Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/KZfsO-e9EA-sz2k-hRcBRmKmVaM.roa
File: KZfsO-e9EA-sz2k-hRcBRmKmVaM.roa (raw, json)
Hash identifier: QtlDQUebeEBgdN7avH+gDDxLoTgYhmbeaHLeSRHp1fs=
Subject key identifier: 29:97:EC:3B:E7:BD:10:0F:AC:CF:69:3E:85:17:01:46:62:A6:55:A3
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 0185C9AB97707313D87A3C23F6FE27B412C5
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/KZfsO-e9EA-sz2k-hRcBRmKmVaM.roa
Signing time: Thu 19 Jan 2023 10:55:43 +0000
ROA not before: Thu 19 Jan 2023 10:55:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15557
IP address blocks: 80.124.0.0/16 maxlen: 16
80.70.32.0/20 maxlen: 20
217.19.192.0/20 maxlen: 20
88.141.0.0/16 maxlen: 16
212.198.0.0/16 maxlen: 16
91.151.112.0/20 maxlen: 20
213.144.192.0/19 maxlen: 19
217.70.80.0/20 maxlen: 20
79.80.0.0/12 maxlen: 12
185.147.204.0/22 maxlen: 22
77.144.0.0/12 maxlen: 12
79.174.192.0/18 maxlen: 18
195.3.0.0/18 maxlen: 18
77.137.196.0/22 maxlen: 22
85.168.0.0/14 maxlen: 14
77.137.200.0/21 maxlen: 21
77.137.208.0/20 maxlen: 20
79.174.232.0/21 maxlen: 21
194.6.128.0/19 maxlen: 19
195.146.192.0/19 maxlen: 19
84.96.0.0/13 maxlen: 13
77.136.172.0/24 maxlen: 24
88.140.0.0/16 maxlen: 16
77.136.173.0/24 maxlen: 24
77.136.174.0/24 maxlen: 24
87.231.0.0/16 maxlen: 16
62.39.0.0/16 maxlen: 16
77.140.0.0/14 maxlen: 14
89.2.0.0/15 maxlen: 15
62.106.128.0/17 maxlen: 17
217.112.224.0/20 maxlen: 20
194.183.192.0/19 maxlen: 19
141.170.216.0/21 maxlen: 21
212.39.128.0/19 maxlen: 19
213.245.0.0/16 maxlen: 16
62.241.64.0/18 maxlen: 18
81.220.0.0/16 maxlen: 16
89.156.0.0/14 maxlen: 14
213.169.160.0/19 maxlen: 19
93.0.0.0/11 maxlen: 11
109.0.0.0/11 maxlen: 11
81.1.0.0/18 maxlen: 18
81.65.0.0/16 maxlen: 16
84.55.128.0/18 maxlen: 18
62.129.160.0/19 maxlen: 19
78.112.0.0/12 maxlen: 12
62.8.0.0/19 maxlen: 19
77.136.0.0/16 maxlen: 16
46.35.0.0/19 maxlen: 19
88.136.0.0/14 maxlen: 14
37.64.0.0/13 maxlen: 13
77.128.0.0/13 maxlen: 13
80.236.0.0/17 maxlen: 17
212.94.160.0/19 maxlen: 19
81.185.160.0/20 maxlen: 20
80.125.0.0/16 maxlen: 16
83.141.128.0/17 maxlen: 17
84.205.128.0/19 maxlen: 19
77.134.204.0/24 maxlen: 24
84.205.144.0/20 maxlen: 20
80.118.4.0/24 maxlen: 24
81.64.0.0/14 maxlen: 14
213.128.32.0/19 maxlen: 19
80.118.0.0/15 maxlen: 15
194.242.176.0/20 maxlen: 20
92.88.0.0/13 maxlen: 13
195.7.96.0/19 maxlen: 19
91.68.0.0/22 maxlen: 22
195.132.0.0/16 maxlen: 16
85.68.0.0/15 maxlen: 15
195.98.96.0/19 maxlen: 19
213.223.0.0/16 maxlen: 16
91.68.0.0/14 maxlen: 14
84.4.0.0/14 maxlen: 14
77.192.0.0/12 maxlen: 12
86.64.0.0/12 maxlen: 12
82.216.0.0/16 maxlen: 16
195.115.0.0/16 maxlen: 16
78.155.128.0/19 maxlen: 19
88.142.0.0/16 maxlen: 16
2a02:8400:14::/48 maxlen: 48
2a00:7180::/32 maxlen: 32
2a02:8400:11::/48 maxlen: 48
2a02:8400::/25 maxlen: 25
2a02:8400:12::/48 maxlen: 48
2a02:8400:13::/48 maxlen: 48
2a00:6200::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 06 Feb 2023 15:16:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c9:ab:97:70:73:13:d8:7a:3c:23:f6:fe:27:b4:12:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 19 10:55:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2997ec3be7bd100faccf693e8517014662a655a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:8f:ec:7f:60:37:bc:8a:c6:28:33:b4:09:ff:
4b:70:f0:29:ba:11:28:35:b0:7f:aa:58:3f:9c:d1:
19:9f:fa:7a:44:6c:87:4e:02:40:9c:b1:c7:3c:bc:
a0:f7:52:04:61:04:e7:6a:c9:3c:04:f5:38:af:18:
2d:89:c8:31:08:a4:af:55:44:06:b4:65:5e:29:f1:
9e:87:d7:25:88:04:54:b7:8a:d3:2c:06:d8:2f:27:
84:84:da:48:0f:ba:f9:a4:3b:83:21:56:c1:6a:f8:
dc:a3:03:83:98:dc:64:bf:0d:5b:67:08:56:8c:83:
0f:bb:32:6f:4c:8c:c4:27:17:8b:65:57:dc:b3:4c:
a9:73:dc:85:d0:0e:5c:98:e1:25:c4:09:3d:d8:a3:
24:59:0f:58:67:f1:76:ca:d7:87:7e:6f:1e:ce:49:
15:88:80:78:f4:cf:5c:f5:e3:a4:14:fd:ff:8a:86:
34:5f:42:70:95:2c:36:3a:e0:82:cf:0a:16:49:55:
16:82:2e:11:0b:00:bc:08:74:37:af:d8:50:77:43:
36:54:31:1b:f3:18:e1:fe:b0:94:4a:7a:35:48:4a:
57:61:ca:77:6c:23:4a:2e:ab:0d:5c:47:1b:9f:c2:
fa:e3:9b:5f:e1:07:7d:9a:51:7a:58:fb:18:6a:93:
20:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:97:EC:3B:E7:BD:10:0F:AC:CF:69:3E:85:17:01:46:62:A6:55:A3
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/KZfsO-e9EA-sz2k-hRcBRmKmVaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.64.0.0/13
46.35.0.0/19
62.8.0.0/19
62.39.0.0/16
62.106.128.0/17
62.129.160.0/19
62.241.64.0/18
77.128.0.0-77.136.255.255
77.137.196.0-77.137.223.255
77.140.0.0-77.159.255.255
77.192.0.0/12
78.112.0.0/12
78.155.128.0/19
79.80.0.0/12
79.174.192.0/18
80.70.32.0/20
80.118.0.0/15
80.124.0.0/15
80.236.0.0/17
81.1.0.0/18
81.64.0.0/14
81.185.160.0/20
81.220.0.0/16
82.216.0.0/16
83.141.128.0/17
84.4.0.0/14
84.55.128.0/18
84.96.0.0/13
84.205.128.0/19
85.68.0.0/15
85.168.0.0/14
86.64.0.0/12
87.231.0.0/16
88.136.0.0-88.142.255.255
89.2.0.0/15
89.156.0.0/14
91.68.0.0/14
91.151.112.0/20
92.88.0.0/13
93.0.0.0/11
109.0.0.0/11
141.170.216.0/21
185.147.204.0/22
194.6.128.0/19
194.183.192.0/19
194.242.176.0/20
195.3.0.0/18
195.7.96.0/19
195.98.96.0/19
195.115.0.0/16
195.132.0.0/16
195.146.192.0/19
212.39.128.0/19
212.94.160.0/19
212.198.0.0/16
213.128.32.0/19
213.144.192.0/19
213.169.160.0/19
213.223.0.0/16
213.245.0.0/16
217.19.192.0/20
217.70.80.0/20
217.112.224.0/20
IPv6:
2a00:6200::/29
2a00:7180::/32
2a02:8400::/25
Signature Algorithm: sha256WithRSAEncryption
46:38:bd:cc:49:dd:75:f8:28:bd:34:92:04:2d:cb:7b:8e:ef:
11:70:1d:27:0a:59:f1:53:14:61:3f:14:96:0d:74:ad:c1:fd:
e7:72:a6:90:53:a4:7a:c0:b9:63:55:0d:21:8d:17:33:10:37:
2b:6e:50:f1:57:28:bc:2d:ec:a1:0e:3d:5c:81:91:20:f8:83:
49:80:f8:cd:7a:46:8f:7c:1b:aa:d9:25:08:77:c7:0e:12:d3:
ee:50:44:8a:7c:b7:48:49:48:67:a2:3a:45:49:03:ed:fc:16:
b1:2d:d8:b2:cf:61:ee:19:39:d7:cc:2d:09:f5:79:de:e4:e4:
87:00:fa:74:36:a8:87:16:d3:4d:4f:91:84:59:73:1c:98:7a:
2f:59:22:da:32:6e:73:5a:76:5b:95:77:e1:2f:5b:a4:5c:e9:
99:aa:fa:00:1b:04:bb:0c:11:23:cf:71:c6:1d:eb:ba:64:36:
46:5b:02:e0:c9:a3:b0:4f:66:1a:77:92:66:7d:6f:39:6f:b8:
83:c2:17:d3:ff:23:53:46:c8:c4:85:00:86:e2:e6:f6:71:a3:
ee:f4:ca:df:7e:1b:0d:22:79:96:34:07:ab:97:72:4f:b5:73:
fa:5c:81:09:86:7c:33:27:eb:fd:f0:c8:1e:f6:d3:a7:e4:5f:
44:01:75:f2
-----BEGIN CERTIFICATE-----
MIIGlzCCBX+gAwIBAgISAYXJq5dwcxPYejwj9v4ntBLFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjMwMTE5MTA1NTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTk3ZWMzYmU3YmQxMDBmYWNjZjY5M2U4NTE3MDE0NjYyYTY1NWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiY/sf2A3vIrGKDO0Cf9LcPApuhEo
NbB/qlg/nNEZn/p6RGyHTgJAnLHHPLyg91IEYQTnask8BPU4rxgticgxCKSvVUQG
tGVeKfGeh9cliARUt4rTLAbYLyeEhNpID7r5pDuDIVbBavjcowODmNxkvw1bZwhW
jIMPuzJvTIzEJxeLZVfcs0ypc9yF0A5cmOElxAk92KMkWQ9YZ/F2yteHfm8ezkkV
iIB49M9c9eOkFP3/ioY0X0JwlSw2OuCCzwoWSVUWgi4RCwC8CHQ3r9hQd0M2VDEb
8xjh/rCUSno1SEpXYcp3bCNKLqsNXEcbn8L645tf4Qd9mlF6WPsYapMgAwIDAQAB
o4IDozCCA58wHQYDVR0OBBYEFCmX7DvnvRAPrM9pPoUXAUZiplWjMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvS1pmc08tZTlFQS1zejJrLWhSY0JSbUttVmFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBtwYIKwYBBQUHAQcBAf8EggGmMIIBojCCAYEEAgABMIIB
eQMDAyVAAwQFLiMAAwQFPggAAwMAPicDBAc+aoADBAU+gaADBAY+8UAwCgMDB02A
AwMATYgwDAMEAk2JxAMEBU2JwDAKAwMCTYwDAwVNgAMDBE3AAwMETnADBAVOm4AD
AwRPUAMEBk+uwAMEBFBGIAMDAVB2AwMBUHwDBAdQ7AADBAZRAQADAwJRQAMEBFG5
oAMDAFHcAwMAUtgDBAdTjYADAwJUBAMEBlQ3gAMDA1RgAwQFVM2AAwMBVUQDAwJV
qAMDBFZAAwMAV+cwCgMDA1iIAwMAWI4DAwFZAgMDAlmcAwMCW0QDBARbl3ADAwNc
WAMDBV0AAwMFbQADBAONqtgDBAK5k8wDBAXCBoADBAXCt8ADBATC8rADBAbDAwAD
BAXDB2ADBAXDYmADAwDDcwMDAMOEAwQFw5LAAwQF1CeAAwQF1F6gAwMA1MYDBAXV
gCADBAXVkMADBAXVqaADAwDV3wMDANX1AwQE2RPAAwQE2UZQAwQE2XDgMBsEAgAC
MBUDBQMqAGIAAwUAKgBxgAMFByoChAAwDQYJKoZIhvcNAQELBQADggEBAEY4vcxJ
3XX4KL00kgQty3uO7xFwHScKWfFTFGE/FJYNdK3B/edyppBTpHrAuWNVDSGNFzMQ
NytuUPFXKLwt7KEOPVyBkSD4g0mA+M16Ro98G6rZJQh3xw4S0+5QRIp8t0hJSGei
OkVJA+38FrEt2LLPYe4ZOdfMLQn1ed7k5IcA+nQ2qIcW001PkYRZcxyYei9ZItoy
bnNadluVd+EvW6Rc6Zmq+gAbBLsMESPPccYd67pkNkZbAuDJo7BPZhp3kmZ9bzlv
uIPCF9P/I1NGyMSFAIbi5vZxo+70yt9+Gw0ieZY0B6uXck+1c/pcgQmGfDMn6/3w
yB7206fkX0QBdfI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:50 2024 by rpki-client on console-ams.rpki-client.org