Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/ebf3f7-e3ab-4f8c-86e8-7087e3fe2a5d/1/CHNMugbUVOBkl2Bv-oXZE0HKuhk.roa
File: CHNMugbUVOBkl2Bv-oXZE0HKuhk.roa (raw, json)
Hash identifier: FAAOpFi0zKSC2WK7BOOg0LxxNkKfXpSYH3M7xjcawSQ=
Subject key identifier: 08:73:4C:BA:06:D4:54:E0:64:97:60:6F:FA:85:D9:13:41:CA:BA:19
Certificate issuer: /CN=59dda75f8110743d250c3068a356ce6acf1c4fe2
Certificate serial: 0188B92FE37EFD1779361AA2636D5B720228
Authority key identifier: 59:DD:A7:5F:81:10:74:3D:25:0C:30:68:A3:56:CE:6A:CF:1C:4F:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wd2nX4EQdD0lDDBoo1bOas8cT-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/ebf3f7-e3ab-4f8c-86e8-7087e3fe2a5d/1/CHNMugbUVOBkl2Bv-oXZE0HKuhk.roa
Signing time: Wed 14 Jun 2023 09:15:03 +0000
ROA not before: Wed 14 Jun 2023 09:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41897
IP address blocks: 94.248.184.0/21 maxlen: 21
46.40.56.0/22 maxlen: 22
46.40.63.0/24 maxlen: 24
46.40.60.0/23 maxlen: 23
46.40.62.0/24 maxlen: 24
46.40.0.0/18 maxlen: 18
46.40.1.0/24 maxlen: 24
46.40.8.0/22 maxlen: 22
46.40.6.0/24 maxlen: 24
94.248.233.0/24 maxlen: 24
94.248.232.0/24 maxlen: 24
46.40.16.0/21 maxlen: 21
94.248.232.0/22 maxlen: 22
94.248.232.0/21 maxlen: 21
46.40.15.0/24 maxlen: 24
46.40.12.0/23 maxlen: 23
94.248.238.0/24 maxlen: 24
94.248.239.0/24 maxlen: 24
94.248.237.0/24 maxlen: 24
94.248.235.0/24 maxlen: 24
94.248.236.0/24 maxlen: 24
94.248.234.0/24 maxlen: 24
46.40.26.0/24 maxlen: 24
46.40.27.0/24 maxlen: 24
46.40.31.0/24 maxlen: 24
46.40.30.0/24 maxlen: 24
46.40.30.0/23 maxlen: 23
46.40.29.0/24 maxlen: 24
46.40.37.0/24 maxlen: 24
46.40.35.0/24 maxlen: 24
46.40.33.0/24 maxlen: 24
46.40.34.0/24 maxlen: 24
46.40.32.0/24 maxlen: 24
91.147.244.0/22 maxlen: 22
46.40.40.0/21 maxlen: 21
46.40.48.0/21 maxlen: 21
89.147.82.0/24 maxlen: 24
89.147.80.0/20 maxlen: 20
89.147.83.0/24 maxlen: 24
89.147.80.0/22 maxlen: 22
89.147.80.0/24 maxlen: 24
89.147.81.0/24 maxlen: 24
195.192.244.0/22 maxlen: 22
95.85.173.0/24 maxlen: 24
95.85.176.0/22 maxlen: 22
95.85.184.0/23 maxlen: 23
95.85.186.0/23 maxlen: 23
95.85.128.0/22 maxlen: 22
95.85.128.0/18 maxlen: 18
95.85.136.0/22 maxlen: 22
95.85.135.0/24 maxlen: 24
95.85.144.0/21 maxlen: 21
95.85.152.0/24 maxlen: 24
95.85.152.0/23 maxlen: 23
81.24.240.0/21 maxlen: 21
95.85.156.0/22 maxlen: 22
95.85.154.0/24 maxlen: 24
95.85.155.0/24 maxlen: 24
81.24.247.0/24 maxlen: 24
95.85.153.0/24 maxlen: 24
95.85.154.0/23 maxlen: 23
95.85.172.0/24 maxlen: 24
185.10.204.0/22 maxlen: 22
185.10.204.0/24 maxlen: 24
217.17.97.0/24 maxlen: 24
217.17.98.0/24 maxlen: 24
217.17.96.0/24 maxlen: 24
217.17.96.0/20 maxlen: 24
217.17.100.0/24 maxlen: 24
217.17.111.0/24 maxlen: 24
217.17.110.0/24 maxlen: 24
217.17.107.0/24 maxlen: 24
217.17.108.0/24 maxlen: 24
185.37.170.0/24 maxlen: 24
185.37.169.0/24 maxlen: 24
185.37.168.0/22 maxlen: 22
80.245.96.0/22 maxlen: 22
45.158.16.0/22 maxlen: 22
46.251.8.0/22 maxlen: 22
91.102.224.0/21 maxlen: 21
91.102.229.0/24 maxlen: 24
185.231.128.0/22 maxlen: 22
185.169.248.0/22 maxlen: 22
185.169.248.0/24 maxlen: 24
185.169.250.0/23 maxlen: 23
185.169.249.0/24 maxlen: 24
185.156.152.0/22 maxlen: 22
185.141.198.0/24 maxlen: 24
185.141.199.0/24 maxlen: 24
185.141.196.0/22 maxlen: 22
185.141.196.0/23 maxlen: 23
85.222.178.0/24 maxlen: 24
85.222.179.0/24 maxlen: 24
85.222.177.0/24 maxlen: 24
85.222.176.0/20 maxlen: 20
85.222.176.0/21 maxlen: 21
85.222.176.0/24 maxlen: 24
85.222.180.0/22 maxlen: 22
185.6.190.0/24 maxlen: 24
185.6.191.0/24 maxlen: 24
185.6.189.0/24 maxlen: 24
185.6.188.0/24 maxlen: 24
185.6.188.0/22 maxlen: 22
178.20.200.0/24 maxlen: 24
178.20.202.0/23 maxlen: 23
178.20.201.0/24 maxlen: 24
2a00:ad07:3000::/36 maxlen: 36
2a00:ad00::/29 maxlen: 29
2a00:ad03::/32 maxlen: 32
2a00:ad00:2010::/44 maxlen: 44
Validation: Failed, certificate revoked on Mon 18 Dec 2023 18:21:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b9:2f:e3:7e:fd:17:79:36:1a:a2:63:6d:5b:72:02:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59dda75f8110743d250c3068a356ce6acf1c4fe2
Validity
Not Before: Jun 14 09:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08734cba06d454e06497606ffa85d91341caba19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:96:d4:76:87:bf:08:e9:fb:c5:70:06:41:f5:
2f:07:67:ad:ee:39:fe:8c:17:5a:4d:78:21:42:e7:
8a:a2:86:ef:1a:5c:81:ff:23:9e:4d:ba:93:f8:91:
d1:82:02:61:96:98:8f:2d:c6:f8:68:9c:96:6d:83:
85:16:38:62:1a:cf:b3:00:93:27:a4:42:17:cc:c0:
05:76:a1:32:83:53:d4:33:5c:02:49:40:54:a4:c4:
10:bc:8b:b5:9b:04:c0:11:b0:42:9d:89:50:55:e7:
d7:bf:ba:a7:43:30:fa:0e:50:25:5e:5b:18:c8:d1:
32:93:68:32:a0:e4:f7:eb:ea:00:d2:6c:6c:0c:4f:
22:82:b8:6b:a3:97:28:3d:ec:07:fb:0c:3f:c9:60:
36:55:4e:cc:1b:e0:ba:6d:79:88:8b:13:14:34:55:
00:83:8f:9c:65:a3:a4:4a:c4:76:cb:b7:c2:c4:79:
4a:18:e2:e7:27:bc:c6:0b:c1:9a:bd:de:6b:b8:6a:
b5:75:ac:fc:52:11:0b:cf:66:4b:8d:ef:58:9a:21:
a0:9e:36:f1:d3:1f:52:16:bb:22:ff:52:50:3a:4d:
72:b6:aa:13:26:e4:1d:be:0d:86:9b:9f:24:8c:14:
38:92:93:c8:a6:48:8c:ad:1a:67:3d:81:4d:d1:29:
c0:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:73:4C:BA:06:D4:54:E0:64:97:60:6F:FA:85:D9:13:41:CA:BA:19
X509v3 Authority Key Identifier:
keyid:59:DD:A7:5F:81:10:74:3D:25:0C:30:68:A3:56:CE:6A:CF:1C:4F:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wd2nX4EQdD0lDDBoo1bOas8cT-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ebf3f7-e3ab-4f8c-86e8-7087e3fe2a5d/1/CHNMugbUVOBkl2Bv-oXZE0HKuhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ebf3f7-e3ab-4f8c-86e8-7087e3fe2a5d/1/Wd2nX4EQdD0lDDBoo1bOas8cT-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.16.0/22
46.40.0.0/18
46.251.8.0/22
80.245.96.0/22
81.24.240.0/21
85.222.176.0/20
89.147.80.0/20
91.102.224.0/21
91.147.244.0/22
94.248.184.0/21
94.248.232.0/21
95.85.128.0/18
178.20.200.0/22
185.6.188.0/22
185.10.204.0/22
185.37.168.0/22
185.141.196.0/22
185.156.152.0/22
185.169.248.0/22
185.231.128.0/22
195.192.244.0/22
217.17.96.0/20
IPv6:
2a00:ad00::/29
Signature Algorithm: sha256WithRSAEncryption
b1:63:aa:7c:6d:2f:c4:d9:0d:e8:32:5c:a2:a5:d8:27:ef:a0:
4b:4e:21:23:56:55:0f:5d:c9:95:ec:58:90:8a:7c:c7:9d:59:
8c:ad:47:23:47:38:da:44:80:4f:3d:64:4b:2f:a4:64:be:4d:
ed:db:80:ee:a4:4c:80:33:07:33:e7:1c:20:11:a0:7b:60:a7:
32:1a:02:e0:ff:39:0e:02:46:d4:97:29:17:02:fe:8e:c1:4e:
0f:8a:cd:b6:15:9f:01:6d:c4:b6:a4:de:90:9f:31:cb:ad:32:
2f:c0:1c:5b:1f:e3:1f:6e:29:08:75:30:0b:b7:e7:7d:e6:7e:
6d:bd:0f:e6:3c:58:5a:e7:1a:92:13:47:11:2e:62:0e:16:44:
c2:07:50:f4:a1:8f:5d:9a:32:b2:15:e9:4f:69:e5:97:f7:f3:
f5:6d:c2:1f:51:c0:86:56:cf:32:a0:03:c4:8d:e8:25:d6:f8:
c0:f5:66:8e:d2:1c:bd:41:70:c8:88:3f:a5:42:04:a8:0f:e6:
d4:07:9c:8f:39:dd:3a:bc:5f:f4:09:3a:f9:26:14:7c:15:3a:
f7:36:d8:7b:bd:7f:5a:b2:f7:2f:3f:95:4d:0f:5f:e7:58:2e:
e1:50:28:06:f7:bb:7a:e1:0f:58:39:54:06:b9:8f:1f:4f:5e:
37:fc:1c:37
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAYi5L+N+/Rd5NhqiY21bcgIoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZGRhNzVmODExMDc0M2QyNTBjMzA2OGEzNTZjZTZhY2Yx
YzRmZTIwHhcNMjMwNjE0MDkxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODczNGNiYTA2ZDQ1NGUwNjQ5NzYwNmZmYTg1ZDkxMzQxY2FiYTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5bUdoe/COn7xXAGQfUvB2et7jn+
jBdaTXghQueKoobvGlyB/yOeTbqT+JHRggJhlpiPLcb4aJyWbYOFFjhiGs+zAJMn
pEIXzMAFdqEyg1PUM1wCSUBUpMQQvIu1mwTAEbBCnYlQVefXv7qnQzD6DlAlXlsY
yNEyk2gyoOT36+oA0mxsDE8igrhro5coPewH+ww/yWA2VU7MG+C6bXmIixMUNFUA
g4+cZaOkSsR2y7fCxHlKGOLnJ7zGC8Gavd5ruGq1daz8UhELz2ZLje9YmiGgnjbx
0x9SFrsi/1JQOk1ytqoTJuQdvg2Gm58kjBQ4kpPIpkiMrRpnPYFN0SnAZwIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFAhzTLoG1FTgZJdgb/qF2RNByroZMB8GA1UdIwQY
MBaAFFndp1+BEHQ9JQwwaKNWzmrPHE/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2Qyblg0RVFkRDBsRERCb28xYk9hczhjVC1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lYmYzZjctZTNhYi00ZjhjLTg2ZTgt
NzA4N2UzZmUyYTVkLzEvQ0hOTXVnYlVWT0JrbDJCdi1vWFpFMEhLdWhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lYmYzZjctZTNhYi00ZjhjLTg2ZTgtNzA4N2UzZmUyYTVk
LzEvV2Qyblg0RVFkRDBsRERCb28xYk9hczhjVC1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTCBiwQCAAEwgYQDBAIt
nhADBAYuKAADBAIu+wgDBAJQ9WADBANRGPADBARV3rADBARZk1ADBANbZuADBAJb
k/QDBANe+LgDBANe+OgDBAZfVYADBAKyFMgDBAK5BrwDBAK5CswDBAK5JagDBAK5
jcQDBAK5nJgDBAK5qfgDBAK554ADBALDwPQDBATZEWAwDQQCAAIwBwMFAyoArQAw
DQYJKoZIhvcNAQELBQADggEBALFjqnxtL8TZDegyXKKl2CfvoEtOISNWVQ9dyZXs
WJCKfMedWYytRyNHONpEgE89ZEsvpGS+Te3bgO6kTIAzBzPnHCARoHtgpzIaAuD/
OQ4CRtSXKRcC/o7BTg+KzbYVnwFtxLak3pCfMcutMi/AHFsf4x9uKQh1MAu3533m
fm29D+Y8WFrnGpITRxEuYg4WRMIHUPShj12aMrIV6U9p5Zf38/Vtwh9RwIZWzzKg
A8SN6CXW+MD1Zo7SHL1BcMiIP6VCBKgP5tQHnI853Tq8X/QJOvkmFHwVOvc22Hu9
f1qy9y8/lU0PX+dYLuFQKAb3u3rhD1g5VAa5jx9PXjf8HDc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:05 2024 by rpki-client on console-fra.rpki-client.org