Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/c8gQ0eWdPCqak6zbeCwkW3d02HE.roa
File: c8gQ0eWdPCqak6zbeCwkW3d02HE.roa (raw, json)
Hash identifier: uZp9dDbE73OLy+UGS1bPJCWGgWL3BG5759hbMW5ITq0=
Subject key identifier: 73:C8:10:D1:E5:9D:3C:2A:9A:93:AC:DB:78:2C:24:5B:77:74:D8:71
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0191F01317D305BF3A99F44D0F63A6C929F8
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/c8gQ0eWdPCqak6zbeCwkW3d02HE.roa
Signing time: Sat 14 Sep 2024 10:27:48 +0000
ROA not before: Sat 14 Sep 2024 10:27:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57169
IP address blocks: 5.180.114.0/24 maxlen: 24
37.235.48.0/20 maxlen: 20
37.235.50.0/23 maxlen: 23
37.235.50.0/24 maxlen: 24
37.235.52.0/24 maxlen: 24
37.235.56.0/24 maxlen: 24
37.235.57.0/24 maxlen: 24
37.235.58.0/24 maxlen: 24
37.235.59.0/24 maxlen: 24
37.235.60.0/24 maxlen: 24
37.235.61.0/24 maxlen: 24
37.235.62.0/24 maxlen: 24
37.235.63.0/24 maxlen: 24
45.153.125.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.122.0/24 maxlen: 24
83.243.123.0/24 maxlen: 24
84.247.61.0/24 maxlen: 24
86.106.119.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
91.132.94.0/24 maxlen: 24
91.227.204.0/23 maxlen: 23
91.227.204.0/24 maxlen: 24
91.227.205.0/24 maxlen: 24
92.243.66.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
103.57.250.0/24 maxlen: 24
134.255.210.0/24 maxlen: 24
149.154.152.0/24 maxlen: 24
149.154.153.0/24 maxlen: 24
149.154.154.0/24 maxlen: 24
149.154.155.0/24 maxlen: 24
149.154.156.0/24 maxlen: 24
151.236.0.0/19 maxlen: 19
151.236.0.0/24 maxlen: 24
151.236.1.0/24 maxlen: 24
151.236.2.0/24 maxlen: 24
151.236.3.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.5.0/24 maxlen: 24
151.236.6.0/24 maxlen: 24
151.236.7.0/24 maxlen: 24
151.236.8.0/24 maxlen: 24
151.236.9.0/24 maxlen: 24
151.236.10.0/24 maxlen: 24
151.236.11.0/24 maxlen: 24
151.236.12.0/24 maxlen: 24
151.236.13.0/24 maxlen: 24
151.236.14.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.26.0/23 maxlen: 23
151.236.28.0/24 maxlen: 24
151.236.30.0/24 maxlen: 24
158.255.209.0/24 maxlen: 24
158.255.210.0/24 maxlen: 24
158.255.211.0/24 maxlen: 24
158.255.212.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.237.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
188.214.33.0/24 maxlen: 24
188.214.34.0/24 maxlen: 24
188.214.38.0/24 maxlen: 24
213.183.54.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
213.183.56.0/24 maxlen: 24
213.183.57.0/24 maxlen: 24
2a03:f80::/29 maxlen: 29
2a03:f80:7::/48 maxlen: 48
2a03:f80:31::/48 maxlen: 48
2a03:f80:56::/48 maxlen: 48
2a03:f80:57::/48 maxlen: 48
2a03:f80:70::/48 maxlen: 48
2a03:f80:354::/48 maxlen: 48
2a03:f80:357::/48 maxlen: 48
2a03:f80:359::/48 maxlen: 48
2a03:f80:370::/48 maxlen: 48
2a03:f80:371::/48 maxlen: 48
2a03:f80:3991::/48 maxlen: 48
2a03:f80:ad15::/48 maxlen: 48
2a03:f80:ed15::/48 maxlen: 48
2a03:f80:ed16::/48 maxlen: 48
2a03:f80:ed17::/48 maxlen: 48
2a03:f80:ed31::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
2a03:f87:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 16 Sep 2024 08:18:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f0:13:17:d3:05:bf:3a:99:f4:4d:0f:63:a6:c9:29:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Sep 14 10:27:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73c810d1e59d3c2a9a93acdb782c245b7774d871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:74:7e:5c:2e:48:7f:63:6c:94:bd:2f:86:34:
e1:bb:96:d9:3f:55:4f:42:98:c2:26:bc:93:ed:60:
db:9f:ba:22:a9:8d:e9:15:d4:12:c5:df:96:69:ce:
01:13:1d:ac:fb:20:3d:ef:f3:c4:94:82:32:38:75:
69:4c:c7:28:92:c2:fe:9b:e5:8d:c0:ed:25:72:6c:
31:c2:b1:b7:b0:fc:07:5d:c6:d5:50:d6:76:63:60:
e6:46:59:a6:f3:aa:c7:6c:f5:23:ce:d4:df:09:67:
2e:ec:38:01:09:62:29:74:8e:11:45:02:9b:75:67:
bc:7b:7e:2c:26:98:f1:2a:6e:97:53:49:93:95:ec:
b6:40:9e:c5:e8:1a:eb:86:72:a5:76:9b:84:96:79:
8a:9a:a7:9b:37:cc:bb:33:29:c8:3b:e8:39:ee:8d:
cf:6e:66:75:d6:3d:98:8d:fc:d3:0b:ba:5e:1a:2f:
62:7e:8b:80:40:2c:5f:ac:53:b1:2b:da:fe:d9:1e:
7c:65:56:3a:87:f5:12:0b:bd:7a:ed:a2:59:3a:48:
74:d4:2a:8b:17:da:c8:50:93:f3:9d:16:d0:45:97:
f0:24:eb:8b:a2:3b:3e:8c:e7:ec:9b:fa:f8:cd:64:
7c:14:6f:52:42:fb:b6:18:0c:7a:32:64:d5:8e:58:
09:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:C8:10:D1:E5:9D:3C:2A:9A:93:AC:DB:78:2C:24:5B:77:74:D8:71
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/c8gQ0eWdPCqak6zbeCwkW3d02HE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.114.0/24
37.235.48.0/20
45.153.125.0/24
83.243.120.0/24
83.243.122.0/23
84.247.61.0/24
86.106.119.0/24
89.31.123.0/24
91.132.94.0/24
91.227.204.0/23
92.243.66.0/24
95.156.205.0/24
103.57.250.0/24
134.255.210.0/24
149.154.152.0-149.154.156.255
151.236.0.0/19
158.255.209.0-158.255.212.255
185.26.236.0-185.26.238.255
188.214.33.0-188.214.34.255
188.214.38.0/24
213.183.54.0-213.183.57.255
IPv6:
2a03:f80::/29
Signature Algorithm: sha256WithRSAEncryption
56:28:4d:7e:c3:20:b2:b5:5a:bd:2d:17:c2:b3:bd:33:75:a2:
d5:88:ee:9f:13:22:a9:de:c2:03:48:7d:f7:9a:9c:19:71:e9:
50:70:3c:09:3c:c5:86:88:21:a7:fa:38:9a:ad:72:3d:db:73:
2b:44:9f:aa:70:b9:d2:db:a4:db:c8:df:bf:6c:12:48:fc:e2:
f0:5d:01:38:3b:45:77:79:7d:39:d0:6c:0f:d9:8d:cd:90:41:
d6:bf:bf:18:16:c6:0c:65:65:21:d3:6f:9d:e1:1d:d3:df:19:
01:8d:88:13:7e:38:ee:88:42:09:86:db:d2:f6:fd:e7:6e:31:
a7:cd:2d:c9:14:a2:6c:e0:34:df:ce:39:d8:58:61:21:a1:99:
88:70:dd:e3:9f:3a:a6:0a:ae:e1:88:81:e9:49:52:a8:00:9d:
d7:dd:df:fb:c4:1a:cd:40:f8:84:d7:ad:70:8c:71:b2:b7:79:
50:92:b2:90:98:50:8d:a4:bd:49:d0:e8:ee:7f:9d:b3:11:40:
0b:2c:c5:60:2f:6d:06:d5:6b:30:3f:ff:0b:d4:39:e5:82:a0:
fb:a7:05:1e:12:31:77:49:6a:1c:35:ea:18:b7:06:80:69:64:
cf:54:56:46:26:2d:00:0d:80:b4:89:47:4e:87:8a:a5:bf:fe:
b7:de:0c:f7
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgISAZHwExfTBb86mfRND2OmySn4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwOTE0MTAyNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2M4MTBkMWU1OWQzYzJhOWE5M2FjZGI3ODJjMjQ1Yjc3NzRkODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHR+XC5If2NslL0vhjThu5bZP1VP
QpjCJryT7WDbn7oiqY3pFdQSxd+Wac4BEx2s+yA97/PElIIyOHVpTMcoksL+m+WN
wO0lcmwxwrG3sPwHXcbVUNZ2Y2DmRlmm86rHbPUjztTfCWcu7DgBCWIpdI4RRQKb
dWe8e34sJpjxKm6XU0mTley2QJ7F6BrrhnKldpuElnmKmqebN8y7MynIO+g57o3P
bmZ11j2YjfzTC7peGi9ifouAQCxfrFOxK9r+2R58ZVY6h/USC7167aJZOkh01CqL
F9rIUJPznRbQRZfwJOuLojs+jOfsm/r4zWR8FG9SQvu2GAx6MmTVjlgJXwIDAQAB
o4ICvTCCArkwHQYDVR0OBBYEFHPIENHlnTwqmpOs23gsJFt3dNhxMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvYzhnUTBlV2RQQ3FhazZ6YmVDd2tXM2QwMkhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHSBggrBgEFBQcBBwEB/wSBwjCBvzCBrQQCAAEwgaYDBAAF
tHIDBAQl6zADBAAtmX0DBABT83gDBAFT83oDBABU9z0DBABWancDBABZH3sDBABb
hF4DBAFb48wDBABc80IDBABfnM0DBABnOfoDBACG/9IwDAMEA5WamAMEAJWanAME
BZfsADAMAwQAnv/RAwQAnv/UMAwDBAK5GuwDBAC5Gu4wDAMEALzWIQMEALzWIgME
ALzWJjAMAwQB1bc2AwQB1bc4MA0EAgACMAcDBQMqAw+AMA0GCSqGSIb3DQEBCwUA
A4IBAQBWKE1+wyCytVq9LRfCs70zdaLViO6fEyKp3sIDSH33mpwZcelQcDwJPMWG
iCGn+jiarXI923MrRJ+qcLnS26TbyN+/bBJI/OLwXQE4O0V3eX050GwP2Y3NkEHW
v78YFsYMZWUh02+d4R3T3xkBjYgTfjjuiEIJhtvS9v3nbjGnzS3JFKJs4DTfzjnY
WGEhoZmIcN3jnzqmCq7hiIHpSVKoAJ3X3d/7xBrNQPiE161wjHGyt3lQkrKQmFCN
pL1J0Ojuf52zEUALLMVgL20G1WswP/8L1DnlgqD7pwUeEjF3SWocNeoYtwaAaWTP
VFZGJi0ADYC0iUdOh4qlv/633gz3
-----END CERTIFICATE-----
Generated at Mon Sep 16 11:17:36 2024 by rpki-client on console-ams.rpki-client.org