Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/7zWtAIcK0yuBbMa9QnhSrr2vLAw.roa
File: 7zWtAIcK0yuBbMa9QnhSrr2vLAw.roa (raw, json)
Hash identifier: pLl8w8WsCmtX1xkpUEgXXBv9wpBc2cFzgrRnKKKQjfo=
Subject key identifier: EF:35:AD:00:87:0A:D3:2B:81:6C:C6:BD:42:78:52:AE:BD:AF:2C:0C
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0191B700B548EA1119B0E08CAB3E2C617C1A
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/7zWtAIcK0yuBbMa9QnhSrr2vLAw.roa
Signing time: Tue 03 Sep 2024 08:29:22 +0000
ROA not before: Tue 03 Sep 2024 08:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 37.235.48.0/24 maxlen: 24
37.235.51.0/24 maxlen: 24
45.153.127.0/24 maxlen: 24
46.183.187.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.121.0/24 maxlen: 24
89.31.120.0/24 maxlen: 24
89.31.121.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
91.132.92.0/24 maxlen: 24
91.132.93.0/24 maxlen: 24
91.132.95.0/24 maxlen: 24
92.243.64.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
103.57.248.0/24 maxlen: 24
103.57.249.0/24 maxlen: 24
103.57.251.0/24 maxlen: 24
134.255.211.0/24 maxlen: 24
149.154.157.0/24 maxlen: 24
149.154.158.0/24 maxlen: 24
149.154.159.0/24 maxlen: 24
151.236.15.0/24 maxlen: 24
151.236.16.0/24 maxlen: 24
151.236.17.0/24 maxlen: 24
151.236.18.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.21.0/24 maxlen: 24
151.236.22.0/24 maxlen: 24
151.236.25.0/24 maxlen: 24
158.255.208.0/24 maxlen: 24
158.255.213.0/24 maxlen: 24
158.255.214.0/24 maxlen: 24
158.255.215.0/24 maxlen: 24
176.126.99.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
185.26.239.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
2a03:f80:32::/48 maxlen: 48
2a03:f80:33::/48 maxlen: 48
2a03:f80:39::/48 maxlen: 48
2a03:f80:40::/48 maxlen: 48
2a03:f80:44::/48 maxlen: 48
2a03:f80:45::/48 maxlen: 48
2a03:f80:47::/48 maxlen: 48
2a03:f80:48::/48 maxlen: 48
2a03:f80:49::/48 maxlen: 48
2a03:f80:61::/48 maxlen: 48
2a03:f80:65::/48 maxlen: 48
2a03:f80:81::/48 maxlen: 48
2a03:f80:381::/48 maxlen: 48
2a03:f80:852::/48 maxlen: 48
2a03:f80:971::/48 maxlen: 48
2a03:f80:4416::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 04 Sep 2024 06:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b7:00:b5:48:ea:11:19:b0:e0:8c:ab:3e:2c:61:7c:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Sep 3 08:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef35ad00870ad32b816cc6bd427852aebdaf2c0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6a:64:d5:00:d9:a6:50:b3:20:b2:d5:e5:4f:
af:e4:09:f4:11:5d:27:14:f5:69:62:f1:fa:64:79:
ea:d8:53:f4:32:52:73:c4:c8:f1:fe:d5:5c:f0:d2:
68:f8:ea:8f:22:1d:af:71:67:da:b7:f0:70:44:2b:
aa:29:80:fc:c5:04:9b:d7:b9:81:e0:de:4d:ff:da:
19:fd:64:b8:28:a4:5c:2d:00:76:12:26:77:43:8f:
04:e5:11:8b:84:6b:a9:b6:f0:7f:37:87:73:ed:fc:
e7:89:64:4d:a8:12:2c:9c:17:10:4a:76:ed:09:3d:
78:70:cf:62:36:53:df:dd:0c:6b:59:1e:72:48:fb:
01:32:8d:7f:b0:de:87:f0:69:45:1d:1d:55:80:89:
53:07:3d:c4:2c:77:4f:85:e8:e5:88:fd:06:a2:55:
34:47:8f:d7:28:a4:28:0e:a0:7a:43:71:c9:51:36:
2b:68:15:6f:da:ba:1f:cb:5d:33:c3:84:f6:b8:b8:
3b:74:2b:b9:f4:86:b1:f8:cf:4b:8e:69:98:32:cb:
58:11:d5:cb:74:bf:86:ff:06:83:24:f2:38:54:df:
e1:ac:33:31:8c:4a:82:98:ea:29:59:57:24:63:4b:
a0:4a:86:03:9b:1d:3c:76:02:ca:9c:ab:39:d2:81:
fb:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:35:AD:00:87:0A:D3:2B:81:6C:C6:BD:42:78:52:AE:BD:AF:2C:0C
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/7zWtAIcK0yuBbMa9QnhSrr2vLAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.48.0/24
37.235.51.0/24
45.153.127.0/24
46.183.187.0/24
83.243.120.0/23
89.31.120.0/23
89.31.123.0/24
91.132.92.0/23
91.132.95.0/24
92.243.64.0/24
95.156.204.0/24
95.156.207.0/24
103.57.248.0/23
103.57.251.0/24
134.255.211.0/24
149.154.157.0-149.154.159.255
151.236.15.0-151.236.18.255
151.236.20.0-151.236.22.255
151.236.25.0/24
158.255.208.0/24
158.255.213.0-158.255.215.255
176.126.99.0/24
185.26.236.0/24
185.26.238.0/23
185.76.78.0/23
213.183.55.0/24
IPv6:
2a03:f80:32::/47
2a03:f80:39::/48
2a03:f80:40::/48
2a03:f80:44::/47
2a03:f80:47::-2a03:f80:49:ffff:ffff:ffff:ffff:ffff
2a03:f80:61::/48
2a03:f80:65::/48
2a03:f80:81::/48
2a03:f80:381::/48
2a03:f80:852::/48
2a03:f80:971::/48
2a03:f80:4416::/48
2a03:f80:ed51::/48
Signature Algorithm: sha256WithRSAEncryption
1b:33:72:9c:a0:92:af:35:de:9d:fa:60:9c:7e:5e:44:02:61:
d0:d1:b0:fa:90:a9:0c:cc:00:3e:d0:09:4a:47:7b:dd:d2:de:
20:a3:a7:6a:bf:e2:8d:e6:7e:01:e8:0d:31:95:7e:cd:b3:7c:
c7:b3:a4:d2:6a:69:13:8a:9e:a7:df:2a:d2:06:e1:62:73:09:
bf:7a:44:a3:0f:09:45:36:10:17:28:12:50:a7:bb:6b:32:58:
57:9a:4b:ce:dd:f2:e5:a1:f0:08:ad:0a:ec:61:10:c4:6f:4a:
f1:9c:44:ef:ff:14:bc:e8:88:d8:f2:2e:85:a7:cd:b1:f0:36:
86:ab:68:a1:f0:3f:32:a8:38:a2:79:b3:3b:fb:87:6d:d6:00:
09:9e:f3:f8:9e:d9:05:fc:fa:b7:6d:74:84:9c:0f:eb:56:ea:
fd:d9:52:7e:bf:f2:22:b8:ab:88:71:1e:7b:8a:75:3d:1d:5d:
6a:4b:27:c7:1a:46:65:7d:ea:5f:5e:b2:50:23:fe:be:da:54:
c6:8f:30:a5:1d:65:69:26:c8:c3:c3:d4:a9:57:8a:e1:1d:d3:
39:a9:78:0a:c5:6e:ab:21:bf:8e:ef:23:af:3e:9c:d8:6e:b9:
f7:df:3d:0b:2d:59:98:37:c5:3c:ba:41:56:75:05:68:1b:47:
b9:f5:75:ef
-----BEGIN CERTIFICATE-----
MIIGRTCCBS2gAwIBAgISAZG3ALVI6hEZsOCMqz4sYXwaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwOTAzMDgyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjM1YWQwMDg3MGFkMzJiODE2Y2M2YmQ0Mjc4NTJhZWJkYWYyYzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2pk1QDZplCzILLV5U+v5An0EV0n
FPVpYvH6ZHnq2FP0MlJzxMjx/tVc8NJo+OqPIh2vcWfat/BwRCuqKYD8xQSb17mB
4N5N/9oZ/WS4KKRcLQB2EiZ3Q48E5RGLhGuptvB/N4dz7fzniWRNqBIsnBcQSnbt
CT14cM9iNlPf3QxrWR5ySPsBMo1/sN6H8GlFHR1VgIlTBz3ELHdPhejliP0GolU0
R4/XKKQoDqB6Q3HJUTYraBVv2rofy10zw4T2uLg7dCu59Iax+M9LjmmYMstYEdXL
dL+G/waDJPI4VN/hrDMxjEqCmOopWVckY0ugSoYDmx08dgLKnKs50oH7kwIDAQAB
o4IDUTCCA00wHQYDVR0OBBYEFO81rQCHCtMrgWzGvUJ4Uq69rywMMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvN3pXdEFJY0sweXVCYk1hOVFuaFNycjJ2TEF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZQYIKwYBBQUHAQcBAf8EggFUMIIBUDCBwwQCAAEwgbwD
BAAl6zADBAAl6zMDBAAtmX8DBAAut7sDBAFT83gDBAFZH3gDBABZH3sDBAFbhFwD
BABbhF8DBABc80ADBABfnMwDBABfnM8DBAFnOfgDBABnOfsDBACG/9MwDAMEAJWa
nQMEBZWagDAMAwQAl+wPAwQAl+wSMAwDBAKX7BQDBACX7BYDBACX7BkDBACe/9Aw
DAMEAJ7/1QMEA57/0AMEALB+YwMEALka7AMEAbka7gMEAblMTgMEANW3NzCBhwQC
AAIwgYADBwEqAw+AADIDBwAqAw+AADkDBwAqAw+AAEADBwEqAw+AAEQwEgMHACoD
D4AARwMHASoDD4AASAMHACoDD4AAYQMHACoDD4AAZQMHACoDD4AAgQMHACoDD4AD
gQMHACoDD4AIUgMHACoDD4AJcQMHACoDD4BEFgMHACoDD4DtUTANBgkqhkiG9w0B
AQsFAAOCAQEAGzNynKCSrzXenfpgnH5eRAJh0NGw+pCpDMwAPtAJSkd73dLeIKOn
ar/ijeZ+AegNMZV+zbN8x7Ok0mppE4qep98q0gbhYnMJv3pEow8JRTYQFygSUKe7
azJYV5pLzt3y5aHwCK0K7GEQxG9K8ZxE7/8UvOiI2PIuhafNsfA2hqtoofA/Mqg4
onmzO/uHbdYACZ7z+J7ZBfz6t210hJwP61bq/dlSfr/yIririHEee4p1PR1daksn
xxpGZX3qX16yUCP+vtpUxo8wpR1laSbIw8PUqVeK4R3TOal4CsVuqyG/ju8jrz6c
2G659989Cy1ZmDfFPLpBVnUFaBtHufV17w==
-----END CERTIFICATE-----
Generated at Wed Sep 4 09:06:01 2024 by rpki-client on console-ams.rpki-client.org