Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/T7yh_PhblOvdym2_D3PuCLaFqw8.roa
File: T7yh_PhblOvdym2_D3PuCLaFqw8.roa (raw, json)
Hash identifier: ykfk5ExuodP407w3peSCX9qImYUE26Dx0qV2Nd6JeGw=
Subject key identifier: 4F:BC:A1:FC:F8:5B:94:EB:DD:CA:6D:BF:0F:73:EE:08:B6:85:AB:0F
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EA887D52BA6D66F9C345D9DE1E87E9624
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/T7yh_PhblOvdym2_D3PuCLaFqw8.roa
Signing time: Thu 04 Apr 2024 09:54:17 +0000
ROA not before: Thu 04 Apr 2024 09:54:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33934
IP address blocks: 83.239.128.0/18 maxlen: 18
83.239.128.0/22 maxlen: 22
83.239.132.0/24 maxlen: 24
83.239.138.0/23 maxlen: 23
83.239.142.0/23 maxlen: 23
83.239.144.0/24 maxlen: 24
83.239.151.0/24 maxlen: 24
83.239.152.0/22 maxlen: 22
83.239.156.0/23 maxlen: 23
83.239.158.0/24 maxlen: 24
83.239.161.0/24 maxlen: 24
83.239.162.0/23 maxlen: 23
83.239.164.0/24 maxlen: 24
83.239.167.0/24 maxlen: 24
83.239.168.0/23 maxlen: 23
83.239.172.0/22 maxlen: 22
83.239.176.0/24 maxlen: 24
83.239.179.0/24 maxlen: 24
83.239.180.0/22 maxlen: 22
83.239.184.0/22 maxlen: 22
83.239.188.0/23 maxlen: 23
83.239.191.0/24 maxlen: 24
85.172.112.0/20 maxlen: 20
85.172.120.0/23 maxlen: 23
85.172.122.0/24 maxlen: 24
85.172.126.0/23 maxlen: 23
85.172.168.0/22 maxlen: 22
85.172.170.0/24 maxlen: 24
85.173.64.0/19 maxlen: 19
85.173.80.0/22 maxlen: 22
85.173.84.0/23 maxlen: 23
85.173.192.0/19 maxlen: 19
85.173.208.0/23 maxlen: 23
85.174.0.0/17 maxlen: 17
85.174.63.0/24 maxlen: 24
85.174.69.0/24 maxlen: 24
85.174.70.0/23 maxlen: 23
85.174.80.0/22 maxlen: 22
85.174.84.0/24 maxlen: 24
85.174.100.0/24 maxlen: 24
178.34.64.0/22 maxlen: 22
178.35.128.0/18 maxlen: 18
Validation: Failed, certificate revoked on Mon 15 Apr 2024 10:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a8:87:d5:2b:a6:d6:6f:9c:34:5d:9d:e1:e8:7e:96:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 4 09:54:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4fbca1fcf85b94ebddca6dbf0f73ee08b685ab0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:16:c9:b0:29:4e:b3:27:72:06:a7:f6:c6:ff:
9e:23:d5:de:44:d5:ea:31:fc:de:44:c9:a4:07:8b:
8c:72:c7:3e:6b:4c:1f:6a:5a:da:77:17:3c:b8:ea:
85:12:15:00:58:14:c4:1a:2b:8e:2a:7f:02:28:10:
99:e8:8b:23:c3:3f:2d:b6:08:9c:f4:4f:ac:10:ab:
4e:5d:56:76:48:1e:ba:d1:5d:c0:7a:13:db:ef:e3:
34:10:03:48:94:53:31:dd:23:60:78:f5:37:e0:f4:
7b:34:49:cb:16:2f:06:f5:d6:7f:ae:2b:d4:7a:2e:
47:7f:f0:b5:5a:85:76:7d:52:43:74:c7:30:5b:0e:
58:9f:f6:01:fe:ed:a0:73:dd:47:27:ef:d1:a8:08:
b9:9d:7a:f4:26:5c:08:30:c7:ae:9a:8f:69:f1:fa:
27:ce:3e:aa:2a:ff:fd:c1:9e:16:8f:b6:7f:c1:39:
36:d1:7d:e5:2c:d2:96:fc:ad:32:84:b4:97:95:8b:
90:ea:c9:34:aa:2e:f2:21:e0:61:4e:0c:8e:3c:c6:
79:6d:ac:22:9e:6b:02:91:65:5c:3e:27:4c:7a:f3:
e7:78:e7:32:e3:11:97:c6:1c:0b:0b:49:f0:28:f7:
70:9f:87:2e:af:ad:73:a3:34:69:2f:37:26:07:ef:
c9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:BC:A1:FC:F8:5B:94:EB:DD:CA:6D:BF:0F:73:EE:08:B6:85:AB:0F
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/T7yh_PhblOvdym2_D3PuCLaFqw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.239.128.0/18
85.172.112.0/20
85.172.168.0/22
85.173.64.0/19
85.173.192.0/19
85.174.0.0/17
178.34.64.0/22
178.35.128.0/18
Signature Algorithm: sha256WithRSAEncryption
19:4c:13:86:d3:85:65:cd:cf:fe:ab:5b:e6:5d:10:3a:cb:e4:
54:8b:99:1f:d8:2d:62:a7:12:2f:c4:44:a4:5a:a0:3a:40:06:
be:53:04:4d:36:44:ef:2f:7b:93:1d:6a:ab:a8:88:0a:16:cd:
c8:68:fd:46:16:da:ac:df:c0:0e:c3:8f:02:ae:71:bd:89:79:
06:c7:fa:95:fd:f0:95:ae:1b:01:42:c9:54:35:4c:55:cb:81:
b3:07:d7:7e:40:bc:ec:cf:74:76:50:49:07:ea:5c:51:2e:52:
5a:c6:5e:2a:64:44:5e:09:9e:a3:7c:0d:3b:b2:94:a2:db:b2:
6e:0b:29:b6:dc:b6:93:dd:58:b2:8f:37:5c:01:fa:dd:a0:a7:
07:8f:15:6f:98:72:77:9d:71:59:1d:8d:67:d7:07:89:20:f5:
33:ec:a9:be:c0:8b:db:97:69:4c:9f:f4:2e:52:d2:7b:b6:16:
de:77:d4:cd:95:f5:5a:fb:0e:b7:88:46:00:8f:f8:ed:78:9d:
00:15:6f:d0:80:53:e1:25:da:7c:2f:44:b9:a9:0a:15:57:78:
9f:7a:0f:81:ec:67:84:83:d6:ec:21:bd:d9:e3:0a:16:f8:df:
96:be:ff:6f:08:49:4a:3a:6c:28:ae:d6:8f:c5:51:5c:2e:5c:
1c:26:ae:5d
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY6oh9UrptZvnDRdneHofpYkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDA0MDk1NDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmJjYTFmY2Y4NWI5NGViZGRjYTZkYmYwZjczZWUwOGI2ODVhYjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxbJsClOsydyBqf2xv+eI9XeRNXq
MfzeRMmkB4uMcsc+a0wfalradxc8uOqFEhUAWBTEGiuOKn8CKBCZ6Isjwz8ttgic
9E+sEKtOXVZ2SB660V3AehPb7+M0EANIlFMx3SNgePU34PR7NEnLFi8G9dZ/rivU
ei5Hf/C1WoV2fVJDdMcwWw5Yn/YB/u2gc91HJ+/RqAi5nXr0JlwIMMeumo9p8fon
zj6qKv/9wZ4Wj7Z/wTk20X3lLNKW/K0yhLSXlYuQ6sk0qi7yIeBhTgyOPMZ5bawi
nmsCkWVcPidMevPneOcy4xGXxhwLC0nwKPdwn4cur61zozRpLzcmB+/JBQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFE+8ofz4W5Tr3cptvw9z7gi2hasPMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvVDd5aF9QaGJsT3ZkeW0yX0QzUHVDTGFGcXc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQGU++AAwQE
VaxwAwQCVayoAwQFVa1AAwQFVa3AAwQHVa4AAwQCsiJAAwQGsiOAMA0GCSqGSIb3
DQEBCwUAA4IBAQAZTBOG04Vlzc/+q1vmXRA6y+RUi5kf2C1ipxIvxESkWqA6QAa+
UwRNNkTvL3uTHWqrqIgKFs3IaP1GFtqs38AOw48CrnG9iXkGx/qV/fCVrhsBQslU
NUxVy4GzB9d+QLzsz3R2UEkH6lxRLlJaxl4qZEReCZ6jfA07spSi27JuCym23LaT
3ViyjzdcAfrdoKcHjxVvmHJ3nXFZHY1n1weJIPUz7Km+wIvbl2lMn/QuUtJ7thbe
d9TNlfVa+w63iEYAj/jteJ0AFW/QgFPhJdp8L0S5qQoVV3ifeg+B7GeEg9bsIb3Z
4woW+N+Wvv9vCElKOmwortaPxVFcLlwcJq5d
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:55 2024 by rpki-client on console-fra.rpki-client.org