Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/DBagyOpK8yUwOmX5SVfVQjkUK4k.roa
File: DBagyOpK8yUwOmX5SVfVQjkUK4k.roa (raw, json)
Hash identifier: 9Vb5QOcwiHPRliZWi8Rm75wKFIP/uTVJUhfOghCjWI0=
Subject key identifier: 0C:16:A0:C8:EA:4A:F3:25:30:3A:65:F9:49:57:D5:42:39:14:2B:89
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 019204E8F4A98999E6F133535DD19E98CCB3
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/DBagyOpK8yUwOmX5SVfVQjkUK4k.roa
Signing time: Wed 18 Sep 2024 11:33:48 +0000
ROA not before: Wed 18 Sep 2024 11:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57169
IP address blocks: 5.180.114.0/24 maxlen: 24
37.235.48.0/20 maxlen: 20
37.235.50.0/23 maxlen: 23
37.235.50.0/24 maxlen: 24
37.235.52.0/24 maxlen: 24
37.235.56.0/24 maxlen: 24
37.235.57.0/24 maxlen: 24
37.235.58.0/24 maxlen: 24
37.235.59.0/24 maxlen: 24
37.235.60.0/24 maxlen: 24
37.235.61.0/24 maxlen: 24
37.235.62.0/24 maxlen: 24
37.235.63.0/24 maxlen: 24
45.153.125.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.122.0/24 maxlen: 24
83.243.123.0/24 maxlen: 24
84.247.61.0/24 maxlen: 24
86.106.119.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
89.46.237.0/24 maxlen: 24
89.46.238.0/24 maxlen: 24
91.132.94.0/24 maxlen: 24
91.227.204.0/23 maxlen: 23
91.227.204.0/24 maxlen: 24
91.227.205.0/24 maxlen: 24
92.243.66.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
103.57.250.0/24 maxlen: 24
134.255.210.0/24 maxlen: 24
149.154.152.0/24 maxlen: 24
149.154.153.0/24 maxlen: 24
149.154.154.0/24 maxlen: 24
149.154.155.0/24 maxlen: 24
149.154.156.0/24 maxlen: 24
151.236.0.0/19 maxlen: 19
151.236.0.0/24 maxlen: 24
151.236.1.0/24 maxlen: 24
151.236.2.0/24 maxlen: 24
151.236.3.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.5.0/24 maxlen: 24
151.236.6.0/24 maxlen: 24
151.236.7.0/24 maxlen: 24
151.236.8.0/24 maxlen: 24
151.236.9.0/24 maxlen: 24
151.236.10.0/24 maxlen: 24
151.236.11.0/24 maxlen: 24
151.236.12.0/24 maxlen: 24
151.236.13.0/24 maxlen: 24
151.236.14.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.26.0/23 maxlen: 23
151.236.28.0/24 maxlen: 24
151.236.30.0/24 maxlen: 24
158.255.209.0/24 maxlen: 24
158.255.210.0/24 maxlen: 24
158.255.211.0/24 maxlen: 24
158.255.212.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.237.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
188.214.33.0/24 maxlen: 24
188.214.34.0/24 maxlen: 24
188.214.38.0/24 maxlen: 24
188.214.39.0/24 maxlen: 24
213.183.54.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
213.183.56.0/24 maxlen: 24
213.183.57.0/24 maxlen: 24
2a03:f80::/29 maxlen: 29
2a03:f80:7::/48 maxlen: 48
2a03:f80:31::/48 maxlen: 48
2a03:f80:56::/48 maxlen: 48
2a03:f80:57::/48 maxlen: 48
2a03:f80:70::/48 maxlen: 48
2a03:f80:354::/48 maxlen: 48
2a03:f80:357::/48 maxlen: 48
2a03:f80:359::/48 maxlen: 48
2a03:f80:370::/48 maxlen: 48
2a03:f80:371::/48 maxlen: 48
2a03:f80:3991::/48 maxlen: 48
2a03:f80:ad15::/48 maxlen: 48
2a03:f80:ed15::/48 maxlen: 48
2a03:f80:ed16::/48 maxlen: 48
2a03:f80:ed17::/48 maxlen: 48
2a03:f80:ed31::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
2a03:f87:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 21 Oct 2024 06:42:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:04:e8:f4:a9:89:99:e6:f1:33:53:5d:d1:9e:98:cc:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Sep 18 11:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c16a0c8ea4af325303a65f94957d54239142b89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e6:45:db:30:a1:12:aa:44:84:a9:8a:63:1c:
04:a9:2b:67:6f:7c:7f:18:ee:66:31:0e:73:f5:b1:
ca:4a:26:77:46:93:54:dc:70:f0:6f:78:09:f6:bd:
59:96:b0:69:a5:19:1f:84:54:ba:43:60:83:c1:f4:
11:cf:2a:cf:73:53:f6:cc:ab:f7:3a:4d:7f:9d:c3:
7b:8b:8c:72:5d:fb:e6:94:64:14:b2:83:37:c6:b0:
67:5b:8b:7c:9b:f4:07:f8:83:15:e3:88:8b:4d:51:
96:5d:35:6b:a9:64:f2:68:fd:e2:83:e9:aa:91:eb:
cd:79:0e:d2:e3:a8:2c:eb:f1:76:84:4b:56:38:8e:
1a:3d:cb:27:8a:3d:41:9e:38:12:ec:53:ad:83:fc:
d7:c4:44:93:66:7d:d3:92:9f:f9:5e:ca:93:85:0a:
f1:61:12:76:90:46:d2:d4:b9:67:a9:c9:3f:73:0f:
f9:ef:2c:da:00:43:07:1b:2e:10:9e:6f:49:88:30:
3b:09:e9:3a:d1:ed:be:05:f0:fd:d7:24:68:c9:e8:
46:ad:7d:16:d1:37:7e:5f:c0:4b:40:b2:b0:03:53:
cb:e4:53:25:ac:7e:76:bc:b8:71:70:b8:6c:9c:93:
f9:7a:ac:7f:62:ef:e2:37:7e:7c:99:56:54:c8:1f:
99:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:16:A0:C8:EA:4A:F3:25:30:3A:65:F9:49:57:D5:42:39:14:2B:89
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/DBagyOpK8yUwOmX5SVfVQjkUK4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.114.0/24
37.235.48.0/20
45.153.125.0/24
83.243.120.0/24
83.243.122.0/23
84.247.61.0/24
86.106.119.0/24
89.31.123.0/24
89.46.237.0-89.46.238.255
91.132.94.0/24
91.227.204.0/23
92.243.66.0/24
95.156.205.0/24
103.57.250.0/24
134.255.210.0/24
149.154.152.0-149.154.156.255
151.236.0.0/19
158.255.209.0-158.255.212.255
185.26.236.0-185.26.238.255
188.214.33.0-188.214.34.255
188.214.38.0/23
213.183.54.0-213.183.57.255
IPv6:
2a03:f80::/29
Signature Algorithm: sha256WithRSAEncryption
63:45:5a:4d:1e:75:aa:b3:cd:ef:0e:79:b1:61:27:7e:26:89:
5f:74:13:3b:14:21:bb:56:a1:be:c3:b1:85:26:66:10:85:04:
c7:d9:2e:da:24:61:44:83:c3:43:6d:bd:c2:0f:e1:45:fd:85:
79:1c:ab:55:07:9b:a7:20:5d:75:ec:7b:7c:9f:04:6d:72:8e:
09:42:a9:b9:f9:40:b9:6e:58:6c:05:12:0e:75:06:eb:76:d1:
5d:21:0d:8a:03:f1:4a:46:13:b6:8f:00:0e:61:c7:b3:5f:3f:
b5:87:a5:d5:71:0e:ae:a9:af:8d:75:b9:f8:c5:87:67:c3:97:
58:62:80:11:80:e3:bd:3e:f3:f7:13:44:b3:e0:8f:a3:9b:b8:
43:0c:a7:6a:ed:56:60:fa:3c:e8:95:46:f5:5a:4c:b9:c6:3e:
67:00:ce:81:ed:c6:28:df:81:69:4b:1b:5a:08:7e:d1:b0:32:
43:10:45:c9:47:36:b8:a7:2a:47:dc:35:b3:8c:f1:09:53:c0:
00:e6:80:d8:aa:d3:10:d6:b7:c1:81:8d:0c:07:6d:15:25:45:
63:bc:ba:af:4b:ad:40:79:35:61:c2:1e:7d:59:03:04:80:4b:
16:3c:4f:53:b6:23:2f:8d:60:ea:50:42:cf:02:5b:63:4f:45:
ac:05:87:24
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgISAZIE6PSpiZnm8TNTXdGemMyzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwOTE4MTEzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzE2YTBjOGVhNGFmMzI1MzAzYTY1Zjk0OTU3ZDU0MjM5MTQyYjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuZF2zChEqpEhKmKYxwEqStnb3x/
GO5mMQ5z9bHKSiZ3RpNU3HDwb3gJ9r1ZlrBppRkfhFS6Q2CDwfQRzyrPc1P2zKv3
Ok1/ncN7i4xyXfvmlGQUsoM3xrBnW4t8m/QH+IMV44iLTVGWXTVrqWTyaP3ig+mq
kevNeQ7S46gs6/F2hEtWOI4aPcsnij1BnjgS7FOtg/zXxESTZn3Tkp/5XsqThQrx
YRJ2kEbS1Llnqck/cw/57yzaAEMHGy4Qnm9JiDA7Cek60e2+BfD91yRoyehGrX0W
0Td+X8BLQLKwA1PL5FMlrH52vLhxcLhsnJP5eqx/Yu/iN358mVZUyB+Z5wIDAQAB
o4ICyzCCAscwHQYDVR0OBBYEFAwWoMjqSvMlMDpl+UlX1UI5FCuJMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvREJhZ3lPcEs4eVV3T21YNVNWZlZRamtVSzRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHgBggrBgEFBQcBBwEB/wSB0DCBzTCBuwQCAAEwgbQDBAAF
tHIDBAQl6zADBAAtmX0DBABT83gDBAFT83oDBABU9z0DBABWancDBABZH3swDAME
AFku7QMEAFku7gMEAFuEXgMEAVvjzAMEAFzzQgMEAF+czQMEAGc5+gMEAIb/0jAM
AwQDlZqYAwQAlZqcAwQFl+wAMAwDBACe/9EDBACe/9QwDAMEArka7AMEALka7jAM
AwQAvNYhAwQAvNYiAwQBvNYmMAwDBAHVtzYDBAHVtzgwDQQCAAIwBwMFAyoDD4Aw
DQYJKoZIhvcNAQELBQADggEBAGNFWk0edaqzze8OebFhJ34miV90EzsUIbtWob7D
sYUmZhCFBMfZLtokYUSDw0NtvcIP4UX9hXkcq1UHm6cgXXXse3yfBG1yjglCqbn5
QLluWGwFEg51But20V0hDYoD8UpGE7aPAA5hx7NfP7WHpdVxDq6pr411ufjFh2fD
l1higBGA470+8/cTRLPgj6ObuEMMp2rtVmD6POiVRvVaTLnGPmcAzoHtxijfgWlL
G1oIftGwMkMQRclHNrinKkfcNbOM8QlTwADmgNiq0xDWt8GBjQwHbRUlRWO8uq9L
rUB5NWHCHn1ZAwSASxY8T1O2Iy+NYOpQQs8CW2NPRawFhyQ=
-----END CERTIFICATE-----
Generated at Mon Oct 21 09:40:14 2024 by rpki-client on console-fra.rpki-client.org