Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/a1TPs0Ih9PKkdk8i6hvkCFJIoa0.roa
File: a1TPs0Ih9PKkdk8i6hvkCFJIoa0.roa (raw, json)
Hash identifier: KZE0v2MerBYI7WVUsH9Npsjp1byVToWtZm/imEw1zDQ=
Subject key identifier: 6B:54:CF:B3:42:21:F4:F2:A4:76:4F:22:EA:1B:E4:08:52:48:A1:AD
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0191924AD33F241C7BD2FDE1AB93517C6965
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/a1TPs0Ih9PKkdk8i6hvkCFJIoa0.roa
Signing time: Tue 27 Aug 2024 05:24:22 +0000
ROA not before: Tue 27 Aug 2024 05:24:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 37.235.48.0/24 maxlen: 24
37.235.51.0/24 maxlen: 24
46.183.187.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.121.0/24 maxlen: 24
89.31.120.0/24 maxlen: 24
89.31.121.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
91.132.92.0/24 maxlen: 24
91.132.93.0/24 maxlen: 24
91.132.95.0/24 maxlen: 24
92.243.64.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
103.57.248.0/24 maxlen: 24
103.57.249.0/24 maxlen: 24
103.57.251.0/24 maxlen: 24
134.255.211.0/24 maxlen: 24
149.154.157.0/24 maxlen: 24
149.154.158.0/24 maxlen: 24
149.154.159.0/24 maxlen: 24
151.236.15.0/24 maxlen: 24
151.236.16.0/24 maxlen: 24
151.236.17.0/24 maxlen: 24
151.236.18.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.21.0/24 maxlen: 24
151.236.22.0/24 maxlen: 24
151.236.25.0/24 maxlen: 24
158.255.208.0/24 maxlen: 24
158.255.213.0/24 maxlen: 24
158.255.214.0/24 maxlen: 24
158.255.215.0/24 maxlen: 24
176.126.99.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
185.26.239.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
2a03:f80:32::/48 maxlen: 48
2a03:f80:33::/48 maxlen: 48
2a03:f80:39::/48 maxlen: 48
2a03:f80:40::/48 maxlen: 48
2a03:f80:44::/48 maxlen: 48
2a03:f80:45::/48 maxlen: 48
2a03:f80:47::/48 maxlen: 48
2a03:f80:48::/48 maxlen: 48
2a03:f80:49::/48 maxlen: 48
2a03:f80:61::/48 maxlen: 48
2a03:f80:65::/48 maxlen: 48
2a03:f80:81::/48 maxlen: 48
2a03:f80:381::/48 maxlen: 48
2a03:f80:852::/48 maxlen: 48
2a03:f80:971::/48 maxlen: 48
2a03:f80:4416::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 29 Aug 2024 05:54:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:92:4a:d3:3f:24:1c:7b:d2:fd:e1:ab:93:51:7c:69:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Aug 27 05:24:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b54cfb34221f4f2a4764f22ea1be4085248a1ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:98:89:c4:db:63:46:63:68:ee:57:14:81:96:
d8:7f:f9:a0:62:d6:e3:93:60:90:31:68:85:76:99:
43:0b:14:ba:a5:96:08:b7:b0:16:81:03:67:62:dc:
fc:cc:f1:73:b4:a6:cb:ae:62:14:a5:65:04:fd:f3:
0d:ab:08:e6:d7:43:e0:e4:b0:cf:ff:8e:49:fd:7f:
e0:a1:6a:25:0a:80:9c:0b:6b:84:96:d1:87:7e:36:
86:01:b2:22:a6:d5:ce:3c:4c:20:b1:95:1b:d6:54:
e0:e9:1c:cf:37:db:b3:46:4c:9e:97:62:47:82:fb:
43:02:6d:31:81:8e:d8:5b:eb:5b:e6:04:eb:a0:fa:
07:20:d3:94:d4:54:3a:3d:15:29:e9:d3:e4:1e:96:
99:68:1d:71:99:ff:05:48:84:3f:56:01:a3:db:cd:
d6:0e:ea:67:bf:be:14:38:3c:10:f8:64:56:df:be:
b8:4c:13:19:1f:48:92:e1:9c:32:bd:d4:d5:79:1f:
ea:e2:5e:3b:1c:c1:22:17:88:86:2f:68:42:6f:e7:
53:0f:51:fa:cd:09:e9:28:4c:44:33:25:a9:b3:a9:
d7:16:c7:18:a1:5c:d7:8b:8a:17:72:1f:54:b0:f4:
39:77:da:61:cd:9e:5a:c9:a9:49:01:a8:34:75:9e:
66:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:54:CF:B3:42:21:F4:F2:A4:76:4F:22:EA:1B:E4:08:52:48:A1:AD
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/a1TPs0Ih9PKkdk8i6hvkCFJIoa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.48.0/24
37.235.51.0/24
46.183.187.0/24
83.243.120.0/23
89.31.120.0/23
89.31.123.0/24
91.132.92.0/23
91.132.95.0/24
92.243.64.0/24
95.156.207.0/24
103.57.248.0/23
103.57.251.0/24
134.255.211.0/24
149.154.157.0-149.154.159.255
151.236.15.0-151.236.18.255
151.236.20.0-151.236.22.255
151.236.25.0/24
158.255.208.0/24
158.255.213.0-158.255.215.255
176.126.99.0/24
185.26.236.0/24
185.26.238.0/23
185.76.78.0/23
213.183.55.0/24
IPv6:
2a03:f80:32::/47
2a03:f80:39::/48
2a03:f80:40::/48
2a03:f80:44::/47
2a03:f80:47::-2a03:f80:49:ffff:ffff:ffff:ffff:ffff
2a03:f80:61::/48
2a03:f80:65::/48
2a03:f80:81::/48
2a03:f80:381::/48
2a03:f80:852::/48
2a03:f80:971::/48
2a03:f80:4416::/48
2a03:f80:ed51::/48
Signature Algorithm: sha256WithRSAEncryption
01:00:ee:59:76:f1:ff:b0:4a:35:0b:08:93:9e:f3:fb:58:3d:
49:b6:c9:15:b4:bd:dc:63:6b:9f:52:43:d8:75:30:81:7d:e8:
1f:16:31:55:e0:25:f2:80:4c:dd:77:be:3c:44:60:79:f5:02:
48:00:dc:d3:61:6e:38:6c:88:3f:ab:35:5b:7b:ab:3e:a0:d6:
78:37:b1:e6:4e:c2:37:d1:93:ef:d2:53:ba:eb:32:ed:12:3e:
8b:bd:b1:90:02:a7:2e:f1:81:33:c0:c4:a4:fe:ef:b1:45:b3:
d2:1c:14:06:92:6b:90:82:fd:b4:1e:ca:13:bf:2c:f3:4d:b7:
4f:5b:42:c3:f8:56:4a:ee:6d:6d:ef:d5:1f:35:38:f6:f4:ea:
4c:b6:79:20:b9:3b:7c:81:5f:c8:25:1f:96:cc:4c:b1:dc:fa:
ba:b9:6a:47:86:dd:b1:0b:85:0e:5a:0e:bd:79:03:ea:50:1f:
fc:61:8b:fe:0a:d2:14:bb:24:92:c8:c0:c7:16:92:e1:72:20:
7e:ae:a5:af:c1:31:6d:05:67:f6:d0:72:dd:85:73:89:5a:a8:
7d:00:f3:c7:56:b2:7b:c8:34:ca:7f:fe:5a:e0:5b:69:b1:c0:
5a:12:e1:90:76:5a:11:48:38:9a:44:7c:ac:a2:42:09:04:9e:
5a:5c:fe:9b
-----BEGIN CERTIFICATE-----
MIIGOTCCBSGgAwIBAgISAZGSStM/JBx70v3hq5NRfGllMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwODI3MDUyNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjU0Y2ZiMzQyMjFmNGYyYTQ3NjRmMjJlYTFiZTQwODUyNDhhMWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3piJxNtjRmNo7lcUgZbYf/mgYtbj
k2CQMWiFdplDCxS6pZYIt7AWgQNnYtz8zPFztKbLrmIUpWUE/fMNqwjm10Pg5LDP
/45J/X/goWolCoCcC2uEltGHfjaGAbIiptXOPEwgsZUb1lTg6RzPN9uzRkyel2JH
gvtDAm0xgY7YW+tb5gTroPoHINOU1FQ6PRUp6dPkHpaZaB1xmf8FSIQ/VgGj283W
Dupnv74UODwQ+GRW3764TBMZH0iS4ZwyvdTVeR/q4l47HMEiF4iGL2hCb+dTD1H6
zQnpKExEMyWps6nXFscYoVzXi4oXch9UsPQ5d9phzZ5ayalJAag0dZ5mzwIDAQAB
o4IDRTCCA0EwHQYDVR0OBBYEFGtUz7NCIfTypHZPIuob5AhSSKGtMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvYTFUUHMwSWg5UEtrZGs4aTZodmtDRkpJb2EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBWQYIKwYBBQUHAQcBAf8EggFIMIIBRDCBtwQCAAEwgbAD
BAAl6zADBAAl6zMDBAAut7sDBAFT83gDBAFZH3gDBABZH3sDBAFbhFwDBABbhF8D
BABc80ADBABfnM8DBAFnOfgDBABnOfsDBACG/9MwDAMEAJWanQMEBZWagDAMAwQA
l+wPAwQAl+wSMAwDBAKX7BQDBACX7BYDBACX7BkDBACe/9AwDAMEAJ7/1QMEA57/
0AMEALB+YwMEALka7AMEAbka7gMEAblMTgMEANW3NzCBhwQCAAIwgYADBwEqAw+A
ADIDBwAqAw+AADkDBwAqAw+AAEADBwEqAw+AAEQwEgMHACoDD4AARwMHASoDD4AA
SAMHACoDD4AAYQMHACoDD4AAZQMHACoDD4AAgQMHACoDD4ADgQMHACoDD4AIUgMH
ACoDD4AJcQMHACoDD4BEFgMHACoDD4DtUTANBgkqhkiG9w0BAQsFAAOCAQEAAQDu
WXbx/7BKNQsIk57z+1g9SbbJFbS93GNrn1JD2HUwgX3oHxYxVeAl8oBM3Xe+PERg
efUCSADc02FuOGyIP6s1W3urPqDWeDex5k7CN9GT79JTuusy7RI+i72xkAKnLvGB
M8DEpP7vsUWz0hwUBpJrkIL9tB7KE78s8023T1tCw/hWSu5tbe/VHzU49vTqTLZ5
ILk7fIFfyCUflsxMsdz6urlqR4bdsQuFDloOvXkD6lAf/GGL/grSFLskksjAxxaS
4XIgfq6lr8ExbQVn9tBy3YVziVqofQDzx1aye8g0yn/+WuBbabHAWhLhkHZaEUg4
mkR8rKJCCQSeWlz+mw==
-----END CERTIFICATE-----
Generated at Thu Aug 29 08:34:00 2024 by rpki-client on console-fra.rpki-client.org