Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/bnucm0RBT-9IkHiVHk2CWdeE2Po.roa
File: bnucm0RBT-9IkHiVHk2CWdeE2Po.roa (raw, json)
Hash identifier: gqChjyTewGoOofRmQNYCS+Po6erMH3R7VeEMyByqGzQ=
Subject key identifier: 6E:7B:9C:9B:44:41:4F:EF:48:90:78:95:1E:4D:82:59:D7:84:D8:FA
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 018C86DD1A7032F740555312506D58DA504E
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/bnucm0RBT-9IkHiVHk2CWdeE2Po.roa
Signing time: Wed 20 Dec 2023 10:54:46 +0000
ROA not before: Wed 20 Dec 2023 10:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 37.235.48.0/24 maxlen: 24
37.235.51.0/24 maxlen: 24
158.255.208.0/24 maxlen: 24
134.255.211.0/24 maxlen: 24
158.255.213.0/24 maxlen: 24
158.255.214.0/24 maxlen: 24
158.255.215.0/24 maxlen: 24
185.26.239.0/24 maxlen: 24
149.154.157.0/24 maxlen: 24
149.154.158.0/24 maxlen: 24
149.154.159.0/24 maxlen: 24
46.183.187.0/24 maxlen: 24
89.31.120.0/24 maxlen: 24
89.31.121.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.121.0/24 maxlen: 24
91.132.92.0/24 maxlen: 24
91.132.93.0/24 maxlen: 24
91.132.95.0/24 maxlen: 24
151.236.15.0/24 maxlen: 24
151.236.16.0/24 maxlen: 24
151.236.17.0/24 maxlen: 24
151.236.18.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.21.0/24 maxlen: 24
151.236.22.0/24 maxlen: 24
151.236.25.0/24 maxlen: 24
92.243.64.0/24 maxlen: 24
103.57.248.0/24 maxlen: 24
103.57.249.0/24 maxlen: 24
103.57.251.0/24 maxlen: 24
2a03:f80:45::/48 maxlen: 48
2a03:f80:4416::/48 maxlen: 48
2a03:f80:971::/48 maxlen: 48
2a03:f80:49::/48 maxlen: 48
2a03:f80:32::/48 maxlen: 48
2a03:f80:61::/48 maxlen: 48
2a03:f80:65::/48 maxlen: 48
2a03:f80:40::/48 maxlen: 48
2a03:f80:39::/48 maxlen: 48
2a03:f80:33::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
2a03:f80:47::/48 maxlen: 48
2a03:f80:44::/48 maxlen: 48
2a03:f80:852::/48 maxlen: 48
2a03:f80:48::/48 maxlen: 48
2a03:f80:81::/48 maxlen: 48
2a03:f80:381::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:86:dd:1a:70:32:f7:40:55:53:12:50:6d:58:da:50:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Dec 20 10:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e7b9c9b44414fef489078951e4d8259d784d8fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2a:1a:11:a0:2a:60:cc:8d:78:95:d7:e2:e3:
bc:ed:c7:75:37:0c:a1:64:ef:3e:58:fa:c6:9a:1f:
94:ab:ca:37:ce:be:1b:22:3f:4d:1b:6c:a3:7c:b8:
aa:89:bf:51:c7:26:44:04:0f:bc:eb:b9:0a:a9:61:
5e:d4:55:39:a9:ea:d5:21:13:31:2d:d2:54:e7:4a:
eb:bd:c7:ed:66:8c:d1:ef:74:de:bb:bf:4a:c3:7d:
fc:52:ec:53:8b:63:0f:0c:9c:bd:a3:93:a5:40:87:
ab:22:df:89:fa:20:7e:9a:20:fa:3f:f7:28:56:88:
c9:2c:93:02:02:9f:76:75:ca:d4:bf:81:8b:10:6a:
cc:eb:d2:5e:07:6d:4e:26:dc:ed:60:39:ee:d6:14:
6c:ce:37:60:c0:19:52:ab:26:5d:e2:fd:33:98:28:
22:02:c1:f5:87:09:49:10:c4:cb:f6:22:25:00:ca:
38:b6:b0:20:a1:b2:00:5d:db:7f:d3:22:ee:fa:d3:
90:dc:bb:45:9f:39:8e:0e:e9:77:bf:57:fb:f0:b8:
a9:c8:34:a5:e4:3e:cd:05:2a:0d:d2:e6:83:ee:c3:
a3:83:83:03:3d:f2:22:eb:27:20:e2:ff:0d:38:b0:
40:68:37:2f:f2:63:fa:77:0f:c4:cf:e2:b7:ab:4a:
0b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:7B:9C:9B:44:41:4F:EF:48:90:78:95:1E:4D:82:59:D7:84:D8:FA
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/bnucm0RBT-9IkHiVHk2CWdeE2Po.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.48.0/24
37.235.51.0/24
46.183.187.0/24
83.243.120.0/23
89.31.120.0/23
89.31.123.0/24
91.132.92.0/23
91.132.95.0/24
92.243.64.0/24
103.57.248.0/23
103.57.251.0/24
134.255.211.0/24
149.154.157.0-149.154.159.255
151.236.15.0-151.236.18.255
151.236.20.0-151.236.22.255
151.236.25.0/24
158.255.208.0/24
158.255.213.0-158.255.215.255
185.26.239.0/24
IPv6:
2a03:f80:32::/47
2a03:f80:39::/48
2a03:f80:40::/48
2a03:f80:44::/47
2a03:f80:47::-2a03:f80:49:ffff:ffff:ffff:ffff:ffff
2a03:f80:61::/48
2a03:f80:65::/48
2a03:f80:81::/48
2a03:f80:381::/48
2a03:f80:852::/48
2a03:f80:971::/48
2a03:f80:4416::/48
2a03:f80:ed51::/48
Signature Algorithm: sha256WithRSAEncryption
13:a5:49:3b:a2:f5:e7:0a:97:bf:f3:d2:1b:a3:83:42:59:0a:
ee:eb:63:ef:4a:66:a7:61:2e:be:6e:ae:fb:cf:38:6a:0f:a7:
7c:5a:a1:05:77:47:5e:ed:70:20:c5:d0:ec:90:05:8a:f2:b7:
0b:36:45:08:02:68:9f:a5:52:9d:5d:e0:27:22:38:6a:d2:03:
bf:4f:46:c6:44:70:c2:90:88:e0:30:6b:64:81:68:9d:21:a5:
bd:7c:01:c4:1c:c7:52:28:18:b5:2c:fa:a1:3e:d3:87:96:9a:
d1:83:96:7a:ad:90:29:95:ae:b0:b2:95:43:d5:ad:ac:f6:63:
c3:5f:da:ab:1e:33:bf:43:62:cc:2e:c7:c6:9c:80:46:2e:bc:
6d:d6:dc:46:ce:60:19:88:64:41:83:93:47:53:25:85:13:d3:
59:f1:59:72:94:f8:bb:1a:f6:99:25:32:7d:74:9c:c7:2f:ad:
b5:f3:4e:a5:fb:60:0b:2f:ed:ec:87:5d:75:1d:61:55:66:eb:
42:59:28:c4:fa:6f:1c:2d:30:2d:86:66:c2:06:16:4e:01:1a:
c8:09:dc:77:02:28:2c:3d:d9:04:c2:2e:1a:6b:7a:28:33:5e:
9f:d1:41:1a:ff:45:a0:39:c2:ed:9f:88:c8:6f:7a:05:97:49:
7b:95:90:0c
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgISAYyG3RpwMvdAVVMSUG1Y2lBOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMxMjIwMTA1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTdiOWM5YjQ0NDE0ZmVmNDg5MDc4OTUxZTRkODI1OWQ3ODRkOGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCoaEaAqYMyNeJXX4uO87cd1Nwyh
ZO8+WPrGmh+Uq8o3zr4bIj9NG2yjfLiqib9RxyZEBA+867kKqWFe1FU5qerVIRMx
LdJU50rrvcftZozR73Teu79Kw338UuxTi2MPDJy9o5OlQIerIt+J+iB+miD6P/co
VojJLJMCAp92dcrUv4GLEGrM69JeB21OJtztYDnu1hRszjdgwBlSqyZd4v0zmCgi
AsH1hwlJEMTL9iIlAMo4trAgobIAXdt/0yLu+tOQ3LtFnzmODul3v1f78LipyDSl
5D7NBSoN0uaD7sOjg4MDPfIi6ycg4v8NOLBAaDcv8mP6dw/Ez+K3q0oLIwIDAQAB
o4IDJzCCAyMwHQYDVR0OBBYEFG57nJtEQU/vSJB4lR5NglnXhNj6MB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvYm51Y20wUkJULTlJa0hpVkhrMkNXZGVFMlBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOwYIKwYBBQUHAQcBAf8EggEqMIIBJjCBmQQCAAEwgZID
BAAl6zADBAAl6zMDBAAut7sDBAFT83gDBAFZH3gDBABZH3sDBAFbhFwDBABbhF8D
BABc80ADBAFnOfgDBABnOfsDBACG/9MwDAMEAJWanQMEBZWagDAMAwQAl+wPAwQA
l+wSMAwDBAKX7BQDBACX7BYDBACX7BkDBACe/9AwDAMEAJ7/1QMEA57/0AMEALka
7zCBhwQCAAIwgYADBwEqAw+AADIDBwAqAw+AADkDBwAqAw+AAEADBwEqAw+AAEQw
EgMHACoDD4AARwMHASoDD4AASAMHACoDD4AAYQMHACoDD4AAZQMHACoDD4AAgQMH
ACoDD4ADgQMHACoDD4AIUgMHACoDD4AJcQMHACoDD4BEFgMHACoDD4DtUTANBgkq
hkiG9w0BAQsFAAOCAQEAE6VJO6L15wqXv/PSG6ODQlkK7utj70pmp2Euvm6u+884
ag+nfFqhBXdHXu1wIMXQ7JAFivK3CzZFCAJon6VSnV3gJyI4atIDv09GxkRwwpCI
4DBrZIFonSGlvXwBxBzHUigYtSz6oT7Th5aa0YOWeq2QKZWusLKVQ9WtrPZjw1/a
qx4zv0NizC7HxpyARi68bdbcRs5gGYhkQYOTR1MlhRPTWfFZcpT4uxr2mSUyfXSc
xy+ttfNOpftgCy/t7IdddR1hVWbrQlkoxPpvHC0wLYZmwgYWTgEayAncdwIoLD3Z
BMIuGmt6KDNen9FBGv9FoDnC7Z+IyG96BZdJe5WQDA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:03 2024 by rpki-client on console-fra.rpki-client.org