Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/OwVMBADHytOLd5AqCIm1UANQeec.roa
File: OwVMBADHytOLd5AqCIm1UANQeec.roa (raw, json)
Hash identifier: nCLOtB0EjIKz8G/XlcDV0DWtn1ugnG63VNKwI7wdTaM=
Subject key identifier: 3B:05:4C:04:00:C7:CA:D3:8B:77:90:2A:08:89:B5:50:03:50:79:E7
Certificate issuer: /CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Certificate serial: 0186DC65F1CBF683A0190CC50B01E5FD0B60
Authority key identifier: F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/OwVMBADHytOLd5AqCIm1UANQeec.roa
Signing time: Mon 13 Mar 2023 19:15:13 +0000
ROA not before: Mon 13 Mar 2023 19:15:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202448
IP address blocks: 45.137.151.0/24 maxlen: 24
45.137.150.0/24 maxlen: 24
45.137.148.0/24 maxlen: 32
45.137.149.0/24 maxlen: 24
2.56.213.0/24 maxlen: 24
2.56.212.0/24 maxlen: 24
89.43.33.0/24 maxlen: 24
86.107.197.0/24 maxlen: 24
93.114.128.0/24 maxlen: 24
2.56.215.0/24 maxlen: 24
2.56.214.0/24 maxlen: 24
194.32.78.0/24 maxlen: 24
194.32.77.0/24 maxlen: 24
194.32.76.0/24 maxlen: 24
194.32.79.0/24 maxlen: 24
91.250.248.0/24 maxlen: 32
91.250.249.0/24 maxlen: 32
185.234.52.0/24 maxlen: 32
185.96.163.0/24 maxlen: 24
178.157.82.0/24 maxlen: 24
185.170.213.0/24 maxlen: 24
178.157.91.0/24 maxlen: 24
185.170.212.0/24 maxlen: 24
178.157.90.0/24 maxlen: 24
185.170.215.0/24 maxlen: 24
185.170.214.0/24 maxlen: 24
45.153.184.0/24 maxlen: 24
45.153.186.0/24 maxlen: 24
45.153.185.0/24 maxlen: 24
45.153.187.0/24 maxlen: 24
86.106.181.0/24 maxlen: 24
89.38.135.0/24 maxlen: 32
91.227.41.0/24 maxlen: 24
91.227.40.0/24 maxlen: 24
86.105.252.0/24 maxlen: 24
94.176.182.0/24 maxlen: 24
185.243.214.0/24 maxlen: 32
185.243.215.0/24 maxlen: 24
194.99.23.0/24 maxlen: 24
194.99.22.0/24 maxlen: 24
194.99.21.0/24 maxlen: 24
194.99.20.0/24 maxlen: 24
89.38.131.0/24 maxlen: 24
31.14.238.0/24 maxlen: 24
89.38.130.0/24 maxlen: 24
89.38.129.0/24 maxlen: 24
89.38.128.0/24 maxlen: 24
188.212.125.0/24 maxlen: 24
188.212.124.0/24 maxlen: 24
93.114.133.0/24 maxlen: 24
93.115.23.0/24 maxlen: 24
93.115.22.0/24 maxlen: 24
93.115.21.0/24 maxlen: 24
93.115.20.0/24 maxlen: 24
93.115.19.0/24 maxlen: 24
93.115.18.0/24 maxlen: 24
2a05:8280::/32 maxlen: 32
2a09:cd42::/32 maxlen: 32
2a09:cd45::/32 maxlen: 32
2a09:cd43::/32 maxlen: 32
2a0c:b9c1::/32 maxlen: 32
2a09:cd41::/32 maxlen: 32
2a09:cd40::/32 maxlen: 32
2a0c:b9c0::/32 maxlen: 32
2a09:cd46::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:dc:65:f1:cb:f6:83:a0:19:0c:c5:0b:01:e5:fd:0b:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Validity
Not Before: Mar 13 19:15:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b054c0400c7cad38b77902a0889b550035079e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:c1:4a:0d:4c:d2:2d:d8:61:e7:26:28:d8:05:
c5:6a:d1:f9:b0:e4:ac:44:27:60:c5:20:de:e3:4e:
0a:1e:8d:0f:f3:1d:57:32:7e:d5:b6:a0:9c:e7:f2:
38:89:7c:01:e6:2d:c0:07:83:82:32:48:8f:26:39:
6c:3f:fc:49:2d:73:61:b2:b7:09:83:09:ac:5a:76:
65:65:d4:00:bd:36:48:ca:00:85:86:24:1d:f7:87:
5d:5b:56:b0:99:21:0b:51:b6:71:37:ce:fc:59:19:
f2:d1:8b:0e:93:29:c8:c6:2a:cd:b2:6b:81:72:4f:
92:c1:95:f5:82:4b:28:ed:83:bd:98:30:3d:c9:04:
5e:14:74:f3:19:eb:eb:0e:51:d3:29:42:06:0c:97:
b6:84:8d:9c:c8:ea:04:94:f1:04:17:86:8d:ea:17:
56:c0:33:3f:78:e1:78:dd:07:f9:17:4b:ee:2b:1a:
0e:4e:af:91:17:f1:ea:d3:ea:a6:54:18:13:78:30:
c8:3c:87:e6:41:95:0f:97:34:09:a8:6a:9b:e1:84:
4f:8f:63:b7:eb:48:aa:cb:44:0c:a3:a9:66:83:9b:
15:7b:ec:ae:39:c5:cd:41:ff:d6:79:af:26:b2:b6:
8e:68:3b:21:1a:e9:ef:47:b1:61:1f:5a:07:23:25:
24:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:05:4C:04:00:C7:CA:D3:8B:77:90:2A:08:89:B5:50:03:50:79:E7
X509v3 Authority Key Identifier:
keyid:F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/OwVMBADHytOLd5AqCIm1UANQeec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.212.0/22
31.14.238.0/24
45.137.148.0/22
45.153.184.0/22
86.105.252.0/24
86.106.181.0/24
86.107.197.0/24
89.38.128.0/22
89.38.135.0/24
89.43.33.0/24
91.227.40.0/23
91.250.248.0/23
93.114.128.0/24
93.114.133.0/24
93.115.18.0-93.115.23.255
94.176.182.0/24
178.157.82.0/24
178.157.90.0/23
185.96.163.0/24
185.170.212.0/22
185.234.52.0/24
185.243.214.0/23
188.212.124.0/23
194.32.76.0/22
194.99.20.0/22
IPv6:
2a05:8280::/32
2a09:cd40::/30
2a09:cd45::-2a09:cd46:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:b9c0::/31
Signature Algorithm: sha256WithRSAEncryption
a3:9a:55:d5:a4:b1:9c:bd:10:18:30:ce:74:41:f4:e1:5c:2b:
c3:e5:60:54:80:80:f1:39:b2:d4:56:71:4e:91:4e:3b:d7:c1:
4e:eb:fd:47:cf:2a:23:64:b7:54:88:05:3d:3b:b2:51:b6:88:
eb:b3:53:c7:09:40:f0:b7:af:5c:c4:d3:f4:65:1f:3d:8e:6e:
c3:6e:db:33:06:18:a3:17:73:23:e7:c0:56:dc:87:14:ef:64:
6f:12:41:c4:3a:a5:b3:dd:9b:23:72:19:6b:50:fd:61:a3:54:
a5:6a:9a:83:02:a7:67:4c:50:bb:b0:e4:d5:3e:18:c7:53:15:
c5:76:68:67:a2:2b:4b:42:73:28:d0:2f:1f:bd:9d:13:14:7f:
ec:43:3e:91:30:56:6b:ac:1b:48:a6:1e:28:d0:46:21:0c:e7:
ad:99:50:db:ec:11:a0:b5:91:bc:3a:2e:03:fc:ef:45:2d:a0:
a6:42:74:45:c1:61:ca:76:de:77:25:80:ef:54:32:de:97:93:
8a:43:59:1b:e5:2c:53:d2:a3:92:f1:39:9d:83:76:04:a3:4c:
67:38:99:7b:e3:af:94:50:c4:fc:cc:cf:e5:df:5b:e8:6a:65:
c2:2c:30:90:45:40:bf:4f:38:36:cb:24:5f:8c:1b:dd:5f:da:
25:45:dd:cf
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAYbcZfHL9oOgGQzFCwHl/QtgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0M2JmOTA4MDhhZTdlY2EwNjNmNzQ2YThmMWQ4ODg2NTcz
NGM4YTMwHhcNMjMwMzEzMTkxNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjA1NGMwNDAwYzdjYWQzOGI3NzkwMmEwODg5YjU1MDAzNTA3OWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5sFKDUzSLdhh5yYo2AXFatH5sOSs
RCdgxSDe404KHo0P8x1XMn7VtqCc5/I4iXwB5i3AB4OCMkiPJjlsP/xJLXNhsrcJ
gwmsWnZlZdQAvTZIygCFhiQd94ddW1awmSELUbZxN878WRny0YsOkynIxirNsmuB
ck+SwZX1gkso7YO9mDA9yQReFHTzGevrDlHTKUIGDJe2hI2cyOoElPEEF4aN6hdW
wDM/eOF43Qf5F0vuKxoOTq+RF/Hq0+qmVBgTeDDIPIfmQZUPlzQJqGqb4YRPj2O3
60iqy0QMo6lmg5sVe+yuOcXNQf/Wea8msraOaDshGunvR7FhH1oHIyUkyQIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFDsFTAQAx8rTi3eQKgiJtVADUHnnMB8GA1UdIwQY
MBaAFPQ7+QgIrn7KBj90ao8diIZXNMijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAt
Mzg5MTk1YzRmMDdiLzEvT3dWTUJBREh5dE9MZDVBcUNJbTFVQU5RZWVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAtMzg5MTk1YzRmMDdi
LzEvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TCBpQQCAAEwgZ4DBAIC
ONQDBAAfDu4DBAItiZQDBAItmbgDBABWafwDBABWarUDBABWa8UDBAJZJoADBABZ
JocDBABZKyEDBAFb4ygDBAFb+vgDBABdcoADBABdcoUwDAMEAV1zEgMEA11zEAME
AF6wtgMEALKdUgMEAbKdWgMEALlgowMEArmq1AMEALnqNAMEAbnz1gMEAbzUfAME
AsIgTAMEAsJjFDArBAIAAjAlAwUAKgWCgAMFAioJzUAwDgMFACoJzUUDBQAqCc1G
AwUBKgy5wDANBgkqhkiG9w0BAQsFAAOCAQEAo5pV1aSxnL0QGDDOdEH04Vwrw+Vg
VICA8Tmy1FZxTpFOO9fBTuv9R88qI2S3VIgFPTuyUbaI67NTxwlA8LevXMTT9GUf
PY5uw27bMwYYoxdzI+fAVtyHFO9kbxJBxDqls92bI3IZa1D9YaNUpWqagwKnZ0xQ
u7Dk1T4Yx1MVxXZoZ6IrS0JzKNAvH72dExR/7EM+kTBWa6wbSKYeKNBGIQznrZlQ
2+wRoLWRvDouA/zvRS2gpkJ0RcFhynbedyWA71Qy3peTikNZG+UsU9KjkvE5nYN2
BKNMZziZe+OvlFDE/MzP5d9b6GplwiwwkEVAv084NsskX4wb3V/aJUXdzw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:34 2023 by rpki-client on console-fra.rpki-client.org