Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/185eb3-2ab2-45b5-aa33-015ea5019520/1/4etNoZD1TSw0eLVIvqpKX3vyhpo.roa
File: 4etNoZD1TSw0eLVIvqpKX3vyhpo.roa (raw, json)
Hash identifier: s5tAUOuL7/eXqs8Y+IiojDlkqmyHNd9h3/svdg2ecTg=
Subject key identifier: E1:EB:4D:A1:90:F5:4D:2C:34:78:B5:48:BE:AA:4A:5F:7B:F2:86:9A
Certificate issuer: /CN=a8e4918fc7fdfb73bba8cf58d4cb5fe449cf83f6
Certificate serial: 018EE79CF0DED1D7910418AC3F30A6CB0C3B
Authority key identifier: A8:E4:91:8F:C7:FD:FB:73:BB:A8:CF:58:D4:CB:5F:E4:49:CF:83:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qOSRj8f9-3O7qM9Y1Mtf5EnPg_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/185eb3-2ab2-45b5-aa33-015ea5019520/1/4etNoZD1TSw0eLVIvqpKX3vyhpo.roa
Signing time: Tue 16 Apr 2024 15:53:25 +0000
ROA not before: Tue 16 Apr 2024 15:53:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20773
IP address blocks: 37.61.212.0/24 maxlen: 24
37.61.214.0/24 maxlen: 24
37.61.215.0/24 maxlen: 24
37.61.221.0/24 maxlen: 24
37.61.223.0/24 maxlen: 24
85.195.75.0/24 maxlen: 24
85.195.76.0/24 maxlen: 24
85.195.82.0/24 maxlen: 24
85.195.83.0/24 maxlen: 24
85.195.85.0/24 maxlen: 24
85.195.86.0/24 maxlen: 24
85.195.88.0/24 maxlen: 24
85.195.89.0/24 maxlen: 24
85.195.90.0/24 maxlen: 24
85.195.91.0/24 maxlen: 24
85.195.92.0/24 maxlen: 24
85.195.93.0/24 maxlen: 24
85.195.95.0/24 maxlen: 24
85.195.96.0/24 maxlen: 24
85.195.98.0/24 maxlen: 24
85.195.99.0/24 maxlen: 24
85.195.100.0/24 maxlen: 24
85.195.102.0/24 maxlen: 24
85.195.103.0/24 maxlen: 24
85.195.107.0/24 maxlen: 24
85.195.109.0/24 maxlen: 24
85.195.110.0/24 maxlen: 24
85.195.114.0/24 maxlen: 24
85.195.115.0/24 maxlen: 24
85.195.116.0/24 maxlen: 24
85.195.119.0/24 maxlen: 24
85.195.120.0/24 maxlen: 24
85.195.124.0/24 maxlen: 24
85.195.127.0/24 maxlen: 24
92.204.162.0/24 maxlen: 24
92.204.186.0/24 maxlen: 24
92.204.194.0/23 maxlen: 23
146.0.226.0/24 maxlen: 24
146.0.227.0/24 maxlen: 24
146.0.228.0/24 maxlen: 24
146.0.230.0/24 maxlen: 24
146.0.232.0/24 maxlen: 24
146.0.234.0/24 maxlen: 24
146.0.235.0/24 maxlen: 24
146.0.236.0/24 maxlen: 24
146.0.237.0/24 maxlen: 24
146.0.245.0/24 maxlen: 24
146.0.247.0/24 maxlen: 24
146.0.249.0/24 maxlen: 24
146.0.250.0/24 maxlen: 24
146.0.251.0/24 maxlen: 24
146.0.255.0/24 maxlen: 24
185.19.216.0/24 maxlen: 24
185.19.217.0/24 maxlen: 24
185.19.218.0/24 maxlen: 24
185.19.219.0/24 maxlen: 24
185.136.158.0/24 maxlen: 24
185.136.160.0/22 maxlen: 24
185.136.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 15:57:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e7:9c:f0:de:d1:d7:91:04:18:ac:3f:30:a6:cb:0c:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8e4918fc7fdfb73bba8cf58d4cb5fe449cf83f6
Validity
Not Before: Apr 16 15:53:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1eb4da190f54d2c3478b548beaa4a5f7bf2869a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:20:d9:a2:4e:8b:fb:3e:dd:7c:23:07:6a:de:
84:99:7a:53:24:6c:6f:00:24:e4:c1:0a:3f:67:d3:
be:e4:6c:6a:78:d6:4e:0c:ca:52:cf:0a:13:fe:c5:
b2:33:13:e0:8f:b1:34:5e:e7:da:c9:4f:65:e7:04:
20:75:be:a9:6e:66:0f:11:80:29:68:11:4e:a8:78:
6a:41:60:9d:c3:4e:10:81:b3:0d:7f:77:e8:92:5b:
2f:94:c9:f5:ac:7e:41:39:93:18:e3:71:db:d6:ae:
b5:a7:5a:93:a8:66:45:b5:85:a2:5e:f9:db:9c:e5:
02:d1:98:c6:44:43:a4:08:a0:bc:62:97:1d:6a:ca:
c7:4b:1e:3e:c1:c0:64:91:d2:47:98:71:c3:44:cd:
9e:11:f0:35:91:88:89:4c:db:16:6f:71:22:13:b9:
93:1a:4b:2f:c7:07:89:3a:da:cf:c7:49:23:f6:51:
08:4f:ac:53:04:2e:45:a8:06:f4:f8:5a:93:cc:ca:
49:5d:c1:44:e0:5f:0e:26:42:fe:92:fd:3a:f8:2e:
bb:f1:85:e7:cd:46:33:10:25:06:81:19:92:2e:9f:
5c:58:64:5b:0a:19:4e:1d:c6:5f:45:4d:bb:e4:8a:
42:a0:15:86:1c:27:8f:f1:2f:0c:4a:29:9a:78:f5:
55:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:EB:4D:A1:90:F5:4D:2C:34:78:B5:48:BE:AA:4A:5F:7B:F2:86:9A
X509v3 Authority Key Identifier:
keyid:A8:E4:91:8F:C7:FD:FB:73:BB:A8:CF:58:D4:CB:5F:E4:49:CF:83:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qOSRj8f9-3O7qM9Y1Mtf5EnPg_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/185eb3-2ab2-45b5-aa33-015ea5019520/1/4etNoZD1TSw0eLVIvqpKX3vyhpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/185eb3-2ab2-45b5-aa33-015ea5019520/1/qOSRj8f9-3O7qM9Y1Mtf5EnPg_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.61.212.0/24
37.61.214.0/23
37.61.221.0/24
37.61.223.0/24
85.195.75.0-85.195.76.255
85.195.82.0/23
85.195.85.0-85.195.86.255
85.195.88.0-85.195.93.255
85.195.95.0-85.195.96.255
85.195.98.0-85.195.100.255
85.195.102.0/23
85.195.107.0/24
85.195.109.0-85.195.110.255
85.195.114.0-85.195.116.255
85.195.119.0-85.195.120.255
85.195.124.0/24
85.195.127.0/24
92.204.162.0/24
92.204.186.0/24
92.204.194.0/23
146.0.226.0-146.0.228.255
146.0.230.0/24
146.0.232.0/24
146.0.234.0-146.0.237.255
146.0.245.0/24
146.0.247.0/24
146.0.249.0-146.0.251.255
146.0.255.0/24
185.19.216.0/22
185.136.158.0/24
185.136.160.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:32:17:2a:fb:10:16:1b:8d:1f:f6:84:75:d7:c9:19:ab:fe:
24:69:4f:dd:16:40:97:e6:fc:08:7d:74:15:83:a8:55:33:b6:
f5:a0:bc:46:0b:a5:1b:12:d7:55:21:34:94:1c:55:d0:8f:01:
21:fb:22:5a:96:b2:a9:0d:78:b8:9e:a3:bf:23:73:5f:87:b6:
e1:e9:11:99:ed:6c:a9:9e:d3:62:5d:8d:8c:72:e7:29:e8:03:
a7:5a:7b:12:e5:a2:f3:2d:97:ca:a8:f5:fb:b7:09:0c:92:f1:
d2:c4:e5:12:a3:be:45:84:dd:63:1f:22:e0:28:22:9c:6d:ba:
46:4d:4d:87:00:d4:c1:f9:dc:55:a5:2f:08:af:7e:ee:08:da:
bc:45:4b:3b:52:36:92:bc:c1:9f:07:70:ef:18:bb:ea:2d:ce:
ef:5d:dc:d1:bc:8c:6c:fe:a5:53:19:44:c8:c1:8a:94:21:ec:
cd:00:68:a4:b5:59:ee:5e:64:05:ac:18:6c:89:93:81:6b:3d:
15:f3:8d:1c:20:21:b4:72:bd:6c:ed:9b:9f:ec:59:a1:fc:aa:
b2:85:3d:84:cc:db:8f:2e:5b:e8:7a:04:1d:7b:b6:29:fe:b9:
df:82:3c:31:70:1d:03:1d:ba:63:2f:f6:1d:85:da:67:f5:2d:
ab:7b:f6:20
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgISAY7nnPDe0deRBBisPzCmyww7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ZTQ5MThmYzdmZGZiNzNiYmE4Y2Y1OGQ0Y2I1ZmU0NDlj
ZjgzZjYwHhcNMjQwNDE2MTU1MzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWViNGRhMTkwZjU0ZDJjMzQ3OGI1NDhiZWFhNGE1ZjdiZjI4NjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCDZok6L+z7dfCMHat6EmXpTJGxv
ACTkwQo/Z9O+5GxqeNZODMpSzwoT/sWyMxPgj7E0XufayU9l5wQgdb6pbmYPEYAp
aBFOqHhqQWCdw04QgbMNf3foklsvlMn1rH5BOZMY43Hb1q61p1qTqGZFtYWiXvnb
nOUC0ZjGREOkCKC8YpcdasrHSx4+wcBkkdJHmHHDRM2eEfA1kYiJTNsWb3EiE7mT
GksvxweJOtrPx0kj9lEIT6xTBC5FqAb0+FqTzMpJXcFE4F8OJkL+kv06+C678YXn
zUYzECUGgRmSLp9cWGRbChlOHcZfRU275IpCoBWGHCeP8S8MSimaePVV0wIDAQAB
o4IDHzCCAxswHQYDVR0OBBYEFOHrTaGQ9U0sNHi1SL6qSl978oaaMB8GA1UdIwQY
MBaAFKjkkY/H/ftzu6jPWNTLX+RJz4P2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcU9TUmo4ZjktM083cU05WTFNdGY1RW5QZ19ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8xODVlYjMtMmFiMi00NWI1LWFhMzMt
MDE1ZWE1MDE5NTIwLzEvNGV0Tm9aRDFUU3cwZUxWSXZxcEtYM3Z5aHBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8xODVlYjMtMmFiMi00NWI1LWFhMzMtMDE1ZWE1MDE5NTIw
LzEvcU9TUmo4ZjktM083cU05WTFNdGY1RW5QZ19ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMwYIKwYBBQUHAQcBAf8EggEiMIIBHjCCARoEAgABMIIB
EgMEACU91AMEASU91gMEACU93QMEACU93zAMAwQAVcNLAwQAVcNMAwQBVcNSMAwD
BABVw1UDBABVw1YwDAMEA1XDWAMEAVXDXDAMAwQAVcNfAwQAVcNgMAwDBAFVw2ID
BABVw2QDBAFVw2YDBABVw2swDAMEAFXDbQMEAFXDbjAMAwQBVcNyAwQAVcN0MAwD
BABVw3cDBABVw3gDBABVw3wDBABVw38DBABczKIDBABczLoDBAFczMIwDAMEAZIA
4gMEAJIA5AMEAJIA5gMEAJIA6DAMAwQBkgDqAwQBkgDsAwQAkgD1AwQAkgD3MAwD
BACSAPkDBAKSAPgDBACSAP8DBAK5E9gDBAC5iJ4DBAK5iKAwDQYJKoZIhvcNAQEL
BQADggEBAC0yFyr7EBYbjR/2hHXXyRmr/iRpT90WQJfm/Ah9dBWDqFUztvWgvEYL
pRsS11UhNJQcVdCPASH7IlqWsqkNeLieo78jc1+HtuHpEZntbKme02JdjYxy5yno
A6daexLlovMtl8qo9fu3CQyS8dLE5RKjvkWE3WMfIuAoIpxtukZNTYcA1MH53FWl
Lwivfu4I2rxFSztSNpK8wZ8HcO8Yu+otzu9d3NG8jGz+pVMZRMjBipQh7M0AaKS1
We5eZAWsGGyJk4FrPRXzjRwgIbRyvWztm5/sWaH8qrKFPYTM248uW+h6BB17tin+
ud+CPDFwHQMdumMv9h2F2mf1Lat79iA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:44 2024 by rpki-client on console-fra.rpki-client.org