Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/1820SORxb_lImXGh45wsVfsXsqY.roa
File: 1820SORxb_lImXGh45wsVfsXsqY.roa (raw, json)
Hash identifier: 0e9ji/wuPPmhJF2UbIDoKdQmheV9L93wCWSO4yw9bsQ=
Subject key identifier: D7:CD:B4:48:E4:71:6F:F9:48:99:71:A1:E3:9C:2C:55:FB:17:B2:A6
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0191BBB75F86745499F7BE30EE485C5FA108
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/1820SORxb_lImXGh45wsVfsXsqY.roa
Signing time: Wed 04 Sep 2024 06:27:22 +0000
ROA not before: Wed 04 Sep 2024 06:27:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 37.235.48.0/24 maxlen: 24
37.235.51.0/24 maxlen: 24
45.153.127.0/24 maxlen: 24
46.183.187.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.121.0/24 maxlen: 24
89.31.120.0/24 maxlen: 24
89.31.121.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
89.46.233.0/24 maxlen: 24
91.132.92.0/24 maxlen: 24
91.132.93.0/24 maxlen: 24
91.132.95.0/24 maxlen: 24
92.243.64.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
103.57.248.0/24 maxlen: 24
103.57.249.0/24 maxlen: 24
103.57.251.0/24 maxlen: 24
134.255.211.0/24 maxlen: 24
149.154.157.0/24 maxlen: 24
149.154.158.0/24 maxlen: 24
149.154.159.0/24 maxlen: 24
151.236.15.0/24 maxlen: 24
151.236.16.0/24 maxlen: 24
151.236.17.0/24 maxlen: 24
151.236.18.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.21.0/24 maxlen: 24
151.236.22.0/24 maxlen: 24
151.236.25.0/24 maxlen: 24
158.255.208.0/24 maxlen: 24
158.255.213.0/24 maxlen: 24
158.255.214.0/24 maxlen: 24
158.255.215.0/24 maxlen: 24
176.126.99.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
185.26.239.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
2a03:f80:32::/48 maxlen: 48
2a03:f80:33::/48 maxlen: 48
2a03:f80:39::/48 maxlen: 48
2a03:f80:40::/48 maxlen: 48
2a03:f80:44::/48 maxlen: 48
2a03:f80:45::/48 maxlen: 48
2a03:f80:47::/48 maxlen: 48
2a03:f80:48::/48 maxlen: 48
2a03:f80:49::/48 maxlen: 48
2a03:f80:61::/48 maxlen: 48
2a03:f80:65::/48 maxlen: 48
2a03:f80:81::/48 maxlen: 48
2a03:f80:381::/48 maxlen: 48
2a03:f80:852::/48 maxlen: 48
2a03:f80:971::/48 maxlen: 48
2a03:f80:4416::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 04 Sep 2024 06:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bb:b7:5f:86:74:54:99:f7:be:30:ee:48:5c:5f:a1:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Sep 4 06:27:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7cdb448e4716ff9489971a1e39c2c55fb17b2a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f6:40:a5:59:84:2d:c9:7e:e6:8d:ee:d7:1b:
e9:0b:e2:f2:3d:f3:62:5e:46:bf:41:0c:07:6d:00:
74:c6:52:a3:35:b5:3b:ee:cc:a9:c5:ea:8e:d0:7b:
c0:6e:7a:ce:67:bb:07:f0:56:0e:f1:6f:01:4d:a7:
49:06:33:e8:bc:91:94:f0:43:99:3a:37:c8:fd:cc:
55:b8:e7:b4:9f:c9:cd:04:60:53:c3:f2:c2:61:8b:
92:4b:1d:96:3e:a9:e6:a8:c9:00:af:03:cc:0a:8c:
6a:fc:f4:3b:82:9e:70:6d:c1:cb:ba:cc:b6:1e:38:
2a:4c:7d:e5:db:aa:52:30:60:c4:02:2a:cc:eb:8d:
fc:3b:b1:ea:91:0e:0a:73:e4:6c:4f:74:21:00:e8:
51:cf:e4:4d:2b:ac:de:ec:af:63:98:6c:45:8f:90:
69:ef:c4:16:4c:e4:38:19:c6:5c:74:eb:99:c1:47:
29:e5:ca:89:2d:cc:92:b4:8f:70:d7:0d:83:3e:89:
90:a6:84:84:38:08:90:48:e1:14:60:4e:d0:b8:9b:
cd:59:04:96:e4:2e:9e:58:56:79:60:10:1f:51:f7:
d1:ca:d2:eb:04:e7:b6:c3:49:73:53:d1:f1:7f:42:
0e:bd:81:7c:18:56:4f:d0:58:5d:c9:c8:24:a6:5a:
54:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:CD:B4:48:E4:71:6F:F9:48:99:71:A1:E3:9C:2C:55:FB:17:B2:A6
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/1820SORxb_lImXGh45wsVfsXsqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.48.0/24
37.235.51.0/24
45.153.127.0/24
46.183.187.0/24
83.243.120.0/23
89.31.120.0/23
89.31.123.0/24
89.46.233.0/24
91.132.92.0/23
91.132.95.0/24
92.243.64.0/24
95.156.204.0/24
95.156.207.0/24
103.57.248.0/23
103.57.251.0/24
134.255.211.0/24
149.154.157.0-149.154.159.255
151.236.15.0-151.236.18.255
151.236.20.0-151.236.22.255
151.236.25.0/24
158.255.208.0/24
158.255.213.0-158.255.215.255
176.126.99.0/24
185.26.236.0/24
185.26.238.0/23
185.76.78.0/23
213.183.55.0/24
IPv6:
2a03:f80:32::/47
2a03:f80:39::/48
2a03:f80:40::/48
2a03:f80:44::/47
2a03:f80:47::-2a03:f80:49:ffff:ffff:ffff:ffff:ffff
2a03:f80:61::/48
2a03:f80:65::/48
2a03:f80:81::/48
2a03:f80:381::/48
2a03:f80:852::/48
2a03:f80:971::/48
2a03:f80:4416::/48
2a03:f80:ed51::/48
Signature Algorithm: sha256WithRSAEncryption
96:a0:4c:2b:18:8a:fd:1e:7f:73:b4:ef:cb:42:3e:18:49:a1:
ec:d0:1d:55:b6:26:aa:66:f9:6e:4c:87:91:f9:ba:30:27:a8:
9a:39:2c:6d:8e:27:c7:7b:1d:71:d1:83:17:2d:db:b8:91:fe:
67:f1:8c:17:72:ba:35:89:3c:dd:29:af:74:39:aa:ee:64:3a:
85:20:1b:23:ee:54:c2:14:af:18:d0:22:58:b1:f7:44:21:fc:
57:f9:fa:6f:a2:0b:07:93:4d:84:a6:ea:57:46:1b:82:ec:51:
63:0e:87:5f:93:37:c5:85:ba:4a:4a:44:28:c6:1d:67:41:19:
a4:48:94:c5:5f:70:5a:45:e7:c3:c8:f5:be:5c:1a:96:4f:8e:
0a:04:00:1f:19:01:fc:82:16:f6:6e:15:88:40:25:d1:99:38:
ec:f7:6c:64:30:2e:7a:eb:b8:c4:8b:3e:26:e5:62:19:27:fc:
95:37:30:4d:87:1d:3c:e0:63:3f:ee:7c:6e:ab:b6:2d:99:c1:
65:14:a2:7a:78:28:94:ad:1a:fc:d4:d9:c7:15:dc:56:1d:17:
87:b0:c7:ab:8d:9c:9e:a3:5a:b6:14:53:26:eb:8e:35:89:03:
d2:1c:2f:7b:7a:59:44:a3:6d:73:ee:07:18:ad:6f:bb:d2:9f:
bc:e0:9a:cb
-----BEGIN CERTIFICATE-----
MIIGSzCCBTOgAwIBAgISAZG7t1+GdFSZ974w7khcX6EIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwOTA0MDYyNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2NkYjQ0OGU0NzE2ZmY5NDg5OTcxYTFlMzljMmM1NWZiMTdiMmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvZApVmELcl+5o3u1xvpC+LyPfNi
Xka/QQwHbQB0xlKjNbU77sypxeqO0HvAbnrOZ7sH8FYO8W8BTadJBjPovJGU8EOZ
OjfI/cxVuOe0n8nNBGBTw/LCYYuSSx2WPqnmqMkArwPMCoxq/PQ7gp5wbcHLusy2
HjgqTH3l26pSMGDEAirM6438O7HqkQ4Kc+RsT3QhAOhRz+RNK6ze7K9jmGxFj5Bp
78QWTOQ4GcZcdOuZwUcp5cqJLcyStI9w1w2DPomQpoSEOAiQSOEUYE7QuJvNWQSW
5C6eWFZ5YBAfUffRytLrBOe2w0lzU9Hxf0IOvYF8GFZP0FhdycgkplpUpwIDAQAB
o4IDVzCCA1MwHQYDVR0OBBYEFNfNtEjkcW/5SJlxoeOcLFX7F7KmMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvMTgyMFNPUnhiX2xJbVhHaDQ1d3NWZnNYc3FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBawYIKwYBBQUHAQcBAf8EggFaMIIBVjCByQQCAAEwgcID
BAAl6zADBAAl6zMDBAAtmX8DBAAut7sDBAFT83gDBAFZH3gDBABZH3sDBABZLukD
BAFbhFwDBABbhF8DBABc80ADBABfnMwDBABfnM8DBAFnOfgDBABnOfsDBACG/9Mw
DAMEAJWanQMEBZWagDAMAwQAl+wPAwQAl+wSMAwDBAKX7BQDBACX7BYDBACX7BkD
BACe/9AwDAMEAJ7/1QMEA57/0AMEALB+YwMEALka7AMEAbka7gMEAblMTgMEANW3
NzCBhwQCAAIwgYADBwEqAw+AADIDBwAqAw+AADkDBwAqAw+AAEADBwEqAw+AAEQw
EgMHACoDD4AARwMHASoDD4AASAMHACoDD4AAYQMHACoDD4AAZQMHACoDD4AAgQMH
ACoDD4ADgQMHACoDD4AIUgMHACoDD4AJcQMHACoDD4BEFgMHACoDD4DtUTANBgkq
hkiG9w0BAQsFAAOCAQEAlqBMKxiK/R5/c7Tvy0I+GEmh7NAdVbYmqmb5bkyHkfm6
MCeomjksbY4nx3sdcdGDFy3buJH+Z/GMF3K6NYk83SmvdDmq7mQ6hSAbI+5UwhSv
GNAiWLH3RCH8V/n6b6ILB5NNhKbqV0YbguxRYw6HX5M3xYW6SkpEKMYdZ0EZpEiU
xV9wWkXnw8j1vlwalk+OCgQAHxkB/IIW9m4ViEAl0Zk47PdsZDAueuu4xIs+JuVi
GSf8lTcwTYcdPOBjP+58bqu2LZnBZRSiengolK0a/NTZxxXcVh0Xh7DHq42cnqNa
thRTJuuONYkD0hwve3pZRKNtc+4HGK1vu9KfvOCayw==
-----END CERTIFICATE-----
Generated at Wed Sep 4 09:07:41 2024 by rpki-client on console-fra.rpki-client.org