Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/ZHhJrhv5j5MjfN7sAMMEvtRNT0g.roa
File: ZHhJrhv5j5MjfN7sAMMEvtRNT0g.roa (raw, json)
Hash identifier: xHP4eMclV+k2//pYCzGVPifYxmubCZoKZwLt8goy8IE=
Subject key identifier: 64:78:49:AE:1B:F9:8F:93:23:7C:DE:EC:00:C3:04:BE:D4:4D:4F:48
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0191E4EAA7AA3B384A849768C3326FF7D283
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/ZHhJrhv5j5MjfN7sAMMEvtRNT0g.roa
Signing time: Thu 12 Sep 2024 06:27:49 +0000
ROA not before: Thu 12 Sep 2024 06:27:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 37.235.48.0/24 maxlen: 24
37.235.51.0/24 maxlen: 24
45.153.127.0/24 maxlen: 24
46.183.187.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.121.0/24 maxlen: 24
89.31.120.0/24 maxlen: 24
89.31.121.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
89.46.233.0/24 maxlen: 24
89.46.234.0/24 maxlen: 24
89.46.235.0/24 maxlen: 24
89.46.236.0/24 maxlen: 24
91.132.92.0/24 maxlen: 24
91.132.93.0/24 maxlen: 24
91.132.95.0/24 maxlen: 24
92.243.64.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
103.57.248.0/24 maxlen: 24
103.57.249.0/24 maxlen: 24
103.57.251.0/24 maxlen: 24
134.255.211.0/24 maxlen: 24
149.154.157.0/24 maxlen: 24
149.154.158.0/24 maxlen: 24
149.154.159.0/24 maxlen: 24
151.236.15.0/24 maxlen: 24
151.236.16.0/24 maxlen: 24
151.236.17.0/24 maxlen: 24
151.236.18.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.21.0/24 maxlen: 24
151.236.22.0/24 maxlen: 24
151.236.25.0/24 maxlen: 24
158.255.208.0/24 maxlen: 24
158.255.213.0/24 maxlen: 24
158.255.214.0/24 maxlen: 24
158.255.215.0/24 maxlen: 24
176.126.99.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
185.26.239.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
188.214.32.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
2a03:f80:32::/48 maxlen: 48
2a03:f80:33::/48 maxlen: 48
2a03:f80:39::/48 maxlen: 48
2a03:f80:40::/48 maxlen: 48
2a03:f80:44::/48 maxlen: 48
2a03:f80:45::/48 maxlen: 48
2a03:f80:47::/48 maxlen: 48
2a03:f80:48::/48 maxlen: 48
2a03:f80:49::/48 maxlen: 48
2a03:f80:61::/48 maxlen: 48
2a03:f80:65::/48 maxlen: 48
2a03:f80:81::/48 maxlen: 48
2a03:f80:381::/48 maxlen: 48
2a03:f80:852::/48 maxlen: 48
2a03:f80:971::/48 maxlen: 48
2a03:f80:4416::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 21 Oct 2024 06:29:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e4:ea:a7:aa:3b:38:4a:84:97:68:c3:32:6f:f7:d2:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Sep 12 06:27:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=647849ae1bf98f93237cdeec00c304bed44d4f48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:bd:8d:22:d5:a0:63:5a:0e:85:76:82:89:75:
27:92:d7:36:51:e1:5e:d9:4a:fb:eb:e4:0d:bd:e6:
57:fa:b9:f6:9e:c6:34:2c:71:79:14:eb:5a:70:63:
a7:c0:5e:b6:d4:b4:d9:f9:68:83:fe:78:71:35:6c:
39:01:0b:0b:1a:4f:6b:88:d9:01:95:01:20:a4:a7:
ba:55:7a:2a:65:12:55:38:73:48:54:6f:5e:4b:ff:
56:b0:c5:53:f1:8c:83:3c:fa:52:8b:ad:e0:85:42:
84:02:6c:4d:f8:35:d7:d7:89:23:55:40:74:ab:b4:
40:98:6d:65:c5:84:58:7e:3d:cc:a5:06:ab:97:16:
68:86:57:f5:2a:00:28:61:b5:98:9e:90:55:b7:90:
09:fe:7d:2e:c2:fd:22:d5:77:0d:f6:ca:f8:84:bb:
26:7a:4b:d9:c0:16:42:ea:51:e9:64:ad:ac:a6:eb:
ae:5c:2f:f4:64:7e:fd:9e:98:ed:c5:b4:7d:d3:3e:
1f:6e:ac:62:36:99:21:30:35:44:04:3a:5f:24:0f:
a1:b6:99:40:89:a2:7a:1b:18:6f:5f:27:08:5d:d5:
bd:c1:b9:26:af:9a:04:01:57:8c:af:d3:ad:f3:f9:
38:ad:3e:7b:3c:30:71:21:3a:9f:08:fc:36:66:4d:
0f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:78:49:AE:1B:F9:8F:93:23:7C:DE:EC:00:C3:04:BE:D4:4D:4F:48
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/ZHhJrhv5j5MjfN7sAMMEvtRNT0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.48.0/24
37.235.51.0/24
45.153.127.0/24
46.183.187.0/24
83.243.120.0/23
89.31.120.0/23
89.31.123.0/24
89.46.233.0-89.46.236.255
91.132.92.0/23
91.132.95.0/24
92.243.64.0/24
95.156.204.0/24
95.156.207.0/24
103.57.248.0/23
103.57.251.0/24
134.255.211.0/24
149.154.157.0-149.154.159.255
151.236.15.0-151.236.18.255
151.236.20.0-151.236.22.255
151.236.25.0/24
158.255.208.0/24
158.255.213.0-158.255.215.255
176.126.99.0/24
185.26.236.0/24
185.26.238.0/23
185.76.78.0/23
188.214.32.0/24
213.183.55.0/24
IPv6:
2a03:f80:32::/47
2a03:f80:39::/48
2a03:f80:40::/48
2a03:f80:44::/47
2a03:f80:47::-2a03:f80:49:ffff:ffff:ffff:ffff:ffff
2a03:f80:61::/48
2a03:f80:65::/48
2a03:f80:81::/48
2a03:f80:381::/48
2a03:f80:852::/48
2a03:f80:971::/48
2a03:f80:4416::/48
2a03:f80:ed51::/48
Signature Algorithm: sha256WithRSAEncryption
11:65:2a:4e:53:68:36:61:22:1d:54:3d:b4:e6:18:cd:28:f0:
ad:b2:bc:0a:bf:04:fa:01:88:3d:3b:32:4d:e6:fa:b5:f1:37:
6a:c4:88:0c:50:de:64:1f:0f:c6:b8:fe:10:2d:e9:5b:47:03:
f7:d1:f6:db:2c:2e:a1:fa:f2:38:d6:29:6c:40:96:f6:f2:94:
ec:40:68:8b:45:fa:8c:7d:d3:b6:f4:e0:23:64:8c:a1:05:2c:
ee:38:67:47:bd:03:f0:18:d1:64:a4:7b:52:8b:19:99:64:3a:
0a:9f:23:1c:68:cd:bf:82:6b:2c:66:d2:04:c1:1e:ed:8f:f8:
a7:35:0a:3e:34:55:20:96:f6:b7:8e:7e:5b:73:2a:f8:ed:44:
c2:d2:8e:eb:08:70:e4:de:82:e6:f5:e8:b6:fe:58:b9:42:4a:
be:f1:c9:80:86:2f:e5:d6:16:a5:61:b0:1b:b3:f7:55:aa:3e:
92:5e:f0:5b:40:da:5c:91:fe:81:de:01:7a:32:cb:25:52:f4:
33:79:50:09:c1:39:d1:a4:7a:a6:6a:47:ba:03:fc:53:a2:04:
a5:a9:ad:c5:73:75:21:31:6a:9d:74:e4:bf:67:fd:4f:2d:a6:
2c:db:97:06:5d:0e:0e:fe:65:f8:a2:96:da:68:50:b3:77:2e:
75:50:e2:48
-----BEGIN CERTIFICATE-----
MIIGWTCCBUGgAwIBAgISAZHk6qeqOzhKhJdowzJv99KDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwOTEyMDYyNzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDc4NDlhZTFiZjk4ZjkzMjM3Y2RlZWMwMGMzMDRiZWQ0NGQ0ZjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3r2NItWgY1oOhXaCiXUnktc2UeFe
2Ur76+QNveZX+rn2nsY0LHF5FOtacGOnwF621LTZ+WiD/nhxNWw5AQsLGk9riNkB
lQEgpKe6VXoqZRJVOHNIVG9eS/9WsMVT8YyDPPpSi63ghUKEAmxN+DXX14kjVUB0
q7RAmG1lxYRYfj3MpQarlxZohlf1KgAoYbWYnpBVt5AJ/n0uwv0i1XcN9sr4hLsm
ekvZwBZC6lHpZK2spuuuXC/0ZH79npjtxbR90z4fbqxiNpkhMDVEBDpfJA+htplA
iaJ6GxhvXycIXdW9wbkmr5oEAVeMr9Ot8/k4rT57PDBxITqfCPw2Zk0P4wIDAQAB
o4IDZTCCA2EwHQYDVR0OBBYEFGR4Sa4b+Y+TI3ze7ADDBL7UTU9IMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvWkhoSnJodjVqNU1qZk43c0FNTUV2dFJOVDBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBeQYIKwYBBQUHAQcBAf8EggFoMIIBZDCB1wQCAAEwgdAD
BAAl6zADBAAl6zMDBAAtmX8DBAAut7sDBAFT83gDBAFZH3gDBABZH3swDAMEAFku
6QMEAFku7AMEAVuEXAMEAFuEXwMEAFzzQAMEAF+czAMEAF+czwMEAWc5+AMEAGc5
+wMEAIb/0zAMAwQAlZqdAwQFlZqAMAwDBACX7A8DBACX7BIwDAMEApfsFAMEAJfs
FgMEAJfsGQMEAJ7/0DAMAwQAnv/VAwQDnv/QAwQAsH5jAwQAuRrsAwQBuRruAwQB
uUxOAwQAvNYgAwQA1bc3MIGHBAIAAjCBgAMHASoDD4AAMgMHACoDD4AAOQMHACoD
D4AAQAMHASoDD4AARDASAwcAKgMPgABHAwcBKgMPgABIAwcAKgMPgABhAwcAKgMP
gABlAwcAKgMPgACBAwcAKgMPgAOBAwcAKgMPgAhSAwcAKgMPgAlxAwcAKgMPgEQW
AwcAKgMPgO1RMA0GCSqGSIb3DQEBCwUAA4IBAQARZSpOU2g2YSIdVD205hjNKPCt
srwKvwT6AYg9OzJN5vq18TdqxIgMUN5kHw/GuP4QLelbRwP30fbbLC6h+vI41ils
QJb28pTsQGiLRfqMfdO29OAjZIyhBSzuOGdHvQPwGNFkpHtSixmZZDoKnyMcaM2/
gmssZtIEwR7tj/inNQo+NFUglva3jn5bcyr47UTC0o7rCHDk3oLm9ei2/li5Qkq+
8cmAhi/l1halYbAbs/dVqj6SXvBbQNpckf6B3gF6MsslUvQzeVAJwTnRpHqmake6
A/xTogSlqa3Fc3UhMWqddOS/Z/1PLaYs25cGXQ4O/mX4opbaaFCzdy51UOJI
-----END CERTIFICATE-----
Generated at Mon Oct 21 08:35:26 2024 by rpki-client on console-ams.rpki-client.org