Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/ArIg4lXcRdgg5LmJNq8WIxeYn4k.roa
File: ArIg4lXcRdgg5LmJNq8WIxeYn4k.roa (raw, json)
Hash identifier: Rk/H2pZQlwIxgSu2npsW8wDHJE/R++vTlOjVVUdzqak=
Subject key identifier: 02:B2:20:E2:55:DC:45:D8:20:E4:B9:89:36:AF:16:23:17:98:9F:89
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0192ADDF7AB69A6B57D3D6AC8FE8B562676A
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/ArIg4lXcRdgg5LmJNq8WIxeYn4k.roa
Signing time: Mon 21 Oct 2024 06:59:17 +0000
ROA not before: Mon 21 Oct 2024 06:59:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 37.235.48.0/24 maxlen: 24
37.235.51.0/24 maxlen: 24
45.153.127.0/24 maxlen: 24
46.183.187.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.121.0/24 maxlen: 24
89.31.120.0/24 maxlen: 24
89.31.121.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
89.46.233.0/24 maxlen: 24
89.46.234.0/24 maxlen: 24
89.46.235.0/24 maxlen: 24
89.46.236.0/24 maxlen: 24
91.132.92.0/24 maxlen: 24
91.132.93.0/24 maxlen: 24
91.132.95.0/24 maxlen: 24
92.243.64.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
103.57.248.0/24 maxlen: 24
103.57.249.0/24 maxlen: 24
103.57.251.0/24 maxlen: 24
134.255.211.0/24 maxlen: 24
149.154.157.0/24 maxlen: 24
149.154.158.0/24 maxlen: 24
149.154.159.0/24 maxlen: 24
151.236.15.0/24 maxlen: 24
151.236.16.0/24 maxlen: 24
151.236.17.0/24 maxlen: 24
151.236.18.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.21.0/24 maxlen: 24
151.236.22.0/24 maxlen: 24
151.236.25.0/24 maxlen: 24
158.255.208.0/24 maxlen: 24
158.255.213.0/24 maxlen: 24
158.255.214.0/24 maxlen: 24
158.255.215.0/24 maxlen: 24
176.126.99.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
185.26.239.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
185.195.64.0/24 maxlen: 24
185.195.66.0/24 maxlen: 24
188.214.32.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
2a03:f80:32::/48 maxlen: 48
2a03:f80:33::/48 maxlen: 48
2a03:f80:39::/48 maxlen: 48
2a03:f80:40::/48 maxlen: 48
2a03:f80:44::/48 maxlen: 48
2a03:f80:45::/48 maxlen: 48
2a03:f80:47::/48 maxlen: 48
2a03:f80:48::/48 maxlen: 48
2a03:f80:49::/48 maxlen: 48
2a03:f80:61::/48 maxlen: 48
2a03:f80:65::/48 maxlen: 48
2a03:f80:81::/48 maxlen: 48
2a03:f80:381::/48 maxlen: 48
2a03:f80:852::/48 maxlen: 48
2a03:f80:971::/48 maxlen: 48
2a03:f80:4416::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 22 Oct 2024 12:28:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ad:df:7a:b6:9a:6b:57:d3:d6:ac:8f:e8:b5:62:67:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Oct 21 06:59:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02b220e255dc45d820e4b98936af162317989f89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:40:17:da:7d:e9:ad:95:8f:cf:ae:2b:34:d7:
75:be:f7:6b:00:3c:df:f2:29:ea:83:15:db:f8:3f:
ba:91:95:f6:5e:d1:bd:71:15:36:af:64:60:fd:08:
b9:de:89:6b:fa:0a:34:ab:92:45:91:79:fe:41:02:
13:af:9b:d7:27:16:10:99:e1:41:1b:e1:6c:4c:c6:
da:b6:4f:5d:d0:ab:b7:69:df:2d:b9:69:5a:61:bb:
34:b9:56:d9:b6:24:2e:9f:a1:b7:48:0b:47:cd:9a:
3d:c4:ab:10:cb:97:8e:df:e6:10:c7:21:d5:8f:27:
4f:c6:03:f2:3e:d3:2b:dc:b0:d6:4c:b7:01:8b:1e:
60:54:e3:42:2b:e1:60:b3:00:40:b2:24:43:83:9c:
91:f8:1f:c8:b1:2d:a1:5e:10:4e:a0:d1:1a:64:b7:
99:18:1b:dd:ee:15:0c:f1:59:48:c1:eb:a8:52:a7:
02:50:c3:6b:f2:1e:82:3c:05:1d:f7:b6:26:bb:f7:
df:77:e0:4a:a5:9c:64:6d:29:70:31:5c:0b:4d:b0:
21:d8:b4:ed:5f:4c:3a:76:04:4c:80:dd:0a:cf:a2:
e2:03:f8:56:21:7f:e2:72:f4:94:6c:2b:50:fa:36:
b7:69:51:1d:99:48:79:4b:10:ff:51:ca:76:3f:df:
f4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:B2:20:E2:55:DC:45:D8:20:E4:B9:89:36:AF:16:23:17:98:9F:89
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/ArIg4lXcRdgg5LmJNq8WIxeYn4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.48.0/24
37.235.51.0/24
45.153.127.0/24
46.183.187.0/24
83.243.120.0/23
89.31.120.0/23
89.31.123.0/24
89.46.233.0-89.46.236.255
91.132.92.0/23
91.132.95.0/24
92.243.64.0/24
95.156.204.0/24
95.156.207.0/24
103.57.248.0/23
103.57.251.0/24
134.255.211.0/24
149.154.157.0-149.154.159.255
151.236.15.0-151.236.18.255
151.236.20.0-151.236.22.255
151.236.25.0/24
158.255.208.0/24
158.255.213.0-158.255.215.255
176.126.99.0/24
185.26.236.0/24
185.26.238.0/23
185.76.78.0/23
185.195.64.0/24
185.195.66.0/24
188.214.32.0/24
213.183.55.0/24
IPv6:
2a03:f80:32::/47
2a03:f80:39::/48
2a03:f80:40::/48
2a03:f80:44::/47
2a03:f80:47::-2a03:f80:49:ffff:ffff:ffff:ffff:ffff
2a03:f80:61::/48
2a03:f80:65::/48
2a03:f80:81::/48
2a03:f80:381::/48
2a03:f80:852::/48
2a03:f80:971::/48
2a03:f80:4416::/48
2a03:f80:ed51::/48
Signature Algorithm: sha256WithRSAEncryption
78:d2:03:45:42:2d:18:d6:11:29:79:45:22:1e:4f:96:5f:2c:
53:59:97:c3:22:57:df:eb:46:74:28:8b:a0:9c:0f:53:4e:d3:
00:99:0e:0d:e1:45:87:a9:cb:80:41:73:06:00:ed:c6:2d:63:
da:2a:ee:89:87:50:54:ee:1d:31:ed:a7:9c:03:12:43:50:2e:
a3:fa:61:0d:e2:ac:09:b8:85:f3:83:b4:8b:c5:04:29:ef:15:
fe:11:09:69:ba:9f:42:79:50:74:b2:68:07:21:84:19:e6:f2:
01:2e:d8:8e:c4:f0:25:9e:90:af:da:eb:d9:a9:54:ae:f0:f6:
c7:85:8a:ff:0f:af:d5:35:80:70:08:3d:65:7a:96:0c:9e:5f:
83:76:10:90:04:5f:b9:6f:6c:5b:25:6f:61:91:c3:c7:4e:14:
67:86:2a:63:46:ed:af:ba:19:9f:f3:a4:94:bc:f6:c5:c4:5d:
47:06:95:71:d5:83:98:7d:32:3a:7f:53:35:39:c5:ea:8a:5e:
4c:19:ce:44:15:fa:e6:cf:a4:8b:d9:4f:a2:5f:83:d2:df:f0:
19:b8:66:25:29:5a:53:bc:f3:cf:aa:14:3d:d0:75:dd:73:cb:
60:a8:5e:8d:95:d4:18:85:b6:81:a7:39:38:45:20:3b:af:5e:
24:5b:13:a8
-----BEGIN CERTIFICATE-----
MIIGZTCCBU2gAwIBAgISAZKt33q2mmtX09asj+i1YmdqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQxMDIxMDY1OTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmIyMjBlMjU1ZGM0NWQ4MjBlNGI5ODkzNmFmMTYyMzE3OTg5Zjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUAX2n3prZWPz64rNNd1vvdrADzf
8inqgxXb+D+6kZX2XtG9cRU2r2Rg/Qi53olr+go0q5JFkXn+QQITr5vXJxYQmeFB
G+FsTMbatk9d0Ku3ad8tuWlaYbs0uVbZtiQun6G3SAtHzZo9xKsQy5eO3+YQxyHV
jydPxgPyPtMr3LDWTLcBix5gVONCK+FgswBAsiRDg5yR+B/IsS2hXhBOoNEaZLeZ
GBvd7hUM8VlIweuoUqcCUMNr8h6CPAUd97Ymu/ffd+BKpZxkbSlwMVwLTbAh2LTt
X0w6dgRMgN0Kz6LiA/hWIX/icvSUbCtQ+ja3aVEdmUh5SxD/Ucp2P9/0nwIDAQAB
o4IDcTCCA20wHQYDVR0OBBYEFAKyIOJV3EXYIOS5iTavFiMXmJ+JMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvQXJJZzRsWGNSZGdnNUxtSk5xOFdJeGVZbjRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhQYIKwYBBQUHAQcBAf8EggF0MIIBcDCB4wQCAAEwgdwD
BAAl6zADBAAl6zMDBAAtmX8DBAAut7sDBAFT83gDBAFZH3gDBABZH3swDAMEAFku
6QMEAFku7AMEAVuEXAMEAFuEXwMEAFzzQAMEAF+czAMEAF+czwMEAWc5+AMEAGc5
+wMEAIb/0zAMAwQAlZqdAwQFlZqAMAwDBACX7A8DBACX7BIwDAMEApfsFAMEAJfs
FgMEAJfsGQMEAJ7/0DAMAwQAnv/VAwQDnv/QAwQAsH5jAwQAuRrsAwQBuRruAwQB
uUxOAwQAucNAAwQAucNCAwQAvNYgAwQA1bc3MIGHBAIAAjCBgAMHASoDD4AAMgMH
ACoDD4AAOQMHACoDD4AAQAMHASoDD4AARDASAwcAKgMPgABHAwcBKgMPgABIAwcA
KgMPgABhAwcAKgMPgABlAwcAKgMPgACBAwcAKgMPgAOBAwcAKgMPgAhSAwcAKgMP
gAlxAwcAKgMPgEQWAwcAKgMPgO1RMA0GCSqGSIb3DQEBCwUAA4IBAQB40gNFQi0Y
1hEpeUUiHk+WXyxTWZfDIlff60Z0KIugnA9TTtMAmQ4N4UWHqcuAQXMGAO3GLWPa
Ku6Jh1BU7h0x7aecAxJDUC6j+mEN4qwJuIXzg7SLxQQp7xX+EQlpup9CeVB0smgH
IYQZ5vIBLtiOxPAlnpCv2uvZqVSu8PbHhYr/D6/VNYBwCD1lepYMnl+DdhCQBF+5
b2xbJW9hkcPHThRnhipjRu2vuhmf86SUvPbFxF1HBpVx1YOYfTI6f1M1OcXqil5M
Gc5EFfrmz6SL2U+iX4PS3/AZuGYlKVpTvPPPqhQ90HXdc8tgqF6NldQYhbaBpzk4
RSA7r14kWxOo
-----END CERTIFICATE-----
Generated at Tue Oct 22 16:58:43 2024 by rpki-client on console-ams.rpki-client.org