Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/NNpoXFk52bnDlsa4RM9il4qCNpY.roa
File: NNpoXFk52bnDlsa4RM9il4qCNpY.roa (raw, json)
Hash identifier: zhBaVNNoasLjdRQ3Ej0Dx8cXdEKhrYYUVjI7CCcupjc=
Subject key identifier: 34:DA:68:5C:59:39:D9:B9:C3:96:C6:B8:44:CF:62:97:8A:82:36:96
Certificate issuer: /CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Certificate serial: 018B880E3B741C9F4C66E65D5898D849DCC6
Authority key identifier: F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/NNpoXFk52bnDlsa4RM9il4qCNpY.roa
Signing time: Tue 31 Oct 2023 23:25:15 +0000
ROA not before: Tue 31 Oct 2023 23:25:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202448
IP address blocks: 45.137.151.0/24 maxlen: 24
45.137.150.0/24 maxlen: 24
45.137.148.0/24 maxlen: 32
45.137.149.0/24 maxlen: 24
2.56.213.0/24 maxlen: 24
2.56.212.0/24 maxlen: 24
89.43.33.0/24 maxlen: 24
194.26.213.0/24 maxlen: 24
86.107.197.0/24 maxlen: 24
93.114.128.0/24 maxlen: 24
2.56.215.0/24 maxlen: 24
2.56.214.0/24 maxlen: 24
194.32.78.0/24 maxlen: 24
194.32.77.0/24 maxlen: 24
194.32.76.0/24 maxlen: 24
194.32.79.0/24 maxlen: 24
91.250.248.0/24 maxlen: 32
91.250.249.0/24 maxlen: 32
185.234.52.0/24 maxlen: 32
193.201.15.0/24 maxlen: 24
185.96.163.0/24 maxlen: 24
178.157.82.0/24 maxlen: 24
185.170.213.0/24 maxlen: 24
178.157.91.0/24 maxlen: 24
185.170.212.0/24 maxlen: 24
178.157.90.0/24 maxlen: 24
185.170.215.0/24 maxlen: 24
185.170.214.0/24 maxlen: 24
45.153.184.0/24 maxlen: 24
45.153.186.0/24 maxlen: 24
45.153.185.0/24 maxlen: 24
45.153.187.0/24 maxlen: 24
86.106.181.0/24 maxlen: 24
89.38.135.0/24 maxlen: 32
91.227.41.0/24 maxlen: 24
91.227.40.0/24 maxlen: 24
86.105.252.0/24 maxlen: 24
94.176.182.0/24 maxlen: 24
185.243.214.0/24 maxlen: 32
185.243.215.0/24 maxlen: 24
194.99.23.0/24 maxlen: 24
194.99.22.0/24 maxlen: 24
194.99.21.0/24 maxlen: 24
194.99.20.0/24 maxlen: 24
89.38.131.0/24 maxlen: 24
31.14.238.0/24 maxlen: 24
89.38.130.0/24 maxlen: 24
89.38.129.0/24 maxlen: 24
89.38.128.0/24 maxlen: 24
188.212.125.0/24 maxlen: 24
188.212.124.0/24 maxlen: 24
93.114.133.0/24 maxlen: 24
93.115.16.0/24 maxlen: 24
93.115.17.0/24 maxlen: 24
93.115.23.0/24 maxlen: 24
93.115.22.0/24 maxlen: 24
93.115.21.0/24 maxlen: 24
93.115.20.0/24 maxlen: 24
93.115.19.0/24 maxlen: 24
93.115.18.0/24 maxlen: 24
31.222.229.0/24 maxlen: 24
2a05:8280::/32 maxlen: 32
2a09:cd42::/32 maxlen: 32
2a09:cd45::/32 maxlen: 32
2a09:cd43::/32 maxlen: 32
2a0c:b9c1::/32 maxlen: 32
2a09:cd41::/32 maxlen: 32
2a09:cd40::/32 maxlen: 32
2a0c:b9c0::/32 maxlen: 32
2a09:cd46::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:88:0e:3b:74:1c:9f:4c:66:e6:5d:58:98:d8:49:dc:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Validity
Not Before: Oct 31 23:25:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34da685c5939d9b9c396c6b844cf62978a823696
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:91:b9:ce:a4:41:91:0a:08:08:a3:c9:4f:71:
c8:4b:49:d8:94:e3:f9:ef:09:d9:ae:bb:49:7f:b8:
3d:2f:08:49:00:46:8a:0a:53:e5:2d:d8:1f:de:03:
ce:5f:d4:40:9f:21:ec:59:02:25:47:c4:8c:b4:bf:
84:37:80:fa:10:c4:c9:16:f1:bb:51:0c:9c:92:da:
15:5c:1d:cc:95:56:b4:eb:07:fc:e7:8b:d8:19:48:
de:f8:02:6a:6a:98:28:d7:58:3f:68:89:c3:47:62:
e5:a0:bc:51:e1:96:b5:0f:3f:f6:2c:93:a0:95:60:
72:d4:e6:70:8b:1e:c3:b8:e1:99:85:64:d8:17:a7:
b7:f1:0a:b0:74:ca:4c:c5:96:22:ed:e7:3b:5d:45:
55:ec:00:a3:fe:81:ff:00:6e:e0:be:8f:20:59:ae:
8f:41:31:c6:77:09:a6:fe:04:88:8a:9b:1b:0d:6f:
38:ec:a6:d0:89:a1:cd:39:d6:9a:ed:05:e4:38:15:
bb:3d:ed:0f:8e:33:05:e0:6a:71:a5:40:3d:ae:29:
68:fe:c4:ec:08:04:e7:02:16:12:37:cf:30:c7:35:
44:8f:36:94:00:f7:85:1a:34:c4:f9:78:ac:3e:39:
78:9d:a7:47:05:23:2f:9e:c7:33:c5:2f:82:5a:b9:
e1:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:DA:68:5C:59:39:D9:B9:C3:96:C6:B8:44:CF:62:97:8A:82:36:96
X509v3 Authority Key Identifier:
keyid:F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/NNpoXFk52bnDlsa4RM9il4qCNpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.212.0/22
31.14.238.0/24
31.222.229.0/24
45.137.148.0/22
45.153.184.0/22
86.105.252.0/24
86.106.181.0/24
86.107.197.0/24
89.38.128.0/22
89.38.135.0/24
89.43.33.0/24
91.227.40.0/23
91.250.248.0/23
93.114.128.0/24
93.114.133.0/24
93.115.16.0/21
94.176.182.0/24
178.157.82.0/24
178.157.90.0/23
185.96.163.0/24
185.170.212.0/22
185.234.52.0/24
185.243.214.0/23
188.212.124.0/23
193.201.15.0/24
194.26.213.0/24
194.32.76.0/22
194.99.20.0/22
IPv6:
2a05:8280::/32
2a09:cd40::/30
2a09:cd45::-2a09:cd46:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:b9c0::/31
Signature Algorithm: sha256WithRSAEncryption
6a:a4:fa:46:ec:bc:5e:55:c9:8f:4e:c6:dc:9c:69:d6:19:3f:
dc:4c:b5:76:ca:a2:ea:5b:4d:9b:7c:80:9b:98:ed:42:e9:a0:
02:0f:cb:c7:80:0e:a8:19:23:ac:a1:c3:a8:c4:99:57:31:04:
ab:aa:57:8c:09:fb:58:26:0f:bf:23:4b:41:2a:a0:b7:23:e2:
a1:39:8b:80:61:b8:68:2d:2e:44:fd:fb:8b:ad:50:2f:26:ae:
34:7a:ef:7a:d7:19:83:5b:5f:ae:01:e2:15:2a:1e:0b:5b:ca:
88:35:5c:fe:57:0a:f4:c8:e8:72:f9:14:01:64:29:e0:6f:48:
a6:15:a0:47:0b:d1:fe:de:78:0b:e3:36:be:fa:a9:23:33:fa:
ef:07:c6:8a:67:fc:bc:a8:d0:38:fd:c2:90:31:b3:80:84:61:
1a:39:91:44:3d:75:10:28:45:00:42:46:3a:d8:85:19:d9:49:
0e:95:9f:7f:21:f3:d8:ce:e2:50:dc:2f:54:03:b8:d6:ea:bd:
c4:46:65:8e:48:98:99:9a:ec:0e:a5:2c:04:9e:da:a9:68:42:
dd:81:be:6e:e0:ad:ba:0a:e7:30:cc:b7:aa:4b:f1:20:aa:86:
e7:a0:2d:2d:dd:79:bf:07:7b:52:a2:f3:59:2c:1d:e8:bf:ab:
4b:59:b9:a2
-----BEGIN CERTIFICATE-----
MIIF0TCCBLmgAwIBAgISAYuIDjt0HJ9MZuZdWJjYSdzGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0M2JmOTA4MDhhZTdlY2EwNjNmNzQ2YThmMWQ4ODg2NTcz
NGM4YTMwHhcNMjMxMDMxMjMyNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGRhNjg1YzU5MzlkOWI5YzM5NmM2Yjg0NGNmNjI5NzhhODIzNjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpG5zqRBkQoICKPJT3HIS0nYlOP5
7wnZrrtJf7g9LwhJAEaKClPlLdgf3gPOX9RAnyHsWQIlR8SMtL+EN4D6EMTJFvG7
UQycktoVXB3MlVa06wf854vYGUje+AJqapgo11g/aInDR2LloLxR4Za1Dz/2LJOg
lWBy1OZwix7DuOGZhWTYF6e38QqwdMpMxZYi7ec7XUVV7ACj/oH/AG7gvo8gWa6P
QTHGdwmm/gSIipsbDW847KbQiaHNOdaa7QXkOBW7Pe0PjjMF4GpxpUA9rilo/sTs
CATnAhYSN88wxzVEjzaUAPeFGjTE+XisPjl4nadHBSMvnsczxS+CWrnhUQIDAQAB
o4IC3TCCAtkwHQYDVR0OBBYEFDTaaFxZOdm5w5bGuETPYpeKgjaWMB8GA1UdIwQY
MBaAFPQ7+QgIrn7KBj90ao8diIZXNMijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAt
Mzg5MTk1YzRmMDdiLzEvTk5wb1hGazUyYm5EbHNhNFJNOWlsNHFDTnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAtMzg5MTk1YzRmMDdi
LzEvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHyBggrBgEFBQcBBwEB/wSB4jCB3zCBrwQCAAEwgagDBAIC
ONQDBAAfDu4DBAAf3uUDBAItiZQDBAItmbgDBABWafwDBABWarUDBABWa8UDBAJZ
JoADBABZJocDBABZKyEDBAFb4ygDBAFb+vgDBABdcoADBABdcoUDBANdcxADBABe
sLYDBACynVIDBAGynVoDBAC5YKMDBAK5qtQDBAC56jQDBAG589YDBAG81HwDBADB
yQ8DBADCGtUDBALCIEwDBALCYxQwKwQCAAIwJQMFACoFgoADBQIqCc1AMA4DBQAq
Cc1FAwUAKgnNRgMFASoMucAwDQYJKoZIhvcNAQELBQADggEBAGqk+kbsvF5VyY9O
xtycadYZP9xMtXbKoupbTZt8gJuY7ULpoAIPy8eADqgZI6yhw6jEmVcxBKuqV4wJ
+1gmD78jS0EqoLcj4qE5i4BhuGgtLkT9+4utUC8mrjR673rXGYNbX64B4hUqHgtb
yog1XP5XCvTI6HL5FAFkKeBvSKYVoEcL0f7eeAvjNr76qSMz+u8Hxopn/Lyo0Dj9
wpAxs4CEYRo5kUQ9dRAoRQBCRjrYhRnZSQ6Vn38h89jO4lDcL1QDuNbqvcRGZY5I
mJma7A6lLASe2qloQt2Bvm7grboK5zDMt6pL8SCqhuegLS3deb8He1Ki81ksHei/
q0tZuaI=
-----END CERTIFICATE-----
Generated at Thu Nov 9 01:33:48 2023 by rpki-client on console-fra.rpki-client.org