Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/8YRd3tfSb_FCgoVR4szZ2j7R408.roa
File: 8YRd3tfSb_FCgoVR4szZ2j7R408.roa (raw, json)
Hash identifier: Kxxvvv3Nb39mG0vwFxqCcYpsQbz8q9AXeNVaryscW9w=
Subject key identifier: F1:84:5D:DE:D7:D2:6F:F1:42:82:85:51:E2:CC:D9:DA:3E:D1:E3:4F
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0192AE100014351AB9A7B516D6C3F3C8E95B
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/8YRd3tfSb_FCgoVR4szZ2j7R408.roa
Signing time: Mon 21 Oct 2024 07:52:17 +0000
ROA not before: Mon 21 Oct 2024 07:52:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57169
IP address blocks: 5.180.114.0/24 maxlen: 24
37.235.48.0/20 maxlen: 20
37.235.50.0/23 maxlen: 23
37.235.50.0/24 maxlen: 24
37.235.52.0/24 maxlen: 24
37.235.56.0/24 maxlen: 24
37.235.57.0/24 maxlen: 24
37.235.58.0/24 maxlen: 24
37.235.59.0/24 maxlen: 24
37.235.60.0/24 maxlen: 24
37.235.61.0/24 maxlen: 24
37.235.62.0/24 maxlen: 24
37.235.63.0/24 maxlen: 24
45.153.125.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.122.0/24 maxlen: 24
83.243.123.0/24 maxlen: 24
84.247.61.0/24 maxlen: 24
86.106.119.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
89.46.237.0/24 maxlen: 24
89.46.238.0/24 maxlen: 24
91.132.94.0/24 maxlen: 24
91.227.204.0/23 maxlen: 23
91.227.204.0/24 maxlen: 24
91.227.205.0/24 maxlen: 24
92.243.66.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
103.57.250.0/24 maxlen: 24
134.255.210.0/24 maxlen: 24
149.154.152.0/24 maxlen: 24
149.154.153.0/24 maxlen: 24
149.154.154.0/24 maxlen: 24
149.154.155.0/24 maxlen: 24
149.154.156.0/24 maxlen: 24
151.236.0.0/19 maxlen: 19
151.236.0.0/24 maxlen: 24
151.236.1.0/24 maxlen: 24
151.236.2.0/24 maxlen: 24
151.236.3.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.5.0/24 maxlen: 24
151.236.6.0/24 maxlen: 24
151.236.7.0/24 maxlen: 24
151.236.8.0/24 maxlen: 24
151.236.9.0/24 maxlen: 24
151.236.10.0/24 maxlen: 24
151.236.11.0/24 maxlen: 24
151.236.12.0/24 maxlen: 24
151.236.13.0/24 maxlen: 24
151.236.14.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.26.0/23 maxlen: 23
151.236.28.0/24 maxlen: 24
151.236.30.0/24 maxlen: 24
158.255.209.0/24 maxlen: 24
158.255.210.0/24 maxlen: 24
158.255.211.0/24 maxlen: 24
158.255.212.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.237.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
185.193.51.0/24 maxlen: 24
185.195.65.0/24 maxlen: 24
188.214.33.0/24 maxlen: 24
188.214.34.0/24 maxlen: 24
188.214.38.0/24 maxlen: 24
188.214.39.0/24 maxlen: 24
213.183.54.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
213.183.56.0/24 maxlen: 24
213.183.57.0/24 maxlen: 24
2a03:f80::/29 maxlen: 29
2a03:f80:7::/48 maxlen: 48
2a03:f80:31::/48 maxlen: 48
2a03:f80:56::/48 maxlen: 48
2a03:f80:57::/48 maxlen: 48
2a03:f80:70::/48 maxlen: 48
2a03:f80:354::/48 maxlen: 48
2a03:f80:357::/48 maxlen: 48
2a03:f80:359::/48 maxlen: 48
2a03:f80:370::/48 maxlen: 48
2a03:f80:371::/48 maxlen: 48
2a03:f80:3991::/48 maxlen: 48
2a03:f80:ad15::/48 maxlen: 48
2a03:f80:ed15::/48 maxlen: 48
2a03:f80:ed16::/48 maxlen: 48
2a03:f80:ed17::/48 maxlen: 48
2a03:f80:ed31::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
2a03:f87:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 22 Oct 2024 12:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ae:10:00:14:35:1a:b9:a7:b5:16:d6:c3:f3:c8:e9:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Oct 21 07:52:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1845dded7d26ff142828551e2ccd9da3ed1e34f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a4:45:03:44:00:7a:99:2e:e8:99:f7:64:3b:
d3:85:88:e6:3c:4e:0f:3b:49:61:bb:c0:26:e2:c2:
5d:70:22:b5:c5:30:85:ef:94:d2:85:33:7c:f9:d2:
00:45:e4:8a:02:cc:a6:ac:a2:d9:a2:d6:05:84:47:
31:d8:e9:8b:f5:8c:3b:f6:bd:c7:0e:30:1a:87:32:
6a:b3:d2:c0:03:a4:51:1f:42:aa:c9:7a:32:f4:e6:
74:b0:50:c5:47:eb:f0:c5:94:ec:6b:7f:08:40:cd:
8b:f3:15:44:f3:a9:55:99:3c:ce:e0:b8:c2:53:f1:
eb:d2:39:66:7f:74:5b:7b:db:32:ad:b5:71:89:5c:
17:25:f1:b3:22:fe:f6:2c:1b:b2:b3:7c:21:c3:2f:
fd:b2:77:65:9a:42:8f:43:2b:d7:ba:3e:14:90:68:
31:13:a3:3f:5d:d9:8c:91:18:63:77:e0:ec:f6:e2:
29:64:66:15:1b:63:3a:0e:4f:2f:64:ca:f9:60:99:
98:8e:e9:42:63:20:3c:f2:38:42:8b:fa:47:28:a4:
07:5c:54:b6:bd:a2:b1:b7:29:bb:4d:c6:8c:cd:94:
d4:a0:13:dd:10:f6:2e:2e:26:1e:4b:80:f4:fb:f0:
81:82:dc:c1:00:f2:4e:3f:d1:2c:0d:4a:1a:8d:02:
2f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:84:5D:DE:D7:D2:6F:F1:42:82:85:51:E2:CC:D9:DA:3E:D1:E3:4F
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/8YRd3tfSb_FCgoVR4szZ2j7R408.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.114.0/24
37.235.48.0/20
45.153.125.0/24
83.243.120.0/24
83.243.122.0/23
84.247.61.0/24
86.106.119.0/24
89.31.123.0/24
89.46.237.0-89.46.238.255
91.132.94.0/24
91.227.204.0/23
92.243.66.0/24
95.156.205.0/24
103.57.250.0/24
134.255.210.0/24
149.154.152.0-149.154.156.255
151.236.0.0/19
158.255.209.0-158.255.212.255
185.26.236.0-185.26.238.255
185.193.51.0/24
185.195.65.0/24
188.214.33.0-188.214.34.255
188.214.38.0/23
213.183.54.0-213.183.57.255
IPv6:
2a03:f80::/29
Signature Algorithm: sha256WithRSAEncryption
8d:bf:5b:ef:64:6d:e0:de:bd:59:11:ab:a8:6e:b4:47:e3:87:
a7:71:67:ae:25:32:28:5b:10:37:3c:7c:56:81:2a:ec:34:1a:
e9:ec:67:67:c4:87:9b:8c:eb:d6:ee:26:c0:b6:f2:83:7f:14:
2b:6c:36:80:60:7b:7c:a3:f5:56:ec:11:3a:6f:cf:d8:64:42:
6b:59:fa:1c:eb:3f:dd:8e:73:ff:10:3f:9b:c1:97:1f:1b:63:
29:9c:65:84:98:fe:51:74:84:19:d0:67:98:0b:01:59:78:b4:
bd:ba:e1:2c:0f:92:f6:79:8c:e8:df:7b:ee:ba:a3:c5:14:82:
93:75:7e:55:2b:80:aa:a0:bd:10:c7:d0:93:a1:27:b5:0e:d6:
27:c4:4d:f4:77:c9:84:14:10:a8:2e:d0:4c:ef:71:73:f6:8a:
f9:e4:18:12:62:20:93:9b:8d:8b:d3:7b:f5:bf:f2:53:3d:41:
1c:98:06:a0:69:88:f3:e0:39:a0:99:04:65:ae:25:10:a8:e3:
9f:82:01:c1:0a:9c:9e:8d:91:45:d2:88:1d:87:d3:4d:d5:cc:
54:de:34:f2:15:87:19:0e:1b:5e:dd:93:d6:22:01:3a:5f:8b:
d6:af:da:2a:61:e1:f5:63:e6:2c:cd:10:2c:1a:c0:1a:07:dd:
48:be:93:e8
-----BEGIN CERTIFICATE-----
MIIFyzCCBLOgAwIBAgISAZKuEAAUNRq5p7UW1sPzyOlbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQxMDIxMDc1MjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTg0NWRkZWQ3ZDI2ZmYxNDI4Mjg1NTFlMmNjZDlkYTNlZDFlMzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqRFA0QAepku6Jn3ZDvThYjmPE4P
O0lhu8Am4sJdcCK1xTCF75TShTN8+dIAReSKAsymrKLZotYFhEcx2OmL9Yw79r3H
DjAahzJqs9LAA6RRH0KqyXoy9OZ0sFDFR+vwxZTsa38IQM2L8xVE86lVmTzO4LjC
U/Hr0jlmf3Rbe9syrbVxiVwXJfGzIv72LBuys3whwy/9sndlmkKPQyvXuj4UkGgx
E6M/XdmMkRhjd+Ds9uIpZGYVG2M6Dk8vZMr5YJmYjulCYyA88jhCi/pHKKQHXFS2
vaKxtym7TcaMzZTUoBPdEPYuLiYeS4D0+/CBgtzBAPJOP9EsDUoajQIvNQIDAQAB
o4IC1zCCAtMwHQYDVR0OBBYEFPGEXd7X0m/xQoKFUeLM2do+0eNPMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvOFlSZDN0ZlNiX0ZDZ29WUjRzeloyajdSNDA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHsBggrBgEFBQcBBwEB/wSB3DCB2TCBxwQCAAEwgcADBAAF
tHIDBAQl6zADBAAtmX0DBABT83gDBAFT83oDBABU9z0DBABWancDBABZH3swDAME
AFku7QMEAFku7gMEAFuEXgMEAVvjzAMEAFzzQgMEAF+czQMEAGc5+gMEAIb/0jAM
AwQDlZqYAwQAlZqcAwQFl+wAMAwDBACe/9EDBACe/9QwDAMEArka7AMEALka7gME
ALnBMwMEALnDQTAMAwQAvNYhAwQAvNYiAwQBvNYmMAwDBAHVtzYDBAHVtzgwDQQC
AAIwBwMFAyoDD4AwDQYJKoZIhvcNAQELBQADggEBAI2/W+9kbeDevVkRq6hutEfj
h6dxZ64lMihbEDc8fFaBKuw0GunsZ2fEh5uM69buJsC28oN/FCtsNoBge3yj9Vbs
ETpvz9hkQmtZ+hzrP92Oc/8QP5vBlx8bYymcZYSY/lF0hBnQZ5gLAVl4tL264SwP
kvZ5jOjfe+66o8UUgpN1flUrgKqgvRDH0JOhJ7UO1ifETfR3yYQUEKgu0EzvcXP2
ivnkGBJiIJObjYvTe/W/8lM9QRyYBqBpiPPgOaCZBGWuJRCo45+CAcEKnJ6NkUXS
iB2H003VzFTeNPIVhxkOG17dk9YiATpfi9av2iph4fVj5izNECwawBoH3Ui+k+g=
-----END CERTIFICATE-----
Generated at Tue Oct 22 16:58:43 2024 by rpki-client on console-ams.rpki-client.org