Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/imXKKifaefrCkGsNlBVYyLYDwxg.roa
File: imXKKifaefrCkGsNlBVYyLYDwxg.roa (raw, json)
Hash identifier: 182S0fNyWcuoevitey0hQzhjAnLSxp4I4cyVjI3vlL4=
Subject key identifier: 8A:65:CA:2A:27:DA:79:FA:C2:90:6B:0D:94:15:58:C8:B6:03:C3:18
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0189008225B0D21CE862B8F0BFAD7DE1CCD4
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/imXKKifaefrCkGsNlBVYyLYDwxg.roa
Signing time: Wed 28 Jun 2023 05:37:56 +0000
ROA not before: Wed 28 Jun 2023 05:37:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 37.235.48.0/24 maxlen: 24
89.31.120.0/24 maxlen: 24
89.31.121.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.121.0/24 maxlen: 24
91.132.92.0/24 maxlen: 24
91.132.93.0/24 maxlen: 24
91.132.95.0/24 maxlen: 24
158.255.208.0/24 maxlen: 24
158.255.213.0/24 maxlen: 24
158.255.214.0/24 maxlen: 24
158.255.215.0/24 maxlen: 24
185.26.239.0/24 maxlen: 24
149.154.157.0/24 maxlen: 24
149.154.158.0/24 maxlen: 24
149.154.159.0/24 maxlen: 24
151.236.15.0/24 maxlen: 24
151.236.16.0/24 maxlen: 24
151.236.17.0/24 maxlen: 24
151.236.18.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.21.0/24 maxlen: 24
151.236.22.0/24 maxlen: 24
151.236.25.0/24 maxlen: 24
46.183.187.0/24 maxlen: 24
92.243.64.0/24 maxlen: 24
103.57.248.0/24 maxlen: 24
103.57.249.0/24 maxlen: 24
103.57.251.0/24 maxlen: 24
2a03:f80:65::/48 maxlen: 48
2a03:f80:45::/48 maxlen: 48
2a03:f80:40::/48 maxlen: 48
2a03:f80:39::/48 maxlen: 48
2a03:f80:33::/48 maxlen: 48
2a03:f80:4416::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
2a03:f80:971::/48 maxlen: 48
2a03:f80:47::/48 maxlen: 48
2a03:f80:49::/48 maxlen: 48
2a03:f80:44::/48 maxlen: 48
2a03:f80:852::/48 maxlen: 48
2a03:f80:32::/48 maxlen: 48
2a03:f80:48::/48 maxlen: 48
2a03:f80:61::/48 maxlen: 48
2a03:f80:81::/48 maxlen: 48
2a03:f80:381::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:00:82:25:b0:d2:1c:e8:62:b8:f0:bf:ad:7d:e1:cc:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jun 28 05:37:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a65ca2a27da79fac2906b0d941558c8b603c318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e2:b8:49:fd:f0:de:85:7c:ca:56:da:11:11:
ac:2d:34:3b:4e:65:0c:0b:2e:8e:ec:d9:fc:b9:93:
cd:fa:f7:fc:b6:b9:bd:20:18:b6:ad:41:4a:03:8e:
c9:24:12:72:85:67:34:bd:6a:e6:d8:f8:fc:d1:33:
cb:1f:7c:68:5a:ef:e4:19:1b:60:dc:b8:9c:8e:3d:
28:60:5c:0c:8c:34:5e:2e:e1:57:4b:b2:f9:f4:83:
c5:2d:5b:34:d8:40:1f:38:38:ec:69:8a:bb:a8:0e:
23:4e:a8:5d:71:5d:1a:b5:53:8c:0b:83:0e:49:8c:
3d:4b:11:4a:2d:de:46:a8:93:a4:83:08:95:19:a4:
3f:fb:4a:9d:42:74:b8:09:c8:c9:1a:58:3c:df:ed:
5c:02:a6:6c:cd:64:87:63:9e:6d:b8:e8:0f:43:8d:
55:55:b9:d0:e6:28:5a:d1:ae:50:bf:5b:a6:23:00:
39:19:89:2d:b5:7e:09:a5:15:37:a4:b7:af:80:61:
74:fa:85:92:db:ec:ed:dd:04:1d:7b:d0:9d:99:94:
19:79:0c:40:f2:d8:31:58:ac:21:62:8a:69:2f:e3:
21:f4:46:07:23:70:7b:3b:e0:90:b0:36:93:b2:1a:
28:c0:10:b4:05:d1:93:df:0b:51:22:36:0d:29:56:
3e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:65:CA:2A:27:DA:79:FA:C2:90:6B:0D:94:15:58:C8:B6:03:C3:18
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/imXKKifaefrCkGsNlBVYyLYDwxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.48.0/24
46.183.187.0/24
83.243.120.0/23
89.31.120.0/23
89.31.123.0/24
91.132.92.0/23
91.132.95.0/24
92.243.64.0/24
103.57.248.0/23
103.57.251.0/24
149.154.157.0-149.154.159.255
151.236.15.0-151.236.18.255
151.236.20.0-151.236.22.255
151.236.25.0/24
158.255.208.0/24
158.255.213.0-158.255.215.255
185.26.239.0/24
IPv6:
2a03:f80:32::/47
2a03:f80:39::/48
2a03:f80:40::/48
2a03:f80:44::/47
2a03:f80:47::-2a03:f80:49:ffff:ffff:ffff:ffff:ffff
2a03:f80:61::/48
2a03:f80:65::/48
2a03:f80:81::/48
2a03:f80:381::/48
2a03:f80:852::/48
2a03:f80:971::/48
2a03:f80:4416::/48
2a03:f80:ed51::/48
Signature Algorithm: sha256WithRSAEncryption
ba:e4:82:ae:51:41:58:cb:52:ec:5a:9f:9e:18:0b:98:5e:3a:
fd:31:d6:e5:78:c5:6b:cc:ed:09:73:85:95:e5:54:94:b7:65:
8e:c9:89:7c:20:29:89:91:8d:84:ce:cc:cb:c8:e8:e5:40:5f:
57:a1:8a:58:7b:06:50:80:ba:51:85:b0:db:76:be:d7:84:e3:
82:48:fa:7a:1c:ac:44:88:96:43:26:50:40:02:4d:6a:a1:57:
86:c8:12:d9:ec:43:dd:81:fb:a2:bb:8b:16:9a:86:d0:a1:4d:
07:e3:71:cb:74:bd:b1:ca:5a:f3:c4:b1:d1:9b:13:a6:0b:1b:
3e:8d:aa:47:d6:a6:4f:e8:eb:4d:7d:6f:a1:c1:67:36:6c:05:
27:7e:75:eb:a0:40:a9:dc:e5:ff:d5:a7:c6:78:80:1e:3c:5d:
26:0a:75:5d:33:fe:08:c4:f4:63:01:b2:0f:95:c4:25:0c:8f:
0f:32:30:f6:9d:c7:c1:9e:f5:b7:d2:29:0a:4e:f2:53:3c:c2:
62:9c:12:e3:f8:71:45:3b:ad:e6:7f:53:0c:47:51:7a:56:0e:
17:d9:45:a3:ac:60:78:98:d4:83:f4:e0:97:40:7a:8a:65:a3:
98:46:2e:e1:82:3f:de:f4:89:4f:96:aa:78:31:82:46:9c:56:
59:94:a8:28
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAYkAgiWw0hzoYrjwv6194czUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwNjI4MDUzNzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTY1Y2EyYTI3ZGE3OWZhYzI5MDZiMGQ5NDE1NThjOGI2MDNjMzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOK4Sf3w3oV8ylbaERGsLTQ7TmUM
Cy6O7Nn8uZPN+vf8trm9IBi2rUFKA47JJBJyhWc0vWrm2Pj80TPLH3xoWu/kGRtg
3Licjj0oYFwMjDReLuFXS7L59IPFLVs02EAfODjsaYq7qA4jTqhdcV0atVOMC4MO
SYw9SxFKLd5GqJOkgwiVGaQ/+0qdQnS4CcjJGlg83+1cAqZszWSHY55tuOgPQ41V
VbnQ5iha0a5Qv1umIwA5GYkttX4JpRU3pLevgGF0+oWS2+zt3QQde9CdmZQZeQxA
8tgxWKwhYoppL+Mh9EYHI3B7O+CQsDaTshoowBC0BdGT3wtRIjYNKVY+zwIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFIplyion2nn6wpBrDZQVWMi2A8MYMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvaW1YS0tpZmFlZnJDa0dzTmxCVll5TFlEd3hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCBjQQCAAEwgYYD
BAAl6zADBAAut7sDBAFT83gDBAFZH3gDBABZH3sDBAFbhFwDBABbhF8DBABc80AD
BAFnOfgDBABnOfswDAMEAJWanQMEBZWagDAMAwQAl+wPAwQAl+wSMAwDBAKX7BQD
BACX7BYDBACX7BkDBACe/9AwDAMEAJ7/1QMEA57/0AMEALka7zCBhwQCAAIwgYAD
BwEqAw+AADIDBwAqAw+AADkDBwAqAw+AAEADBwEqAw+AAEQwEgMHACoDD4AARwMH
ASoDD4AASAMHACoDD4AAYQMHACoDD4AAZQMHACoDD4AAgQMHACoDD4ADgQMHACoD
D4AIUgMHACoDD4AJcQMHACoDD4BEFgMHACoDD4DtUTANBgkqhkiG9w0BAQsFAAOC
AQEAuuSCrlFBWMtS7FqfnhgLmF46/THW5XjFa8ztCXOFleVUlLdljsmJfCApiZGN
hM7My8jo5UBfV6GKWHsGUIC6UYWw23a+14Tjgkj6ehysRIiWQyZQQAJNaqFXhsgS
2exD3YH7oruLFpqG0KFNB+Nxy3S9scpa88Sx0ZsTpgsbPo2qR9amT+jrTX1vocFn
NmwFJ35166BAqdzl/9WnxniAHjxdJgp1XTP+CMT0YwGyD5XEJQyPDzIw9p3HwZ71
t9IpCk7yUzzCYpwS4/hxRTut5n9TDEdRelYOF9lFo6xgeJjUg/Tgl0B6imWjmEYu
4YI/3vSJT5aqeDGCRpxWWZSoKA==
-----END CERTIFICATE-----
Generated at Mon Nov 27 09:08:53 2023 by rpki-client on console-fra.rpki-client.org