Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/qA4T-VLDwLTBBl31AaBRufRW1FM.roa
File: qA4T-VLDwLTBBl31AaBRufRW1FM.roa (raw, json)
Hash identifier: jdtZJKdMVQOdz7EIK/YDO2zVwffNv661EGZGdMGffM0=
Subject key identifier: A8:0E:13:F9:52:C3:C0:B4:C1:06:5D:F5:01:A0:51:B9:F4:56:D4:53
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 018C8656739BFCF4D27247B87F84AA4135F5
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/qA4T-VLDwLTBBl31AaBRufRW1FM.roa
Signing time: Wed 20 Dec 2023 08:27:41 +0000
ROA not before: Wed 20 Dec 2023 08:27:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57169
IP address blocks: 37.235.50.0/23 maxlen: 23
37.235.48.0/20 maxlen: 20
37.235.50.0/24 maxlen: 24
37.235.56.0/24 maxlen: 24
37.235.57.0/24 maxlen: 24
37.235.58.0/24 maxlen: 24
37.235.52.0/24 maxlen: 24
37.235.59.0/24 maxlen: 24
37.235.60.0/24 maxlen: 24
37.235.61.0/24 maxlen: 24
37.235.62.0/24 maxlen: 24
37.235.63.0/24 maxlen: 24
158.255.211.0/24 maxlen: 24
158.255.212.0/24 maxlen: 24
158.255.209.0/24 maxlen: 24
158.255.210.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.237.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
149.154.152.0/24 maxlen: 24
149.154.153.0/24 maxlen: 24
149.154.154.0/24 maxlen: 24
149.154.155.0/24 maxlen: 24
149.154.156.0/24 maxlen: 24
5.180.114.0/24 maxlen: 24
86.106.119.0/24 maxlen: 24
91.227.204.0/23 maxlen: 23
91.227.204.0/24 maxlen: 24
91.227.205.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.122.0/24 maxlen: 24
83.243.123.0/24 maxlen: 24
91.132.94.0/24 maxlen: 24
213.183.54.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
213.183.56.0/24 maxlen: 24
213.183.57.0/24 maxlen: 24
84.247.61.0/24 maxlen: 24
151.236.0.0/19 maxlen: 19
151.236.0.0/24 maxlen: 24
151.236.1.0/24 maxlen: 24
151.236.2.0/24 maxlen: 24
151.236.3.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.5.0/24 maxlen: 24
151.236.6.0/24 maxlen: 24
151.236.7.0/24 maxlen: 24
151.236.8.0/24 maxlen: 24
151.236.9.0/24 maxlen: 24
151.236.10.0/24 maxlen: 24
151.236.11.0/24 maxlen: 24
151.236.12.0/24 maxlen: 24
151.236.13.0/24 maxlen: 24
151.236.14.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.26.0/23 maxlen: 23
151.236.28.0/24 maxlen: 24
151.236.30.0/24 maxlen: 24
103.57.250.0/24 maxlen: 24
92.243.66.0/24 maxlen: 24
2a03:f80:359::/48 maxlen: 48
2a03:f80:56::/48 maxlen: 48
2a03:f80:ed16::/48 maxlen: 48
2a03:f80:371::/48 maxlen: 48
2a03:f80:ed31::/48 maxlen: 48
2a03:f80:31::/48 maxlen: 48
2a03:f87:ffff::/48 maxlen: 48
2a03:f80::/29 maxlen: 29
2a03:f80:57::/48 maxlen: 48
2a03:f80:ed17::/48 maxlen: 48
2a03:f80:354::/48 maxlen: 48
2a03:f80:3991::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
2a03:f80:7::/48 maxlen: 48
2a03:f80:ed15::/48 maxlen: 48
2a03:f80:ad15::/48 maxlen: 48
2a03:f80:70::/48 maxlen: 48
2a03:f80:370::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:86:56:73:9b:fc:f4:d2:72:47:b8:7f:84:aa:41:35:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Dec 20 08:27:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a80e13f952c3c0b4c1065df501a051b9f456d453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:df:84:37:24:ae:80:c7:66:99:f7:07:eb:da:
08:4d:fb:15:cd:6b:67:32:20:ee:57:9c:5b:7b:9c:
fb:a7:96:1e:e6:76:9e:84:07:90:6b:e5:3d:e7:db:
25:ad:06:63:97:cd:58:8a:d1:b6:bc:5c:65:04:40:
9d:f9:2c:89:bd:f3:f4:4a:2b:ed:41:a4:07:f0:7c:
74:9f:bc:5f:93:b6:4b:81:07:bc:31:49:85:55:b5:
7c:2d:28:ce:1b:79:2e:08:1c:b4:ed:ba:ed:f3:0c:
09:93:01:c9:36:74:3f:e3:f5:ab:26:f2:c1:66:cc:
e6:a9:2e:f2:1d:e1:e5:58:19:5a:76:19:d7:20:2b:
ed:95:82:3c:ab:21:86:5a:23:28:98:aa:f4:ea:59:
91:69:bf:f0:cf:20:f2:64:7c:07:12:91:12:83:1a:
03:d7:4f:1d:13:35:38:fc:a8:7b:df:3f:2f:1c:ec:
d4:ce:50:6f:89:36:51:36:8c:10:3d:5a:ed:46:d7:
b0:66:26:a1:ff:56:0f:7c:1c:f8:33:80:59:44:15:
52:6b:3b:4d:e7:c4:51:a9:13:1a:53:c3:12:e6:72:
53:ca:d4:00:58:ce:b7:b1:e7:83:a1:75:29:76:30:
68:14:08:c7:43:bd:7d:ab:da:9d:e2:d8:08:e3:a0:
1d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:0E:13:F9:52:C3:C0:B4:C1:06:5D:F5:01:A0:51:B9:F4:56:D4:53
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/qA4T-VLDwLTBBl31AaBRufRW1FM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.114.0/24
37.235.48.0/20
83.243.120.0/24
83.243.122.0/23
84.247.61.0/24
86.106.119.0/24
89.31.123.0/24
91.132.94.0/24
91.227.204.0/23
92.243.66.0/24
103.57.250.0/24
149.154.152.0-149.154.156.255
151.236.0.0/19
158.255.209.0-158.255.212.255
185.26.236.0-185.26.238.255
213.183.54.0-213.183.57.255
IPv6:
2a03:f80::/29
Signature Algorithm: sha256WithRSAEncryption
74:70:6b:27:a5:a8:b2:f5:23:91:f5:88:45:36:04:b6:a9:18:
25:3a:8f:d6:e6:ac:59:a8:e8:61:a3:34:99:e5:c6:81:67:7d:
e8:be:9a:b0:66:02:52:7e:80:39:00:92:67:71:cd:87:9f:55:
be:a9:16:c2:7d:8d:5e:20:5a:12:ed:6e:e6:f8:ca:1c:70:b2:
ec:3b:b1:b8:85:31:e7:44:51:7b:39:0b:28:64:bb:f2:54:84:
fa:d8:ce:ad:09:cc:8f:8b:43:76:98:3f:be:82:95:c5:88:5d:
64:63:bc:ca:ba:9a:b7:98:4f:25:3f:5d:22:d8:a7:6d:8b:ff:
3c:c2:f5:1e:e2:78:4b:19:47:4f:70:dc:04:e0:a5:d6:1e:66:
6f:b5:72:ba:3e:91:54:8b:e5:75:aa:ba:28:d0:f5:1f:37:8f:
f2:a0:fd:2a:91:34:dc:40:f5:0f:ab:5c:69:3f:0e:6f:7f:54:
2e:dd:6a:a0:3b:b9:15:20:f3:61:68:03:5d:03:f6:50:82:31:
d1:92:63:0e:1e:2c:4b:f7:27:45:0b:c5:21:76:2f:bc:fe:09:
ba:b2:d2:2e:57:35:73:0d:7b:a7:bc:e3:e3:75:0d:3c:00:39:
01:3a:50:ab:5d:3c:f9:62:de:8c:10:e3:bb:b0:45:da:56:d7:
b7:3e:36:69
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAYyGVnOb/PTScke4f4SqQTX1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMxMjIwMDgyNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODBlMTNmOTUyYzNjMGI0YzEwNjVkZjUwMWEwNTFiOWY0NTZkNDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt+ENySugMdmmfcH69oITfsVzWtn
MiDuV5xbe5z7p5Ye5naehAeQa+U959slrQZjl81YitG2vFxlBECd+SyJvfP0Sivt
QaQH8Hx0n7xfk7ZLgQe8MUmFVbV8LSjOG3kuCBy07brt8wwJkwHJNnQ/4/WrJvLB
ZszmqS7yHeHlWBladhnXICvtlYI8qyGGWiMomKr06lmRab/wzyDyZHwHEpESgxoD
108dEzU4/Kh73z8vHOzUzlBviTZRNowQPVrtRtewZiah/1YPfBz4M4BZRBVSaztN
58RRqRMaU8MS5nJTytQAWM63seeDoXUpdjBoFAjHQ719q9qd4tgI46AdKQIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFKgOE/lSw8C0wQZd9QGgUbn0VtRTMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvcUE0VC1WTER3TFRCQmwzMUFhQlJ1ZlJXMUZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBhwQCAAEwgYADBAAF
tHIDBAQl6zADBABT83gDBAFT83oDBABU9z0DBABWancDBABZH3sDBABbhF4DBAFb
48wDBABc80IDBABnOfowDAMEA5WamAMEAJWanAMEBZfsADAMAwQAnv/RAwQAnv/U
MAwDBAK5GuwDBAC5Gu4wDAMEAdW3NgMEAdW3ODANBAIAAjAHAwUDKgMPgDANBgkq
hkiG9w0BAQsFAAOCAQEAdHBrJ6WosvUjkfWIRTYEtqkYJTqP1uasWajoYaM0meXG
gWd96L6asGYCUn6AOQCSZ3HNh59VvqkWwn2NXiBaEu1u5vjKHHCy7DuxuIUx50RR
ezkLKGS78lSE+tjOrQnMj4tDdpg/voKVxYhdZGO8yrqat5hPJT9dItinbYv/PML1
HuJ4SxlHT3DcBOCl1h5mb7Vyuj6RVIvldaq6KND1HzeP8qD9KpE03ED1D6tcaT8O
b39ULt1qoDu5FSDzYWgDXQP2UIIx0ZJjDh4sS/cnRQvFIXYvvP4JurLSLlc1cw17
p7zj43UNPAA5ATpQq108+WLejBDju7BF2lbXtz42aQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:03 2024 by rpki-client on console-fra.rpki-client.org