Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/H3NM6L7IZ5WjvxYUBLr2bkwyaBI.roa
File: H3NM6L7IZ5WjvxYUBLr2bkwyaBI.roa (raw, json)
Hash identifier: kdOxlWXyBxpteVwkezy0q0/dz+N0pM3xSbZ7zrVpxZM=
Subject key identifier: 1F:73:4C:E8:BE:C8:67:95:A3:BF:16:14:04:BA:F6:6E:4C:32:68:12
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 018AFF3C8D1F945E315C7A7EEF5F329CC995
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/H3NM6L7IZ5WjvxYUBLr2bkwyaBI.roa
Signing time: Thu 05 Oct 2023 09:47:52 +0000
ROA not before: Thu 05 Oct 2023 09:47:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57169
IP address blocks: 37.235.50.0/23 maxlen: 23
37.235.48.0/20 maxlen: 20
37.235.56.0/24 maxlen: 24
37.235.57.0/24 maxlen: 24
37.235.58.0/24 maxlen: 24
37.235.52.0/24 maxlen: 24
37.235.59.0/24 maxlen: 24
37.235.60.0/24 maxlen: 24
37.235.61.0/24 maxlen: 24
37.235.62.0/24 maxlen: 24
37.235.63.0/24 maxlen: 24
158.255.211.0/24 maxlen: 24
158.255.212.0/24 maxlen: 24
158.255.209.0/24 maxlen: 24
158.255.210.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.237.0/24 maxlen: 24
149.154.152.0/24 maxlen: 24
149.154.153.0/24 maxlen: 24
149.154.154.0/24 maxlen: 24
149.154.155.0/24 maxlen: 24
149.154.156.0/24 maxlen: 24
91.227.204.0/23 maxlen: 23
91.227.204.0/24 maxlen: 24
91.227.205.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.122.0/24 maxlen: 24
91.132.94.0/24 maxlen: 24
213.183.54.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
213.183.56.0/24 maxlen: 24
213.183.57.0/24 maxlen: 24
151.236.0.0/19 maxlen: 19
151.236.0.0/24 maxlen: 24
151.236.1.0/24 maxlen: 24
151.236.2.0/24 maxlen: 24
151.236.3.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.5.0/24 maxlen: 24
151.236.6.0/24 maxlen: 24
151.236.7.0/24 maxlen: 24
151.236.8.0/24 maxlen: 24
151.236.9.0/24 maxlen: 24
151.236.10.0/24 maxlen: 24
151.236.11.0/24 maxlen: 24
151.236.12.0/24 maxlen: 24
151.236.13.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.26.0/23 maxlen: 23
151.236.30.0/24 maxlen: 24
103.57.250.0/24 maxlen: 24
92.243.66.0/24 maxlen: 24
2a03:f80:359::/48 maxlen: 48
2a03:f80:56::/48 maxlen: 48
2a03:f80:ed16::/48 maxlen: 48
2a03:f80:371::/48 maxlen: 48
2a03:f80:ed31::/48 maxlen: 48
2a03:f87:ffff::/48 maxlen: 48
2a03:f80::/29 maxlen: 29
2a03:f80:57::/48 maxlen: 48
2a03:f80:ed17::/48 maxlen: 48
2a03:f80:354::/48 maxlen: 48
2a03:f80:3991::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
2a03:f80:7::/48 maxlen: 48
2a03:f80:ed15::/48 maxlen: 48
2a03:f80:ad15::/48 maxlen: 48
2a03:f80:70::/48 maxlen: 48
2a03:f80:370::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ff:3c:8d:1f:94:5e:31:5c:7a:7e:ef:5f:32:9c:c9:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Oct 5 09:47:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f734ce8bec86795a3bf161404baf66e4c326812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:a5:c1:d6:d6:d2:0f:01:17:1e:41:36:83:92:
65:ff:58:45:e5:de:0a:cb:55:db:e7:a4:ed:10:05:
52:91:60:b6:87:8b:18:05:b8:36:5d:5a:27:51:43:
d5:fe:03:b1:d5:d8:fd:eb:2c:eb:19:00:24:00:bd:
ae:74:df:1f:4e:64:5b:0a:67:ff:bb:9c:45:42:81:
fe:45:09:27:53:b6:0c:df:36:a0:a7:8c:37:29:e3:
fc:73:1e:21:5d:a5:1e:41:2e:b6:43:d3:74:61:32:
cd:7f:61:5f:65:e1:45:01:b2:c5:5a:e3:92:48:38:
c1:c2:89:dc:f8:46:7f:d7:a5:d1:97:07:0e:fb:99:
96:6e:48:73:4c:8a:42:ad:19:df:02:f3:6a:31:c7:
ff:71:db:7c:f7:22:f8:da:d8:46:71:94:22:39:c8:
43:8a:84:91:f2:b8:44:c8:7f:90:5a:b4:ca:86:a5:
a0:9b:47:35:9a:1b:c5:d0:97:9b:71:78:cc:8c:47:
9e:ba:4b:e0:b8:e4:0b:62:10:c9:1c:b9:15:66:6c:
2d:17:00:26:7a:73:84:e1:73:5a:ec:43:bb:37:b3:
94:0f:4f:9f:ad:2e:f9:85:b9:3d:02:e1:65:b6:79:
7b:fd:e3:b7:05:d2:65:0c:cd:71:37:ea:3b:d5:ca:
c0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:73:4C:E8:BE:C8:67:95:A3:BF:16:14:04:BA:F6:6E:4C:32:68:12
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/H3NM6L7IZ5WjvxYUBLr2bkwyaBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.48.0/20
83.243.120.0/24
83.243.122.0/24
89.31.123.0/24
91.132.94.0/24
91.227.204.0/23
92.243.66.0/24
103.57.250.0/24
149.154.152.0-149.154.156.255
151.236.0.0/19
158.255.209.0-158.255.212.255
185.26.236.0/23
213.183.54.0-213.183.57.255
IPv6:
2a03:f80::/29
Signature Algorithm: sha256WithRSAEncryption
0b:a9:b1:3d:be:0c:77:6b:19:9e:58:ca:48:f0:da:eb:9d:a9:
4d:3d:eb:9d:b1:c7:9a:5d:d4:83:27:76:84:e2:0d:db:08:06:
38:53:b5:ee:59:62:d8:54:0f:e4:7d:4b:fd:50:46:8e:80:22:
e4:84:0b:15:7d:99:f9:69:52:e3:0f:41:e8:ad:7f:e9:4d:0f:
2e:c0:0d:e5:b3:68:88:47:90:e5:f2:71:be:16:64:fc:05:2b:
90:64:35:10:2d:89:b1:8a:3a:87:82:30:a9:07:a2:dd:19:68:
15:6c:4a:e0:b7:f1:1d:3f:66:09:64:43:15:d4:61:e0:7b:eb:
31:ca:7c:aa:fb:13:82:d6:4f:d8:e4:03:52:fd:dd:f5:05:11:
ab:95:3e:72:22:b2:9b:0b:ac:30:06:0d:7a:fe:ec:27:9d:31:
83:09:e8:23:b0:e9:bc:6e:5e:a8:ab:87:c0:2b:07:0a:20:37:
7c:c5:95:02:33:21:5b:e0:98:06:2b:78:48:aa:e9:8c:7b:7d:
4c:3f:f8:f4:06:08:32:c8:fc:a9:b2:61:a4:35:3f:df:c8:cb:
20:b5:c1:5f:d7:0f:c0:72:b4:85:75:9e:dd:88:b3:4e:21:f8:
cb:d2:02:ec:1d:de:a8:96:6a:b3:5c:63:de:d9:15:73:73:24:
64:fb:a3:0c
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYr/PI0flF4xXHp+718ynMmVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMxMDA1MDk0NzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjczNGNlOGJlYzg2Nzk1YTNiZjE2MTQwNGJhZjY2ZTRjMzI2ODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4aXB1tbSDwEXHkE2g5Jl/1hF5d4K
y1Xb56TtEAVSkWC2h4sYBbg2XVonUUPV/gOx1dj96yzrGQAkAL2udN8fTmRbCmf/
u5xFQoH+RQknU7YM3zagp4w3KeP8cx4hXaUeQS62Q9N0YTLNf2FfZeFFAbLFWuOS
SDjBwonc+EZ/16XRlwcO+5mWbkhzTIpCrRnfAvNqMcf/cdt89yL42thGcZQiOchD
ioSR8rhEyH+QWrTKhqWgm0c1mhvF0JebcXjMjEeeukvguOQLYhDJHLkVZmwtFwAm
enOE4XNa7EO7N7OUD0+frS75hbk9AuFltnl7/eO3BdJlDM1xN+o71crAsQIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFB9zTOi+yGeVo78WFAS69m5MMmgSMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvSDNOTTZMN0laNVdqdnhZVUJMcjJia3d5YUJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEBCXrMAME
AFPzeAMEAFPzegMEAFkfewMEAFuEXgMEAVvjzAMEAFzzQgMEAGc5+jAMAwQDlZqY
AwQAlZqcAwQFl+wAMAwDBACe/9EDBACe/9QDBAG5GuwwDAMEAdW3NgMEAdW3ODAN
BAIAAjAHAwUDKgMPgDANBgkqhkiG9w0BAQsFAAOCAQEAC6mxPb4Md2sZnljKSPDa
652pTT3rnbHHml3Ugyd2hOIN2wgGOFO17lli2FQP5H1L/VBGjoAi5IQLFX2Z+WlS
4w9B6K1/6U0PLsAN5bNoiEeQ5fJxvhZk/AUrkGQ1EC2JsYo6h4IwqQei3RloFWxK
4LfxHT9mCWRDFdRh4HvrMcp8qvsTgtZP2OQDUv3d9QURq5U+ciKymwusMAYNev7s
J50xgwnoI7DpvG5eqKuHwCsHCiA3fMWVAjMhW+CYBit4SKrpjHt9TD/49AYIMsj8
qbJhpDU/38jLILXBX9cPwHK0hXWe3YizTiH4y9IC7B3eqJZqs1xj3tkVc3MkZPuj
DA==
-----END CERTIFICATE-----
Generated at Thu Oct 26 13:48:20 2023 by rpki-client on console-fra.rpki-client.org