9A59A205198D27AA0A927AC8
Authority key identifier: 86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/lIkmrQnX2eTGOrFjnlkZY1xCc6g.roa
Signing time: Mon 01 Jan 2024 06:29:30 +0000
ROA not before: Mon 01 Jan 2024 06:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8784
IP address blocks: 194.117.211.0/24 maxlen: 24
194.117.208.0/24 maxlen: 24
194.117.208.0/20 maxlen: 20
194.117.219.0/24 maxlen: 24
194.117.216.0/24 maxlen: 24
195.46.192.0/19 maxlen: 19
195.46.198.0/24 maxlen: 24
195.46.195.0/24 maxlen: 24
195.46.193.0/24 maxlen: 24
195.46.204.0/24 maxlen: 24
195.46.210.0/24 maxlen: 24
195.46.209.0/24 maxlen: 24
195.46.213.0/24 maxlen: 24
195.46.216.0/24 maxlen: 24
195.46.214.0/24 maxlen: 24
195.46.219.0/24 maxlen: 24
195.46.223.0/24 maxlen: 24
178.22.152.0/21 maxlen: 21
194.153.214.0/24 maxlen: 24
83.169.120.0/24 maxlen: 24
83.169.120.0/22 maxlen: 22
83.169.119.0/24 maxlen: 24
83.169.125.0/24 maxlen: 24
83.169.124.0/24 maxlen: 24
83.169.123.0/24 maxlen: 24
83.169.122.0/24 maxlen: 24
83.169.121.0/24 maxlen: 24
83.169.71.0/24 maxlen: 24
83.169.70.0/23 maxlen: 23
83.169.70.0/24 maxlen: 24
83.169.69.0/24 maxlen: 24
83.169.67.0/24 maxlen: 24
83.169.66.0/24 maxlen: 24
83.169.64.0/18 maxlen: 18
83.169.73.0/24 maxlen: 24
83.169.85.0/24 maxlen: 24
83.169.84.0/24 maxlen: 24
83.169.83.0/24 maxlen: 24
83.169.81.0/24 maxlen: 24
83.169.80.0/24 maxlen: 24
83.169.89.0/24 maxlen: 24
83.169.92.0/24 maxlen: 24
83.169.99.0/24 maxlen: 24
83.169.103.0/24 maxlen: 24
83.169.102.0/24 maxlen: 24
83.169.100.0/24 maxlen: 24
83.169.100.0/22 maxlen: 22
83.169.118.0/24 maxlen: 24
83.169.117.0/24 maxlen: 24
83.169.116.0/22 maxlen: 22
83.169.116.0/24 maxlen: 24
83.169.115.0/24 maxlen: 24
83.169.114.0/23 maxlen: 23
83.169.114.0/24 maxlen: 24
213.139.96.0/19 maxlen: 19
213.139.112.0/24 maxlen: 24
213.139.111.0/24 maxlen: 24
213.139.117.0/24 maxlen: 24
213.139.123.0/24 maxlen: 24
212.37.192.0/19 maxlen: 19
83.169.64.0/23 maxlen: 23
2a02:d50::/32 maxlen: 32
2001:4b90::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 27 Feb 2024 07:07:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:8e:8d:9a:59:a2:05:19:8d:27:aa:0a:92:7a:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Validity
Not Before: Jan 1 06:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=948926ad09d7d9e4c63ab1639e5919635c4273a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:61:c3:22:bf:56:c5:e8:9b:11:51:6d:c5:34:
4d:55:ef:b6:0c:96:6e:b6:f1:d5:04:77:b8:16:29:
75:90:c2:76:82:df:30:56:72:b3:95:2a:73:93:48:
06:dc:f1:c9:70:1a:df:a9:14:0f:2e:b6:50:b0:38:
1a:68:f9:d8:f5:31:2e:5c:64:65:fe:0d:44:bd:b9:
f2:c3:d5:a1:f7:b5:5c:31:ff:e8:f0:5d:34:66:fc:
2b:d9:f4:62:a5:ef:77:50:9c:bb:35:28:4a:ef:44:
c0:b6:88:5d:47:f9:2d:55:40:89:cb:8c:0b:34:d1:
0d:2b:2b:dc:7f:22:e2:74:1d:14:98:ec:90:26:06:
53:7d:44:f0:30:23:f5:f5:b1:a7:0f:db:be:c6:d3:
b6:8b:b9:0f:de:4c:24:bd:5a:9c:46:2f:86:2b:b4:
14:f1:3d:6f:f5:b6:e5:0e:29:f9:15:10:e9:c2:70:
a6:ad:7e:aa:c7:cd:e0:3b:9d:fd:7e:7a:79:6d:75:
80:c8:33:5e:ae:c4:69:9d:79:60:f1:19:23:a3:55:
57:f6:d2:0c:e0:bc:50:66:1c:10:f8:30:48:5f:12:
9d:9d:88:6d:3d:65:42:9a:d9:76:e3:36:2b:11:06:
5f:1a:38:27:77:af:f7:bd:2a:20:b5:49:0a:1d:53:
5b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:89:26:AD:09:D7:D9:E4:C6:3A:B1:63:9E:59:19:63:5C:42:73:A8
X509v3 Authority Key Identifier:
keyid:86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/lIkmrQnX2eTGOrFjnlkZY1xCc6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.169.64.0/18
178.22.152.0/21
194.117.208.0/20
194.153.214.0/24
195.46.192.0/19
212.37.192.0/19
213.139.96.0/19
IPv6:
2001:4b90::/32
2a02:d50::/32
Signature Algorithm: sha256WithRSAEncryption
49:8a:3b:c5:d8:28:72:7e:a2:53:56:d1:ff:a8:a9:05:79:ab:
93:ce:38:4f:4e:bf:45:f9:a4:4e:fe:0d:a7:fc:1d:d6:e4:7a:
cf:2f:c6:7e:b7:66:b6:d6:33:c4:b8:01:6b:d3:18:2f:00:09:
29:31:30:47:62:8f:dc:af:5f:16:72:f7:14:ec:ad:44:60:20:
f3:5a:ea:58:17:ce:f8:bb:59:24:a2:4b:17:c3:ea:2c:dd:d0:
04:5f:98:67:3a:95:92:cb:4f:4f:00:b9:ae:56:ce:42:f7:95:
0e:91:85:9b:04:48:a1:f5:85:f7:12:05:e1:f9:b2:21:5b:24:
0d:a2:2b:0c:c8:7c:fe:d7:b6:77:5c:32:b5:09:bd:b4:3a:fd:
7a:db:6f:bf:c6:9b:03:c1:f6:f9:1f:81:1e:f1:6f:8a:aa:e1:
fe:6a:e0:44:f6:1c:dc:5c:6f:aa:b5:d4:c1:ea:70:9a:49:bb:
b7:7a:6f:2f:31:84:89:35:b2:e0:1f:9f:7f:f4:f6:67:46:a7:
42:78:15:fb:de:3e:aa:03:d2:b7:f6:c3:a9:7f:29:21:83:15:
dd:f2:7a:28:de:6d:f6:61:d5:c6:ea:f4:ff:b5:ac:9f:cf:f9:
4a:bc:25:3e:35:61:35:68:1c:a2:e2:20:76:f9:11:35:63:c3:
66:22:6e:3d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYzDto6NmlmiBRmNJ6oKknrIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MjRmM2Y2NjFmMjRiZTVmZWY2NDFkYzcyMmU1Y2Y1YWM4
NzM4OWUwHhcNMjQwMTAxMDYyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDg5MjZhZDA5ZDdkOWU0YzYzYWIxNjM5ZTU5MTk2MzVjNDI3M2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimHDIr9WxeibEVFtxTRNVe+2DJZu
tvHVBHe4Fil1kMJ2gt8wVnKzlSpzk0gG3PHJcBrfqRQPLrZQsDgaaPnY9TEuXGRl
/g1Evbnyw9Wh97VcMf/o8F00Zvwr2fRipe93UJy7NShK70TAtohdR/ktVUCJy4wL
NNENKyvcfyLidB0UmOyQJgZTfUTwMCP19bGnD9u+xtO2i7kP3kwkvVqcRi+GK7QU
8T1v9bblDin5FRDpwnCmrX6qx83gO539fnp5bXWAyDNersRpnXlg8Rkjo1VX9tIM
4LxQZhwQ+DBIXxKdnYhtPWVCmtl24zYrEQZfGjgnd6/3vSogtUkKHVNbRQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFJSJJq0J19nkxjqxY55ZGWNcQnOoMB8GA1UdIwQY
MBaAFIYk8/Zh8kvl/vZB3HIuXPWshzieMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMt
MjVlNTM1YzhhNWI5LzEvbElrbXJRblgyZVRHT3JGam5sa1pZMXhDYzZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMtMjVlNTM1YzhhNWI5
LzEvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQGU6lAAwQD
shaYAwQEwnXQAwQAwpnWAwQFwy7AAwQF1CXAAwQF1YtgMBQEAgACMA4DBQAgAUuQ
AwUAKgINUDANBgkqhkiG9w0BAQsFAAOCAQEASYo7xdgocn6iU1bR/6ipBXmrk844
T06/RfmkTv4Np/wd1uR6zy/GfrdmttYzxLgBa9MYLwAJKTEwR2KP3K9fFnL3FOyt
RGAg81rqWBfO+LtZJKJLF8PqLN3QBF+YZzqVkstPTwC5rlbOQveVDpGFmwRIofWF
9xIF4fmyIVskDaIrDMh8/te2d1wytQm9tDr9ettvv8abA8H2+R+BHvFviqrh/mrg
RPYc3FxvqrXUwepwmkm7t3pvLzGEiTWy4B+ff/T2Z0anQngV+94+qgPSt/bDqX8p
IYMV3fJ6KN5t9mHVxur0/7Wsn8/5SrwlPjVhNWgcouIgdvkRNWPDZiJuPQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:31 2024 by rpki-client on console-ams.rpki-client.org