Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/nElxRbstnAZ60MhsejaYIDry_O8.roa
File: nElxRbstnAZ60MhsejaYIDry_O8.roa (raw, json)
Hash identifier: rixcteGZUJl5I6IAZ1oB6Qr/U76zZf8quOec+X1jyDI=
Subject key identifier: 9C:49:71:45:BB:2D:9C:06:7A:D0:C8:6C:7A:36:98:20:3A:F2:FC:EF
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 018CC6B94C92B7806977ED1F43FB702C8FF8
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/nElxRbstnAZ60MhsejaYIDry_O8.roa
Signing time: Mon 01 Jan 2024 20:31:21 +0000
ROA not before: Mon 01 Jan 2024 20:31:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57169
IP address blocks: 37.235.50.0/23 maxlen: 23
37.235.48.0/20 maxlen: 20
37.235.50.0/24 maxlen: 24
37.235.56.0/24 maxlen: 24
37.235.57.0/24 maxlen: 24
37.235.58.0/24 maxlen: 24
37.235.52.0/24 maxlen: 24
37.235.59.0/24 maxlen: 24
37.235.60.0/24 maxlen: 24
37.235.61.0/24 maxlen: 24
37.235.62.0/24 maxlen: 24
37.235.63.0/24 maxlen: 24
158.255.211.0/24 maxlen: 24
158.255.212.0/24 maxlen: 24
158.255.209.0/24 maxlen: 24
158.255.210.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.237.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
149.154.152.0/24 maxlen: 24
149.154.153.0/24 maxlen: 24
149.154.154.0/24 maxlen: 24
149.154.155.0/24 maxlen: 24
149.154.156.0/24 maxlen: 24
5.180.114.0/24 maxlen: 24
86.106.119.0/24 maxlen: 24
91.227.204.0/23 maxlen: 23
91.227.204.0/24 maxlen: 24
91.227.205.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.122.0/24 maxlen: 24
83.243.123.0/24 maxlen: 24
91.132.94.0/24 maxlen: 24
213.183.54.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
213.183.56.0/24 maxlen: 24
213.183.57.0/24 maxlen: 24
84.247.61.0/24 maxlen: 24
151.236.0.0/19 maxlen: 19
151.236.0.0/24 maxlen: 24
151.236.1.0/24 maxlen: 24
151.236.2.0/24 maxlen: 24
151.236.3.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.5.0/24 maxlen: 24
151.236.6.0/24 maxlen: 24
151.236.7.0/24 maxlen: 24
151.236.8.0/24 maxlen: 24
151.236.9.0/24 maxlen: 24
151.236.10.0/24 maxlen: 24
151.236.11.0/24 maxlen: 24
151.236.12.0/24 maxlen: 24
151.236.13.0/24 maxlen: 24
151.236.14.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.26.0/23 maxlen: 23
151.236.28.0/24 maxlen: 24
151.236.30.0/24 maxlen: 24
103.57.250.0/24 maxlen: 24
92.243.66.0/24 maxlen: 24
2a03:f80:359::/48 maxlen: 48
2a03:f80:56::/48 maxlen: 48
2a03:f80:ed16::/48 maxlen: 48
2a03:f80:371::/48 maxlen: 48
2a03:f80:ed31::/48 maxlen: 48
2a03:f80:31::/48 maxlen: 48
2a03:f87:ffff::/48 maxlen: 48
2a03:f80::/29 maxlen: 29
2a03:f80:57::/48 maxlen: 48
2a03:f80:ed17::/48 maxlen: 48
2a03:f80:354::/48 maxlen: 48
2a03:f80:3991::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
2a03:f80:7::/48 maxlen: 48
2a03:f80:ed15::/48 maxlen: 48
2a03:f80:ad15::/48 maxlen: 48
2a03:f80:70::/48 maxlen: 48
2a03:f80:370::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 15 Apr 2024 11:58:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:4c:92:b7:80:69:77:ed:1f:43:fb:70:2c:8f:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 20:31:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c497145bb2d9c067ad0c86c7a3698203af2fcef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:19:2a:0a:00:5a:fa:38:b7:d9:44:c5:80:a0:
66:6a:c3:7d:9d:49:9b:ba:fa:fb:2e:1b:80:2d:de:
af:23:f8:25:8e:53:6a:b4:b4:70:aa:5e:dd:c4:57:
42:a6:d8:54:6d:cc:9e:73:c8:9c:58:2c:70:bd:1f:
7f:42:59:8f:e8:6f:bb:45:fb:3c:63:20:79:b3:6e:
bb:d5:54:1d:95:1c:21:73:11:48:53:81:c7:eb:4b:
b8:8d:e0:fe:ff:7c:29:52:50:86:66:fa:2f:bb:4e:
d7:ae:58:92:a3:aa:55:33:02:e9:54:b1:24:a1:56:
8d:4d:58:61:e2:16:c1:d9:a7:cb:f5:49:bd:a9:e7:
f0:4f:8a:e5:54:66:1d:ff:8e:56:db:bc:1d:2b:68:
c4:de:4a:2e:e3:5f:31:14:89:59:1f:1b:89:a6:5a:
57:b1:ea:a0:f3:db:9a:34:18:2e:6a:6c:6e:02:be:
d7:2c:00:02:fb:36:aa:56:fb:88:a5:8b:dd:45:0b:
16:39:12:4f:67:c1:b8:a3:bd:48:c5:f0:00:06:c7:
2a:12:c8:48:7b:49:75:15:a0:3b:65:d5:fd:83:37:
73:9e:69:e4:04:46:bf:1a:61:f6:f4:1a:8a:8e:8d:
93:b4:5b:86:3e:19:a5:35:2d:8b:1a:4c:d9:71:04:
bb:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:49:71:45:BB:2D:9C:06:7A:D0:C8:6C:7A:36:98:20:3A:F2:FC:EF
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/nElxRbstnAZ60MhsejaYIDry_O8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.114.0/24
37.235.48.0/20
83.243.120.0/24
83.243.122.0/23
84.247.61.0/24
86.106.119.0/24
89.31.123.0/24
91.132.94.0/24
91.227.204.0/23
92.243.66.0/24
103.57.250.0/24
149.154.152.0-149.154.156.255
151.236.0.0/19
158.255.209.0-158.255.212.255
185.26.236.0-185.26.238.255
213.183.54.0-213.183.57.255
IPv6:
2a03:f80::/29
Signature Algorithm: sha256WithRSAEncryption
6e:f5:37:7f:2f:0b:7d:93:85:64:c5:3d:ba:50:17:fa:5e:e8:
32:93:e0:11:23:31:0d:ca:fb:ec:c4:74:c6:f2:09:17:ac:0d:
3b:c8:8e:0e:9a:d9:25:9d:7f:fe:e3:16:cb:50:b2:f2:7e:ca:
25:f5:9c:d8:07:3a:34:30:82:64:f3:39:36:f2:54:4c:45:8b:
f2:32:f5:2b:8d:f4:ea:c6:00:48:24:8c:26:f7:81:6b:7a:8d:
c5:27:4b:55:9d:61:56:b6:fc:93:f0:79:e0:c2:51:36:8c:e3:
bb:14:81:15:76:11:92:d8:50:f2:d9:db:11:07:8d:3b:5c:a9:
47:5d:aa:4d:c3:1d:df:2a:93:a4:6a:25:1d:fc:07:af:4e:bc:
0b:81:a9:f0:26:d2:c0:d3:df:a5:40:ec:80:49:fe:45:d8:89:
d5:f6:e0:45:d5:a5:67:ff:3f:a3:77:a3:7a:f5:87:33:96:af:
85:3b:68:b2:f0:88:d3:20:10:87:12:36:0f:f3:20:03:ed:4a:
90:6a:a8:b0:71:59:60:bc:ff:e8:49:ca:f0:e3:42:07:60:dc:
1c:cd:32:02:f9:18:ff:b0:5e:26:fd:0d:0c:4c:45:57:00:d0:
1b:3e:51:7a:2a:dc:0e:d6:05:dd:82:63:af:19:ca:c5:78:9d:
45:54:2e:77
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAYzGuUySt4Bpd+0fQ/twLI/4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwMTAxMjAzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzQ5NzE0NWJiMmQ5YzA2N2FkMGM4NmM3YTM2OTgyMDNhZjJmY2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhkqCgBa+ji32UTFgKBmasN9nUmb
uvr7LhuALd6vI/gljlNqtLRwql7dxFdCpthUbcyec8icWCxwvR9/QlmP6G+7Rfs8
YyB5s2671VQdlRwhcxFIU4HH60u4jeD+/3wpUlCGZvovu07XrliSo6pVMwLpVLEk
oVaNTVhh4hbB2afL9Um9qefwT4rlVGYd/45W27wdK2jE3kou418xFIlZHxuJplpX
seqg89uaNBguamxuAr7XLAAC+zaqVvuIpYvdRQsWORJPZ8G4o71IxfAABscqEshI
e0l1FaA7ZdX9gzdznmnkBEa/GmH29BqKjo2TtFuGPhmlNS2LGkzZcQS75QIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFJxJcUW7LZwGetDIbHo2mCA68vzvMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvbkVseFJic3RuQVo2ME1oc2VqYVlJRHJ5X084LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBhwQCAAEwgYADBAAF
tHIDBAQl6zADBABT83gDBAFT83oDBABU9z0DBABWancDBABZH3sDBABbhF4DBAFb
48wDBABc80IDBABnOfowDAMEA5WamAMEAJWanAMEBZfsADAMAwQAnv/RAwQAnv/U
MAwDBAK5GuwDBAC5Gu4wDAMEAdW3NgMEAdW3ODANBAIAAjAHAwUDKgMPgDANBgkq
hkiG9w0BAQsFAAOCAQEAbvU3fy8LfZOFZMU9ulAX+l7oMpPgESMxDcr77MR0xvIJ
F6wNO8iODprZJZ1//uMWy1Cy8n7KJfWc2Ac6NDCCZPM5NvJUTEWL8jL1K4306sYA
SCSMJveBa3qNxSdLVZ1hVrb8k/B54MJRNozjuxSBFXYRkthQ8tnbEQeNO1ypR12q
TcMd3yqTpGolHfwHr068C4Gp8CbSwNPfpUDsgEn+RdiJ1fbgRdWlZ/8/o3ejevWH
M5avhTtosvCI0yAQhxI2D/MgA+1KkGqosHFZYLz/6EnK8ONCB2DcHM0yAvkY/7Be
Jv0NDExFVwDQGz5ReircDtYF3YJjrxnKxXidRVQudw==
-----END CERTIFICATE-----
Generated at Mon Apr 15 15:28:27 2024 by rpki-client on console-fra.rpki-client.org