Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1ES8aCG9Ihxn8t14aPXm6O8_sB8.roa
File: 1ES8aCG9Ihxn8t14aPXm6O8_sB8.roa (raw, json)
Hash identifier: M7WgOHaNkQHMr5AnIGClxwC9M2a3lUJxgfeOuY3p4M0=
Subject key identifier: D4:44:BC:68:21:BD:22:1C:67:F2:DD:78:68:F5:E6:E8:EF:3F:B0:1F
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185737AC7BE9049E81E18ACF8ECF2A65530
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1ES8aCG9Ihxn8t14aPXm6O8_sB8.roa
Signing time: Mon 02 Jan 2023 17:15:04 +0000
ROA not before: Mon 02 Jan 2023 17:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62235
IP address blocks: 89.39.167.0/24 maxlen: 24
85.204.200.0/22 maxlen: 24
85.204.200.0/21 maxlen: 24
85.204.204.0/22 maxlen: 24
89.46.247.0/24 maxlen: 24
188.212.16.0/22 maxlen: 24
188.212.16.0/23 maxlen: 24
188.212.18.0/23 maxlen: 24
185.228.244.0/22 maxlen: 24
185.228.244.0/23 maxlen: 24
185.228.246.0/23 maxlen: 24
185.87.130.0/23 maxlen: 24
185.87.128.0/23 maxlen: 24
185.87.128.0/22 maxlen: 24
194.124.56.0/22 maxlen: 24
194.124.58.0/23 maxlen: 24
194.124.56.0/23 maxlen: 24
89.45.222.0/23 maxlen: 24
89.45.220.0/23 maxlen: 24
89.45.220.0/22 maxlen: 24
94.177.0.0/22 maxlen: 24
94.177.2.0/23 maxlen: 24
94.177.0.0/23 maxlen: 24
89.46.32.0/24 maxlen: 24
89.46.35.0/24 maxlen: 24
89.46.37.0/24 maxlen: 24
89.46.39.0/24 maxlen: 24
185.56.76.0/23 maxlen: 24
185.56.78.0/23 maxlen: 24
185.56.76.0/22 maxlen: 24
45.86.184.0/23 maxlen: 24
45.86.186.0/23 maxlen: 24
45.86.184.0/22 maxlen: 24
188.214.112.0/22 maxlen: 24
89.35.231.0/24 maxlen: 24
188.214.116.0/22 maxlen: 24
188.214.112.0/21 maxlen: 24
188.214.118.0/24 maxlen: 24
188.213.80.0/23 maxlen: 24
92.119.0.0/22 maxlen: 24
188.213.82.0/23 maxlen: 24
188.213.83.0/24 maxlen: 24
188.213.80.0/22 maxlen: 24
92.119.2.0/23 maxlen: 24
92.119.0.0/23 maxlen: 24
37.156.110.0/23 maxlen: 24
37.156.108.0/23 maxlen: 24
37.156.108.0/22 maxlen: 24
185.41.244.0/22 maxlen: 24
195.82.98.0/23 maxlen: 24
195.82.98.0/24 maxlen: 24
185.41.244.0/23 maxlen: 24
185.41.246.0/23 maxlen: 24
195.82.99.0/24 maxlen: 24
87.247.130.0/23 maxlen: 24
87.247.128.0/23 maxlen: 24
87.247.128.0/22 maxlen: 24
45.14.206.0/24 maxlen: 24
5.183.58.0/23 maxlen: 24
5.183.56.0/23 maxlen: 24
45.14.204.0/23 maxlen: 24
5.183.56.0/22 maxlen: 24
45.14.204.0/22 maxlen: 24
37.156.78.0/23 maxlen: 24
37.156.76.0/23 maxlen: 24
45.14.207.0/24 maxlen: 24
37.156.76.0/22 maxlen: 24
139.28.88.0/22 maxlen: 24
89.44.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 May 2023 10:25:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:c7:be:90:49:e8:1e:18:ac:f8:ec:f2:a6:55:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 2 17:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d444bc6821bd221c67f2dd7868f5e6e8ef3fb01f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1d:e9:d0:80:e9:a1:9b:bf:8e:25:d2:6f:94:
98:79:68:b6:6c:35:2f:c9:8b:0e:6c:7d:b5:f0:46:
15:ce:69:0e:a9:37:ee:50:1e:25:a8:62:6d:86:1e:
4c:c6:a9:b2:c1:3a:5a:82:a4:f2:58:28:0c:ac:9f:
ed:71:33:b0:71:76:0f:3c:22:d6:85:22:c3:d3:08:
36:44:59:e7:54:98:10:b8:da:f4:5d:17:5d:98:fc:
86:3f:bb:39:b7:cb:40:ae:1c:39:fe:51:44:84:c4:
89:c4:6b:73:e2:6e:50:ce:05:8a:3f:09:fa:36:97:
5d:0b:04:22:9c:46:c7:47:6e:ee:0e:88:9b:52:3b:
ce:b7:1a:ac:d6:83:58:39:e9:82:6c:f3:28:0f:de:
da:e4:18:0f:5e:b7:3f:9c:2f:ee:01:f9:15:9d:ef:
01:92:33:12:18:4f:e3:5a:01:c6:51:23:14:29:c9:
79:70:e3:e9:b5:a9:dc:a4:44:f3:c7:f7:aa:f2:62:
e6:91:43:3b:b7:f0:f1:4f:0a:af:53:74:e2:31:5d:
1c:ca:d2:64:9a:56:6a:d7:01:4a:f9:67:95:84:2d:
1a:48:ec:b9:1f:de:f7:02:2a:d4:d6:fd:a6:e7:34:
9c:ae:0a:0e:88:28:0b:34:3f:96:9a:b3:c4:84:20:
97:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:44:BC:68:21:BD:22:1C:67:F2:DD:78:68:F5:E6:E8:EF:3F:B0:1F
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1ES8aCG9Ihxn8t14aPXm6O8_sB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.56.0/22
37.156.76.0/22
37.156.108.0/22
45.14.204.0/22
45.86.184.0/22
85.204.200.0/21
87.247.128.0/22
89.35.231.0/24
89.39.167.0/24
89.44.82.0/24
89.45.220.0/22
89.46.32.0/24
89.46.35.0/24
89.46.37.0/24
89.46.39.0/24
89.46.247.0/24
92.119.0.0/22
94.177.0.0/22
139.28.88.0/22
185.41.244.0/22
185.56.76.0/22
185.87.128.0/22
185.228.244.0/22
188.212.16.0/22
188.213.80.0/22
188.214.112.0/21
194.124.56.0/22
195.82.98.0/23
Signature Algorithm: sha256WithRSAEncryption
15:e1:b8:4d:6d:9c:36:26:50:3f:68:4b:b7:b5:1a:44:fc:95:
4b:12:ea:59:2e:7b:c0:9c:17:21:a3:9f:eb:bd:d2:db:13:d6:
a0:72:43:94:d7:64:19:da:79:f6:33:d9:62:e7:44:97:cf:cb:
46:60:f4:f8:c8:16:92:90:c7:e6:17:ba:36:3d:60:03:88:70:
35:f5:04:4d:55:85:1d:7a:ed:1c:30:85:79:2f:c2:4d:7c:9b:
1f:ec:51:c5:1b:cf:51:9f:c2:37:b7:89:f5:4c:3b:74:4b:eb:
4a:7a:33:bf:05:17:60:c6:05:a7:ec:7a:a1:71:f7:a5:c0:00:
54:d4:28:68:c9:d0:09:3d:3e:68:02:ff:cf:aa:5c:e7:42:e5:
b4:9a:83:e9:33:94:24:8e:39:f2:27:56:22:9e:ad:4c:c4:d2:
e8:ca:af:3b:06:02:54:28:a2:e9:f3:6b:9e:0c:51:36:e3:8b:
12:a0:ca:13:67:63:5f:74:8a:a5:ab:ff:22:70:ad:e6:06:67:
dc:18:da:f4:4f:47:86:7f:e1:64:1d:e7:ca:9c:12:1e:e9:80:
5a:8d:ec:18:12:fb:6c:ed:36:bb:1d:d2:fa:14:55:77:86:f2:
d7:28:a4:69:43:f3:fc:f4:ba:4e:e0:63:f5:b3:6a:10:92:ad:
4c:c1:70:ed
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYVzese+kEnoHhis+OzyplUwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMTAyMTcxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDQ0YmM2ODIxYmQyMjFjNjdmMmRkNzg2OGY1ZTZlOGVmM2ZiMDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqx3p0IDpoZu/jiXSb5SYeWi2bDUv
yYsObH218EYVzmkOqTfuUB4lqGJthh5MxqmywTpagqTyWCgMrJ/tcTOwcXYPPCLW
hSLD0wg2RFnnVJgQuNr0XRddmPyGP7s5t8tArhw5/lFEhMSJxGtz4m5QzgWKPwn6
NpddCwQinEbHR27uDoibUjvOtxqs1oNYOemCbPMoD97a5BgPXrc/nC/uAfkVne8B
kjMSGE/jWgHGUSMUKcl5cOPptancpETzx/eq8mLmkUM7t/DxTwqvU3TiMV0cytJk
mlZq1wFK+WeVhC0aSOy5H973AirU1v2m5zScrgoOiCgLND+WmrPEhCCXlQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFNREvGghvSIcZ/LdeGj15ujvP7AfMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvMUVTOGFDRzlJaHhuOHQxNGFQWG02Tzhfc0I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagDBAIF
tzgDBAIlnEwDBAIlnGwDBAItDswDBAItVrgDBANVzMgDBAJX94ADBABZI+cDBABZ
J6cDBABZLFIDBAJZLdwDBABZLiADBABZLiMDBABZLiUDBABZLicDBABZLvcDBAJc
dwADBAJesQADBAKLHFgDBAK5KfQDBAK5OEwDBAK5V4ADBAK55PQDBAK81BADBAK8
1VADBAO81nADBALCfDgDBAHDUmIwDQYJKoZIhvcNAQELBQADggEBABXhuE1tnDYm
UD9oS7e1GkT8lUsS6lkue8CcFyGjn+u90tsT1qByQ5TXZBnaefYz2WLnRJfPy0Zg
9PjIFpKQx+YXujY9YAOIcDX1BE1VhR167RwwhXkvwk18mx/sUcUbz1Gfwje3ifVM
O3RL60p6M78FF2DGBafseqFx96XAAFTUKGjJ0Ak9PmgC/8+qXOdC5bSag+kzlCSO
OfInViKerUzE0ujKrzsGAlQoounza54MUTbjixKgyhNnY190iqWr/yJwreYGZ9wY
2vRPR4Z/4WQd58qcEh7pgFqN7BgS+2ztNrsd0voUVXeG8tcopGlD8/z0uk7gY/Wz
ahCSrUzBcO0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:36 2024 by rpki-client on console-fra.rpki-client.org