Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/Pnsy3wA0Ci8hwCo6JWED0zj6s0Q.roa
File: Pnsy3wA0Ci8hwCo6JWED0zj6s0Q.roa (raw, json)
Hash identifier: qLiKM0FwBL3jfrspyiW+rn0BkBcASXaT39Y+yuYrIHI=
Subject key identifier: 3E:7B:32:DF:00:34:0A:2F:21:C0:2A:3A:25:61:03:D3:38:FA:B3:44
Certificate issuer: /CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Certificate serial: 018F69129556A78ED75E663F473D19AD4F3B
Authority key identifier: F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/Pnsy3wA0Ci8hwCo6JWED0zj6s0Q.roa
Signing time: Sat 11 May 2024 19:12:56 +0000
ROA not before: Sat 11 May 2024 19:12:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202448
IP address blocks: 2.56.212.0/24 maxlen: 24
2.56.213.0/24 maxlen: 24
2.56.214.0/24 maxlen: 24
2.56.215.0/24 maxlen: 24
31.14.238.0/24 maxlen: 24
31.222.229.0/24 maxlen: 24
45.137.148.0/24 maxlen: 32
45.137.149.0/24 maxlen: 24
45.137.150.0/24 maxlen: 24
45.137.151.0/24 maxlen: 24
45.153.184.0/24 maxlen: 24
45.153.185.0/24 maxlen: 24
45.153.186.0/24 maxlen: 24
45.153.187.0/24 maxlen: 24
62.3.32.0/24 maxlen: 24
86.105.252.0/24 maxlen: 24
86.106.181.0/24 maxlen: 24
86.107.197.0/24 maxlen: 24
89.38.128.0/24 maxlen: 24
89.38.129.0/24 maxlen: 24
89.38.130.0/24 maxlen: 24
89.38.131.0/24 maxlen: 24
89.38.135.0/24 maxlen: 32
89.43.33.0/24 maxlen: 24
91.227.40.0/24 maxlen: 24
91.227.41.0/24 maxlen: 24
91.250.248.0/24 maxlen: 32
91.250.249.0/24 maxlen: 32
93.114.128.0/24 maxlen: 24
93.114.133.0/24 maxlen: 24
93.115.16.0/24 maxlen: 24
93.115.17.0/24 maxlen: 24
93.115.18.0/24 maxlen: 24
93.115.19.0/24 maxlen: 24
93.115.20.0/24 maxlen: 24
93.115.21.0/24 maxlen: 24
93.115.22.0/24 maxlen: 24
93.115.23.0/24 maxlen: 24
94.176.182.0/24 maxlen: 24
94.231.205.0/24 maxlen: 24
95.169.192.0/24 maxlen: 24
95.169.201.0/24 maxlen: 24
95.169.204.0/24 maxlen: 24
95.169.205.0/24 maxlen: 24
178.157.82.0/24 maxlen: 24
178.157.90.0/24 maxlen: 24
178.157.91.0/24 maxlen: 24
185.96.163.0/24 maxlen: 24
185.170.212.0/24 maxlen: 24
185.170.213.0/24 maxlen: 24
185.170.214.0/24 maxlen: 24
185.170.215.0/24 maxlen: 24
185.234.52.0/24 maxlen: 32
185.243.214.0/24 maxlen: 32
185.243.215.0/24 maxlen: 24
188.212.124.0/24 maxlen: 24
188.212.125.0/24 maxlen: 24
193.201.15.0/24 maxlen: 24
194.26.213.0/24 maxlen: 24
194.32.76.0/24 maxlen: 24
194.32.77.0/24 maxlen: 24
194.32.78.0/24 maxlen: 24
194.32.79.0/24 maxlen: 24
194.63.145.0/24 maxlen: 24
194.99.20.0/24 maxlen: 24
194.99.21.0/24 maxlen: 24
194.99.22.0/24 maxlen: 24
194.99.23.0/24 maxlen: 24
2a05:8280::/32 maxlen: 32
2a09:cd40::/32 maxlen: 32
2a09:cd41::/32 maxlen: 32
2a09:cd42::/32 maxlen: 32
2a09:cd43::/32 maxlen: 32
2a09:cd45::/32 maxlen: 32
2a09:cd46::/32 maxlen: 32
2a0c:b9c0::/32 maxlen: 32
2a0c:b9c1::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 30 May 2024 13:23:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:69:12:95:56:a7:8e:d7:5e:66:3f:47:3d:19:ad:4f:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Validity
Not Before: May 11 19:12:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e7b32df00340a2f21c02a3a256103d338fab344
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:56:36:a8:69:d6:19:8c:ba:9e:a8:b7:a8:89:
68:a4:7a:0d:6b:3f:2e:6c:c4:21:78:49:f3:a2:a4:
cc:60:23:3e:92:15:66:01:cf:eb:18:ea:4e:74:4f:
e2:4b:ac:42:7b:8f:13:ce:66:2b:8c:d1:9a:74:e7:
1f:a8:ac:a4:65:9a:24:56:6f:60:ae:0a:1b:d4:bf:
cc:82:4d:e6:f9:4c:4f:72:2f:94:39:68:99:3f:5e:
4b:1c:ee:61:1a:dd:46:65:f9:ac:51:c8:c0:a2:e8:
7d:be:db:96:4c:ad:73:ab:14:21:ce:21:fd:97:54:
8d:d4:db:ad:e4:6a:ff:27:0e:2e:7e:35:53:04:d6:
fa:69:22:ee:40:1e:f2:f2:88:df:ff:20:fc:08:57:
af:7a:d5:c7:05:d9:a9:44:ea:a3:ae:17:d4:e5:42:
07:b3:2e:38:a7:93:1a:a0:b1:fa:11:52:d7:07:2d:
27:87:85:5d:f6:c2:45:d0:be:49:ce:25:f9:36:c2:
b4:dc:be:28:22:1f:32:09:72:23:89:8f:71:40:2e:
94:41:53:89:6e:e2:39:77:de:8d:f1:31:85:d8:7d:
94:71:7c:98:cb:12:06:7b:c5:25:4c:0e:37:b7:77:
ab:ba:aa:cb:54:c1:d6:30:ce:22:db:9f:b6:92:b6:
f5:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:7B:32:DF:00:34:0A:2F:21:C0:2A:3A:25:61:03:D3:38:FA:B3:44
X509v3 Authority Key Identifier:
keyid:F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/Pnsy3wA0Ci8hwCo6JWED0zj6s0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.212.0/22
31.14.238.0/24
31.222.229.0/24
45.137.148.0/22
45.153.184.0/22
62.3.32.0/24
86.105.252.0/24
86.106.181.0/24
86.107.197.0/24
89.38.128.0/22
89.38.135.0/24
89.43.33.0/24
91.227.40.0/23
91.250.248.0/23
93.114.128.0/24
93.114.133.0/24
93.115.16.0/21
94.176.182.0/24
94.231.205.0/24
95.169.192.0/24
95.169.201.0/24
95.169.204.0/23
178.157.82.0/24
178.157.90.0/23
185.96.163.0/24
185.170.212.0/22
185.234.52.0/24
185.243.214.0/23
188.212.124.0/23
193.201.15.0/24
194.26.213.0/24
194.32.76.0/22
194.63.145.0/24
194.99.20.0/22
IPv6:
2a05:8280::/32
2a09:cd40::/30
2a09:cd45::-2a09:cd46:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:b9c0::/31
Signature Algorithm: sha256WithRSAEncryption
a9:27:d4:a1:e7:8d:f1:4a:54:ce:d5:00:dc:94:c9:28:67:f5:
56:e4:c7:90:0b:92:36:0d:17:74:65:bc:81:54:73:ba:50:07:
c2:81:73:68:8d:87:4b:e2:ca:d4:37:82:73:4d:fd:6d:ae:fc:
8c:ba:68:f9:3e:ec:4b:5c:04:43:27:a0:4e:9b:ca:f1:1b:85:
fe:e7:4f:af:38:98:3b:fb:ef:23:34:9b:14:3d:91:05:30:33:
14:41:3e:67:f5:81:46:8e:89:f1:42:64:4a:a1:99:f0:7b:92:
9e:ae:b9:86:44:cd:b1:1c:a4:ba:2e:82:a3:34:91:63:af:5b:
e4:47:ce:03:38:9d:59:e1:e4:3b:7d:41:72:5f:63:8f:3f:99:
1d:48:9c:55:c9:02:e1:b8:11:3f:be:42:5a:5f:76:cf:b0:ef:
90:d7:49:e9:94:a8:5c:81:32:dd:9e:3e:b1:64:96:4f:a7:2b:
f7:29:09:c8:a7:c6:69:5c:39:83:00:8d:56:b7:68:a3:b4:69:
e9:da:50:db:46:5f:b1:d0:31:09:98:ce:5e:20:fc:0a:4d:6c:
1a:94:5a:18:f0:f5:4d:b0:8d:1e:9b:c5:fc:a4:62:28:c0:68:
64:d8:8a:88:5a:6b:80:50:b6:63:b4:06:02:43:b4:ef:df:44:
42:bf:cb:1a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgISAY9pEpVWp47XXmY/Rz0ZrU87MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0M2JmOTA4MDhhZTdlY2EwNjNmNzQ2YThmMWQ4ODg2NTcz
NGM4YTMwHhcNMjQwNTExMTkxMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTdiMzJkZjAwMzQwYTJmMjFjMDJhM2EyNTYxMDNkMzM4ZmFiMzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFY2qGnWGYy6nqi3qIlopHoNaz8u
bMQheEnzoqTMYCM+khVmAc/rGOpOdE/iS6xCe48TzmYrjNGadOcfqKykZZokVm9g
rgob1L/Mgk3m+UxPci+UOWiZP15LHO5hGt1GZfmsUcjAouh9vtuWTK1zqxQhziH9
l1SN1Nut5Gr/Jw4ufjVTBNb6aSLuQB7y8ojf/yD8CFevetXHBdmpROqjrhfU5UIH
sy44p5MaoLH6EVLXBy0nh4Vd9sJF0L5JziX5NsK03L4oIh8yCXIjiY9xQC6UQVOJ
buI5d96N8TGF2H2UcXyYyxIGe8UlTA43t3eruqrLVMHWMM4i25+2krb1RwIDAQAB
o4IDBDCCAwAwHQYDVR0OBBYEFD57Mt8ANAovIcAqOiVhA9M4+rNEMB8GA1UdIwQY
MBaAFPQ7+QgIrn7KBj90ao8diIZXNMijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAt
Mzg5MTk1YzRmMDdiLzEvUG5zeTN3QTBDaThod0NvNkpXRUQwemo2czBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAtMzg5MTk1YzRmMDdi
LzEvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGAYIKwYBBQUHAQcBAf8EggEHMIIBAzCB0wQCAAEwgcwD
BAICONQDBAAfDu4DBAAf3uUDBAItiZQDBAItmbgDBAA+AyADBABWafwDBABWarUD
BABWa8UDBAJZJoADBABZJocDBABZKyEDBAFb4ygDBAFb+vgDBABdcoADBABdcoUD
BANdcxADBABesLYDBABe580DBABfqcADBABfqckDBAFfqcwDBACynVIDBAGynVoD
BAC5YKMDBAK5qtQDBAC56jQDBAG589YDBAG81HwDBADByQ8DBADCGtUDBALCIEwD
BADCP5EDBALCYxQwKwQCAAIwJQMFACoFgoADBQIqCc1AMA4DBQAqCc1FAwUAKgnN
RgMFASoMucAwDQYJKoZIhvcNAQELBQADggEBAKkn1KHnjfFKVM7VANyUyShn9Vbk
x5ALkjYNF3RlvIFUc7pQB8KBc2iNh0viytQ3gnNN/W2u/Iy6aPk+7EtcBEMnoE6b
yvEbhf7nT684mDv77yM0mxQ9kQUwMxRBPmf1gUaOifFCZEqhmfB7kp6uuYZEzbEc
pLougqM0kWOvW+RHzgM4nVnh5Dt9QXJfY48/mR1InFXJAuG4ET++Qlpfds+w75DX
SemUqFyBMt2ePrFklk+nK/cpCcinxmlcOYMAjVa3aKO0aenaUNtGX7HQMQmYzl4g
/ApNbBqUWhjw9U2wjR6bxfykYijAaGTYiohaa4BQtmO0BgJDtO/fREK/yxo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:23 2024 by rpki-client on console-ams.rpki-client.org