Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/3GJ7kDOXYiNmdf3jAtH_ULeZPxA.roa
File: 3GJ7kDOXYiNmdf3jAtH_ULeZPxA.roa (raw, json)
Hash identifier: PBugSzkvnDnpUPb5bMXRJcO/RLPoPaeDqCFaFVdjrlM=
Subject key identifier: DC:62:7B:90:33:97:62:23:66:75:FD:E3:02:D1:FF:50:B7:99:3F:10
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 018BCCF654A4B4050489C8EC9F51B4BF2F70
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/3GJ7kDOXYiNmdf3jAtH_ULeZPxA.roa
Signing time: Tue 14 Nov 2023 08:32:57 +0000
ROA not before: Tue 14 Nov 2023 08:32:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57169
IP address blocks: 37.235.50.0/23 maxlen: 23
37.235.48.0/20 maxlen: 20
37.235.50.0/24 maxlen: 24
37.235.56.0/24 maxlen: 24
37.235.57.0/24 maxlen: 24
37.235.58.0/24 maxlen: 24
37.235.52.0/24 maxlen: 24
37.235.59.0/24 maxlen: 24
37.235.60.0/24 maxlen: 24
37.235.61.0/24 maxlen: 24
37.235.62.0/24 maxlen: 24
37.235.63.0/24 maxlen: 24
158.255.211.0/24 maxlen: 24
158.255.212.0/24 maxlen: 24
158.255.209.0/24 maxlen: 24
158.255.210.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.237.0/24 maxlen: 24
149.154.152.0/24 maxlen: 24
149.154.153.0/24 maxlen: 24
149.154.154.0/24 maxlen: 24
149.154.155.0/24 maxlen: 24
149.154.156.0/24 maxlen: 24
5.180.114.0/24 maxlen: 24
91.227.204.0/23 maxlen: 23
91.227.204.0/24 maxlen: 24
91.227.205.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.122.0/24 maxlen: 24
83.243.123.0/24 maxlen: 24
91.132.94.0/24 maxlen: 24
213.183.54.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
213.183.56.0/24 maxlen: 24
213.183.57.0/24 maxlen: 24
84.247.61.0/24 maxlen: 24
151.236.0.0/19 maxlen: 19
151.236.0.0/24 maxlen: 24
151.236.1.0/24 maxlen: 24
151.236.2.0/24 maxlen: 24
151.236.3.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.5.0/24 maxlen: 24
151.236.6.0/24 maxlen: 24
151.236.7.0/24 maxlen: 24
151.236.8.0/24 maxlen: 24
151.236.9.0/24 maxlen: 24
151.236.10.0/24 maxlen: 24
151.236.11.0/24 maxlen: 24
151.236.12.0/24 maxlen: 24
151.236.13.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.26.0/23 maxlen: 23
151.236.30.0/24 maxlen: 24
103.57.250.0/24 maxlen: 24
92.243.66.0/24 maxlen: 24
2a03:f80:359::/48 maxlen: 48
2a03:f80:56::/48 maxlen: 48
2a03:f80:ed16::/48 maxlen: 48
2a03:f80:371::/48 maxlen: 48
2a03:f80:ed31::/48 maxlen: 48
2a03:f87:ffff::/48 maxlen: 48
2a03:f80::/29 maxlen: 29
2a03:f80:57::/48 maxlen: 48
2a03:f80:ed17::/48 maxlen: 48
2a03:f80:354::/48 maxlen: 48
2a03:f80:3991::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
2a03:f80:7::/48 maxlen: 48
2a03:f80:ed15::/48 maxlen: 48
2a03:f80:ad15::/48 maxlen: 48
2a03:f80:70::/48 maxlen: 48
2a03:f80:370::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cc:f6:54:a4:b4:05:04:89:c8:ec:9f:51:b4:bf:2f:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Nov 14 08:32:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc627b90339762236675fde302d1ff50b7993f10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:6d:69:8e:fa:5f:55:dd:29:ee:c6:e8:80:ff:
7d:95:e8:8b:f3:13:7d:38:16:9c:40:06:de:f7:98:
3c:53:bb:71:db:7a:7c:1f:2e:af:2a:bc:7d:7f:e7:
66:1a:47:4d:97:6f:29:38:6e:5b:18:27:73:ef:9a:
4c:22:bc:a0:23:9d:a2:ed:b3:a1:60:b7:30:79:5a:
d9:fb:d6:dc:90:f0:db:b8:71:77:91:34:93:89:1f:
7d:53:33:57:5a:40:8b:bd:23:e3:19:cb:0b:40:6f:
78:fb:d1:0c:b1:fa:2a:95:40:6a:63:08:a8:2c:86:
69:e3:e6:d7:fd:44:cd:58:59:36:2e:0a:b6:3b:26:
4f:05:a8:82:b1:f2:6b:0f:e7:34:87:03:c7:d9:0c:
db:b8:0a:6b:8d:a1:d2:ae:d4:7b:0d:1a:40:59:8a:
fc:47:bd:0c:9a:3b:46:12:46:3c:de:87:f5:87:3c:
30:a3:35:a9:27:ce:d2:3f:b7:a4:44:ec:7e:47:7d:
dd:01:14:de:ca:3f:df:5a:3b:49:84:82:58:a9:51:
b8:98:75:c7:00:33:1b:c8:c3:f9:e4:76:14:73:92:
7a:95:d9:ad:d3:ea:11:6a:1c:16:dd:4e:10:01:7c:
48:51:5e:a4:29:99:55:4f:a6:31:2a:99:ea:98:47:
f4:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:62:7B:90:33:97:62:23:66:75:FD:E3:02:D1:FF:50:B7:99:3F:10
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/3GJ7kDOXYiNmdf3jAtH_ULeZPxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.114.0/24
37.235.48.0/20
83.243.120.0/24
83.243.122.0/23
84.247.61.0/24
89.31.123.0/24
91.132.94.0/24
91.227.204.0/23
92.243.66.0/24
103.57.250.0/24
149.154.152.0-149.154.156.255
151.236.0.0/19
158.255.209.0-158.255.212.255
185.26.236.0/23
213.183.54.0-213.183.57.255
IPv6:
2a03:f80::/29
Signature Algorithm: sha256WithRSAEncryption
92:fd:95:77:0b:00:c6:02:33:39:d7:e8:bb:b5:d8:4d:1e:e8:
d3:06:a1:a7:fd:1e:08:5f:ad:f3:fc:50:dc:5a:d1:07:35:27:
64:bc:fe:9e:60:66:55:09:60:6a:ac:44:37:03:2a:c2:7a:e9:
6f:96:34:42:6f:2c:e2:21:9a:12:f9:6f:1c:7c:b9:c0:3e:80:
67:c5:8b:e9:ed:04:6b:8f:b9:43:53:79:bf:36:65:0b:c4:0a:
dd:76:1b:c3:c2:6d:c3:6b:a1:77:d0:0b:4c:96:44:53:fe:5f:
0e:ca:89:13:79:17:ee:e1:2b:a3:0d:03:5a:50:ea:fe:f6:20:
4c:2e:81:a6:c8:c1:71:fe:82:1f:9b:3a:4b:fa:eb:bf:01:36:
e1:f2:bb:ae:78:14:0c:b5:1a:d6:bb:31:73:f0:b4:61:c0:60:
59:f4:37:0e:60:74:b3:cd:1d:97:36:50:6b:44:95:40:a6:e8:
60:4b:9a:48:98:15:f0:99:90:24:99:b2:d7:97:6e:e8:d7:24:
48:3c:f1:e7:ad:4c:b5:b7:a8:27:3c:6e:cd:f8:44:d5:1c:27:
0f:55:97:b0:d6:58:8f:12:f4:25:d9:6d:74:5a:0f:d6:5f:20:
69:e2:f6:9d:16:40:a2:f5:40:69:cb:77:0a:48:65:0c:61:e0:
5b:88:3f:86
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAYvM9lSktAUEicjsn1G0vy9wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMxMTE0MDgzMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzYyN2I5MDMzOTc2MjIzNjY3NWZkZTMwMmQxZmY1MGI3OTkzZjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgW1pjvpfVd0p7sbogP99leiL8xN9
OBacQAbe95g8U7tx23p8Hy6vKrx9f+dmGkdNl28pOG5bGCdz75pMIrygI52i7bOh
YLcweVrZ+9bckPDbuHF3kTSTiR99UzNXWkCLvSPjGcsLQG94+9EMsfoqlUBqYwio
LIZp4+bX/UTNWFk2Lgq2OyZPBaiCsfJrD+c0hwPH2QzbuAprjaHSrtR7DRpAWYr8
R70MmjtGEkY83of1hzwwozWpJ87SP7ekROx+R33dARTeyj/fWjtJhIJYqVG4mHXH
ADMbyMP55HYUc5J6ldmt0+oRahwW3U4QAXxIUV6kKZlVT6YxKpnqmEf0TQIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFNxie5Azl2IjZnX94wLR/1C3mT8QMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvM0dKN2tET1hZaU5tZGYzakF0SF9VTGVaUHhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTB4BAIAATByAwQABbRy
AwQEJeswAwQAU/N4AwQBU/N6AwQAVPc9AwQAWR97AwQAW4ReAwQBW+PMAwQAXPNC
AwQAZzn6MAwDBAOVmpgDBACVmpwDBAWX7AAwDAMEAJ7/0QMEAJ7/1AMEAbka7DAM
AwQB1bc2AwQB1bc4MA0EAgACMAcDBQMqAw+AMA0GCSqGSIb3DQEBCwUAA4IBAQCS
/ZV3CwDGAjM51+i7tdhNHujTBqGn/R4IX63z/FDcWtEHNSdkvP6eYGZVCWBqrEQ3
AyrCeulvljRCbyziIZoS+W8cfLnAPoBnxYvp7QRrj7lDU3m/NmULxArddhvDwm3D
a6F30AtMlkRT/l8OyokTeRfu4SujDQNaUOr+9iBMLoGmyMFx/oIfmzpL+uu/ATbh
8ruueBQMtRrWuzFz8LRhwGBZ9DcOYHSzzR2XNlBrRJVApuhgS5pImBXwmZAkmbLX
l27o1yRIPPHnrUy1t6gnPG7N+ETVHCcPVZew1liPEvQl2W10Wg/WXyBp4vadFkCi
9UBpy3cKSGUMYeBbiD+G
-----END CERTIFICATE-----
Generated at Thu Nov 16 11:16:57 2023 by rpki-client on console-fra.rpki-client.org