Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/dXJQvHAoiHPAmMUycBz_eHA2Jug.roa
File: dXJQvHAoiHPAmMUycBz_eHA2Jug.roa (raw, json)
Hash identifier: ZN4QvDnFbrq/PIKtIRgk62lne2GZjTu9UPG95+UZdV0=
Subject key identifier: 75:72:50:BC:70:28:88:73:C0:98:C5:32:70:1C:FF:78:70:36:26:E8
Certificate issuer: /CN=df0198a7b3afdcdd7003562a0871878e238760ad
Certificate serial: 01857255B8087281580224B78045F15BC74B
Authority key identifier: DF:01:98:A7:B3:AF:DC:DD:70:03:56:2A:08:71:87:8E:23:87:60:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/dXJQvHAoiHPAmMUycBz_eHA2Jug.roa
Signing time: Mon 02 Jan 2023 11:54:58 +0000
ROA not before: Mon 02 Jan 2023 11:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21334
IP address blocks: 195.184.160.0/20 maxlen: 20
195.184.160.0/19 maxlen: 19
195.184.176.0/20 maxlen: 20
176.63.128.0/17 maxlen: 17
89.134.0.0/15 maxlen: 15
86.101.0.0/17 maxlen: 17
130.43.192.0/18 maxlen: 18
86.101.0.0/16 maxlen: 16
185.33.80.0/23 maxlen: 23
185.33.80.0/24 maxlen: 24
185.33.81.0/24 maxlen: 24
37.188.80.0/22 maxlen: 22
37.188.80.0/21 maxlen: 21
37.188.84.0/22 maxlen: 22
5.63.192.0/18 maxlen: 18
212.48.240.0/21 maxlen: 21
212.48.240.0/20 maxlen: 20
37.220.192.0/18 maxlen: 18
212.96.32.0/20 maxlen: 20
212.48.248.0/21 maxlen: 21
212.96.32.0/19 maxlen: 19
80.244.96.0/20 maxlen: 20
212.96.48.0/20 maxlen: 20
37.191.0.0/19 maxlen: 19
176.63.0.0/17 maxlen: 17
37.191.0.0/18 maxlen: 18
176.63.0.0/16 maxlen: 16
37.191.32.0/19 maxlen: 19
188.142.160.0/20 maxlen: 20
188.142.160.0/19 maxlen: 19
89.223.128.0/17 maxlen: 17
89.223.128.0/18 maxlen: 18
188.142.176.0/20 maxlen: 20
178.48.0.0/17 maxlen: 17
178.48.0.0/16 maxlen: 16
78.139.0.0/19 maxlen: 19
78.139.0.0/18 maxlen: 18
78.139.32.0/19 maxlen: 19
5.206.128.0/18 maxlen: 18
188.142.192.0/19 maxlen: 19
188.142.192.0/18 maxlen: 18
80.99.0.0/16 maxlen: 16
178.48.128.0/17 maxlen: 17
188.142.224.0/19 maxlen: 19
89.223.192.0/18 maxlen: 18
94.44.0.0/17 maxlen: 17
94.44.0.0/16 maxlen: 16
151.0.64.0/18 maxlen: 18
213.222.160.0/19 maxlen: 19
88.87.240.0/22 maxlen: 22
80.98.0.0/16 maxlen: 16
88.87.240.0/21 maxlen: 21
88.87.244.0/22 maxlen: 22
80.98.0.0/15 maxlen: 15
185.10.124.0/22 maxlen: 22
185.10.124.0/23 maxlen: 23
185.10.126.0/23 maxlen: 23
213.222.128.0/19 maxlen: 19
213.222.128.0/18 maxlen: 18
5.148.224.0/19 maxlen: 19
89.132.0.0/15 maxlen: 15
94.44.128.0/17 maxlen: 17
89.132.0.0/14 maxlen: 14
86.101.128.0/17 maxlen: 17
5.148.192.0/19 maxlen: 19
5.148.192.0/18 maxlen: 18
2a02:ab80::/29 maxlen: 29
2a02:ab80::/28 maxlen: 28
2a02:ab88::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 24 Apr 2023 12:51:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:b8:08:72:81:58:02:24:b7:80:45:f1:5b:c7:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df0198a7b3afdcdd7003562a0871878e238760ad
Validity
Not Before: Jan 2 11:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=757250bc70288873c098c532701cff78703626e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:40:20:ee:6a:0e:38:47:15:98:29:2c:93:ad:
bf:6b:51:8b:68:a0:b7:bf:f0:51:b4:eb:dd:cc:0b:
9f:c8:86:e6:0e:56:7c:28:b4:6f:e6:17:46:ea:46:
9f:e1:2a:e8:ef:b6:ae:49:9c:9c:3e:54:65:ff:c0:
17:12:be:d0:b4:ca:fe:80:d3:b4:39:05:8d:a1:c9:
05:87:33:57:f3:71:9a:21:73:ab:a1:0c:4d:93:25:
f3:f4:37:fb:af:e6:74:65:20:15:72:db:14:c5:01:
ef:61:41:e6:de:f9:23:d9:3a:10:78:52:38:f9:50:
eb:c2:e3:20:18:5b:da:17:74:d6:41:45:c6:cc:c4:
35:6e:69:92:9a:52:ef:b6:db:c5:f8:02:26:aa:ba:
7f:40:d7:45:36:76:8c:84:6a:77:cf:4a:2c:a8:2b:
e7:4f:0f:76:8a:42:60:bb:cc:5c:c4:7f:b8:90:d5:
cd:c1:f8:ed:c9:2b:b8:63:24:37:df:73:a1:3b:5f:
c9:80:e6:da:bb:8c:f9:58:ce:bf:cf:aa:df:00:20:
3a:51:1a:10:96:6e:c6:4e:c0:71:9f:28:c9:e9:c7:
ea:c9:4e:1f:89:cb:18:5e:f7:46:4a:71:fd:84:b6:
65:a4:3e:51:c3:fa:9e:34:50:6c:81:2b:dc:77:66:
86:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:72:50:BC:70:28:88:73:C0:98:C5:32:70:1C:FF:78:70:36:26:E8
X509v3 Authority Key Identifier:
keyid:DF:01:98:A7:B3:AF:DC:DD:70:03:56:2A:08:71:87:8E:23:87:60:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/dXJQvHAoiHPAmMUycBz_eHA2Jug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.192.0/18
5.148.192.0/18
5.206.128.0/18
37.188.80.0/21
37.191.0.0/18
37.220.192.0/18
78.139.0.0/18
80.98.0.0/15
80.244.96.0/20
86.101.0.0/16
88.87.240.0/21
89.132.0.0/14
89.223.128.0/17
94.44.0.0/16
130.43.192.0/18
151.0.64.0/18
176.63.0.0/16
178.48.0.0/16
185.10.124.0/22
185.33.80.0/23
188.142.160.0-188.142.255.255
195.184.160.0/19
212.48.240.0/20
212.96.32.0/19
213.222.128.0/18
IPv6:
2a02:ab80::/28
Signature Algorithm: sha256WithRSAEncryption
d1:17:ad:2b:30:b0:f1:35:0d:62:c7:1e:e2:ea:76:95:a5:80:
dd:f9:8f:32:6f:ec:92:df:ba:37:37:fe:02:28:1e:97:97:55:
ae:fd:bd:68:63:03:e3:f5:e0:98:3d:f4:48:5c:37:51:a5:9d:
e5:dd:a8:a8:31:7d:4d:c5:49:9b:80:09:a5:e7:02:8c:70:a2:
8f:f0:89:6a:34:98:9f:1c:50:82:28:60:83:03:66:ae:b8:6d:
9d:d3:42:80:6d:6c:95:4f:63:d7:f1:d5:8a:e7:88:82:8b:ac:
4e:7e:00:29:c9:13:3d:42:7e:e2:88:c4:aa:30:f3:0e:b9:2a:
b6:04:c7:81:0c:41:9a:58:45:ef:6e:98:ee:ca:c0:2a:89:5f:
30:2b:91:73:8b:7f:d8:4b:90:cd:1d:8d:ff:5b:9c:b2:c1:49:
28:8c:b5:1a:ac:e7:ad:1d:a2:60:36:9c:9b:04:e7:a4:2e:25:
0b:6e:d9:4a:12:51:38:46:69:50:6a:5d:38:a9:18:f4:55:02:
93:d2:e9:07:8b:23:9d:24:e9:6c:47:a6:f9:b3:d0:0d:5a:63:
a4:e1:67:e1:6a:d8:0c:7e:b8:3a:d6:cc:97:fb:91:9c:66:f5:
cd:89:31:db:76:57:c9:92:2f:b0:a1:b4:cc:3e:4f:ef:e5:89:
02:94:76:b9
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYVyVbgIcoFYAiS3gEXxW8dLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMDE5OGE3YjNhZmRjZGQ3MDAzNTYyYTA4NzE4NzhlMjM4
NzYwYWQwHhcNMjMwMTAyMTE1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTcyNTBiYzcwMjg4ODczYzA5OGM1MzI3MDFjZmY3ODcwMzYyNmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkAg7moOOEcVmCksk62/a1GLaKC3
v/BRtOvdzAufyIbmDlZ8KLRv5hdG6kaf4Sro77auSZycPlRl/8AXEr7QtMr+gNO0
OQWNockFhzNX83GaIXOroQxNkyXz9Df7r+Z0ZSAVctsUxQHvYUHm3vkj2ToQeFI4
+VDrwuMgGFvaF3TWQUXGzMQ1bmmSmlLvttvF+AImqrp/QNdFNnaMhGp3z0osqCvn
Tw92ikJgu8xcxH+4kNXNwfjtySu4YyQ333OhO1/JgObau4z5WM6/z6rfACA6URoQ
lm7GTsBxnyjJ6cfqyU4ficsYXvdGSnH9hLZlpD5Rw/qeNFBsgSvcd2aGUwIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFHVyULxwKIhzwJjFMnAc/3hwNiboMB8GA1UdIwQY
MBaAFN8BmKezr9zdcANWKghxh44jh2CtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3dHWXA3T3YzTjF3QTFZcUNIR0hqaU9IWUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9kM2ZjYTYtZWNiNS00M2FhLThjOWQt
MGZjYzZjMzAxMWZjLzEvZFhKUXZIQW9pSFBBbU1VeWNCel9lSEEySnVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9kM2ZjYTYtZWNiNS00M2FhLThjOWQtMGZjYzZjMzAxMWZj
LzEvM3dHWXA3T3YzTjF3QTFZcUNIR0hqaU9IWUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBngQCAAEwgZcDBAYF
P8ADBAYFlMADBAYFzoADBAMlvFADBAYlvwADBAYl3MADBAZOiwADAwFQYgMEBFD0
YAMDAFZlAwQDWFfwAwMCWYQDBAdZ34ADAwBeLAMEBoIrwAMEBpcAQAMDALA/AwMA
sjADBAK5CnwDBAG5IVAwCwMEBbyOoAMDALyOAwQFw7igAwQE1DDwAwQF1GAgAwQG
1d6AMA0EAgACMAcDBQQqAquAMA0GCSqGSIb3DQEBCwUAA4IBAQDRF60rMLDxNQ1i
xx7i6naVpYDd+Y8yb+yS37o3N/4CKB6Xl1Wu/b1oYwPj9eCYPfRIXDdRpZ3l3aio
MX1NxUmbgAml5wKMcKKP8IlqNJifHFCCKGCDA2auuG2d00KAbWyVT2PX8dWK54iC
i6xOfgApyRM9Qn7iiMSqMPMOuSq2BMeBDEGaWEXvbpjuysAqiV8wK5Fzi3/YS5DN
HY3/W5yywUkojLUarOetHaJgNpybBOekLiULbtlKElE4RmlQal04qRj0VQKT0ukH
iyOdJOlsR6b5s9ANWmOk4WfhatgMfrg61syX+5GcZvXNiTHbdlfJki+wobTMPk/v
5YkClHa5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:54 2024 by rpki-client on console-fra.rpki-client.org