Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/j85VOCnCDyJsl-M4MIx2mA2QaKw.roa
File: j85VOCnCDyJsl-M4MIx2mA2QaKw.roa (raw, json)
Hash identifier: ZqvUzp0/vJonN8DB3s7eZTjDulk4IttF9GabhR9BylY=
Subject key identifier: 8F:CE:55:38:29:C2:0F:22:6C:97:E3:38:30:8C:76:98:0D:90:68:AC
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018C20A437215E1ECA6DB50F8E9F8EEAAB50
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/j85VOCnCDyJsl-M4MIx2mA2QaKw.roa
Signing time: Thu 30 Nov 2023 14:31:22 +0000
ROA not before: Thu 30 Nov 2023 14:31:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42864
IP address blocks: 178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
178.210.225.0/24 maxlen: 24
178.210.224.0/24 maxlen: 24
193.138.125.0/24 maxlen: 24
77.242.144.0/22 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
178.210.251.0/24 maxlen: 24
178.210.250.0/24 maxlen: 24
178.210.249.0/24 maxlen: 24
178.210.248.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:20:a4:37:21:5e:1e:ca:6d:b5:0f:8e:9f:8e:ea:ab:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Nov 30 14:31:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8fce553829c20f226c97e338308c76980d9068ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:3c:ce:96:34:50:7d:83:8e:73:73:9e:b6:86:
61:42:c2:bc:5a:90:95:bd:a3:f3:e1:7f:e5:6b:30:
b4:89:30:b7:79:2d:ae:1e:ee:d6:b7:15:47:5b:da:
c8:34:b2:5d:97:24:ea:a6:7c:b2:8c:d7:97:6d:e4:
fa:89:15:36:bc:fd:dd:7f:da:32:20:49:6d:30:d3:
a1:97:ed:6b:7a:2b:64:b7:20:d8:c0:19:25:d0:81:
83:b4:e3:cc:f3:11:88:23:5c:36:3b:c2:74:1f:b2:
93:1b:b2:f4:1f:fa:1d:0e:47:21:6c:70:56:a0:3a:
19:b4:a0:93:27:eb:44:5e:ef:70:39:5c:1a:82:43:
40:f5:e7:17:c2:ab:ce:42:37:2e:6c:a0:58:02:bf:
76:48:27:47:39:ea:eb:b1:ba:4e:c5:19:04:e1:cf:
e9:8b:e9:4d:76:82:cc:9f:63:1a:d9:60:5d:ab:e2:
f5:ee:ca:30:3a:d3:32:ff:01:0f:bb:4a:b6:24:7a:
5c:33:26:be:65:1b:cf:7a:46:47:4a:b6:2f:1d:6f:
5a:0b:b7:7e:d0:f4:3c:24:d8:ca:f5:38:0f:ec:c6:
b5:73:82:9d:e8:1f:90:00:1b:c6:13:a8:3d:88:a2:
95:c4:80:ce:f6:f2:45:0d:2c:d8:e1:6b:72:4f:4d:
7a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:CE:55:38:29:C2:0F:22:6C:97:E3:38:30:8C:76:98:0D:90:68:AC
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/j85VOCnCDyJsl-M4MIx2mA2QaKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.10.0/23
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
92.52.208.0/21
92.52.219.0/24
178.210.224.0/23
178.210.248.0/22
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
62:51:07:e3:ba:c1:8a:a3:49:53:45:7f:e4:77:9b:ad:3f:78:
02:49:dc:24:b6:56:f2:d8:d3:66:80:02:ff:0d:2b:93:52:77:
10:00:19:68:50:5b:5f:df:60:9c:39:eb:53:40:71:ea:28:1a:
07:cb:21:6f:e3:16:e0:36:ec:a3:96:47:e4:6b:75:5e:e7:be:
3b:71:21:bf:31:47:82:3f:57:f7:1b:f6:ed:25:6a:49:0b:bd:
08:17:9e:a4:4b:f0:9d:e9:6b:e9:18:85:56:c4:49:c6:ba:60:
36:03:0e:1b:4e:a3:b2:83:bb:a0:2a:a8:7f:f9:f4:ea:8f:27:
7e:cc:09:7a:92:b0:49:d2:45:40:c0:24:1b:d1:c1:2c:fe:17:
df:a3:ea:81:03:71:02:ac:64:fc:37:cd:9b:bc:a9:aa:74:6e:
d0:aa:52:ee:c2:cd:b7:95:80:a7:01:86:d0:a4:d1:6a:34:f2:
69:57:4d:f4:29:25:78:06:eb:63:a8:32:36:83:c8:70:bc:38:
2c:dc:73:a1:92:6a:3b:75:41:fb:79:a9:2d:8e:41:65:8b:c9:
b8:de:8d:3a:b3:3d:39:6f:0e:ea:bd:86:71:f8:8c:3e:e5:b8:
87:07:d6:3e:57:e4:5e:55:f3:c0:33:5c:34:5d:7e:15:60:f9:
1b:ad:41:9a
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYwgpDchXh7KbbUPjp+O6qtQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMxMTMwMTQzMTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmNlNTUzODI5YzIwZjIyNmM5N2UzMzgzMDhjNzY5ODBkOTA2OGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDzOljRQfYOOc3OetoZhQsK8WpCV
vaPz4X/lazC0iTC3eS2uHu7WtxVHW9rINLJdlyTqpnyyjNeXbeT6iRU2vP3df9oy
IEltMNOhl+1reitktyDYwBkl0IGDtOPM8xGII1w2O8J0H7KTG7L0H/odDkchbHBW
oDoZtKCTJ+tEXu9wOVwagkNA9ecXwqvOQjcubKBYAr92SCdHOerrsbpOxRkE4c/p
i+lNdoLMn2Ma2WBdq+L17sowOtMy/wEPu0q2JHpcMya+ZRvPekZHSrYvHW9aC7d+
0PQ8JNjK9TgP7Ma1c4Kd6B+QABvGE6g9iKKVxIDO9vJFDSzY4WtyT016gQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFI/OVTgpwg8ibJfjODCMdpgNkGisMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvajg1Vk9DbkNEeUpzbC1NNE1JeDJtQTJRYUt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzB2BAIAATBwMAwDBAAt
CakDBAItCagDBAEtDgoDBAAtWF0wDAMEBE3ykAMEAE3ylAMEAE3ylwMEAFjRwQME
AFjRxAMEAFjR0AMEAFjR0gMEAljR1AMEA1w00AMEAFw02wMEAbLS4AMEArLS+AME
A7L4yAMEAMGKfTANBAIAAjAHAwUDKgAfQDANBgkqhkiG9w0BAQsFAAOCAQEAYlEH
47rBiqNJU0V/5HebrT94AkncJLZW8tjTZoAC/w0rk1J3EAAZaFBbX99gnDnrU0Bx
6igaB8shb+MW4Dbso5ZH5Gt1Xue+O3EhvzFHgj9X9xv27SVqSQu9CBeepEvwnelr
6RiFVsRJxrpgNgMOG06jsoO7oCqof/n06o8nfswJepKwSdJFQMAkG9HBLP4X36Pq
gQNxAqxk/DfNm7ypqnRu0KpS7sLNt5WApwGG0KTRajTyaVdN9CkleAbrY6gyNoPI
cLw4LNxzoZJqO3VB+3mpLY5BZYvJuN6NOrM9OW8O6r2GcfiMPuW4hwfWPlfkXlXz
wDNcNF1+FWD5G61Bmg==
-----END CERTIFICATE-----
Generated at Thu Dec 7 12:37:27 2023 by rpki-client on console-fra.rpki-client.org