Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/VjDbLI7Fu-IBZuv-Z4hGajs_lcw.roa
File: VjDbLI7Fu-IBZuv-Z4hGajs_lcw.roa (raw, json)
Hash identifier: Wgt/jQc9+XWaciERSIbsY/o/gQxq3u9IZUB0PuFZuM4=
Subject key identifier: 56:30:DB:2C:8E:C5:BB:E2:01:66:EB:FE:67:88:46:6A:3B:3F:95:CC
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 018BD7BF033321F70EDE64D9D358A7BCD060
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/VjDbLI7Fu-IBZuv-Z4hGajs_lcw.roa
Signing time: Thu 16 Nov 2023 10:48:21 +0000
ROA not before: Thu 16 Nov 2023 10:48:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57169
IP address blocks: 37.235.50.0/23 maxlen: 23
37.235.48.0/20 maxlen: 20
37.235.50.0/24 maxlen: 24
37.235.56.0/24 maxlen: 24
37.235.57.0/24 maxlen: 24
37.235.58.0/24 maxlen: 24
37.235.52.0/24 maxlen: 24
37.235.59.0/24 maxlen: 24
37.235.60.0/24 maxlen: 24
37.235.61.0/24 maxlen: 24
37.235.62.0/24 maxlen: 24
37.235.63.0/24 maxlen: 24
158.255.211.0/24 maxlen: 24
158.255.212.0/24 maxlen: 24
158.255.209.0/24 maxlen: 24
158.255.210.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.237.0/24 maxlen: 24
149.154.152.0/24 maxlen: 24
149.154.153.0/24 maxlen: 24
149.154.154.0/24 maxlen: 24
149.154.155.0/24 maxlen: 24
149.154.156.0/24 maxlen: 24
5.180.114.0/24 maxlen: 24
86.106.119.0/24 maxlen: 24
91.227.204.0/23 maxlen: 23
91.227.204.0/24 maxlen: 24
91.227.205.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.122.0/24 maxlen: 24
83.243.123.0/24 maxlen: 24
91.132.94.0/24 maxlen: 24
213.183.54.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
213.183.56.0/24 maxlen: 24
213.183.57.0/24 maxlen: 24
84.247.61.0/24 maxlen: 24
151.236.0.0/19 maxlen: 19
151.236.0.0/24 maxlen: 24
151.236.1.0/24 maxlen: 24
151.236.2.0/24 maxlen: 24
151.236.3.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.5.0/24 maxlen: 24
151.236.6.0/24 maxlen: 24
151.236.7.0/24 maxlen: 24
151.236.8.0/24 maxlen: 24
151.236.9.0/24 maxlen: 24
151.236.10.0/24 maxlen: 24
151.236.11.0/24 maxlen: 24
151.236.12.0/24 maxlen: 24
151.236.13.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.26.0/23 maxlen: 23
151.236.30.0/24 maxlen: 24
103.57.250.0/24 maxlen: 24
92.243.66.0/24 maxlen: 24
2a03:f80:359::/48 maxlen: 48
2a03:f80:56::/48 maxlen: 48
2a03:f80:ed16::/48 maxlen: 48
2a03:f80:371::/48 maxlen: 48
2a03:f80:ed31::/48 maxlen: 48
2a03:f87:ffff::/48 maxlen: 48
2a03:f80::/29 maxlen: 29
2a03:f80:57::/48 maxlen: 48
2a03:f80:ed17::/48 maxlen: 48
2a03:f80:354::/48 maxlen: 48
2a03:f80:3991::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
2a03:f80:7::/48 maxlen: 48
2a03:f80:ad15::/48 maxlen: 48
2a03:f80:ed15::/48 maxlen: 48
2a03:f80:370::/48 maxlen: 48
2a03:f80:70::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 18 Dec 2023 14:50:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d7:bf:03:33:21:f7:0e:de:64:d9:d3:58:a7:bc:d0:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Nov 16 10:48:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5630db2c8ec5bbe20166ebfe6788466a3b3f95cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:b7:ef:ed:73:69:37:9d:fc:59:58:ac:01:0c:
ad:ac:09:fa:38:9c:21:36:63:86:31:91:a9:83:c7:
1f:8a:15:48:c1:d7:6f:23:7a:89:ec:9e:b7:37:8e:
1b:9b:a2:ae:7a:7c:17:47:15:db:7f:e9:00:aa:7f:
03:78:0e:cc:e5:06:14:5c:bb:f3:62:e5:9c:66:a7:
5a:32:00:e5:19:4a:14:d7:f6:97:c7:01:6a:62:ed:
0c:a8:fc:70:82:96:57:d6:f4:d9:04:a0:cf:e0:1f:
45:4f:39:87:c6:82:6e:6f:a0:bd:45:40:47:cb:dd:
d8:44:3f:1b:c1:ab:75:25:e5:74:cb:85:20:5b:cc:
78:e5:25:25:28:22:01:2d:38:a5:e2:78:00:73:1a:
12:7b:a0:1a:87:1b:fc:67:93:af:11:f1:cc:39:3c:
1d:60:64:80:60:3d:c6:c6:a8:10:35:86:cd:e7:4a:
61:1c:bb:d5:4a:c6:20:c4:3d:b2:50:9a:f3:84:7f:
61:86:35:1e:f8:ec:44:47:ad:75:77:92:ac:07:b3:
cf:77:39:6e:29:d3:46:51:79:13:e0:e9:b8:e5:d1:
02:82:c5:28:fc:f0:db:51:21:19:b8:41:a9:74:e7:
4f:8e:1e:05:21:c3:4c:7d:d5:2d:c4:dc:55:19:4b:
92:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:30:DB:2C:8E:C5:BB:E2:01:66:EB:FE:67:88:46:6A:3B:3F:95:CC
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/VjDbLI7Fu-IBZuv-Z4hGajs_lcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.114.0/24
37.235.48.0/20
83.243.120.0/24
83.243.122.0/23
84.247.61.0/24
86.106.119.0/24
89.31.123.0/24
91.132.94.0/24
91.227.204.0/23
92.243.66.0/24
103.57.250.0/24
149.154.152.0-149.154.156.255
151.236.0.0/19
158.255.209.0-158.255.212.255
185.26.236.0/23
213.183.54.0-213.183.57.255
IPv6:
2a03:f80::/29
Signature Algorithm: sha256WithRSAEncryption
63:c6:82:00:ae:32:3f:e8:ef:67:99:b0:d0:9a:6a:17:3b:f9:
21:53:e0:32:e6:6e:12:9f:c6:66:2e:1b:57:73:a7:24:1a:fd:
b6:1c:56:7d:17:58:0e:aa:67:6e:cc:3f:21:d1:51:ec:0c:6d:
62:3e:2b:25:8c:8e:21:bb:cd:c3:59:2b:7f:b1:de:e3:69:8d:
b0:96:74:d4:69:b8:29:e4:9a:e7:f1:de:e9:6e:35:83:c4:8a:
5f:2c:d8:1f:7a:42:20:32:ce:50:cf:4f:cc:44:12:b3:5e:d4:
d0:97:b0:93:7c:90:2e:b5:42:ed:88:eb:07:2e:e6:24:10:a9:
3e:21:30:bb:71:b6:71:df:43:ca:d4:48:2e:2a:1d:d5:58:05:
ae:55:b2:63:75:e6:61:63:ca:39:30:e3:b5:6f:ea:1e:e7:73:
da:38:c8:75:d6:27:56:d1:7b:48:0b:ae:ac:aa:2b:03:b7:6f:
40:4f:a1:ca:b2:84:e4:58:30:48:88:dc:0a:ca:93:ad:77:3e:
a2:05:d5:78:9a:3f:8a:89:ad:91:eb:4b:2e:80:dc:b2:1a:b3:
95:68:3f:4a:2a:48:00:3f:b0:f0:74:b1:b3:2e:e1:dd:ef:57:
10:a6:66:9e:74:de:68:76:7d:e5:38:e2:92:ec:3c:7d:59:aa:
d5:de:75:3a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAYvXvwMzIfcO3mTZ01invNBgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMxMTE2MTA0ODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjMwZGIyYzhlYzViYmUyMDE2NmViZmU2Nzg4NDY2YTNiM2Y5NWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA47fv7XNpN538WVisAQytrAn6OJwh
NmOGMZGpg8cfihVIwddvI3qJ7J63N44bm6KuenwXRxXbf+kAqn8DeA7M5QYUXLvz
YuWcZqdaMgDlGUoU1/aXxwFqYu0MqPxwgpZX1vTZBKDP4B9FTzmHxoJub6C9RUBH
y93YRD8bwat1JeV0y4UgW8x45SUlKCIBLTil4ngAcxoSe6Aahxv8Z5OvEfHMOTwd
YGSAYD3GxqgQNYbN50phHLvVSsYgxD2yUJrzhH9hhjUe+OxER611d5KsB7PPdzlu
KdNGUXkT4Om45dECgsUo/PDbUSEZuEGpdOdPjh4FIcNMfdUtxNxVGUuSiQIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFFYw2yyOxbviAWbr/meIRmo7P5XMMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvVmpEYkxJN0Z1LUlCWnV2LVo0aEdhanNfbGN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzB+BAIAATB4AwQABbRy
AwQEJeswAwQAU/N4AwQBU/N6AwQAVPc9AwQAVmp3AwQAWR97AwQAW4ReAwQBW+PM
AwQAXPNCAwQAZzn6MAwDBAOVmpgDBACVmpwDBAWX7AAwDAMEAJ7/0QMEAJ7/1AME
Abka7DAMAwQB1bc2AwQB1bc4MA0EAgACMAcDBQMqAw+AMA0GCSqGSIb3DQEBCwUA
A4IBAQBjxoIArjI/6O9nmbDQmmoXO/khU+Ay5m4Sn8ZmLhtXc6ckGv22HFZ9F1gO
qmduzD8h0VHsDG1iPisljI4hu83DWSt/sd7jaY2wlnTUabgp5Jrn8d7pbjWDxIpf
LNgfekIgMs5Qz0/MRBKzXtTQl7CTfJAutULtiOsHLuYkEKk+ITC7cbZx30PK1Egu
Kh3VWAWuVbJjdeZhY8o5MOO1b+oe53PaOMh11idW0XtIC66sqisDt29AT6HKsoTk
WDBIiNwKypOtdz6iBdV4mj+Kia2R60sugNyyGrOVaD9KKkgAP7DwdLGzLuHd71cQ
pmaedN5odn3lOOKS7Dx9WarV3nU6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:28 2024 by rpki-client on console-fra.rpki-client.org