Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/EFfOnH8bx1mNP1W-L0aAHxr8veQ.roa
File: EFfOnH8bx1mNP1W-L0aAHxr8veQ.roa (raw, json)
Hash identifier: oa0BKpa341JjdR8yRGM8TmCRv+iquoXamJxd1i8ntcE=
Subject key identifier: 10:57:CE:9C:7F:1B:C7:59:8D:3F:55:BE:2F:46:80:1F:1A:FC:BD:E4
Certificate issuer: /CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Certificate serial: 0188594885117AF9E81A926CC19120D85789
Authority key identifier: 7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/EFfOnH8bx1mNP1W-L0aAHxr8veQ.roa
Signing time: Fri 26 May 2023 18:18:24 +0000
ROA not before: Fri 26 May 2023 18:18:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8075
IP address blocks: 94.245.64.0/18 maxlen: 24
172.208.0.0/13 maxlen: 13
51.124.0.0/16 maxlen: 16
192.100.112.0/21 maxlen: 21
192.100.120.0/21 maxlen: 21
82.87.0.0/16 maxlen: 16
192.100.128.0/22 maxlen: 22
192.100.132.0/23 maxlen: 23
172.160.0.0/11 maxlen: 11
51.144.0.0/15 maxlen: 15
51.107.0.0/16 maxlen: 16
40.171.0.0/16 maxlen: 16
194.238.128.0/17 maxlen: 17
192.100.104.0/21 maxlen: 21
85.212.0.0/16 maxlen: 16
152.138.0.0/16 maxlen: 16
51.138.0.0/16 maxlen: 16
51.10.0.0/15 maxlen: 15
194.110.197.0/24 maxlen: 24
51.104.0.0/15 maxlen: 15
51.12.0.0/15 maxlen: 15
51.103.0.0/16 maxlen: 16
51.140.0.0/14 maxlen: 14
135.130.0.0/16 maxlen: 16
57.150.0.0/15 maxlen: 15
132.164.0.0/16 maxlen: 16
193.221.113.0/24 maxlen: 24
51.53.0.0/16 maxlen: 16
57.160.0.0/12 maxlen: 12
51.120.0.0/16 maxlen: 16
217.177.96.0/19 maxlen: 19
57.156.0.0/14 maxlen: 14
212.173.0.0/17 maxlen: 17
172.128.0.0/11 maxlen: 11
217.176.0.0/16 maxlen: 16
193.149.64.0/19 maxlen: 24
151.129.0.0/16 maxlen: 16
172.200.0.0/13 maxlen: 13
51.116.0.0/16 maxlen: 16
212.207.0.0/16 maxlen: 16
40.170.0.0/16 maxlen: 16
51.136.0.0/15 maxlen: 15
209.199.0.0/16 maxlen: 16
143.226.0.0/16 maxlen: 16
167.162.0.0/16 maxlen: 16
159.128.0.0/16 maxlen: 16
213.54.0.0/16 maxlen: 16
109.246.0.0/16 maxlen: 16
194.41.16.0/20 maxlen: 20
212.132.0.0/19 maxlen: 19
194.41.18.0/24 maxlen: 24
194.41.22.0/24 maxlen: 24
194.41.23.0/24 maxlen: 24
194.41.20.0/24 maxlen: 24
194.41.21.0/24 maxlen: 24
194.41.19.0/24 maxlen: 24
51.132.0.0/16 maxlen: 16
157.31.0.0/16 maxlen: 16
157.95.0.0/16 maxlen: 16
213.199.128.0/18 maxlen: 24
167.186.0.0/16 maxlen: 16
128.85.0.0/16 maxlen: 16
147.243.0.0/16 maxlen: 24
51.51.0.0/16 maxlen: 16
57.152.0.0/14 maxlen: 14
151.206.0.0/16 maxlen: 16
138.105.0.0/16 maxlen: 16
40.169.0.0/16 maxlen: 16
2a00:1c68::/29 maxlen: 29
2a01:111:4004::/48 maxlen: 48
2a01:111::/32 maxlen: 32
2a01:111:4000::/36 maxlen: 36
2a01:111:2000::/36 maxlen: 36
2a01:111:f000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 14 Jun 2023 20:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:59:48:85:11:7a:f9:e8:1a:92:6c:c1:91:20:d8:57:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Validity
Not Before: May 26 18:18:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1057ce9c7f1bc7598d3f55be2f46801f1afcbde4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:87:9d:0f:f8:9a:49:97:af:dd:e8:ed:6a:18:
ea:38:92:ed:96:79:5c:93:ab:ea:53:e6:cc:5a:20:
f8:75:14:0c:fa:d2:49:66:49:d2:1c:85:99:10:88:
18:18:30:de:3e:5b:f4:84:c2:23:76:57:a8:67:50:
84:9f:23:71:ad:be:4c:84:7a:4c:f9:c6:7d:36:55:
04:d6:66:e5:78:86:ce:ae:0b:37:6f:74:d2:b7:4a:
d5:5f:0d:06:f4:4d:bc:47:57:34:ee:9d:2e:af:0b:
31:8b:89:be:5a:82:07:67:d5:63:8a:c5:70:fe:28:
69:31:92:e7:34:e5:fc:d7:e1:43:12:c8:dd:f5:df:
d6:e7:57:f0:a6:4c:d0:90:2a:cf:eb:cf:e2:88:13:
3a:d7:db:55:0b:b5:20:42:c9:e1:47:ec:95:33:22:
9d:0f:8b:4a:8b:79:3d:cf:cd:3e:b4:0d:c1:be:5b:
86:6a:ea:9e:12:29:56:3e:e8:db:c9:4b:ed:f9:1c:
75:d0:55:b0:11:b3:09:20:f0:fa:9e:6a:6c:8c:b1:
97:6a:1c:d3:e3:d2:1c:09:19:4e:e1:f2:75:34:72:
fc:8d:fd:47:fe:ca:f9:58:b6:ca:8f:14:68:20:10:
ea:c7:55:3e:53:13:ac:a5:86:24:9e:84:ad:46:ac:
09:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:57:CE:9C:7F:1B:C7:59:8D:3F:55:BE:2F:46:80:1F:1A:FC:BD:E4
X509v3 Authority Key Identifier:
keyid:7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/EFfOnH8bx1mNP1W-L0aAHxr8veQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
40.169.0.0-40.171.255.255
51.10.0.0-51.13.255.255
51.51.0.0/16
51.53.0.0/16
51.103.0.0-51.105.255.255
51.107.0.0/16
51.116.0.0/16
51.120.0.0/16
51.124.0.0/16
51.132.0.0/16
51.136.0.0-51.138.255.255
51.140.0.0-51.145.255.255
57.150.0.0-57.175.255.255
82.87.0.0/16
85.212.0.0/16
94.245.64.0/18
109.246.0.0/16
128.85.0.0/16
132.164.0.0/16
135.130.0.0/16
138.105.0.0/16
143.226.0.0/16
147.243.0.0/16
151.129.0.0/16
151.206.0.0/16
152.138.0.0/16
157.31.0.0/16
157.95.0.0/16
159.128.0.0/16
167.162.0.0/16
167.186.0.0/16
172.128.0.0/10
172.200.0.0-172.215.255.255
192.100.104.0-192.100.133.255
193.149.64.0/19
193.221.113.0/24
194.41.16.0/20
194.110.197.0/24
194.238.128.0/17
209.199.0.0/16
212.132.0.0/19
212.173.0.0/17
212.207.0.0/16
213.54.0.0/16
213.199.128.0/18
217.176.0.0/16
217.177.96.0/19
IPv6:
2a00:1c68::/29
2a01:111::/32
Signature Algorithm: sha256WithRSAEncryption
65:d2:49:67:b0:cd:d4:8a:cb:64:90:71:41:3d:a0:cc:b4:16:
0a:fb:67:fd:06:f1:17:70:23:35:96:77:c2:ec:0d:eb:a4:ee:
45:64:77:0c:13:7d:4a:0c:b0:a3:1d:33:cd:b1:6c:aa:bf:71:
b5:55:7c:56:4a:be:88:fb:cb:43:c3:27:f5:eb:cc:07:17:6c:
e5:9f:80:f9:43:3a:21:8f:ee:ec:23:66:eb:df:d5:9a:df:a3:
fe:a6:c3:5d:c9:b2:dc:57:b0:75:f1:c3:f3:53:fb:b0:9f:c4:
d3:aa:89:85:f4:ef:d2:f7:ce:18:99:1b:36:c6:f4:c0:fc:6c:
a9:34:4b:af:ef:32:6c:6b:ac:cc:ec:b3:70:5e:49:b7:e5:9f:
21:c4:bd:f1:51:c8:72:84:66:c6:48:46:f1:7e:0c:eb:43:83:
bc:f0:b8:b8:d2:10:8c:b9:55:aa:b8:2c:e4:bc:a1:d8:80:4d:
31:ad:b0:00:56:fc:18:d4:25:75:d9:33:73:0b:4f:ac:18:11:
03:00:ea:28:3a:de:04:c5:3b:8d:30:9a:89:d3:65:4e:a1:12:
e8:cd:e0:72:c2:ad:eb:ac:73:5c:c0:29:8b:1f:cb:8f:50:ed:
c1:f9:ae:10:da:f9:26:67:df:31:f0:0f:67:e7:3e:a5:ba:6f:
60:54:06:17
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgISAYhZSIURevnoGpJswZEg2FeJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZTY4ZGFmNWYwODk0NTZjMGUxZDAyMjQ1MzkzNTMxYWM1
YjhmY2IwHhcNMjMwNTI2MTgxODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDU3Y2U5YzdmMWJjNzU5OGQzZjU1YmUyZjQ2ODAxZjFhZmNiZGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoedD/iaSZev3ejtahjqOJLtlnlc
k6vqU+bMWiD4dRQM+tJJZknSHIWZEIgYGDDePlv0hMIjdleoZ1CEnyNxrb5MhHpM
+cZ9NlUE1mbleIbOrgs3b3TSt0rVXw0G9E28R1c07p0urwsxi4m+WoIHZ9VjisVw
/ihpMZLnNOX81+FDEsjd9d/W51fwpkzQkCrP68/iiBM619tVC7UgQsnhR+yVMyKd
D4tKi3k9z80+tA3BvluGauqeEilWPujbyUvt+Rx10FWwEbMJIPD6nmpsjLGXahzT
49IcCRlO4fJ1NHL8jf1H/sr5WLbKjxRoIBDqx1U+UxOspYYknoStRqwJcQIDAQAB
o4IDUjCCA04wHQYDVR0OBBYEFBBXzpx/G8dZjT9Vvi9GgB8a/L3kMB8GA1UdIwQY
MBaAFHzmja9fCJRWwOHQIkU5NTGsW4/LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMt
MTNhMDZhMjY5YWE4LzEvRUZmT25IOGJ4MW1OUDFXLUwwYUFIeHI4dmVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMtMTNhMDZhMjY5YWE4
LzEvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZgYIKwYBBQUHAQcBAf8EggFVMIIBUTCCATcEAgABMIIB
LzAKAwMAKKkDAwIoqDAKAwMBMwoDAwEzDAMDADMzAwMAMzUwCgMDADNnAwMBM2gD
AwAzawMDADN0AwMAM3gDAwAzfAMDADOEMAoDAwMziAMDADOKMAoDAwIzjAMDATOQ
MAoDAwE5lgMDBDmgAwMAUlcDAwBV1AMEBl71QAMDAG32AwMAgFUDAwCEpAMDAIeC
AwMAimkDAwCP4gMDAJPzAwMAl4EDAwCXzgMDAJiKAwMAnR8DAwCdXwMDAJ+AAwMA
p6IDAwCnugMDBqyAMAoDAwOsyAMDA6zQMAwDBAPAZGgDBAHAZIQDBAXBlUADBADB
3XEDBATCKRADBADCbsUDBAfC7oADAwDRxwMEBdSEAAMEB9StAAMDANTPAwMA1TYD
BAbVx4ADAwDZsAMEBdmxYDAUBAIAAjAOAwUDKgAcaAMFACoBAREwDQYJKoZIhvcN
AQELBQADggEBAGXSSWewzdSKy2SQcUE9oMy0Fgr7Z/0G8RdwIzWWd8LsDeuk7kVk
dwwTfUoMsKMdM82xbKq/cbVVfFZKvoj7y0PDJ/XrzAcXbOWfgPlDOiGP7uwjZuvf
1Zrfo/6mw13JstxXsHXxw/NT+7CfxNOqiYX079L3zhiZGzbG9MD8bKk0S6/vMmxr
rMzss3BeSbflnyHEvfFRyHKEZsZIRvF+DOtDg7zwuLjSEIy5Vaq4LOS8odiATTGt
sABW/BjUJXXZM3MLT6wYEQMA6ig63gTFO40wmonTZU6hEujN4HLCreusc1zAKYsf
y49Q7cH5rhDa+SZn3zHwD2fnPqW6b2BUBhc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:00 2024 by rpki-client on console-ams.rpki-client.org