Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/4xF1elc7FdOd0XTqlHVQhQsZPnQ.roa
File: 4xF1elc7FdOd0XTqlHVQhQsZPnQ.roa (raw, json)
Hash identifier: /CHWU3YGQMZJ0tY/9mqF6XuxNkb6L49L/4vwqjyFcxo=
Subject key identifier: E3:11:75:7A:57:3B:15:D3:9D:D1:74:EA:94:75:50:85:0B:19:3E:74
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 018986A375F6AB294BEC6B93EDFB451C8C17
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/4xF1elc7FdOd0XTqlHVQhQsZPnQ.roa
Signing time: Mon 24 Jul 2023 06:43:26 +0000
ROA not before: Mon 24 Jul 2023 06:43:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57169
IP address blocks: 37.235.50.0/23 maxlen: 23
37.235.48.0/20 maxlen: 20
37.235.56.0/24 maxlen: 24
37.235.57.0/24 maxlen: 24
37.235.58.0/24 maxlen: 24
37.235.52.0/24 maxlen: 24
37.235.59.0/24 maxlen: 24
37.235.60.0/24 maxlen: 24
37.235.61.0/24 maxlen: 24
37.235.62.0/24 maxlen: 24
37.235.63.0/24 maxlen: 24
158.255.211.0/24 maxlen: 24
158.255.212.0/24 maxlen: 24
158.255.209.0/24 maxlen: 24
158.255.210.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.237.0/24 maxlen: 24
149.154.152.0/24 maxlen: 24
149.154.153.0/24 maxlen: 24
149.154.154.0/24 maxlen: 24
149.154.155.0/24 maxlen: 24
149.154.156.0/24 maxlen: 24
91.227.204.0/23 maxlen: 23
91.227.204.0/24 maxlen: 24
91.227.205.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
91.132.94.0/24 maxlen: 24
151.236.0.0/19 maxlen: 19
151.236.0.0/24 maxlen: 24
151.236.1.0/24 maxlen: 24
151.236.2.0/24 maxlen: 24
151.236.3.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.5.0/24 maxlen: 24
151.236.6.0/24 maxlen: 24
151.236.7.0/24 maxlen: 24
151.236.8.0/24 maxlen: 24
151.236.9.0/24 maxlen: 24
151.236.10.0/24 maxlen: 24
151.236.11.0/24 maxlen: 24
151.236.12.0/24 maxlen: 24
151.236.13.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.26.0/23 maxlen: 23
151.236.30.0/24 maxlen: 24
103.57.250.0/24 maxlen: 24
92.243.66.0/24 maxlen: 24
2a03:f80:359::/48 maxlen: 48
2a03:f80:56::/48 maxlen: 48
2a03:f80:ed16::/48 maxlen: 48
2a03:f80:371::/48 maxlen: 48
2a03:f80:ed31::/48 maxlen: 48
2a03:f87:ffff::/48 maxlen: 48
2a03:f80::/29 maxlen: 29
2a03:f80:ed17::/48 maxlen: 48
2a03:f80:57::/48 maxlen: 48
2a03:f80:354::/48 maxlen: 48
2a03:f80:3991::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
2a03:f80:7::/48 maxlen: 48
2a03:f80:ed15::/48 maxlen: 48
2a03:f80:ad15::/48 maxlen: 48
2a03:f80:70::/48 maxlen: 48
2a03:f80:370::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:86:a3:75:f6:ab:29:4b:ec:6b:93:ed:fb:45:1c:8c:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jul 24 06:43:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e311757a573b15d39dd174ea947550850b193e74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5d:b4:ff:93:63:8e:6e:88:d9:1b:45:aa:46:
1c:9e:b7:86:cf:c0:91:d7:c2:a6:85:32:b4:b4:9a:
62:b7:47:23:34:4f:cb:da:9b:86:d1:e4:d4:68:db:
69:2e:55:15:24:88:93:b1:06:8d:bb:94:11:e9:a6:
7a:4a:71:1c:ce:6f:a2:26:ab:b2:e1:7f:ab:a4:3e:
58:24:e6:d9:d3:df:c3:79:02:f0:46:d2:39:3d:94:
92:b3:88:ac:c7:d3:40:0d:b1:3b:8a:91:53:c6:97:
c6:5c:4c:dd:29:db:81:8e:81:82:2a:ab:84:ef:55:
7e:a1:64:89:a5:7c:39:22:12:25:96:58:66:59:70:
ef:77:49:13:44:30:9a:fe:f9:32:eb:ce:66:a5:00:
c4:a6:94:22:ce:5a:62:17:b9:0a:62:cf:81:af:01:
b1:e8:2f:34:aa:9e:9f:79:15:64:f6:9a:4d:b8:af:
9f:ba:73:fb:e0:2f:42:01:0f:6a:9f:e0:41:a9:a6:
8d:c2:a8:e3:4f:6a:cb:75:3a:48:a4:9e:7c:27:00:
6e:67:4d:37:63:a5:e8:11:cd:21:8d:2c:ed:99:00:
23:b0:f1:89:bd:d9:ca:58:da:10:c6:e7:63:23:06:
2b:ba:b2:5f:a3:25:33:48:9b:e5:ce:75:41:91:80:
f0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:11:75:7A:57:3B:15:D3:9D:D1:74:EA:94:75:50:85:0B:19:3E:74
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/4xF1elc7FdOd0XTqlHVQhQsZPnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.48.0/20
83.243.120.0/24
89.31.123.0/24
91.132.94.0/24
91.227.204.0/23
92.243.66.0/24
103.57.250.0/24
149.154.152.0-149.154.156.255
151.236.0.0/19
158.255.209.0-158.255.212.255
185.26.236.0/23
IPv6:
2a03:f80::/29
Signature Algorithm: sha256WithRSAEncryption
77:de:ee:dd:64:8b:ff:22:a9:02:4f:3b:1e:c6:a5:2c:44:91:
f6:a5:ce:6b:cd:ec:5f:ba:46:1a:e5:94:f5:92:48:42:e4:af:
67:81:83:95:c2:9c:1e:c7:5c:d2:9d:9a:9b:60:00:81:88:35:
ef:88:14:b0:c4:ef:65:ed:41:96:3f:65:15:4d:01:ff:f8:d8:
1f:35:8f:f2:12:0a:42:5b:bf:fe:d1:ed:84:30:1c:8b:df:06:
dc:ed:dc:81:cf:30:51:9c:1b:0b:b3:46:36:86:84:18:24:6f:
06:c8:25:5e:b3:b5:13:b9:7b:f4:05:19:fa:b3:87:b9:a0:83:
20:a3:6e:1a:e4:b5:9c:93:d2:95:7b:30:ff:b4:27:14:82:a2:
ef:93:fc:0d:0c:8d:f5:ff:7a:20:fe:87:00:f9:29:06:7a:85:
c1:1c:2c:5e:80:b8:ca:18:c9:93:2a:8c:16:4f:a3:36:c6:9a:
1b:fa:37:9d:ec:4d:29:eb:1d:3a:21:fe:9f:05:ce:e6:f0:37:
ec:7e:b9:91:a6:50:e1:a6:60:2c:da:41:2f:26:e0:82:07:59:
09:15:bb:9f:50:00:e8:60:81:30:15:5e:c4:d3:ee:f1:08:92:
ea:e7:23:ae:ba:82:47:44:3d:3a:5a:24:3d:e5:d7:15:1d:65:
22:b7:13:76
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAYmGo3X2qylL7GuT7ftFHIwXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwNzI0MDY0MzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzExNzU3YTU3M2IxNWQzOWRkMTc0ZWE5NDc1NTA4NTBiMTkzZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl120/5Njjm6I2RtFqkYcnreGz8CR
18KmhTK0tJpit0cjNE/L2puG0eTUaNtpLlUVJIiTsQaNu5QR6aZ6SnEczm+iJquy
4X+rpD5YJObZ09/DeQLwRtI5PZSSs4isx9NADbE7ipFTxpfGXEzdKduBjoGCKquE
71V+oWSJpXw5IhIlllhmWXDvd0kTRDCa/vky685mpQDEppQizlpiF7kKYs+BrwGx
6C80qp6feRVk9ppNuK+funP74C9CAQ9qn+BBqaaNwqjjT2rLdTpIpJ58JwBuZ003
Y6XoEc0hjSztmQAjsPGJvdnKWNoQxudjIwYrurJfoyUzSJvlznVBkYDwxQIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFOMRdXpXOxXTndF06pR1UIULGT50MB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvNHhGMWVsYzdGZE9kMFhUcWxIVlFoUXNaUG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBYBAIAATBSAwQEJeswAwQA
U/N4AwQAWR97AwQAW4ReAwQBW+PMAwQAXPNCAwQAZzn6MAwDBAOVmpgDBACVmpwD
BAWX7AAwDAMEAJ7/0QMEAJ7/1AMEAbka7DANBAIAAjAHAwUDKgMPgDANBgkqhkiG
9w0BAQsFAAOCAQEAd97u3WSL/yKpAk87HsalLESR9qXOa83sX7pGGuWU9ZJIQuSv
Z4GDlcKcHsdc0p2am2AAgYg174gUsMTvZe1Blj9lFU0B//jYHzWP8hIKQlu//tHt
hDAci98G3O3cgc8wUZwbC7NGNoaEGCRvBsglXrO1E7l79AUZ+rOHuaCDIKNuGuS1
nJPSlXsw/7QnFIKi75P8DQyN9f96IP6HAPkpBnqFwRwsXoC4yhjJkyqMFk+jNsaa
G/o3nexNKesdOiH+nwXO5vA37H65kaZQ4aZgLNpBLybgggdZCRW7n1AA6GCBMBVe
xNPu8QiS6ucjrrqCR0Q9OlokPeXXFR1lIrcTdg==
-----END CERTIFICATE-----
Generated at Tue Sep 12 13:16:02 2023 by rpki-client on console-fra.rpki-client.org