Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/2QGeyG-3gUPlxKfurEgd_uf2pBk.roa
File: 2QGeyG-3gUPlxKfurEgd_uf2pBk.roa (raw, json)
Hash identifier: psh/rDK70Ctpcv7R9KyiYcBvVDEwQgI36gfK4J6AwGE=
Subject key identifier: D9:01:9E:C8:6F:B7:81:43:E5:C4:A7:EE:AC:48:1D:FE:E7:F6:A4:19
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 0187321DEDBF2269E67A91FFD50D9D2C200B
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/2QGeyG-3gUPlxKfurEgd_uf2pBk.roa
Signing time: Thu 30 Mar 2023 10:43:54 +0000
ROA not before: Thu 30 Mar 2023 10:43:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12716
IP address blocks: 151.251.254.0/24 maxlen: 24
151.251.255.0/24 maxlen: 24
37.63.96.0/22 maxlen: 24
83.97.30.0/24 maxlen: 24
84.252.40.0/23 maxlen: 23
151.251.240.0/24 maxlen: 24
151.251.238.0/24 maxlen: 24
151.251.239.0/24 maxlen: 24
151.251.245.0/24 maxlen: 24
151.251.240.0/20 maxlen: 20
151.251.243.0/24 maxlen: 24
151.251.246.0/24 maxlen: 24
151.251.241.0/24 maxlen: 24
151.251.244.0/24 maxlen: 24
151.251.242.0/24 maxlen: 24
151.251.253.0/24 maxlen: 24
151.251.248.0/24 maxlen: 24
151.251.251.0/24 maxlen: 24
151.251.249.0/24 maxlen: 24
151.251.252.0/24 maxlen: 24
151.251.247.0/24 maxlen: 24
151.251.250.0/24 maxlen: 24
89.215.62.0/23 maxlen: 23
151.251.44.0/22 maxlen: 22
151.251.68.0/22 maxlen: 22
185.224.160.0/23 maxlen: 23
37.63.0.0/20 maxlen: 20
37.63.16.0/22 maxlen: 22
37.63.20.0/22 maxlen: 24
37.63.24.0/22 maxlen: 22
37.63.28.0/22 maxlen: 24
62.204.154.0/23 maxlen: 23
37.63.32.0/22 maxlen: 24
151.251.121.0/24 maxlen: 24
85.118.64.0/22 maxlen: 22
85.118.71.0/24 maxlen: 24
85.118.68.0/23 maxlen: 24
213.226.17.0/24 maxlen: 24
85.118.70.0/24 maxlen: 24
85.118.76.0/22 maxlen: 22
85.118.74.0/24 maxlen: 24
85.118.72.0/23 maxlen: 23
213.226.19.0/24 maxlen: 24
185.151.156.0/22 maxlen: 22
85.118.84.0/24 maxlen: 24
85.118.80.0/22 maxlen: 22
213.226.36.0/24 maxlen: 24
85.118.92.0/24 maxlen: 24
85.118.93.0/24 maxlen: 24
213.226.40.0/24 maxlen: 24
213.226.51.0/24 maxlen: 24
213.226.57.0/24 maxlen: 24
213.226.56.0/24 maxlen: 24
213.226.63.0/24 maxlen: 24
213.226.59.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:32:1d:ed:bf:22:69:e6:7a:91:ff:d5:0d:9d:2c:20:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Mar 30 10:43:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9019ec86fb78143e5c4a7eeac481dfee7f6a419
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:59:7c:da:05:96:75:7d:be:0c:bf:ea:19:a2:
40:81:a4:7c:ec:0a:a0:41:ec:08:5e:04:ee:47:b6:
e4:d1:00:f2:16:42:43:ec:9e:db:38:15:0e:09:5d:
11:a7:0c:ce:03:b0:a0:58:0d:6f:7e:ba:68:05:7a:
a1:0b:de:94:c0:4c:f4:e3:ec:56:26:e1:63:82:ea:
17:dd:3c:ee:f7:69:29:b3:e0:bc:90:1c:2f:63:c8:
b3:35:4f:12:96:5c:31:30:53:0d:fb:88:46:06:87:
26:1c:60:3a:e1:2c:27:6b:da:cc:bd:f6:c9:81:c9:
18:c9:fb:c6:d6:08:c7:75:91:1c:5c:67:4f:92:35:
b4:64:50:85:32:e4:bd:d9:84:b7:cf:fc:3b:80:98:
f3:3e:da:fc:17:d9:f0:7a:10:80:e4:05:77:2d:7d:
48:c5:d8:bb:01:2e:10:9a:61:c9:3d:9e:b7:36:7d:
e6:10:c4:42:1b:41:b8:49:b4:d2:15:3e:e1:f2:3d:
81:af:07:de:eb:d7:37:e5:14:ce:e2:13:61:d9:34:
84:f1:60:d2:c5:9a:a7:f9:94:4f:7e:9c:86:e9:e6:
67:83:2b:2c:d3:c9:c0:c6:71:c9:7f:7a:b3:3b:5d:
81:60:04:f9:fe:4f:cc:d2:ef:72:aa:bd:9c:96:fc:
1b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:01:9E:C8:6F:B7:81:43:E5:C4:A7:EE:AC:48:1D:FE:E7:F6:A4:19
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/2QGeyG-3gUPlxKfurEgd_uf2pBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.63.0.0-37.63.35.255
37.63.96.0/22
62.204.154.0/23
83.97.30.0/24
84.252.40.0/23
85.118.64.0-85.118.74.255
85.118.76.0-85.118.84.255
85.118.92.0/23
89.215.62.0/23
151.251.44.0/22
151.251.68.0/22
151.251.121.0/24
151.251.238.0-151.251.255.255
185.151.156.0/22
185.224.160.0/23
213.226.17.0/24
213.226.19.0/24
213.226.36.0/24
213.226.40.0/24
213.226.51.0/24
213.226.56.0/23
213.226.59.0/24
213.226.63.0/24
Signature Algorithm: sha256WithRSAEncryption
59:b0:d4:7b:88:b3:50:65:fd:a9:e6:38:a5:8d:4b:48:87:3b:
75:cc:46:27:4e:93:18:a1:ff:8f:39:2a:7c:a1:07:4f:c9:3f:
b2:53:1d:6e:f3:01:81:ab:2b:3d:0e:b8:b0:f4:7c:44:90:12:
c1:5d:57:7a:a5:21:44:ec:a9:74:7c:53:05:bc:ff:58:2b:e0:
9b:e5:01:bc:3e:72:32:67:28:3c:d1:4c:cf:85:ee:18:81:83:
10:79:5e:a8:b0:3c:25:3d:da:cc:96:3f:65:a6:ef:c1:70:77:
32:2c:71:02:a4:85:25:b1:7f:ab:f0:ef:67:45:d9:e4:86:ba:
fa:6e:64:9d:10:b1:38:28:5c:2b:92:85:fb:0f:cb:1d:6d:eb:
92:41:e9:cd:50:b6:21:2b:b7:7b:68:5d:f4:76:2c:93:97:cd:
88:a8:2d:dc:cc:70:20:35:6a:9f:c6:e7:a2:76:df:3c:01:3c:
14:23:a6:53:b7:ea:2b:da:a7:dd:af:b8:47:2c:62:5c:a1:86:
46:21:cb:dc:56:a5:bb:41:27:21:9c:4c:1b:74:a3:30:60:d4:
ca:81:2a:17:bf:e4:b6:61:a5:18:82:56:16:f6:b4:30:3d:08:
70:76:20:09:cb:3c:4d:f2:ac:72:31:a5:28:26:48:40:8f:32:
32:5a:eb:75
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYcyHe2/ImnmepH/1Q2dLCALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjMwMzMwMTA0MzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTAxOWVjODZmYjc4MTQzZTVjNGE3ZWVhYzQ4MWRmZWU3ZjZhNDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVl82gWWdX2+DL/qGaJAgaR87Aqg
QewIXgTuR7bk0QDyFkJD7J7bOBUOCV0RpwzOA7CgWA1vfrpoBXqhC96UwEz04+xW
JuFjguoX3Tzu92kps+C8kBwvY8izNU8SllwxMFMN+4hGBocmHGA64Swna9rMvfbJ
gckYyfvG1gjHdZEcXGdPkjW0ZFCFMuS92YS3z/w7gJjzPtr8F9nwehCA5AV3LX1I
xdi7AS4QmmHJPZ63Nn3mEMRCG0G4SbTSFT7h8j2Brwfe69c35RTO4hNh2TSE8WDS
xZqn+ZRPfpyG6eZngyss08nAxnHJf3qzO12BYAT5/k/M0u9yqr2clvwbOwIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFNkBnshvt4FD5cSn7qxIHf7n9qQZMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvMlFHZXlHLTNnVVBseEtmdXJFZ2RfdWYycEJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagwCwMD
ACU/AwQCJT8gAwQCJT9gAwQBPsyaAwQAU2EeAwQBVPwoMAwDBAZVdkADBABVdkow
DAMEAlV2TAMEAFV2VAMEAVV2XAMEAVnXPgMEApf7LAMEApf7RAMEAJf7eTALAwQB
l/vuAwMCl/gDBAK5l5wDBAG54KADBADV4hEDBADV4hMDBADV4iQDBADV4igDBADV
4jMDBAHV4jgDBADV4jsDBADV4j8wDQYJKoZIhvcNAQELBQADggEBAFmw1HuIs1Bl
/anmOKWNS0iHO3XMRidOkxih/485KnyhB0/JP7JTHW7zAYGrKz0OuLD0fESQEsFd
V3qlIUTsqXR8UwW8/1gr4JvlAbw+cjJnKDzRTM+F7hiBgxB5XqiwPCU92syWP2Wm
78FwdzIscQKkhSWxf6vw72dF2eSGuvpuZJ0QsTgoXCuShfsPyx1t65JB6c1QtiEr
t3toXfR2LJOXzYioLdzMcCA1ap/G56J23zwBPBQjplO36ivap92vuEcsYlyhhkYh
y9xWpbtBJyGcTBt0ozBg1MqBKhe/5LZhpRiCVhb2tDA9CHB2IAnLPE3yrHIxpSgm
SECPMjJa63U=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:17 2023 by rpki-client on console-fra.rpki-client.org