Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/1-G8hQOdp6hGeZoahYOGKVoggFIE.roa
File: 1-G8hQOdp6hGeZoahYOGKVoggFIE.roa (raw, json)
Hash identifier: /JZXqr3/KboRIi1e7ftPVyKkCf28yXj21/jTrhUxUmY=
Subject key identifier: F8:6F:21:40:E7:69:EA:11:9E:66:86:A1:60:E1:8A:56:88:20:14:81
Certificate issuer: /CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Certificate serial: 0188BB9AC8E39839FCC286F037C5AC08DB85
Authority key identifier: 7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/1-G8hQOdp6hGeZoahYOGKVoggFIE.roa
Signing time: Wed 14 Jun 2023 20:31:03 +0000
ROA not before: Wed 14 Jun 2023 20:31:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8075
IP address blocks: 94.245.64.0/18 maxlen: 24
172.208.0.0/13 maxlen: 13
51.124.0.0/16 maxlen: 16
192.100.112.0/21 maxlen: 21
192.100.120.0/21 maxlen: 21
192.100.132.0/23 maxlen: 23
82.87.0.0/16 maxlen: 16
192.100.128.0/22 maxlen: 22
172.160.0.0/11 maxlen: 11
51.144.0.0/15 maxlen: 15
40.171.0.0/16 maxlen: 16
51.107.0.0/16 maxlen: 16
194.238.128.0/17 maxlen: 17
192.100.104.0/21 maxlen: 21
85.212.0.0/16 maxlen: 16
51.138.0.0/16 maxlen: 16
152.138.0.0/16 maxlen: 16
51.10.0.0/15 maxlen: 15
194.110.197.0/24 maxlen: 24
51.104.0.0/15 maxlen: 15
51.12.0.0/15 maxlen: 15
51.103.0.0/16 maxlen: 16
51.140.0.0/14 maxlen: 14
135.130.0.0/16 maxlen: 16
135.224.0.0/15 maxlen: 15
57.150.0.0/15 maxlen: 15
132.164.0.0/16 maxlen: 16
193.221.113.0/24 maxlen: 24
51.53.0.0/16 maxlen: 16
57.160.0.0/12 maxlen: 12
51.120.0.0/16 maxlen: 16
217.177.96.0/19 maxlen: 19
57.156.0.0/14 maxlen: 14
212.173.0.0/17 maxlen: 17
172.128.0.0/11 maxlen: 11
217.176.0.0/16 maxlen: 16
193.149.64.0/19 maxlen: 24
151.129.0.0/16 maxlen: 16
172.200.0.0/13 maxlen: 13
51.116.0.0/16 maxlen: 16
212.207.0.0/16 maxlen: 16
40.170.0.0/16 maxlen: 16
51.136.0.0/15 maxlen: 15
209.199.0.0/16 maxlen: 16
167.162.0.0/16 maxlen: 16
143.226.0.0/16 maxlen: 16
159.128.0.0/16 maxlen: 16
213.54.0.0/16 maxlen: 16
109.246.0.0/16 maxlen: 16
194.41.16.0/20 maxlen: 20
212.132.0.0/19 maxlen: 19
194.41.18.0/24 maxlen: 24
51.132.0.0/16 maxlen: 16
194.41.22.0/24 maxlen: 24
194.41.23.0/24 maxlen: 24
194.41.20.0/24 maxlen: 24
194.41.21.0/24 maxlen: 24
194.41.19.0/24 maxlen: 24
157.31.0.0/16 maxlen: 16
157.95.0.0/16 maxlen: 16
167.186.0.0/16 maxlen: 16
213.199.128.0/18 maxlen: 24
128.85.0.0/16 maxlen: 16
51.51.0.0/16 maxlen: 16
147.243.0.0/16 maxlen: 24
57.152.0.0/14 maxlen: 14
151.206.0.0/16 maxlen: 16
40.169.0.0/16 maxlen: 16
138.105.0.0/16 maxlen: 16
2a00:1c68::/29 maxlen: 29
2a01:111:4004::/48 maxlen: 48
2a01:111::/32 maxlen: 32
2a01:111:f000::/36 maxlen: 36
2a01:111:2000::/36 maxlen: 36
2a01:111:4000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 14 Jun 2023 20:32:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:bb:9a:c8:e3:98:39:fc:c2:86:f0:37:c5:ac:08:db:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Validity
Not Before: Jun 14 20:31:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f86f2140e769ea119e6686a160e18a5688201481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fb:a5:99:4c:f7:be:f3:6c:83:3c:a5:bb:69:
c8:66:72:4d:cc:14:4a:07:ca:fc:a2:ec:de:9f:35:
ab:ec:f9:2a:34:24:c3:3d:a4:a8:a5:f8:a3:af:c3:
9d:94:1b:a4:fd:f1:ca:0b:60:59:14:93:19:8b:c3:
1a:e0:0c:1d:a7:a4:36:2a:39:cb:73:36:32:bd:11:
3b:54:7d:42:d2:e8:57:a6:eb:28:1b:ff:4e:0d:54:
85:ca:9d:3d:6c:5d:2a:9a:19:86:1a:ee:61:e7:6a:
50:4f:0f:f8:8d:5d:66:e0:0b:dd:10:e4:da:fd:e8:
18:9f:df:22:eb:10:28:cc:af:dc:ad:b3:7f:83:71:
3b:40:5b:2c:d0:30:45:df:56:60:da:33:58:a1:ab:
19:2b:74:ce:14:04:2b:27:a6:5c:6e:7e:49:af:91:
b2:85:83:21:d4:e3:51:d7:24:fc:2d:4c:40:cc:e9:
2f:5a:fc:65:34:2c:a8:bd:80:ba:e5:05:5b:03:d3:
f9:fe:39:ef:50:cc:dd:4d:e6:04:3d:fe:2e:12:3f:
d0:aa:73:1e:72:df:34:a9:a0:9b:0b:ac:d8:96:56:
f1:97:9c:e7:02:61:fc:cc:a6:39:e4:cf:e5:e8:04:
02:58:ab:36:f6:e2:73:aa:c7:5b:55:09:e9:ee:44:
08:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:6F:21:40:E7:69:EA:11:9E:66:86:A1:60:E1:8A:56:88:20:14:81
X509v3 Authority Key Identifier:
keyid:7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/1-G8hQOdp6hGeZoahYOGKVoggFIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
40.169.0.0-40.171.255.255
51.10.0.0-51.13.255.255
51.51.0.0/16
51.53.0.0/16
51.103.0.0-51.105.255.255
51.107.0.0/16
51.116.0.0/16
51.120.0.0/16
51.124.0.0/16
51.132.0.0/16
51.136.0.0-51.138.255.255
51.140.0.0-51.145.255.255
57.150.0.0-57.175.255.255
82.87.0.0/16
85.212.0.0/16
94.245.64.0/18
109.246.0.0/16
128.85.0.0/16
132.164.0.0/16
135.130.0.0/16
135.224.0.0/15
138.105.0.0/16
143.226.0.0/16
147.243.0.0/16
151.129.0.0/16
151.206.0.0/16
152.138.0.0/16
157.31.0.0/16
157.95.0.0/16
159.128.0.0/16
167.162.0.0/16
167.186.0.0/16
172.128.0.0/10
172.200.0.0-172.215.255.255
192.100.104.0-192.100.133.255
193.149.64.0/19
193.221.113.0/24
194.41.16.0/20
194.110.197.0/24
194.238.128.0/17
209.199.0.0/16
212.132.0.0/19
212.173.0.0/17
212.207.0.0/16
213.54.0.0/16
213.199.128.0/18
217.176.0.0/16
217.177.96.0/19
IPv6:
2a00:1c68::/29
2a01:111::/32
Signature Algorithm: sha256WithRSAEncryption
68:f1:27:f5:07:92:91:d4:19:2d:20:1f:4f:a9:11:f2:84:ce:
b4:9d:86:e5:54:89:fc:e9:ff:b1:1d:ce:79:81:59:a0:f1:72:
3e:bf:e2:a8:9f:32:d8:51:69:07:3d:c7:c9:ae:ba:4c:cf:08:
f5:2f:32:ff:8d:69:bb:0e:d4:79:21:b1:91:45:9e:8c:24:b8:
ef:ac:83:b8:69:0c:b5:04:45:46:9c:ad:01:e2:14:ff:ff:1f:
99:c0:6f:ab:26:43:bf:46:d4:b6:d7:bb:8b:11:ad:7a:6b:36:
0f:c8:b2:41:ef:27:06:04:b1:a4:59:c8:2a:8a:44:2f:69:06:
00:1b:8c:cd:71:50:ae:0d:94:3a:ee:76:37:f4:c7:5a:97:97:
75:24:b4:ec:2b:28:e2:03:02:2a:11:9f:49:e0:47:26:6f:9d:
19:05:4f:69:72:c6:b0:1b:fb:18:65:0d:fa:fc:70:75:25:12:
43:30:f1:e7:c5:42:82:fe:37:e5:96:eb:05:03:48:02:cc:07:
cc:50:65:76:c8:c7:dd:74:f5:de:17:1d:78:db:1d:1f:ad:75:
e6:be:1d:18:f3:67:b6:04:68:4e:7f:6e:70:ea:85:2a:c1:49:
d0:48:85:2f:e5:8c:02:34:4f:f9:a0:55:c8:5f:ae:e3:cb:4f:
6b:d3:46:b5
-----BEGIN CERTIFICATE-----
MIIGTDCCBTSgAwIBAgISAYi7msjjmDn8wobwN8WsCNuFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZTY4ZGFmNWYwODk0NTZjMGUxZDAyMjQ1MzkzNTMxYWM1
YjhmY2IwHhcNMjMwNjE0MjAzMTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODZmMjE0MGU3NjllYTExOWU2Njg2YTE2MGUxOGE1Njg4MjAxNDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/ulmUz3vvNsgzylu2nIZnJNzBRK
B8r8ouzenzWr7PkqNCTDPaSopfijr8OdlBuk/fHKC2BZFJMZi8Ma4Awdp6Q2KjnL
czYyvRE7VH1C0uhXpusoG/9ODVSFyp09bF0qmhmGGu5h52pQTw/4jV1m4AvdEOTa
/egYn98i6xAozK/crbN/g3E7QFss0DBF31Zg2jNYoasZK3TOFAQrJ6Zcbn5Jr5Gy
hYMh1ONR1yT8LUxAzOkvWvxlNCyovYC65QVbA9P5/jnvUMzdTeYEPf4uEj/QqnMe
ct80qaCbC6zYllbxl5znAmH8zKY55M/l6AQCWKs29uJzqsdbVQnp7kQIZQIDAQAB
o4IDWDCCA1QwHQYDVR0OBBYEFPhvIUDnaeoRnmaGoWDhilaIIBSBMB8GA1UdIwQY
MBaAFHzmja9fCJRWwOHQIkU5NTGsW4/LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMt
MTNhMDZhMjY5YWE4LzEvMS1HOGhRT2RwNmhHZVpvYWhZT0dLVm9nZ0ZJRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWIvZWMwYjg5LTFlNjgtNDVhMC04YjkzLTEzYTA2YTI2OWFh
OC8xL2ZPYU5yMThJbEZiQTRkQWlSVGsxTWF4Ymo4cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAWsGCCsGAQUFBwEHAQH/BIIBWjCCAVYwggE8BAIAATCC
ATQwCgMDACipAwMCKKgwCgMDATMKAwMBMwwDAwAzMwMDADM1MAoDAwAzZwMDATNo
AwMAM2sDAwAzdAMDADN4AwMAM3wDAwAzhDAKAwMDM4gDAwAzijAKAwMCM4wDAwEz
kDAKAwMBOZYDAwQ5oAMDAFJXAwMAVdQDBAZe9UADAwBt9gMDAIBVAwMAhKQDAwCH
ggMDAYfgAwMAimkDAwCP4gMDAJPzAwMAl4EDAwCXzgMDAJiKAwMAnR8DAwCdXwMD
AJ+AAwMAp6IDAwCnugMDBqyAMAoDAwOsyAMDA6zQMAwDBAPAZGgDBAHAZIQDBAXB
lUADBADB3XEDBATCKRADBADCbsUDBAfC7oADAwDRxwMEBdSEAAMEB9StAAMDANTP
AwMA1TYDBAbVx4ADAwDZsAMEBdmxYDAUBAIAAjAOAwUDKgAcaAMFACoBAREwDQYJ
KoZIhvcNAQELBQADggEBAGjxJ/UHkpHUGS0gH0+pEfKEzrSdhuVUifzp/7EdznmB
WaDxcj6/4qifMthRaQc9x8muukzPCPUvMv+NabsO1HkhsZFFnowkuO+sg7hpDLUE
RUacrQHiFP//H5nAb6smQ79G1LbXu4sRrXprNg/IskHvJwYEsaRZyCqKRC9pBgAb
jM1xUK4NlDrudjf0x1qXl3UktOwrKOIDAioRn0ngRyZvnRkFT2lyxrAb+xhlDfr8
cHUlEkMw8efFQoL+N+WW6wUDSALMB8xQZXbIx9109d4XHXjbHR+tdea+HRjzZ7YE
aE5/bnDqhSrBSdBIhS/ljAI0T/mgVchfruPLT2vTRrU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:32 2024 by rpki-client on console-fra.rpki-client.org