Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/8pgVOMjIvzfib3Lc50SYbm2t5JI.roa
File: 8pgVOMjIvzfib3Lc50SYbm2t5JI.roa (raw, json)
Hash identifier: rkTePSM+0iI0z5JoYV48eVxh5twusY5FQcEKvNw/AY8=
Subject key identifier: F2:98:15:38:C8:C8:BF:37:E2:6F:72:DC:E7:44:98:6E:6D:AD:E4:92
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018DAF57C73F83BAA5D037FAA98F74E652D4
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/8pgVOMjIvzfib3Lc50SYbm2t5JI.roa
Signing time: Fri 16 Feb 2024 00:36:21 +0000
ROA not before: Fri 16 Feb 2024 00:36:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 5.182.185.0/24 maxlen: 24
5.182.196.0/24 maxlen: 24
5.182.197.0/24 maxlen: 24
78.31.205.0/24 maxlen: 24
79.98.183.0/24 maxlen: 24
92.249.29.0/24 maxlen: 24
94.154.171.0/24 maxlen: 24
94.154.178.0/24 maxlen: 24
103.130.176.0/24 maxlen: 24
103.130.177.0/24 maxlen: 24
104.232.36.0/24 maxlen: 24
147.78.207.0/24 maxlen: 24
162.218.93.0/24 maxlen: 24
185.52.138.0/24 maxlen: 24
185.52.139.0/24 maxlen: 24
185.161.190.0/24 maxlen: 24
185.187.214.0/24 maxlen: 24
185.187.215.0/24 maxlen: 24
185.198.89.0/24 maxlen: 24
185.198.90.0/24 maxlen: 24
185.201.42.0/24 maxlen: 24
185.205.204.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
185.208.153.0/24 maxlen: 24
185.208.154.0/24 maxlen: 24
185.230.121.0/24 maxlen: 24
185.253.120.0/24 maxlen: 24
185.253.121.0/24 maxlen: 24
212.60.13.0/24 maxlen: 24
217.197.170.0/24 maxlen: 24
2a0a:8f40:3::/48 maxlen: 48
2a0a:8f40:7::/48 maxlen: 48
2a0a:8f40:8::/48 maxlen: 48
2a0a:8f40:9::/48 maxlen: 48
2a0a:8f40:a::/48 maxlen: 48
2a0a:8f40:b::/48 maxlen: 48
2a0a:8f40:c::/48 maxlen: 48
2a0a:8f40:1c::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 22 Feb 2024 12:37:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:af:57:c7:3f:83:ba:a5:d0:37:fa:a9:8f:74:e6:52:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Feb 16 00:36:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2981538c8c8bf37e26f72dce744986e6dade492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:8a:b4:ac:43:de:5e:8c:38:28:a5:21:61:6f:
04:b8:26:69:00:54:1d:df:75:65:a4:f2:08:bb:b2:
d9:0d:c2:e0:db:7e:e1:f5:b5:3c:e1:18:cb:69:96:
35:8e:91:07:68:c7:96:1a:08:f9:1d:15:30:a3:ce:
b7:4a:c1:6e:ba:62:6f:3b:40:d1:71:94:08:fd:92:
16:11:32:fd:a5:7f:5d:89:b8:5d:7f:56:0a:88:63:
f0:03:03:a3:7c:54:c3:53:e5:3c:e0:65:17:6e:e8:
46:cc:2d:4d:b2:03:72:45:d7:53:ea:be:36:1f:13:
c3:53:84:15:90:76:df:df:fb:6d:26:0b:2d:be:d5:
e6:52:0f:09:4e:49:81:0f:c8:57:dd:75:5d:51:f2:
ab:7a:7a:4d:27:c5:4a:64:4a:e1:1c:42:36:85:2f:
00:8a:94:28:e6:c0:ea:7f:87:a5:9e:9e:25:b3:cd:
2d:d6:f5:f2:d8:b9:dc:83:07:5e:b6:18:bf:e9:5e:
c6:1f:8d:f4:d2:5c:b7:61:73:c4:94:5f:f9:ad:4f:
70:62:ea:e5:aa:a4:6f:c1:b7:66:32:58:f3:5d:85:
3b:ca:67:70:a0:0e:4c:67:6e:8e:4e:34:ea:ce:89:
21:16:34:f7:b3:9a:be:73:a7:98:1f:fc:ac:e6:22:
04:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:98:15:38:C8:C8:BF:37:E2:6F:72:DC:E7:44:98:6E:6D:AD:E4:92
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/8pgVOMjIvzfib3Lc50SYbm2t5JI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.185.0/24
5.182.196.0/23
78.31.205.0/24
79.98.183.0/24
92.249.29.0/24
94.154.171.0/24
94.154.178.0/24
103.130.176.0/23
104.232.36.0/24
147.78.207.0/24
162.218.93.0/24
185.52.138.0/23
185.161.190.0/24
185.187.214.0/23
185.198.89.0-185.198.90.255
185.201.42.0/24
185.205.204.0/24
185.208.152.0-185.208.154.255
185.230.121.0/24
185.253.120.0/23
212.60.13.0/24
217.197.170.0/24
IPv6:
2a0a:8f40:3::/48
2a0a:8f40:7::-2a0a:8f40:c:ffff:ffff:ffff:ffff:ffff
2a0a:8f40:1c::/48
Signature Algorithm: sha256WithRSAEncryption
1b:1d:57:56:d2:5a:3a:8c:d0:7a:76:4b:7e:ac:e2:6a:d8:c9:
5d:c8:ac:72:de:7e:df:99:f9:05:cc:5c:15:39:22:70:98:aa:
26:45:45:6c:e0:ca:33:f7:d3:04:7f:89:13:95:0d:02:6a:e3:
3e:54:44:1d:21:a2:48:ce:7d:6c:3b:82:76:d4:28:1c:55:48:
c4:3b:51:dd:6c:f9:0e:6b:0a:2f:59:b1:53:b5:a0:bf:3f:74:
87:83:73:a2:50:fa:22:50:a6:54:14:85:47:f0:84:5e:90:d5:
a9:35:5e:e2:a0:43:90:c1:ab:27:0f:77:35:51:57:04:37:80:
57:aa:56:4e:f3:20:10:00:a3:9f:a2:d8:61:f2:a1:eb:71:57:
da:d4:a5:c2:a5:f0:9b:86:87:7f:7b:55:4f:ce:70:a6:45:1d:
67:68:41:91:f7:ee:93:1d:69:c3:08:ca:05:4e:de:d4:f9:21:
b9:56:1f:b6:f4:10:2b:9a:c3:43:8e:49:8a:c0:f1:03:8a:cc:
f0:0b:b7:df:3c:a9:0b:8a:21:79:56:2c:4c:a2:78:f0:33:b5:
d7:88:74:45:4f:e8:61:97:2e:41:26:f8:13:b8:9b:f3:32:f4:
83:40:35:03:60:aa:13:98:be:98:1e:2c:82:4d:c4:f7:08:b6:
de:b7:8f:b1
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAY2vV8c/g7ql0Df6qY905lLUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwMjE2MDAzNjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjk4MTUzOGM4YzhiZjM3ZTI2ZjcyZGNlNzQ0OTg2ZTZkYWRlNDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4q0rEPeXow4KKUhYW8EuCZpAFQd
33VlpPIIu7LZDcLg237h9bU84RjLaZY1jpEHaMeWGgj5HRUwo863SsFuumJvO0DR
cZQI/ZIWETL9pX9dibhdf1YKiGPwAwOjfFTDU+U84GUXbuhGzC1NsgNyRddT6r42
HxPDU4QVkHbf3/ttJgstvtXmUg8JTkmBD8hX3XVdUfKrenpNJ8VKZErhHEI2hS8A
ipQo5sDqf4elnp4ls80t1vXy2Lncgwdethi/6V7GH4300ly3YXPElF/5rU9wYurl
qqRvwbdmMljzXYU7ymdwoA5MZ26OTjTqzokhFjT3s5q+c6eYH/ys5iIEwwIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFPKYFTjIyL834m9y3OdEmG5treSSMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvOHBnVk9Nakl2emZpYjNMYzUwU1libTJ0NUpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCBmwQCAAEwgZQDBAAF
trkDBAEFtsQDBABOH80DBABPYrcDBABc+R0DBABemqsDBABemrIDBAFngrADBABo
6CQDBACTTs8DBACi2l0DBAG5NIoDBAC5ob4DBAG5u9YwDAMEALnGWQMEALnGWgME
ALnJKgMEALnNzDAMAwQDudCYAwQAudCaAwQAueZ5AwQBuf14AwQA1DwNAwQA2cWq
MCwEAgACMCYDBwAqCo9AAAMwEgMHACoKj0AABwMHACoKj0AADAMHACoKj0AAHDAN
BgkqhkiG9w0BAQsFAAOCAQEAGx1XVtJaOozQenZLfqziatjJXcisct5+35n5Bcxc
FTkicJiqJkVFbODKM/fTBH+JE5UNAmrjPlREHSGiSM59bDuCdtQoHFVIxDtR3Wz5
DmsKL1mxU7Wgvz90h4NzolD6IlCmVBSFR/CEXpDVqTVe4qBDkMGrJw93NVFXBDeA
V6pWTvMgEACjn6LYYfKh63FX2tSlwqXwm4aHf3tVT85wpkUdZ2hBkffukx1pwwjK
BU7e1PkhuVYftvQQK5rDQ45JisDxA4rM8Au33zypC4oheVYsTKJ48DO114h0RU/o
YZcuQSb4E7ib8zL0g0A1A2CqE5i+mB4sgk3E9wi23rePsQ==
-----END CERTIFICATE-----
Generated at Thu Feb 22 18:05:51 2024 by rpki-client on console-fra.rpki-client.org