Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/IU0l_avpogcCaqvIsjCOZF2kVMc.roa
File: IU0l_avpogcCaqvIsjCOZF2kVMc.roa (raw, json)
Hash identifier: Yk2jXQcvpTDEz/EXMsZn740PDvdzkKsGtsreX1pi8O0=
Subject key identifier: 21:4D:25:FD:AB:E9:A2:07:02:6A:AB:C8:B2:30:8E:64:5D:A4:54:C7
Certificate issuer: /CN=d8ff71f2b1a8d62af446a92ba2bdea33f9b69ddc
Certificate serial: 01856F8B64A00B58D6B00913780E03AD07C7
Authority key identifier: D8:FF:71:F2:B1:A8:D6:2A:F4:46:A9:2B:A2:BD:EA:33:F9:B6:9D:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/IU0l_avpogcCaqvIsjCOZF2kVMc.roa
Signing time: Sun 01 Jan 2023 22:54:44 +0000
ROA not before: Sun 01 Jan 2023 22:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16371
IP address blocks: 109.70.32.0/21 maxlen: 21
109.70.32.0/24 maxlen: 24
109.70.32.0/22 maxlen: 22
109.70.36.0/22 maxlen: 22
45.6.48.0/22 maxlen: 23
93.90.28.0/22 maxlen: 22
93.90.28.0/23 maxlen: 23
93.90.30.0/23 maxlen: 23
87.238.88.0/21 maxlen: 22
85.187.56.0/23 maxlen: 23
85.187.56.0/22 maxlen: 22
85.187.58.0/23 maxlen: 23
86.109.124.0/22 maxlen: 22
86.109.124.0/23 maxlen: 23
213.149.232.0/21 maxlen: 21
86.109.126.0/23 maxlen: 23
213.149.240.0/21 maxlen: 21
213.149.240.0/20 maxlen: 20
213.149.248.0/21 maxlen: 21
213.149.248.0/24 maxlen: 24
82.194.80.0/20 maxlen: 20
93.90.16.0/20 maxlen: 20
93.90.16.0/21 maxlen: 21
93.90.24.0/21 maxlen: 21
194.116.184.0/24 maxlen: 24
194.116.184.0/23 maxlen: 23
194.116.185.0/24 maxlen: 24
82.194.64.0/24 maxlen: 24
82.194.64.0/19 maxlen: 19
82.194.64.0/20 maxlen: 20
185.2.68.0/22 maxlen: 22
185.2.68.0/24 maxlen: 24
185.2.69.0/24 maxlen: 24
185.2.70.0/23 maxlen: 23
89.17.192.0/20 maxlen: 20
89.17.192.0/21 maxlen: 21
89.17.200.0/21 maxlen: 21
89.17.208.0/20 maxlen: 20
89.17.208.0/21 maxlen: 21
89.17.216.0/21 maxlen: 21
217.116.0.0/24 maxlen: 24
217.116.2.0/24 maxlen: 24
217.116.0.0/21 maxlen: 21
217.116.0.0/20 maxlen: 20
217.116.8.0/21 maxlen: 21
176.28.112.0/20 maxlen: 20
217.116.16.0/21 maxlen: 21
217.116.16.0/20 maxlen: 20
217.116.15.0/24 maxlen: 24
217.116.24.0/21 maxlen: 21
217.116.18.0/24 maxlen: 24
176.28.126.0/24 maxlen: 24
176.28.126.0/23 maxlen: 23
176.28.127.0/24 maxlen: 24
217.116.28.0/24 maxlen: 24
86.109.97.0/24 maxlen: 24
86.109.96.0/19 maxlen: 19
86.109.96.0/20 maxlen: 20
217.116.27.0/24 maxlen: 24
213.149.224.0/20 maxlen: 20
213.149.224.0/21 maxlen: 21
86.109.112.0/20 maxlen: 20
77.240.112.0/20 maxlen: 20
77.240.112.0/21 maxlen: 21
77.240.120.0/21 maxlen: 21
77.240.124.0/24 maxlen: 24
77.240.124.0/23 maxlen: 23
77.240.125.0/24 maxlen: 24
77.240.126.0/24 maxlen: 24
79.139.120.0/22 maxlen: 22
79.139.124.0/22 maxlen: 22
79.139.120.0/21 maxlen: 21
176.28.96.0/19 maxlen: 19
176.28.96.0/20 maxlen: 20
176.28.97.0/24 maxlen: 24
176.28.103.0/24 maxlen: 24
89.37.224.0/23 maxlen: 23
89.37.224.0/24 maxlen: 24
89.37.225.0/24 maxlen: 24
185.78.24.0/22 maxlen: 23
2a02:3b8::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:64:a0:0b:58:d6:b0:09:13:78:0e:03:ad:07:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ff71f2b1a8d62af446a92ba2bdea33f9b69ddc
Validity
Not Before: Jan 1 22:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=214d25fdabe9a207026aabc8b2308e645da454c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:10:8e:58:98:d5:a8:c0:83:e3:01:31:0e:35:
ef:dc:58:f9:3a:02:b6:17:a6:cc:42:9a:09:4d:bd:
6e:5b:95:d7:c9:9e:60:97:c9:11:c8:de:3c:3e:dc:
89:02:56:62:b6:ee:7b:86:5b:18:30:45:8b:b6:9a:
01:75:35:4b:c1:ad:e3:65:fb:39:fd:45:5d:ed:c8:
1e:03:27:da:26:fb:47:98:9f:ca:72:f7:5a:b2:30:
35:09:4b:14:d6:67:f5:e8:e6:a7:b0:9d:73:46:b0:
9d:91:73:43:f0:31:94:da:4b:23:20:95:bd:25:6c:
02:58:93:0b:e2:6f:48:bc:a8:cb:38:ce:15:cc:4a:
53:4d:e1:6d:f8:ce:89:63:19:ef:5c:20:ac:fb:e2:
73:fd:79:a7:da:b4:49:1c:bc:dd:0e:bf:a9:14:b8:
fe:e4:21:1a:38:e0:30:1a:69:a3:99:71:f2:0c:2d:
ed:24:e4:58:8c:75:ec:ec:06:1e:c2:df:cc:fa:03:
0e:8b:1f:56:a4:e9:8c:f6:fc:f6:c5:29:48:30:7a:
7a:ea:ae:d1:ac:48:a2:0b:16:95:f9:cf:1f:79:80:
1d:d1:2e:78:fb:02:c7:ce:02:1e:c5:22:e8:75:ae:
bf:c5:07:45:0f:b0:62:89:7a:1a:c4:41:88:a4:8f:
d1:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:4D:25:FD:AB:E9:A2:07:02:6A:AB:C8:B2:30:8E:64:5D:A4:54:C7
X509v3 Authority Key Identifier:
keyid:D8:FF:71:F2:B1:A8:D6:2A:F4:46:A9:2B:A2:BD:EA:33:F9:B6:9D:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/IU0l_avpogcCaqvIsjCOZF2kVMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/2P9x8rGo1ir0Rqkror3qM_m2ndw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.6.48.0/22
77.240.112.0/20
79.139.120.0/21
82.194.64.0/19
85.187.56.0/22
86.109.96.0/19
87.238.88.0/21
89.17.192.0/19
89.37.224.0/23
93.90.16.0/20
109.70.32.0/21
176.28.96.0/19
185.2.68.0/22
185.78.24.0/22
194.116.184.0/23
213.149.224.0/19
217.116.0.0/19
IPv6:
2a02:3b8::/32
Signature Algorithm: sha256WithRSAEncryption
66:11:a5:77:06:4d:c4:ed:0a:23:e4:b6:75:2b:89:9f:89:3a:
54:3c:8f:a0:81:5f:fa:5e:8b:cb:3b:ed:d4:9e:41:fe:e1:f7:
c9:ea:ff:1e:64:56:4e:68:2b:84:b5:8b:54:9f:23:48:bc:00:
0c:c7:f7:4d:ed:d9:6a:99:e4:8b:28:a6:32:2a:40:14:41:23:
49:c7:70:e6:09:7e:5d:dc:a1:35:07:25:dc:05:1c:3c:38:79:
75:ed:ae:9a:df:87:bf:07:50:96:85:75:04:e3:27:ac:42:6f:
21:2b:47:5b:df:e3:9e:d8:e0:db:15:4a:cd:6d:76:1f:5a:3f:
a2:7d:a3:8c:da:a7:2e:81:c6:49:84:fc:90:01:fb:f2:29:e3:
f6:0e:99:3c:0a:ca:3f:d7:63:91:d0:53:b5:06:68:39:11:38:
9f:61:24:3b:eb:e8:12:29:9b:6b:9b:71:34:9c:71:7f:a9:a8:
a1:c5:6d:17:21:e5:0e:e7:f9:17:0d:ae:5c:d5:24:6e:74:a5:
44:e4:ff:78:96:11:91:2c:61:9d:c1:df:58:91:bd:4f:b3:68:
12:2e:5f:92:ff:59:e6:34:52:21:31:96:f9:87:72:3f:8e:4d:
b2:ec:bd:07:6a:67:54:84:a7:91:39:0c:23:7d:c5:80:30:7e:
be:91:5f:a9
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYVvi2SgC1jWsAkTeA4DrQfHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZmY3MWYyYjFhOGQ2MmFmNDQ2YTkyYmEyYmRlYTMzZjli
NjlkZGMwHhcNMjMwMTAxMjI1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTRkMjVmZGFiZTlhMjA3MDI2YWFiYzhiMjMwOGU2NDVkYTQ1NGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBCOWJjVqMCD4wExDjXv3Fj5OgK2
F6bMQpoJTb1uW5XXyZ5gl8kRyN48PtyJAlZitu57hlsYMEWLtpoBdTVLwa3jZfs5
/UVd7cgeAyfaJvtHmJ/KcvdasjA1CUsU1mf16OansJ1zRrCdkXND8DGU2ksjIJW9
JWwCWJML4m9IvKjLOM4VzEpTTeFt+M6JYxnvXCCs++Jz/Xmn2rRJHLzdDr+pFLj+
5CEaOOAwGmmjmXHyDC3tJORYjHXs7AYewt/M+gMOix9WpOmM9vz2xSlIMHp66q7R
rEiiCxaV+c8feYAd0S54+wLHzgIexSLoda6/xQdFD7BiiXoaxEGIpI/RywIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFCFNJf2r6aIHAmqryLIwjmRdpFTHMB8GA1UdIwQY
MBaAFNj/cfKxqNYq9EapK6K96jP5tp3cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlA5eDhyR28xaXIwUnFrcm9yM3FNX20ybmR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lYTcxZDQtNGRiYi00NDUxLWIyNmIt
M2I3NWE1NjdmNzNhLzEvSVUwbF9hdnBvZ2NDYXF2SXNqQ09aRjJrVk1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lYTcxZDQtNGRiYi00NDUxLWIyNmItM2I3NWE1NjdmNzNh
LzEvMlA5eDhyR28xaXIwUnFrcm9yM3FNX20ybmR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAi0GMAME
BE3wcAMEA0+LeAMEBVLCQAMEAlW7OAMEBVZtYAMEA1fuWAMEBVkRwAMEAVkl4AME
BF1aEAMEA21GIAMEBbAcYAMEArkCRAMEArlOGAMEAcJ0uAMEBdWV4AMEBdl0ADAN
BAIAAjAHAwUAKgIDuDANBgkqhkiG9w0BAQsFAAOCAQEAZhGldwZNxO0KI+S2dSuJ
n4k6VDyPoIFf+l6Lyzvt1J5B/uH3yer/HmRWTmgrhLWLVJ8jSLwADMf3Te3Zapnk
iyimMipAFEEjScdw5gl+XdyhNQcl3AUcPDh5de2umt+HvwdQloV1BOMnrEJvIStH
W9/jntjg2xVKzW12H1o/on2jjNqnLoHGSYT8kAH78inj9g6ZPArKP9djkdBTtQZo
ORE4n2EkO+voEimba5txNJxxf6moocVtFyHlDuf5Fw2uXNUkbnSlROT/eJYRkSxh
ncHfWJG9T7NoEi5fkv9Z5jRSITGW+YdyP45Nsuy9B2pnVISnkTkMI33FgDB+vpFf
qQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:18 2024 by rpki-client on console-fra.rpki-client.org