Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/0LxU6xgifp6bHejU6TJT2qEWVcU.roa
File: 0LxU6xgifp6bHejU6TJT2qEWVcU.roa (raw, json)
Hash identifier: AI8raa56AN82OglX0fmrbgmL2cY9o0Mr/fyGgmoB1JE=
Subject key identifier: D0:BC:54:EB:18:22:7E:9E:9B:1D:E8:D4:E9:32:53:DA:A1:16:55:C5
Certificate issuer: /CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Certificate serial: 0189CF028CE5F6DD61F8D9D3DBFF03F3C4EF
Authority key identifier: A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/0LxU6xgifp6bHejU6TJT2qEWVcU.roa
Signing time: Mon 07 Aug 2023 07:59:58 +0000
ROA not before: Mon 07 Aug 2023 07:59:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48854
IP address blocks: 185.134.28.0/22 maxlen: 22
195.178.14.0/23 maxlen: 23
80.70.0.0/23 maxlen: 23
185.21.40.0/22 maxlen: 22
80.70.6.0/23 maxlen: 23
80.70.7.0/24 maxlen: 24
212.97.132.0/22 maxlen: 22
212.97.143.0/24 maxlen: 24
212.97.140.0/24 maxlen: 24
212.97.140.0/22 maxlen: 22
212.97.142.0/24 maxlen: 24
212.97.141.0/24 maxlen: 24
94.143.8.0/21 maxlen: 21
93.191.152.0/21 maxlen: 21
93.191.152.0/22 maxlen: 22
217.61.236.0/22 maxlen: 22
93.191.156.0/24 maxlen: 24
93.191.158.0/24 maxlen: 24
93.191.157.0/24 maxlen: 24
89.188.72.0/21 maxlen: 21
185.25.142.0/24 maxlen: 24
185.25.141.0/24 maxlen: 24
185.25.143.0/24 maxlen: 24
94.231.96.0/20 maxlen: 20
94.231.103.0/24 maxlen: 24
185.223.24.0/22 maxlen: 22
185.221.36.0/22 maxlen: 22
212.237.248.0/23 maxlen: 23
194.150.112.0/22 maxlen: 22
185.20.204.0/22 maxlen: 22
185.20.205.0/24 maxlen: 24
185.20.206.0/23 maxlen: 23
2a06:eac0::/29 maxlen: 48
2a03:2740::/47 maxlen: 48
2a02:2338::/32 maxlen: 48
2a02:2339:4000::/34 maxlen: 48
Validation: Failed, certificate revoked on Thu 19 Oct 2023 11:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cf:02:8c:e5:f6:dd:61:f8:d9:d3:db:ff:03:f3:c4:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Validity
Not Before: Aug 7 07:59:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0bc54eb18227e9e9b1de8d4e93253daa11655c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f7:66:07:73:0a:e5:6c:aa:78:67:89:c3:23:
78:cd:80:2c:ff:ad:01:9b:d2:66:38:98:11:04:63:
0e:4f:67:20:2d:ab:76:c8:1d:6d:b0:36:4b:ca:c4:
e3:e2:a1:1d:c2:4c:a2:35:88:d6:13:29:26:fd:e2:
dd:da:a3:2c:d9:01:27:0f:38:a5:96:63:36:ab:0d:
c7:78:7c:e9:4c:a4:66:f4:fb:28:f0:0a:0f:b6:51:
91:da:50:36:c9:2b:29:8f:88:96:2c:8e:f3:fb:27:
4d:0a:01:98:bd:a8:23:60:a9:0c:48:bf:2d:5c:97:
5e:f8:c9:32:a9:9f:e2:35:c9:e4:46:c6:b3:4b:50:
66:41:2f:fd:4d:9a:fa:d5:b9:7e:bd:f7:62:98:97:
3b:66:ea:a2:28:cf:25:92:11:9f:77:fb:2f:fe:e9:
c5:b9:f6:fc:8f:60:85:95:2b:1d:c3:a7:fe:68:64:
73:1c:01:58:18:1b:c4:3f:24:d7:61:97:5c:53:4b:
71:28:8c:0a:a3:83:3f:67:98:96:75:56:7d:f8:d9:
d2:fd:4b:0b:c8:09:b2:2a:ba:80:d1:b0:b7:7c:e1:
81:ef:08:3b:85:a1:3b:13:b9:14:35:4e:a3:dd:e5:
2a:2e:ea:0c:3d:57:53:d1:30:67:28:80:ca:d9:08:
63:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:BC:54:EB:18:22:7E:9E:9B:1D:E8:D4:E9:32:53:DA:A1:16:55:C5
X509v3 Authority Key Identifier:
keyid:A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/0LxU6xgifp6bHejU6TJT2qEWVcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.70.0.0/23
80.70.6.0/23
89.188.72.0/21
93.191.152.0/21
94.143.8.0/21
94.231.96.0/20
185.20.204.0/22
185.21.40.0/22
185.25.141.0-185.25.143.255
185.134.28.0/22
185.221.36.0/22
185.223.24.0/22
194.150.112.0/22
195.178.14.0/23
212.97.132.0/22
212.97.140.0/22
212.237.248.0/23
217.61.236.0/22
IPv6:
2a02:2338::/32
2a02:2339:4000::/34
2a03:2740::/47
2a06:eac0::/29
Signature Algorithm: sha256WithRSAEncryption
5b:db:56:21:d0:8f:6c:8f:fb:55:99:e9:02:bd:9d:18:a4:71:
62:9b:6b:a5:46:47:29:8c:6f:89:28:b5:ce:ef:bd:36:85:e5:
6f:2c:dc:91:48:17:03:91:e3:31:0c:4f:4b:f8:8f:eb:d3:b6:
92:0c:83:6a:95:3c:e3:42:05:dc:e6:5d:1e:0d:7d:04:60:59:
95:a7:e8:68:8b:44:b0:cf:40:31:14:78:c9:cd:29:a3:9e:11:
98:70:57:7f:fe:04:ca:dd:e6:99:e4:78:66:1d:f9:59:e4:4b:
f8:18:74:c6:ef:0c:ad:6d:09:30:af:10:c7:79:1d:15:bf:40:
5d:cc:bc:67:ed:a9:85:b6:47:53:a7:35:94:dc:74:54:5a:8d:
0c:0b:7b:3e:c6:21:0a:5e:d9:65:0c:56:f4:ce:07:7c:b6:65:
87:84:a0:28:b0:30:21:31:5b:cf:95:1d:ee:7a:dd:51:c6:a6:
47:b4:7c:7b:b1:a0:44:55:a4:80:f8:bc:9e:7e:eb:fb:63:ba:
0d:f7:8b:ca:e4:07:6b:42:68:fe:f7:59:64:26:82:f1:f9:0a:
10:79:c1:0d:4d:2c:26:d2:0e:e1:84:93:26:78:cc:df:25:76:
09:4b:75:72:f8:53:fc:70:05:e1:1c:94:cd:00:87:12:c5:29:
64:83:7e:49
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgISAYnPAozl9t1h+NnT2/8D88TvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZTcyMDVmNWQ0MTI1N2E2YmI5NWY5MDBlZWMwYTExMjNl
NzUxNjQwHhcNMjMwODA3MDc1OTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGJjNTRlYjE4MjI3ZTllOWIxZGU4ZDRlOTMyNTNkYWExMTY1NWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvdmB3MK5WyqeGeJwyN4zYAs/60B
m9JmOJgRBGMOT2cgLat2yB1tsDZLysTj4qEdwkyiNYjWEykm/eLd2qMs2QEnDzil
lmM2qw3HeHzpTKRm9Pso8AoPtlGR2lA2ySspj4iWLI7z+ydNCgGYvagjYKkMSL8t
XJde+MkyqZ/iNcnkRsazS1BmQS/9TZr61bl+vfdimJc7ZuqiKM8lkhGfd/sv/unF
ufb8j2CFlSsdw6f+aGRzHAFYGBvEPyTXYZdcU0txKIwKo4M/Z5iWdVZ9+NnS/UsL
yAmyKrqA0bC3fOGB7wg7haE7E7kUNU6j3eUqLuoMPVdT0TBnKIDK2QhjhQIDAQAB
o4ICoTCCAp0wHQYDVR0OBBYEFNC8VOsYIn6emx3o1OkyU9qhFlXFMB8GA1UdIwQY
MBaAFKTnIF9dQSV6a7lfkA7sChEj51FkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDkt
M2U1OWNlNDQ1YjFjLzEvMEx4VTZ4Z2lmcDZiSGVqVTZUSlQycUVXVmNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDktM2U1OWNlNDQ1YjFj
LzEvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG2BggrBgEFBQcBBwEB/wSBpjCBozB6BAIAATB0AwQBUEYA
AwQBUEYGAwQDWbxIAwQDXb+YAwQDXo8IAwQEXudgAwQCuRTMAwQCuRUoMAwDBAC5
GY0DBAS5GYADBAK5hhwDBAK53SQDBAK53xgDBALClnADBAHDsg4DBALUYYQDBALU
YYwDBAHU7fgDBALZPewwJQQCAAIwHwMFACoCIzgDBgYqAiM5QAMHASoDJ0AAAAMF
AyoG6sAwDQYJKoZIhvcNAQELBQADggEBAFvbViHQj2yP+1WZ6QK9nRikcWKba6VG
RymMb4kotc7vvTaF5W8s3JFIFwOR4zEMT0v4j+vTtpIMg2qVPONCBdzmXR4NfQRg
WZWn6GiLRLDPQDEUeMnNKaOeEZhwV3/+BMrd5pnkeGYd+VnkS/gYdMbvDK1tCTCv
EMd5HRW/QF3MvGftqYW2R1OnNZTcdFRajQwLez7GIQpe2WUMVvTOB3y2ZYeEoCiw
MCExW8+VHe563VHGpke0fHuxoERVpID4vJ5+6/tjug33i8rkB2tCaP73WWQmgvH5
ChB5wQ1NLCbSDuGEkyZ4zN8ldglLdXL4U/xwBeEclM0AhxLFKWSDfkk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:51 2024 by rpki-client on console-ams.rpki-client.org