Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/Rk1FaHNo6LSojkJ9bTOEuGvyzto.roa
File: Rk1FaHNo6LSojkJ9bTOEuGvyzto.roa (raw, json)
Hash identifier: JtlJ6daN9WqOPECMWnlyP7m0S8lp0LwAu0a7G3m5ToI=
Subject key identifier: 46:4D:45:68:73:68:E8:B4:A8:8E:42:7D:6D:33:84:B8:6B:F2:CE:DA
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 018DA66C078FAF20030C38855555E9249975
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/Rk1FaHNo6LSojkJ9bTOEuGvyzto.roa
Signing time: Wed 14 Feb 2024 07:01:54 +0000
ROA not before: Wed 14 Feb 2024 07:01:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 37.235.48.0/24 maxlen: 24
37.235.51.0/24 maxlen: 24
46.183.187.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.121.0/24 maxlen: 24
89.31.120.0/24 maxlen: 24
89.31.121.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
91.132.92.0/24 maxlen: 24
91.132.93.0/24 maxlen: 24
91.132.95.0/24 maxlen: 24
92.243.64.0/24 maxlen: 24
103.57.248.0/24 maxlen: 24
103.57.249.0/24 maxlen: 24
103.57.251.0/24 maxlen: 24
134.255.211.0/24 maxlen: 24
149.154.157.0/24 maxlen: 24
149.154.158.0/24 maxlen: 24
149.154.159.0/24 maxlen: 24
151.236.15.0/24 maxlen: 24
151.236.16.0/24 maxlen: 24
151.236.17.0/24 maxlen: 24
151.236.18.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.21.0/24 maxlen: 24
151.236.22.0/24 maxlen: 24
151.236.25.0/24 maxlen: 24
158.255.208.0/24 maxlen: 24
158.255.213.0/24 maxlen: 24
158.255.214.0/24 maxlen: 24
158.255.215.0/24 maxlen: 24
185.26.239.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
2a03:f80:32::/48 maxlen: 48
2a03:f80:33::/48 maxlen: 48
2a03:f80:39::/48 maxlen: 48
2a03:f80:40::/48 maxlen: 48
2a03:f80:44::/48 maxlen: 48
2a03:f80:45::/48 maxlen: 48
2a03:f80:47::/48 maxlen: 48
2a03:f80:48::/48 maxlen: 48
2a03:f80:49::/48 maxlen: 48
2a03:f80:61::/48 maxlen: 48
2a03:f80:65::/48 maxlen: 48
2a03:f80:81::/48 maxlen: 48
2a03:f80:381::/48 maxlen: 48
2a03:f80:852::/48 maxlen: 48
2a03:f80:971::/48 maxlen: 48
2a03:f80:4416::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 19 Feb 2024 14:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a6:6c:07:8f:af:20:03:0c:38:85:55:55:e9:24:99:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Feb 14 07:01:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=464d45687368e8b4a88e427d6d3384b86bf2ceda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a5:8c:50:2a:fe:63:b3:30:db:17:64:12:85:
e7:5b:dc:cc:c3:fe:7d:c8:f5:10:d9:b8:19:80:13:
84:6f:4f:b4:0b:e4:1a:b7:c3:e8:8f:42:59:8d:5f:
7a:ae:fd:ee:ab:d4:b0:2a:bf:e3:bd:37:de:16:3d:
eb:37:8a:e1:d3:29:d0:21:96:5e:1d:ad:e4:a1:62:
c6:35:e3:c3:cc:9e:37:30:0c:55:08:b8:7c:f3:13:
58:0e:d1:85:9d:fe:23:bf:f7:2b:ca:47:01:a4:49:
ee:1c:30:7b:46:14:33:18:f1:7e:f8:65:62:0c:23:
02:7c:6a:5b:5e:45:2c:53:28:a8:20:80:2d:b8:ef:
fd:ed:83:39:a8:7b:71:32:75:f0:87:e4:31:a7:aa:
67:51:5f:8a:4e:9f:be:55:65:08:02:ea:74:a0:6b:
ca:65:83:42:59:31:80:8c:f7:5a:c1:a1:a2:36:14:
3e:47:4a:be:6a:e3:f9:ea:3b:b3:12:2b:5b:cb:79:
56:f6:12:a7:85:3c:85:6b:f6:2f:36:54:91:98:c3:
4e:b8:70:dd:41:6b:35:4b:22:d6:ee:90:3b:6a:b0:
01:5d:43:fa:93:e3:d9:35:e5:bc:04:05:c2:91:cb:
0d:67:64:04:6e:a5:c0:fc:bf:27:93:d2:54:0d:ed:
55:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:4D:45:68:73:68:E8:B4:A8:8E:42:7D:6D:33:84:B8:6B:F2:CE:DA
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/Rk1FaHNo6LSojkJ9bTOEuGvyzto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.48.0/24
37.235.51.0/24
46.183.187.0/24
83.243.120.0/23
89.31.120.0/23
89.31.123.0/24
91.132.92.0/23
91.132.95.0/24
92.243.64.0/24
103.57.248.0/23
103.57.251.0/24
134.255.211.0/24
149.154.157.0-149.154.159.255
151.236.15.0-151.236.18.255
151.236.20.0-151.236.22.255
151.236.25.0/24
158.255.208.0/24
158.255.213.0-158.255.215.255
185.26.239.0/24
185.76.78.0/23
IPv6:
2a03:f80:32::/47
2a03:f80:39::/48
2a03:f80:40::/48
2a03:f80:44::/47
2a03:f80:47::-2a03:f80:49:ffff:ffff:ffff:ffff:ffff
2a03:f80:61::/48
2a03:f80:65::/48
2a03:f80:81::/48
2a03:f80:381::/48
2a03:f80:852::/48
2a03:f80:971::/48
2a03:f80:4416::/48
2a03:f80:ed51::/48
Signature Algorithm: sha256WithRSAEncryption
be:fc:08:d1:de:8b:7b:8c:c4:ad:63:5e:39:1a:37:a1:2d:10:
11:b5:4f:60:c1:d4:7b:f3:b2:55:bb:33:f7:93:b4:09:2f:95:
41:14:e8:7a:82:b0:3f:03:81:a8:a3:aa:d6:f4:d5:89:99:17:
ec:77:e3:26:41:04:c6:f7:71:0a:a5:5b:72:13:01:75:cc:f4:
74:de:8b:dc:39:ad:c3:40:2d:73:5d:bf:ca:dd:10:09:33:4d:
34:b3:e9:fc:fd:85:fe:2c:56:fc:56:7d:82:19:e2:47:45:b8:
74:52:2a:77:3f:28:c4:08:28:10:87:85:ad:a3:b8:0b:b7:c0:
7f:03:16:8c:d4:74:72:4b:04:ee:a7:d2:1a:de:0e:5e:99:c1:
8c:fb:ff:61:37:dd:f9:6d:46:d7:65:7c:07:38:c9:3f:ca:e2:
44:4b:85:d7:ea:68:8a:02:f1:c9:f2:87:d2:0e:1c:b1:16:fe:
01:8f:74:0d:59:b0:80:7e:bf:84:5b:09:ad:58:c9:72:9a:43:
22:b5:9d:f1:c3:38:5c:64:18:ba:88:01:3c:22:5a:dd:51:98:
0b:14:d8:00:9c:24:13:fa:8d:0e:7b:b1:1d:ec:80:be:1f:95:
c5:5f:b3:17:85:34:72:aa:72:e7:99:1d:f4:07:6e:8d:26:45:
c1:fd:7c:67
-----BEGIN CERTIFICATE-----
MIIGITCCBQmgAwIBAgISAY2mbAePryADDDiFVVXpJJl1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwMjE0MDcwMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjRkNDU2ODczNjhlOGI0YTg4ZTQyN2Q2ZDMzODRiODZiZjJjZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKWMUCr+Y7Mw2xdkEoXnW9zMw/59
yPUQ2bgZgBOEb0+0C+Qat8Poj0JZjV96rv3uq9SwKr/jvTfeFj3rN4rh0ynQIZZe
Ha3koWLGNePDzJ43MAxVCLh88xNYDtGFnf4jv/crykcBpEnuHDB7RhQzGPF++GVi
DCMCfGpbXkUsUyioIIAtuO/97YM5qHtxMnXwh+Qxp6pnUV+KTp++VWUIAup0oGvK
ZYNCWTGAjPdawaGiNhQ+R0q+auP56juzEitby3lW9hKnhTyFa/YvNlSRmMNOuHDd
QWs1SyLW7pA7arABXUP6k+PZNeW8BAXCkcsNZ2QEbqXA/L8nk9JUDe1V1wIDAQAB
o4IDLTCCAykwHQYDVR0OBBYEFEZNRWhzaOi0qI5CfW0zhLhr8s7aMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvUmsxRmFITm82TFNvamtKOWJUT0V1R3Z5enRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQQYIKwYBBQUHAQcBAf8EggEwMIIBLDCBnwQCAAEwgZgD
BAAl6zADBAAl6zMDBAAut7sDBAFT83gDBAFZH3gDBABZH3sDBAFbhFwDBABbhF8D
BABc80ADBAFnOfgDBABnOfsDBACG/9MwDAMEAJWanQMEBZWagDAMAwQAl+wPAwQA
l+wSMAwDBAKX7BQDBACX7BYDBACX7BkDBACe/9AwDAMEAJ7/1QMEA57/0AMEALka
7wMEAblMTjCBhwQCAAIwgYADBwEqAw+AADIDBwAqAw+AADkDBwAqAw+AAEADBwEq
Aw+AAEQwEgMHACoDD4AARwMHASoDD4AASAMHACoDD4AAYQMHACoDD4AAZQMHACoD
D4AAgQMHACoDD4ADgQMHACoDD4AIUgMHACoDD4AJcQMHACoDD4BEFgMHACoDD4Dt
UTANBgkqhkiG9w0BAQsFAAOCAQEAvvwI0d6Le4zErWNeORo3oS0QEbVPYMHUe/Oy
Vbsz95O0CS+VQRToeoKwPwOBqKOq1vTViZkX7HfjJkEExvdxCqVbchMBdcz0dN6L
3Dmtw0Atc12/yt0QCTNNNLPp/P2F/ixW/FZ9ghniR0W4dFIqdz8oxAgoEIeFraO4
C7fAfwMWjNR0cksE7qfSGt4OXpnBjPv/YTfd+W1G12V8BzjJP8riREuF1+poigLx
yfKH0g4csRb+AY90DVmwgH6/hFsJrVjJcppDIrWd8cM4XGQYuogBPCJa3VGYCxTY
AJwkE/qNDnuxHeyAvh+VxV+zF4U0cqpy55kd9AdujSZFwf18Zw==
-----END CERTIFICATE-----
Generated at Mon Feb 19 18:02:51 2024 by rpki-client on console-ams.rpki-client.org