Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/EvbCuQvfwdlQVnsS75S9FKlA3pk.roa
File: EvbCuQvfwdlQVnsS75S9FKlA3pk.roa (raw, json)
Hash identifier: ZqnttOaWyIfXvixlJC+7SQVei4bxxMjLSGTIG/6dPq8=
Subject key identifier: 12:F6:C2:B9:0B:DF:C1:D9:50:56:7B:12:EF:94:BD:14:A9:40:DE:99
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0190C08EFBBA4BA7CED6C2B2C8D41119982B
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/EvbCuQvfwdlQVnsS75S9FKlA3pk.roa
Signing time: Wed 17 Jul 2024 11:58:34 +0000
ROA not before: Wed 17 Jul 2024 11:58:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 37.235.48.0/24 maxlen: 24
37.235.51.0/24 maxlen: 24
46.183.187.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.121.0/24 maxlen: 24
89.31.120.0/24 maxlen: 24
89.31.121.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
91.132.92.0/24 maxlen: 24
91.132.93.0/24 maxlen: 24
91.132.95.0/24 maxlen: 24
92.243.64.0/24 maxlen: 24
103.57.248.0/24 maxlen: 24
103.57.249.0/24 maxlen: 24
103.57.251.0/24 maxlen: 24
134.255.211.0/24 maxlen: 24
149.154.157.0/24 maxlen: 24
149.154.158.0/24 maxlen: 24
149.154.159.0/24 maxlen: 24
151.236.15.0/24 maxlen: 24
151.236.16.0/24 maxlen: 24
151.236.17.0/24 maxlen: 24
151.236.18.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.21.0/24 maxlen: 24
151.236.22.0/24 maxlen: 24
151.236.25.0/24 maxlen: 24
158.255.208.0/24 maxlen: 24
158.255.213.0/24 maxlen: 24
158.255.214.0/24 maxlen: 24
158.255.215.0/24 maxlen: 24
176.126.99.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
185.26.239.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
2a03:f80:32::/48 maxlen: 48
2a03:f80:33::/48 maxlen: 48
2a03:f80:39::/48 maxlen: 48
2a03:f80:40::/48 maxlen: 48
2a03:f80:44::/48 maxlen: 48
2a03:f80:45::/48 maxlen: 48
2a03:f80:47::/48 maxlen: 48
2a03:f80:48::/48 maxlen: 48
2a03:f80:49::/48 maxlen: 48
2a03:f80:61::/48 maxlen: 48
2a03:f80:65::/48 maxlen: 48
2a03:f80:81::/48 maxlen: 48
2a03:f80:381::/48 maxlen: 48
2a03:f80:852::/48 maxlen: 48
2a03:f80:971::/48 maxlen: 48
2a03:f80:4416::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 27 Aug 2024 05:24:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c0:8e:fb:ba:4b:a7:ce:d6:c2:b2:c8:d4:11:19:98:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jul 17 11:58:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12f6c2b90bdfc1d950567b12ef94bd14a940de99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:92:a2:96:0d:4c:f1:c4:69:f5:11:ca:c8:14:
a8:c2:3b:91:19:60:53:29:b2:3f:c3:75:54:17:43:
3b:5d:9f:1c:b8:de:6f:4f:a1:60:fe:28:b8:a4:35:
02:15:f1:cf:68:f1:87:06:4e:ff:c4:35:c5:1a:c6:
7e:29:18:b0:e5:54:1c:7c:b8:c6:2f:0f:5c:50:f4:
03:e2:7d:e5:41:5e:0e:6d:ac:f1:a3:4e:27:e1:30:
2c:05:78:a6:ec:09:2f:15:d3:a5:ba:a0:6d:55:a0:
5f:46:e0:71:ec:5f:43:c7:f6:92:70:21:0a:33:8e:
df:73:d1:5f:58:95:ce:39:d2:0a:bf:b3:83:4b:cd:
1d:71:d0:29:bf:db:05:89:00:8a:0e:d5:3a:d3:f8:
79:82:bc:e8:5c:ea:ef:59:3f:fe:2d:f3:14:72:ad:
4f:64:fa:87:12:46:d4:7c:96:98:b6:72:4f:2d:77:
c1:5f:b5:d2:e5:0f:32:ee:d1:10:e3:af:80:60:55:
e7:9a:a1:43:2c:3a:5e:22:96:95:fb:87:4a:a3:9e:
3d:bd:37:37:2a:a9:37:b7:27:80:80:02:81:62:91:
44:f1:cf:9f:20:3d:09:56:f7:17:49:4b:e0:8e:72:
2e:63:8e:58:10:c4:d4:f4:f5:e5:28:f1:41:1b:f4:
f3:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:F6:C2:B9:0B:DF:C1:D9:50:56:7B:12:EF:94:BD:14:A9:40:DE:99
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/EvbCuQvfwdlQVnsS75S9FKlA3pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.48.0/24
37.235.51.0/24
46.183.187.0/24
83.243.120.0/23
89.31.120.0/23
89.31.123.0/24
91.132.92.0/23
91.132.95.0/24
92.243.64.0/24
103.57.248.0/23
103.57.251.0/24
134.255.211.0/24
149.154.157.0-149.154.159.255
151.236.15.0-151.236.18.255
151.236.20.0-151.236.22.255
151.236.25.0/24
158.255.208.0/24
158.255.213.0-158.255.215.255
176.126.99.0/24
185.26.236.0/24
185.26.238.0/23
185.76.78.0/23
213.183.55.0/24
IPv6:
2a03:f80:32::/47
2a03:f80:39::/48
2a03:f80:40::/48
2a03:f80:44::/47
2a03:f80:47::-2a03:f80:49:ffff:ffff:ffff:ffff:ffff
2a03:f80:61::/48
2a03:f80:65::/48
2a03:f80:81::/48
2a03:f80:381::/48
2a03:f80:852::/48
2a03:f80:971::/48
2a03:f80:4416::/48
2a03:f80:ed51::/48
Signature Algorithm: sha256WithRSAEncryption
26:ba:cd:5a:23:66:8a:fa:c2:d8:97:10:9e:97:42:95:51:d9:
1f:57:ab:1b:6d:ea:39:7f:6f:7e:55:eb:20:32:75:5b:0e:7d:
b3:95:e0:75:dc:97:ff:df:49:19:e9:de:76:68:db:9f:1d:93:
bd:e1:e3:d6:87:51:e3:aa:06:90:fb:78:33:ea:98:99:e1:c7:
fd:07:b1:b1:0a:67:c1:cc:76:b7:4d:77:ad:b1:4a:0e:00:57:
59:7a:b2:b0:aa:26:c3:b0:a1:81:2f:64:90:2d:be:04:3f:6c:
d5:08:ae:38:9e:f8:89:23:8b:2e:08:00:1f:fc:2a:b4:47:5e:
5f:4a:a9:70:3a:d6:fe:66:bb:0e:b2:04:2b:17:70:c7:32:2b:
b7:09:0b:22:3c:86:76:cd:e3:c3:d0:90:ef:39:13:a5:fa:db:
35:54:e7:a5:19:52:92:df:62:87:ef:20:f1:a3:5a:72:57:0b:
24:0c:38:d2:74:67:ba:47:53:1a:e1:d0:8b:b1:cb:74:16:58:
41:96:2d:20:5c:2d:b5:ae:6b:a2:f2:35:8c:6e:9a:26:42:f0:
98:42:bd:4c:b2:22:a4:12:95:e2:59:7c:23:ec:c0:73:c5:67:
7a:52:98:a4:7c:d7:27:c7:7c:9b:2a:fa:b2:4c:55:86:7c:a1:
7a:9c:21:99
-----BEGIN CERTIFICATE-----
MIIGMzCCBRugAwIBAgISAZDAjvu6S6fO1sKyyNQRGZgrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwNzE3MTE1ODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmY2YzJiOTBiZGZjMWQ5NTA1NjdiMTJlZjk0YmQxNGE5NDBkZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5Kilg1M8cRp9RHKyBSowjuRGWBT
KbI/w3VUF0M7XZ8cuN5vT6Fg/ii4pDUCFfHPaPGHBk7/xDXFGsZ+KRiw5VQcfLjG
Lw9cUPQD4n3lQV4Obazxo04n4TAsBXim7AkvFdOluqBtVaBfRuBx7F9Dx/aScCEK
M47fc9FfWJXOOdIKv7ODS80dcdApv9sFiQCKDtU60/h5grzoXOrvWT/+LfMUcq1P
ZPqHEkbUfJaYtnJPLXfBX7XS5Q8y7tEQ46+AYFXnmqFDLDpeIpaV+4dKo549vTc3
Kqk3tyeAgAKBYpFE8c+fID0JVvcXSUvgjnIuY45YEMTU9PXlKPFBG/TzZQIDAQAB
o4IDPzCCAzswHQYDVR0OBBYEFBL2wrkL38HZUFZ7Eu+UvRSpQN6ZMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvRXZiQ3VRdmZ3ZGxRVm5zUzc1UzlGS2xBM3BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUwYIKwYBBQUHAQcBAf8EggFCMIIBPjCBsQQCAAEwgaoD
BAAl6zADBAAl6zMDBAAut7sDBAFT83gDBAFZH3gDBABZH3sDBAFbhFwDBABbhF8D
BABc80ADBAFnOfgDBABnOfsDBACG/9MwDAMEAJWanQMEBZWagDAMAwQAl+wPAwQA
l+wSMAwDBAKX7BQDBACX7BYDBACX7BkDBACe/9AwDAMEAJ7/1QMEA57/0AMEALB+
YwMEALka7AMEAbka7gMEAblMTgMEANW3NzCBhwQCAAIwgYADBwEqAw+AADIDBwAq
Aw+AADkDBwAqAw+AAEADBwEqAw+AAEQwEgMHACoDD4AARwMHASoDD4AASAMHACoD
D4AAYQMHACoDD4AAZQMHACoDD4AAgQMHACoDD4ADgQMHACoDD4AIUgMHACoDD4AJ
cQMHACoDD4BEFgMHACoDD4DtUTANBgkqhkiG9w0BAQsFAAOCAQEAJrrNWiNmivrC
2JcQnpdClVHZH1erG23qOX9vflXrIDJ1Ww59s5XgddyX/99JGenedmjbnx2TveHj
1odR46oGkPt4M+qYmeHH/QexsQpnwcx2t013rbFKDgBXWXqysKomw7ChgS9kkC2+
BD9s1QiuOJ74iSOLLggAH/wqtEdeX0qpcDrW/ma7DrIEKxdwxzIrtwkLIjyGds3j
w9CQ7zkTpfrbNVTnpRlSkt9ih+8g8aNaclcLJAw40nRnukdTGuHQi7HLdBZYQZYt
IFwtta5rovI1jG6aJkLwmEK9TLIipBKV4ll8I+zAc8VnelKYpHzXJ8d8myr6skxV
hnyhepwhmQ==
-----END CERTIFICATE-----
Generated at Tue Aug 27 07:57:23 2024 by rpki-client on console-fra.rpki-client.org