Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1lPd8IdiRzjKqBqiAWlYZzKXEFg.roa
File: 1lPd8IdiRzjKqBqiAWlYZzKXEFg.roa (raw, json)
Hash identifier: HWCyISO4VTZMtiR+EkwGzHvnT5f8/rl438CuhQxoM8U=
Subject key identifier: D6:53:DD:F0:87:62:47:38:CA:A8:1A:A2:01:69:58:67:32:97:10:58
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018F8180ADA6C770F78762B924A2F9E7874D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1lPd8IdiRzjKqBqiAWlYZzKXEFg.roa
Signing time: Thu 16 May 2024 13:04:04 +0000
ROA not before: Thu 16 May 2024 13:04:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34224
IP address blocks: 2.58.92.0/24 maxlen: 24
31.13.195.0/24 maxlen: 24
31.13.197.0/24 maxlen: 24
31.13.208.0/24 maxlen: 24
31.13.216.0/21 maxlen: 24
31.13.217.0/24 maxlen: 24
31.13.221.0/24 maxlen: 24
31.13.223.0/24 maxlen: 24
31.13.230.0/23 maxlen: 24
31.13.236.0/22 maxlen: 24
31.13.241.0/24 maxlen: 24
31.13.245.0/24 maxlen: 24
37.60.138.0/24 maxlen: 24
37.60.139.0/24 maxlen: 24
45.81.38.0/24 maxlen: 24
45.149.241.0/24 maxlen: 24
82.115.210.0/24 maxlen: 24
83.143.115.0/24 maxlen: 24
85.217.140.0/24 maxlen: 24
87.120.6.0/23 maxlen: 24
87.120.6.0/24 maxlen: 24
87.120.8.0/24 maxlen: 24
87.120.13.0/24 maxlen: 24
87.120.36.100/32 maxlen: 32
87.120.37.0/24 maxlen: 24
87.120.39.0/24 maxlen: 24
87.120.43.0/24 maxlen: 24
87.120.61.0/24 maxlen: 24
87.120.104.0/24 maxlen: 24
87.120.109.0/24 maxlen: 24
87.120.128.0/23 maxlen: 24
87.120.132.0/24 maxlen: 24
87.120.133.0/24 maxlen: 24
87.120.134.0/24 maxlen: 24
87.120.135.0/24 maxlen: 24
87.120.165.0/24 maxlen: 24
87.120.176.0/24 maxlen: 24
87.120.195.0/24 maxlen: 24
87.120.199.0/24 maxlen: 24
87.120.200.0/24 maxlen: 24
87.120.201.0/24 maxlen: 24
87.120.206.0/23 maxlen: 24
87.120.206.0/24 maxlen: 24
87.120.207.0/24 maxlen: 24
87.120.217.0/24 maxlen: 24
87.120.223.0/24 maxlen: 24
87.120.253.0/24 maxlen: 24
87.120.254.0/24 maxlen: 24
87.120.255.0/24 maxlen: 24
87.121.0.0/23 maxlen: 24
87.121.0.0/24 maxlen: 24
87.121.1.0/24 maxlen: 24
87.121.2.0/24 maxlen: 24
87.121.6.0/23 maxlen: 24
87.121.42.0/24 maxlen: 24
87.121.52.0/24 maxlen: 24
87.121.64.0/24 maxlen: 24
87.121.79.0/24 maxlen: 24
87.121.82.0/24 maxlen: 24
87.121.83.0/24 maxlen: 24
87.121.90.0/23 maxlen: 24
87.121.110.0/24 maxlen: 24
87.121.111.0/24 maxlen: 24
87.121.112.0/24 maxlen: 24
87.121.113.0/24 maxlen: 24
87.121.118.0/24 maxlen: 24
87.121.150.0/23 maxlen: 24
87.121.161.0/24 maxlen: 24
91.92.0.0/24 maxlen: 24
91.92.1.0/24 maxlen: 24
91.92.2.0/24 maxlen: 24
91.92.65.0/24 maxlen: 24
91.92.66.0/24 maxlen: 24
91.92.68.0/24 maxlen: 24
91.92.69.0/24 maxlen: 24
91.92.105.0/24 maxlen: 24
91.92.109.0/24 maxlen: 24
91.92.139.0/24 maxlen: 24
91.92.197.0/24 maxlen: 24
91.92.198.0/23 maxlen: 24
91.92.219.0/24 maxlen: 24
91.92.230.0/24 maxlen: 24
91.212.233.0/24 maxlen: 24
92.249.49.0/24 maxlen: 24
93.123.8.0/24 maxlen: 24
93.123.12.0/24 maxlen: 24
93.123.18.0/24 maxlen: 24
93.123.28.0/23 maxlen: 24
93.123.32.0/22 maxlen: 24
93.123.36.0/24 maxlen: 24
93.123.37.0/24 maxlen: 24
93.123.64.0/24 maxlen: 24
93.123.117.0/24 maxlen: 24
94.156.12.0/24 maxlen: 24
94.156.15.0/24 maxlen: 24
94.156.42.0/24 maxlen: 24
94.156.44.0/24 maxlen: 24
94.156.77.0/24 maxlen: 24
94.156.94.0/24 maxlen: 24
94.156.98.0/24 maxlen: 24
94.156.100.0/24 maxlen: 24
94.156.106.0/24 maxlen: 24
94.156.129.0/24 maxlen: 24
94.156.130.0/24 maxlen: 24
94.156.153.0/24 maxlen: 24
94.156.158.0/24 maxlen: 24
94.156.159.0/24 maxlen: 24
94.156.172.0/23 maxlen: 24
94.156.179.0/24 maxlen: 24
94.156.185.0/24 maxlen: 24
94.156.188.0/24 maxlen: 24
94.156.190.0/24 maxlen: 24
94.156.216.0/21 maxlen: 24
94.156.227.0/24 maxlen: 24
94.156.232.0/24 maxlen: 24
94.156.233.0/24 maxlen: 24
94.156.249.0/24 maxlen: 24
94.156.251.0/24 maxlen: 24
94.156.252.0/24 maxlen: 24
194.55.184.0/23 maxlen: 24
194.169.173.0/24 maxlen: 24
212.73.128.0/23 maxlen: 24
212.73.130.0/23 maxlen: 24
212.73.131.0/24 maxlen: 24
212.73.132.0/24 maxlen: 24
212.73.133.0/24 maxlen: 24
212.73.134.0/24 maxlen: 24
212.73.136.0/24 maxlen: 24
212.73.138.0/23 maxlen: 24
212.73.138.0/24 maxlen: 24
212.73.140.0/24 maxlen: 24
212.73.141.0/24 maxlen: 24
212.73.142.0/24 maxlen: 24
212.73.143.0/24 maxlen: 24
212.73.144.0/24 maxlen: 24
212.73.145.0/24 maxlen: 24
212.73.146.0/24 maxlen: 24
212.73.147.0/24 maxlen: 24
212.73.148.0/24 maxlen: 24
212.73.155.0/24 maxlen: 24
212.73.157.0/24 maxlen: 24
2a00:1728::/32 maxlen: 48
2a00:1728:0:d::/64 maxlen: 64
2a00:1728:3::/48 maxlen: 48
2a00:1728:1b::/48 maxlen: 48
2a00:1728:1f::/48 maxlen: 48
2a00:1728:21::/48 maxlen: 48
2a00:1728:23::/48 maxlen: 48
2a00:1728:25::/48 maxlen: 48
2a00:1728:27::/48 maxlen: 48
2a00:1728:2f::/48 maxlen: 48
2a00:1728:31::/48 maxlen: 48
2a00:1728:34::/48 maxlen: 48
2a00:1728:35::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Jun 2024 10:56:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:81:80:ad:a6:c7:70:f7:87:62:b9:24:a2:f9:e7:87:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 16 13:04:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d653ddf087624738caa81aa20169586732971058
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:04:55:f5:e4:ba:fa:9c:d2:d1:e3:d4:a4:49:
6d:c1:81:fd:83:87:6f:c9:91:68:22:f8:7b:f0:40:
70:a2:74:e9:22:00:8a:ce:d6:b3:82:de:7f:9b:b0:
ff:af:97:85:4c:68:0e:b6:2c:41:5a:eb:2b:0f:42:
e1:0a:cc:c1:67:c4:da:fb:9c:f3:ba:de:d4:ba:ed:
db:a7:3a:eb:e4:7c:65:73:cb:72:2d:e9:f9:4e:91:
81:f9:c4:7b:60:d3:e8:19:26:38:4c:72:c9:22:9b:
97:fe:df:cd:65:bb:ae:04:6a:87:82:9f:f2:99:c2:
a0:8b:f7:04:3a:2b:07:f9:63:59:e9:c2:da:eb:14:
25:bb:21:c9:bc:57:84:22:41:c6:4c:13:ea:b0:a4:
d8:8b:1e:ad:55:5a:bb:0c:02:e5:72:0d:7a:82:fe:
94:99:c0:08:ce:08:85:7d:8e:ee:3d:de:9f:65:c4:
03:b9:f7:4b:60:42:12:64:8b:20:30:b6:d3:7a:a4:
6b:3f:aa:04:89:c0:e7:af:53:78:52:8f:9f:91:73:
0d:85:9a:39:a9:23:d0:75:46:80:4f:13:74:43:fa:
a5:f0:8b:06:03:4c:1e:cc:61:bc:da:f2:85:81:3e:
e7:83:f3:0f:4a:92:ff:97:33:c0:8a:c2:7c:c0:99:
17:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:53:DD:F0:87:62:47:38:CA:A8:1A:A2:01:69:58:67:32:97:10:58
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1lPd8IdiRzjKqBqiAWlYZzKXEFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.92.0/24
31.13.195.0/24
31.13.197.0/24
31.13.208.0/24
31.13.216.0/21
31.13.230.0/23
31.13.236.0/22
31.13.241.0/24
31.13.245.0/24
37.60.138.0/23
45.81.38.0/24
45.149.241.0/24
82.115.210.0/24
83.143.115.0/24
85.217.140.0/24
87.120.6.0-87.120.8.255
87.120.13.0/24
87.120.36.100/32
87.120.37.0/24
87.120.39.0/24
87.120.43.0/24
87.120.61.0/24
87.120.104.0/24
87.120.109.0/24
87.120.128.0/23
87.120.132.0/22
87.120.165.0/24
87.120.176.0/24
87.120.195.0/24
87.120.199.0-87.120.201.255
87.120.206.0/23
87.120.217.0/24
87.120.223.0/24
87.120.253.0-87.121.2.255
87.121.6.0/23
87.121.42.0/24
87.121.52.0/24
87.121.64.0/24
87.121.79.0/24
87.121.82.0/23
87.121.90.0/23
87.121.110.0-87.121.113.255
87.121.118.0/24
87.121.150.0/23
87.121.161.0/24
91.92.0.0-91.92.2.255
91.92.65.0-91.92.66.255
91.92.68.0/23
91.92.105.0/24
91.92.109.0/24
91.92.139.0/24
91.92.197.0-91.92.199.255
91.92.219.0/24
91.92.230.0/24
91.212.233.0/24
92.249.49.0/24
93.123.8.0/24
93.123.12.0/24
93.123.18.0/24
93.123.28.0/23
93.123.32.0-93.123.37.255
93.123.64.0/24
93.123.117.0/24
94.156.12.0/24
94.156.15.0/24
94.156.42.0/24
94.156.44.0/24
94.156.77.0/24
94.156.94.0/24
94.156.98.0/24
94.156.100.0/24
94.156.106.0/24
94.156.129.0-94.156.130.255
94.156.153.0/24
94.156.158.0/23
94.156.172.0/23
94.156.179.0/24
94.156.185.0/24
94.156.188.0/24
94.156.190.0/24
94.156.216.0/21
94.156.227.0/24
94.156.232.0/23
94.156.249.0/24
94.156.251.0-94.156.252.255
194.55.184.0/23
194.169.173.0/24
212.73.128.0-212.73.134.255
212.73.136.0/24
212.73.138.0-212.73.148.255
212.73.155.0/24
212.73.157.0/24
IPv6:
2a00:1728::/32
Signature Algorithm: sha256WithRSAEncryption
06:a1:55:10:6e:b3:d2:e8:4d:e5:ca:42:5c:fb:dc:af:dd:f3:
7c:9e:16:36:66:1e:16:a4:9c:e3:9c:7c:78:65:6b:34:21:50:
e3:fc:47:13:79:95:20:46:80:45:06:d7:72:e0:af:d6:4a:e9:
1d:f3:4b:e5:6b:71:06:52:46:89:86:29:2f:ad:b3:70:86:40:
08:fd:9a:78:2a:e8:ad:ce:5a:55:b4:61:28:ad:2c:64:9a:06:
54:99:42:54:31:3f:12:f5:89:7c:25:47:c4:97:68:17:d8:4f:
b2:52:72:86:56:cd:95:e4:cf:13:d3:28:f5:58:50:fb:b0:f6:
91:9b:2d:58:31:ed:1d:78:1b:db:79:75:d4:bb:7a:3a:3b:e0:
7d:12:3f:d8:bf:37:8a:05:79:e3:9b:18:45:0a:37:fd:3f:2d:
9e:9b:82:92:9a:fd:ac:b2:41:10:dd:2d:38:04:da:68:8c:75:
82:ac:a9:9f:69:8f:6a:bb:41:dd:68:c4:6a:b8:cd:c7:cd:e7:
a3:fc:b0:a3:1f:be:16:67:4d:02:05:17:99:cb:02:f0:e8:ed:
10:01:40:e5:71:b1:bc:66:df:3c:fb:6c:d3:a9:35:ea:6d:11:
23:75:b7:f0:a0:54:39:d7:0a:9b:fa:cd:8c:2d:d2:c4:6a:a7:
78:d9:7d:49
-----BEGIN CERTIFICATE-----
MIIHmDCCBoCgAwIBAgISAY+BgK2mx3D3h2K5JKL554dNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNTE2MTMwNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjUzZGRmMDg3NjI0NzM4Y2FhODFhYTIwMTY5NTg2NzMyOTcxMDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQRV9eS6+pzS0ePUpEltwYH9g4dv
yZFoIvh78EBwonTpIgCKztazgt5/m7D/r5eFTGgOtixBWusrD0LhCszBZ8Ta+5zz
ut7Uuu3bpzrr5Hxlc8tyLen5TpGB+cR7YNPoGSY4THLJIpuX/t/NZbuuBGqHgp/y
mcKgi/cEOisH+WNZ6cLa6xQluyHJvFeEIkHGTBPqsKTYix6tVVq7DALlcg16gv6U
mcAIzgiFfY7uPd6fZcQDufdLYEISZIsgMLbTeqRrP6oEicDnr1N4Uo+fkXMNhZo5
qSPQdUaATxN0Q/ql8IsGA0wezGG82vKFgT7ng/MPSpL/lzPAisJ8wJkXNQIDAQAB
o4IEpDCCBKAwHQYDVR0OBBYEFNZT3fCHYkc4yqgaogFpWGcylxBYMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMWxQZDhJZGlSempLcUJxaUFXbFlaektYRUZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICuAYIKwYBBQUHAQcBAf8EggKnMIICozCCApAEAgABMIIC
iAMEAAI6XAMEAB8NwwMEAB8NxQMEAB8N0AMEAx8N2AMEAR8N5gMEAh8N7AMEAB8N
8QMEAB8N9QMEASU8igMEAC1RJgMEAC2V8QMEAFJz0gMEAFOPcwMEAFXZjDAMAwQB
V3gGAwQAV3gIAwQAV3gNAwUAV3gkZAMEAFd4JQMEAFd4JwMEAFd4KwMEAFd4PQME
AFd4aAMEAFd4bQMEAVd4gAMEAld4hAMEAFd4pQMEAFd4sAMEAFd4wzAMAwQAV3jH
AwQBV3jIAwQBV3jOAwQAV3jZAwQAV3jfMAwDBABXeP0DBABXeQIDBAFXeQYDBABX
eSoDBABXeTQDBABXeUADBABXeU8DBAFXeVIDBAFXeVowDAMEAVd5bgMEAVd5cAME
AFd5dgMEAVd5lgMEAFd5oTALAwMCW1wDBABbXAIwDAMEAFtcQQMEAFtcQgMEAVtc
RAMEAFtcaQMEAFtcbQMEAFtcizAMAwQAW1zFAwQDW1zAAwQAW1zbAwQAW1zmAwQA
W9TpAwQAXPkxAwQAXXsIAwQAXXsMAwQAXXsSAwQBXXscMAwDBAVdeyADBAFdeyQD
BABde0ADBABde3UDBABenAwDBABenA8DBABenCoDBABenCwDBABenE0DBABenF4D
BABenGIDBABenGQDBABenGowDAMEAF6cgQMEAF6cggMEAF6cmQMEAV6cngMEAV6c
rAMEAF6cswMEAF6cuQMEAF6cvAMEAF6cvgMEA16c2AMEAF6c4wMEAV6c6AMEAF6c
+TAMAwQAXpz7AwQAXpz8AwQBwje4AwQAwqmtMAwDBAfUSYADBADUSYYDBADUSYgw
DAMEAdRJigMEANRJlAMEANRJmwMEANRJnTANBAIAAjAHAwUAKgAXKDANBgkqhkiG
9w0BAQsFAAOCAQEABqFVEG6z0uhN5cpCXPvcr93zfJ4WNmYeFqSc45x8eGVrNCFQ
4/xHE3mVIEaARQbXcuCv1krpHfNL5WtxBlJGiYYpL62zcIZACP2aeCrorc5aVbRh
KK0sZJoGVJlCVDE/EvWJfCVHxJdoF9hPslJyhlbNleTPE9Mo9VhQ+7D2kZstWDHt
HXgb23l11Lt6OjvgfRI/2L83igV545sYRQo3/T8tnpuCkpr9rLJBEN0tOATaaIx1
gqypn2mPartB3WjEarjNx83no/ywox++FmdNAgUXmcsC8OjtEAFA5XGxvGbfPPts
06k16m0RI3W38KBUOdcKm/rNjC3SxGqneNl9SQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:22 2024 by rpki-client on console-ams.rpki-client.org