Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/GgdxaPZjoHjqDzdMqO0YajtSLeo.roa
File: GgdxaPZjoHjqDzdMqO0YajtSLeo.roa (raw, json)
Hash identifier: Dwfy9uICnfPdYg9KZCvOlJFVNrRa3vJ4SzpbmsJgePA=
Subject key identifier: 1A:07:71:68:F6:63:A0:78:EA:0F:37:4C:A8:ED:18:6A:3B:52:2D:EA
Certificate issuer: /CN=56a4987bf8c6b4cdd657bbc2d0a5e13e9b626cb9
Certificate serial: 018F0A9947F861E6F27A6CF7B45C5DBF4C25
Authority key identifier: 56:A4:98:7B:F8:C6:B4:CD:D6:57:BB:C2:D0:A5:E1:3E:9B:62:6C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VqSYe_jGtM3WV7vC0KXhPptibLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/GgdxaPZjoHjqDzdMqO0YajtSLeo.roa
Signing time: Tue 23 Apr 2024 10:56:08 +0000
ROA not before: Tue 23 Apr 2024 10:56:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25133
IP address blocks: 37.139.160.0/22 maxlen: 22
37.139.164.0/22 maxlen: 22
37.139.168.0/24 maxlen: 24
37.139.169.0/24 maxlen: 24
37.139.170.0/24 maxlen: 24
37.139.171.0/24 maxlen: 24
37.139.172.0/24 maxlen: 24
37.139.173.0/24 maxlen: 24
37.139.174.0/24 maxlen: 24
37.139.175.0/24 maxlen: 24
37.139.176.0/24 maxlen: 24
37.139.177.0/24 maxlen: 24
37.139.178.0/24 maxlen: 24
37.139.179.0/24 maxlen: 24
37.139.180.0/22 maxlen: 22
37.139.184.0/22 maxlen: 22
37.139.188.0/22 maxlen: 22
45.95.164.0/22 maxlen: 22
45.143.48.0/22 maxlen: 22
45.153.208.0/22 maxlen: 22
45.158.48.0/22 maxlen: 22
46.255.32.0/22 maxlen: 22
46.255.36.0/22 maxlen: 22
78.137.0.0/19 maxlen: 19
78.137.32.0/24 maxlen: 24
78.137.33.0/24 maxlen: 24
78.137.34.0/24 maxlen: 24
78.137.35.0/24 maxlen: 24
78.137.36.0/22 maxlen: 22
78.137.40.0/21 maxlen: 21
78.137.48.0/20 maxlen: 20
83.142.48.0/22 maxlen: 22
89.200.232.0/21 maxlen: 21
91.105.207.0/24 maxlen: 24
91.211.136.0/22 maxlen: 22
91.217.144.0/24 maxlen: 24
91.244.0.0/18 maxlen: 18
92.43.80.0/22 maxlen: 22
92.118.220.0/22 maxlen: 22
103.35.160.0/22 maxlen: 22
103.237.44.0/22 maxlen: 22
109.227.64.0/19 maxlen: 19
109.227.96.0/19 maxlen: 19
152.89.20.0/22 maxlen: 22
176.67.0.0/19 maxlen: 19
178.216.16.0/21 maxlen: 21
185.3.148.0/24 maxlen: 24
185.3.149.0/24 maxlen: 24
185.3.150.0/24 maxlen: 24
185.3.151.0/24 maxlen: 24
185.41.192.0/23 maxlen: 23
185.41.194.0/23 maxlen: 23
185.62.96.0/22 maxlen: 22
185.96.28.0/22 maxlen: 22
185.103.40.0/23 maxlen: 23
185.103.42.0/23 maxlen: 23
185.128.92.0/22 maxlen: 22
185.176.108.0/22 maxlen: 22
185.176.112.0/22 maxlen: 22
185.203.244.0/22 maxlen: 22
185.208.112.0/22 maxlen: 22
185.220.94.0/23 maxlen: 23
185.228.100.0/22 maxlen: 22
193.106.80.0/22 maxlen: 22
194.1.220.0/23 maxlen: 23
212.55.64.0/22 maxlen: 22
212.55.68.0/22 maxlen: 22
212.55.72.0/23 maxlen: 23
212.55.74.0/23 maxlen: 23
212.55.76.0/22 maxlen: 22
212.55.80.0/22 maxlen: 22
212.55.84.0/23 maxlen: 23
212.55.86.0/23 maxlen: 23
212.55.88.0/22 maxlen: 22
212.55.92.0/22 maxlen: 22
213.108.52.0/22 maxlen: 22
217.115.96.0/21 maxlen: 21
217.115.104.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 01 May 2024 13:10:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0a:99:47:f8:61:e6:f2:7a:6c:f7:b4:5c:5d:bf:4c:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56a4987bf8c6b4cdd657bbc2d0a5e13e9b626cb9
Validity
Not Before: Apr 23 10:56:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a077168f663a078ea0f374ca8ed186a3b522dea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:52:97:ee:b2:38:48:43:64:20:35:0e:12:12:
5f:bc:73:75:d7:03:bf:d3:15:aa:f7:f1:7f:db:80:
c7:f1:ca:f6:23:78:f2:0e:04:a3:c2:23:88:72:35:
be:a1:cf:f5:06:50:12:aa:b6:c4:3f:67:c4:66:de:
f5:68:77:11:dc:f3:7c:ad:79:7e:1a:1c:69:3a:70:
40:fc:f0:fc:08:75:b0:08:d3:e9:08:0b:de:fb:f3:
40:39:1b:61:d6:62:5a:26:00:d0:5e:ed:ec:3f:ea:
af:72:99:b6:15:b2:bf:ce:30:f1:2f:f6:b8:f2:aa:
28:71:c5:7d:11:da:09:01:8f:61:d0:3c:ac:04:cb:
dc:dc:52:63:75:a4:5c:a3:4e:a1:f0:bd:87:2d:28:
3f:a8:36:da:be:45:fe:8f:4a:93:19:80:85:a6:f4:
d3:47:41:57:a4:4a:51:43:c7:9a:1d:8e:91:5e:22:
de:08:fd:47:00:7d:10:cf:4e:01:d2:fe:a2:f3:97:
a2:a4:97:5e:49:c1:12:bb:ac:f5:99:d2:f3:ca:c3:
e5:53:14:38:a9:be:20:81:b4:1d:32:fe:a6:60:d6:
46:c4:1d:ac:2a:23:f3:66:99:2c:79:c4:0a:ba:99:
a4:d9:c7:08:cf:a7:f1:4a:f3:68:f4:04:40:e2:da:
e1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:07:71:68:F6:63:A0:78:EA:0F:37:4C:A8:ED:18:6A:3B:52:2D:EA
X509v3 Authority Key Identifier:
keyid:56:A4:98:7B:F8:C6:B4:CD:D6:57:BB:C2:D0:A5:E1:3E:9B:62:6C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VqSYe_jGtM3WV7vC0KXhPptibLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/GgdxaPZjoHjqDzdMqO0YajtSLeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/VqSYe_jGtM3WV7vC0KXhPptibLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.160.0/19
45.95.164.0/22
45.143.48.0/22
45.153.208.0/22
45.158.48.0/22
46.255.32.0/21
78.137.0.0/18
83.142.48.0/22
89.200.232.0/21
91.105.207.0/24
91.211.136.0/22
91.217.144.0/24
91.244.0.0/18
92.43.80.0/22
92.118.220.0/22
103.35.160.0/22
103.237.44.0/22
109.227.64.0/18
152.89.20.0/22
176.67.0.0/19
178.216.16.0/21
185.3.148.0/22
185.41.192.0/22
185.62.96.0/22
185.96.28.0/22
185.103.40.0/22
185.128.92.0/22
185.176.108.0-185.176.115.255
185.203.244.0/22
185.208.112.0/22
185.220.94.0/23
185.228.100.0/22
193.106.80.0/22
194.1.220.0/23
212.55.64.0/19
213.108.52.0/22
217.115.96.0/20
Signature Algorithm: sha256WithRSAEncryption
10:ec:1d:ca:84:38:20:ae:81:f3:c7:7c:f3:00:c4:8b:e4:b4:
a4:c1:6a:54:dd:a5:e9:43:71:43:98:27:c4:7b:a1:b0:21:56:
70:14:f4:8d:55:1e:a5:16:84:3d:10:00:1b:17:be:86:2a:2e:
d7:f5:e6:23:3c:85:cb:23:b4:5f:e4:2e:6d:73:d7:73:d0:44:
60:41:1b:0a:7d:6d:e2:f0:7d:b8:e3:4c:1b:6f:f5:eb:e9:50:
7e:b9:b0:f2:c7:62:ec:ec:bf:06:af:a9:8c:d3:23:20:80:43:
5f:ee:d3:1f:24:aa:05:32:72:d4:80:f1:66:15:78:b0:b0:1a:
b2:6c:90:7f:77:0c:3a:a5:1c:d7:9e:50:dd:9d:a5:90:85:79:
6f:78:52:4a:b0:16:57:ca:c4:86:8f:1c:22:35:59:b0:c9:2e:
68:a4:90:b9:40:88:fc:9c:07:ee:97:2d:7a:f3:4b:ad:6d:b5:
92:71:a1:fc:c4:d5:1f:9f:c9:5f:40:92:a6:00:1e:92:14:f4:
3e:08:a7:d2:a8:14:a2:79:13:a5:4d:90:bd:7f:27:a3:12:5d:
fe:c2:02:f9:a6:0c:79:3c:1a:e1:5f:06:bd:ed:0f:73:83:e7:
18:91:8e:e8:eb:85:38:48:31:9a:5a:6f:1a:db:2a:32:ac:a8:
10:1b:bd:4f
-----BEGIN CERTIFICATE-----
MIIF4zCCBMugAwIBAgISAY8KmUf4Yebyemz3tFxdv0wlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YTQ5ODdiZjhjNmI0Y2RkNjU3YmJjMmQwYTVlMTNlOWI2
MjZjYjkwHhcNMjQwNDIzMTA1NjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTA3NzE2OGY2NjNhMDc4ZWEwZjM3NGNhOGVkMTg2YTNiNTIyZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1KX7rI4SENkIDUOEhJfvHN11wO/
0xWq9/F/24DH8cr2I3jyDgSjwiOIcjW+oc/1BlASqrbEP2fEZt71aHcR3PN8rXl+
GhxpOnBA/PD8CHWwCNPpCAve+/NAORth1mJaJgDQXu3sP+qvcpm2FbK/zjDxL/a4
8qooccV9EdoJAY9h0DysBMvc3FJjdaRco06h8L2HLSg/qDbavkX+j0qTGYCFpvTT
R0FXpEpRQ8eaHY6RXiLeCP1HAH0Qz04B0v6i85eipJdeScESu6z1mdLzysPlUxQ4
qb4ggbQdMv6mYNZGxB2sKiPzZpksecQKupmk2ccIz6fxSvNo9ARA4trhQQIDAQAB
o4IC7zCCAuswHQYDVR0OBBYEFBoHcWj2Y6B46g83TKjtGGo7Ui3qMB8GA1UdIwQY
MBaAFFakmHv4xrTN1le7wtCl4T6bYmy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnFTWWVfakd0TTNXVjd2QzBLWGhQcHRpYkxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84ODA5ZGQtNjY3YS00MDQ3LTgxMDQt
ZGU1ODY5OGI2NDcwLzEvR2dkeGFQWmpvSGpxRHpkTXFPMFlhanRTTGVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi84ODA5ZGQtNjY3YS00MDQ3LTgxMDQtZGU1ODY5OGI2NDcw
LzEvVnFTWWVfakd0TTNXVjd2QzBLWGhQcHRpYkxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAwYIKwYBBQUHAQcBAf8EgfMwgfAwge0EAgABMIHmAwQF
JYugAwQCLV+kAwQCLY8wAwQCLZnQAwQCLZ4wAwQDLv8gAwQGTokAAwQCU44wAwQD
WcjoAwQAW2nPAwQCW9OIAwQAW9mQAwQGW/QAAwQCXCtQAwQCXHbcAwQCZyOgAwQC
Z+0sAwQGbeNAAwQCmFkUAwQFsEMAAwQDstgQAwQCuQOUAwQCuSnAAwQCuT5gAwQC
uWAcAwQCuWcoAwQCuYBcMAwDBAK5sGwDBAK5sHADBAK5y/QDBAK50HADBAG53F4D
BAK55GQDBALBalADBAHCAdwDBAXUN0ADBALVbDQDBATZc2AwDQYJKoZIhvcNAQEL
BQADggEBABDsHcqEOCCugfPHfPMAxIvktKTBalTdpelDcUOYJ8R7obAhVnAU9I1V
HqUWhD0QABsXvoYqLtf15iM8hcsjtF/kLm1z13PQRGBBGwp9beLwfbjjTBtv9evp
UH65sPLHYuzsvwavqYzTIyCAQ1/u0x8kqgUyctSA8WYVeLCwGrJskH93DDqlHNee
UN2dpZCFeW94UkqwFlfKxIaPHCI1WbDJLmikkLlAiPycB+6XLXrzS61ttZJxofzE
1R+fyV9AkqYAHpIU9D4Ip9KoFKJ5E6VNkL1/J6MSXf7CAvmmDHk8GuFfBr3tD3OD
5xiRjujrhThIMZpabxrbKjKsqBAbvU8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:32 2024 by rpki-client on console-fra.rpki-client.org