Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/oOIE5SKnz1mcbG8p3UuMoJZI47Q.roa
File: oOIE5SKnz1mcbG8p3UuMoJZI47Q.roa (raw, json)
Hash identifier: nG1fMMt0vHCguW8rON8OfTJfkZOyulXrCqpVZS1JEgg=
Subject key identifier: A0:E2:04:E5:22:A7:CF:59:9C:6C:6F:29:DD:4B:8C:A0:96:48:E3:B4
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 018DC1C6699381E3CBAAFB15AD2055F2DB6E
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/oOIE5SKnz1mcbG8p3UuMoJZI47Q.roa
Signing time: Mon 19 Feb 2024 14:30:22 +0000
ROA not before: Mon 19 Feb 2024 14:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 37.235.48.0/24 maxlen: 24
37.235.51.0/24 maxlen: 24
46.183.187.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.121.0/24 maxlen: 24
89.31.120.0/24 maxlen: 24
89.31.121.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
91.132.92.0/24 maxlen: 24
91.132.93.0/24 maxlen: 24
91.132.95.0/24 maxlen: 24
92.243.64.0/24 maxlen: 24
103.57.248.0/24 maxlen: 24
103.57.249.0/24 maxlen: 24
103.57.251.0/24 maxlen: 24
134.255.211.0/24 maxlen: 24
149.154.157.0/24 maxlen: 24
149.154.158.0/24 maxlen: 24
149.154.159.0/24 maxlen: 24
151.236.15.0/24 maxlen: 24
151.236.16.0/24 maxlen: 24
151.236.17.0/24 maxlen: 24
151.236.18.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.21.0/24 maxlen: 24
151.236.22.0/24 maxlen: 24
151.236.25.0/24 maxlen: 24
158.255.208.0/24 maxlen: 24
158.255.213.0/24 maxlen: 24
158.255.214.0/24 maxlen: 24
158.255.215.0/24 maxlen: 24
176.126.99.0/24 maxlen: 24
185.26.239.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
2a03:f80:32::/48 maxlen: 48
2a03:f80:33::/48 maxlen: 48
2a03:f80:39::/48 maxlen: 48
2a03:f80:40::/48 maxlen: 48
2a03:f80:44::/48 maxlen: 48
2a03:f80:45::/48 maxlen: 48
2a03:f80:47::/48 maxlen: 48
2a03:f80:48::/48 maxlen: 48
2a03:f80:49::/48 maxlen: 48
2a03:f80:61::/48 maxlen: 48
2a03:f80:65::/48 maxlen: 48
2a03:f80:81::/48 maxlen: 48
2a03:f80:381::/48 maxlen: 48
2a03:f80:852::/48 maxlen: 48
2a03:f80:971::/48 maxlen: 48
2a03:f80:4416::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 26 Feb 2024 09:35:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c1:c6:69:93:81:e3:cb:aa:fb:15:ad:20:55:f2:db:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Feb 19 14:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0e204e522a7cf599c6c6f29dd4b8ca09648e3b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:47:37:ac:99:3a:d7:9e:df:ac:72:91:60:d2:
20:83:7b:2d:7d:df:ee:ac:a4:dc:58:4f:23:4c:9a:
de:fe:9e:fb:b8:cc:84:b9:c6:51:aa:0f:9a:b9:9f:
97:57:91:55:44:b0:40:19:18:06:6d:a0:34:59:36:
43:47:ed:42:51:83:fe:54:d0:04:06:8c:9a:73:df:
2e:65:40:2b:83:ec:65:25:1c:62:09:d0:db:1d:63:
b5:25:b5:9d:9d:2c:a6:91:ef:f7:44:71:0b:c4:d5:
d2:8e:40:a5:32:d5:27:c2:94:02:1f:bc:7c:92:e2:
42:33:74:ba:6f:6f:1a:8e:49:19:9a:47:e9:59:19:
9f:50:76:e4:c6:16:3f:af:34:96:a4:88:03:b4:a6:
4a:ab:43:7f:b6:bd:83:9c:40:0d:09:8d:46:3e:ba:
46:83:2c:a4:d4:b0:4b:aa:ed:79:24:58:f2:66:6e:
0f:7d:3c:b6:9f:71:6d:f8:fd:05:7b:52:37:0f:4f:
60:1a:a0:e8:2c:11:ab:c7:ab:b1:15:e9:72:32:06:
d7:60:53:32:82:1f:de:74:86:d5:f9:4e:0e:5a:96:
ef:09:b9:ab:c7:b1:57:f2:f3:a2:85:e4:3c:60:15:
f6:d4:66:74:a9:26:16:b6:6d:0a:78:93:f3:b3:a5:
8e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:E2:04:E5:22:A7:CF:59:9C:6C:6F:29:DD:4B:8C:A0:96:48:E3:B4
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/oOIE5SKnz1mcbG8p3UuMoJZI47Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.48.0/24
37.235.51.0/24
46.183.187.0/24
83.243.120.0/23
89.31.120.0/23
89.31.123.0/24
91.132.92.0/23
91.132.95.0/24
92.243.64.0/24
103.57.248.0/23
103.57.251.0/24
134.255.211.0/24
149.154.157.0-149.154.159.255
151.236.15.0-151.236.18.255
151.236.20.0-151.236.22.255
151.236.25.0/24
158.255.208.0/24
158.255.213.0-158.255.215.255
176.126.99.0/24
185.26.239.0/24
185.76.78.0/23
IPv6:
2a03:f80:32::/47
2a03:f80:39::/48
2a03:f80:40::/48
2a03:f80:44::/47
2a03:f80:47::-2a03:f80:49:ffff:ffff:ffff:ffff:ffff
2a03:f80:61::/48
2a03:f80:65::/48
2a03:f80:81::/48
2a03:f80:381::/48
2a03:f80:852::/48
2a03:f80:971::/48
2a03:f80:4416::/48
2a03:f80:ed51::/48
Signature Algorithm: sha256WithRSAEncryption
7c:27:45:66:2d:ac:ee:5b:32:d7:f4:67:01:74:2e:f8:58:b1:
92:95:9d:e8:c3:9f:77:bb:46:b1:6e:ea:94:32:d6:03:1a:d5:
50:5a:6e:f0:a1:0f:a2:5d:60:fd:9f:9c:c5:a2:37:51:c6:97:
87:6c:7d:4c:b8:c1:10:b4:d4:e1:34:4e:5e:6a:a0:04:4a:23:
2a:7c:13:a4:9f:89:24:8b:fb:a7:1b:4c:a6:77:53:50:aa:3a:
e3:a1:13:53:14:7c:aa:81:9a:2c:29:f6:cc:27:a7:f4:43:5a:
fb:dc:0b:c6:c9:c0:32:4f:e6:13:32:48:38:b1:cd:7b:d0:ca:
c7:0a:44:a4:fb:36:04:f1:bb:95:d8:df:ea:8f:63:c3:b8:4c:
84:ea:17:da:47:e5:28:9e:7c:2e:dc:f4:72:f8:3f:fc:37:cf:
28:cd:9c:de:37:fa:a3:f9:76:15:ad:44:51:27:36:19:29:25:
f2:fa:68:95:2b:d3:36:20:19:3f:b0:36:b8:1d:6a:88:f9:09:
81:bd:15:36:28:6b:df:ce:15:e3:42:5e:33:02:b5:9e:f0:bc:
c6:2a:b3:f6:74:39:3d:c7:92:1a:5a:cc:d0:ea:0b:70:d5:d5:
2f:dd:40:e8:9a:ba:2b:94:06:b4:02:eb:e3:c1:9d:a2:00:af:
46:70:ff:11
-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgISAY3BxmmTgePLqvsVrSBV8ttuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwMjE5MTQzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGUyMDRlNTIyYTdjZjU5OWM2YzZmMjlkZDRiOGNhMDk2NDhlM2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikc3rJk6157frHKRYNIgg3stfd/u
rKTcWE8jTJre/p77uMyEucZRqg+auZ+XV5FVRLBAGRgGbaA0WTZDR+1CUYP+VNAE
Boyac98uZUArg+xlJRxiCdDbHWO1JbWdnSymke/3RHELxNXSjkClMtUnwpQCH7x8
kuJCM3S6b28ajkkZmkfpWRmfUHbkxhY/rzSWpIgDtKZKq0N/tr2DnEANCY1GPrpG
gyyk1LBLqu15JFjyZm4PfTy2n3Ft+P0Fe1I3D09gGqDoLBGrx6uxFelyMgbXYFMy
gh/edIbV+U4OWpbvCbmrx7FX8vOiheQ8YBX21GZ0qSYWtm0KeJPzs6WObwIDAQAB
o4IDMzCCAy8wHQYDVR0OBBYEFKDiBOUip89ZnGxvKd1LjKCWSOO0MB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvb09JRTVTS256MW1jYkc4cDNVdU1vSlpJNDdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRwYIKwYBBQUHAQcBAf8EggE2MIIBMjCBpQQCAAEwgZ4D
BAAl6zADBAAl6zMDBAAut7sDBAFT83gDBAFZH3gDBABZH3sDBAFbhFwDBABbhF8D
BABc80ADBAFnOfgDBABnOfsDBACG/9MwDAMEAJWanQMEBZWagDAMAwQAl+wPAwQA
l+wSMAwDBAKX7BQDBACX7BYDBACX7BkDBACe/9AwDAMEAJ7/1QMEA57/0AMEALB+
YwMEALka7wMEAblMTjCBhwQCAAIwgYADBwEqAw+AADIDBwAqAw+AADkDBwAqAw+A
AEADBwEqAw+AAEQwEgMHACoDD4AARwMHASoDD4AASAMHACoDD4AAYQMHACoDD4AA
ZQMHACoDD4AAgQMHACoDD4ADgQMHACoDD4AIUgMHACoDD4AJcQMHACoDD4BEFgMH
ACoDD4DtUTANBgkqhkiG9w0BAQsFAAOCAQEAfCdFZi2s7lsy1/RnAXQu+FixkpWd
6MOfd7tGsW7qlDLWAxrVUFpu8KEPol1g/Z+cxaI3UcaXh2x9TLjBELTU4TROXmqg
BEojKnwTpJ+JJIv7pxtMpndTUKo646ETUxR8qoGaLCn2zCen9ENa+9wLxsnAMk/m
EzJIOLHNe9DKxwpEpPs2BPG7ldjf6o9jw7hMhOoX2kflKJ58Ltz0cvg//DfPKM2c
3jf6o/l2Fa1EUSc2GSkl8vpolSvTNiAZP7A2uB1qiPkJgb0VNihr384V40JeMwK1
nvC8xiqz9nQ5PceSGlrM0OoLcNXVL91A6Jq6K5QGtALr48GdogCvRnD/EQ==
-----END CERTIFICATE-----
Generated at Mon Feb 26 14:29:22 2024 by rpki-client on console-fra.rpki-client.org