Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/iCrZ7Qn9wUOCvWpSxvW5MPZJLEE.roa
File: iCrZ7Qn9wUOCvWpSxvW5MPZJLEE.roa (raw, json)
Hash identifier: qmvLYahnBEN6IZoghILHeakmIZYq/dwbTNF/tCFoiYk=
Subject key identifier: 88:2A:D9:ED:09:FD:C1:43:82:BD:6A:52:C6:F5:B9:30:F6:49:2C:41
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0191D67F679E283E6DD1A85D97D87125C4DB
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/iCrZ7Qn9wUOCvWpSxvW5MPZJLEE.roa
Signing time: Mon 09 Sep 2024 11:15:59 +0000
ROA not before: Mon 09 Sep 2024 11:15:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57169
IP address blocks: 5.180.114.0/24 maxlen: 24
37.235.48.0/20 maxlen: 20
37.235.50.0/23 maxlen: 23
37.235.50.0/24 maxlen: 24
37.235.52.0/24 maxlen: 24
37.235.56.0/24 maxlen: 24
37.235.57.0/24 maxlen: 24
37.235.58.0/24 maxlen: 24
37.235.59.0/24 maxlen: 24
37.235.60.0/24 maxlen: 24
37.235.61.0/24 maxlen: 24
37.235.62.0/24 maxlen: 24
37.235.63.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.122.0/24 maxlen: 24
83.243.123.0/24 maxlen: 24
84.247.61.0/24 maxlen: 24
86.106.119.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
91.132.94.0/24 maxlen: 24
91.227.204.0/23 maxlen: 23
91.227.204.0/24 maxlen: 24
91.227.205.0/24 maxlen: 24
92.243.66.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
103.57.250.0/24 maxlen: 24
134.255.210.0/24 maxlen: 24
149.154.152.0/24 maxlen: 24
149.154.153.0/24 maxlen: 24
149.154.154.0/24 maxlen: 24
149.154.155.0/24 maxlen: 24
149.154.156.0/24 maxlen: 24
151.236.0.0/19 maxlen: 19
151.236.0.0/24 maxlen: 24
151.236.1.0/24 maxlen: 24
151.236.2.0/24 maxlen: 24
151.236.3.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.5.0/24 maxlen: 24
151.236.6.0/24 maxlen: 24
151.236.7.0/24 maxlen: 24
151.236.8.0/24 maxlen: 24
151.236.9.0/24 maxlen: 24
151.236.10.0/24 maxlen: 24
151.236.11.0/24 maxlen: 24
151.236.12.0/24 maxlen: 24
151.236.13.0/24 maxlen: 24
151.236.14.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.26.0/23 maxlen: 23
151.236.28.0/24 maxlen: 24
151.236.30.0/24 maxlen: 24
158.255.209.0/24 maxlen: 24
158.255.210.0/24 maxlen: 24
158.255.211.0/24 maxlen: 24
158.255.212.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.237.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
188.214.33.0/24 maxlen: 24
188.214.34.0/24 maxlen: 24
188.214.38.0/24 maxlen: 24
213.183.54.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
213.183.56.0/24 maxlen: 24
213.183.57.0/24 maxlen: 24
2a03:f80::/29 maxlen: 29
2a03:f80:7::/48 maxlen: 48
2a03:f80:31::/48 maxlen: 48
2a03:f80:56::/48 maxlen: 48
2a03:f80:57::/48 maxlen: 48
2a03:f80:70::/48 maxlen: 48
2a03:f80:354::/48 maxlen: 48
2a03:f80:357::/48 maxlen: 48
2a03:f80:359::/48 maxlen: 48
2a03:f80:370::/48 maxlen: 48
2a03:f80:371::/48 maxlen: 48
2a03:f80:3991::/48 maxlen: 48
2a03:f80:ad15::/48 maxlen: 48
2a03:f80:ed15::/48 maxlen: 48
2a03:f80:ed16::/48 maxlen: 48
2a03:f80:ed17::/48 maxlen: 48
2a03:f80:ed31::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
2a03:f87:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 14 Sep 2024 10:27:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d6:7f:67:9e:28:3e:6d:d1:a8:5d:97:d8:71:25:c4:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Sep 9 11:15:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=882ad9ed09fdc14382bd6a52c6f5b930f6492c41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:41:0c:f6:5e:67:32:84:61:62:db:f3:eb:43:
cd:56:9c:3c:0f:8b:36:d1:b7:00:c2:e9:44:8d:a4:
9f:57:0e:9a:20:f7:fa:33:ad:8d:93:8a:07:27:5a:
b3:36:24:21:3e:09:2c:e0:f7:78:62:f8:78:de:a0:
e8:3f:c1:45:57:00:44:68:72:79:4d:e8:91:38:8c:
72:72:cb:ba:cd:73:a6:65:bb:92:20:b4:88:d7:11:
87:a5:8c:be:9f:4d:3e:17:86:5b:b9:f1:dc:7c:eb:
5b:86:7a:0c:36:c6:9a:21:e4:8f:92:da:0f:44:22:
3e:02:d3:45:6b:71:49:19:ef:74:0b:66:19:af:f4:
a1:86:cf:ab:74:60:32:5b:fb:6b:ef:3b:df:8f:17:
9d:43:e4:6c:78:a6:50:a0:31:4c:90:c0:51:85:53:
36:7e:2a:cb:c0:d8:e3:c9:79:10:a5:96:0d:d1:b4:
88:04:4e:dc:cb:14:0d:64:4a:77:77:6b:a0:e7:a3:
27:7a:0d:58:74:44:6a:67:e0:e5:47:09:93:9b:5e:
4f:19:17:ef:e6:b2:08:ee:af:45:0e:01:2c:af:b6:
65:0c:a2:ed:ea:11:69:6f:55:5d:6b:46:97:2e:41:
98:47:46:3c:96:53:3b:2a:09:0f:01:9b:91:71:00:
4c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:2A:D9:ED:09:FD:C1:43:82:BD:6A:52:C6:F5:B9:30:F6:49:2C:41
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/iCrZ7Qn9wUOCvWpSxvW5MPZJLEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.114.0/24
37.235.48.0/20
83.243.120.0/24
83.243.122.0/23
84.247.61.0/24
86.106.119.0/24
89.31.123.0/24
91.132.94.0/24
91.227.204.0/23
92.243.66.0/24
95.156.205.0/24
103.57.250.0/24
134.255.210.0/24
149.154.152.0-149.154.156.255
151.236.0.0/19
158.255.209.0-158.255.212.255
185.26.236.0-185.26.238.255
188.214.33.0-188.214.34.255
188.214.38.0/24
213.183.54.0-213.183.57.255
IPv6:
2a03:f80::/29
Signature Algorithm: sha256WithRSAEncryption
85:60:8e:c1:2b:ce:e3:12:0f:ea:f9:d0:a9:53:dd:7f:f6:00:
e7:3c:dd:92:71:71:83:f2:86:b2:33:25:c3:08:69:e9:9c:47:
f1:30:4c:39:4a:78:95:8d:04:6c:7a:b8:25:4e:9b:83:c6:ae:
5c:d1:85:8d:05:5b:90:53:19:a6:d5:30:b1:eb:00:12:57:c6:
07:e5:04:69:00:b9:16:dd:dc:36:63:80:3b:56:16:3b:82:cb:
c1:d0:be:a5:28:17:40:2c:b7:e3:8a:46:c1:52:6e:20:4b:9e:
63:0d:72:5e:a5:05:35:e1:24:52:ed:28:27:5f:f2:10:0d:77:
ae:63:26:04:b3:b5:ac:96:c7:c9:da:6b:77:fb:23:10:95:ca:
ad:0e:35:5c:b7:a7:7c:6e:d6:7c:2e:93:50:2e:94:d2:89:96:
56:ce:1d:51:fb:37:72:ba:eb:1b:84:42:97:d8:15:eb:c2:9a:
97:40:27:0c:94:5d:93:6f:1b:df:8c:94:64:97:91:8b:3f:85:
4c:c4:8a:43:d6:09:3a:b1:db:22:e4:d9:ac:a6:bb:79:34:d2:
b9:af:b5:19:85:03:91:b6:1f:37:ca:45:0d:06:68:e6:d4:85:
c4:75:1f:11:68:df:2d:29:31:c8:98:2d:82:44:13:53:10:0e:
3f:25:29:de
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAZHWf2eeKD5t0ahdl9hxJcTbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwOTA5MTExNTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODJhZDllZDA5ZmRjMTQzODJiZDZhNTJjNmY1YjkzMGY2NDkyYzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkEM9l5nMoRhYtvz60PNVpw8D4s2
0bcAwulEjaSfVw6aIPf6M62Nk4oHJ1qzNiQhPgks4Pd4Yvh43qDoP8FFVwBEaHJ5
TeiROIxycsu6zXOmZbuSILSI1xGHpYy+n00+F4ZbufHcfOtbhnoMNsaaIeSPktoP
RCI+AtNFa3FJGe90C2YZr/Shhs+rdGAyW/tr7zvfjxedQ+RseKZQoDFMkMBRhVM2
firLwNjjyXkQpZYN0bSIBE7cyxQNZEp3d2ug56Mneg1YdERqZ+DlRwmTm15PGRfv
5rII7q9FDgEsr7ZlDKLt6hFpb1Vda0aXLkGYR0Y8llM7KgkPAZuRcQBMYQIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFIgq2e0J/cFDgr1qUsb1uTD2SSxBMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvaUNyWjdRbjl3VU9DdldwU3h2VzVNUFpKTEVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHMBggrBgEFBQcBBwEB/wSBvDCBuTCBpwQCAAEwgaADBAAF
tHIDBAQl6zADBABT83gDBAFT83oDBABU9z0DBABWancDBABZH3sDBABbhF4DBAFb
48wDBABc80IDBABfnM0DBABnOfoDBACG/9IwDAMEA5WamAMEAJWanAMEBZfsADAM
AwQAnv/RAwQAnv/UMAwDBAK5GuwDBAC5Gu4wDAMEALzWIQMEALzWIgMEALzWJjAM
AwQB1bc2AwQB1bc4MA0EAgACMAcDBQMqAw+AMA0GCSqGSIb3DQEBCwUAA4IBAQCF
YI7BK87jEg/q+dCpU91/9gDnPN2ScXGD8oayMyXDCGnpnEfxMEw5SniVjQRsergl
TpuDxq5c0YWNBVuQUxmm1TCx6wASV8YH5QRpALkW3dw2Y4A7VhY7gsvB0L6lKBdA
LLfjikbBUm4gS55jDXJepQU14SRS7SgnX/IQDXeuYyYEs7WslsfJ2mt3+yMQlcqt
DjVct6d8btZ8LpNQLpTSiZZWzh1R+zdyuusbhEKX2BXrwpqXQCcMlF2TbxvfjJRk
l5GLP4VMxIpD1gk6sdsi5Nmsprt5NNK5r7UZhQORth83ykUNBmjm1IXEdR8RaN8t
KTHImC2CRBNTEA4/JSne
-----END CERTIFICATE-----
Generated at Sat Sep 14 13:22:19 2024 by rpki-client on console-fra.rpki-client.org