Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/X36hWWTQelm1HAcH_yicmI3HDWw.roa
File: X36hWWTQelm1HAcH_yicmI3HDWw.roa (raw, json)
Hash identifier: Re3d1Rg8pqyaLsHk1YT3jzDHLylIcT5bzuMlX4QUM34=
Subject key identifier: 5F:7E:A1:59:64:D0:7A:59:B5:1C:07:07:FF:28:9C:98:8D:C7:0D:6C
Certificate issuer: /CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Certificate serial: 018BB19D4B905811D68DACCD9788A596AFA8
Authority key identifier: F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/X36hWWTQelm1HAcH_yicmI3HDWw.roa
Signing time: Thu 09 Nov 2023 01:05:57 +0000
ROA not before: Thu 09 Nov 2023 01:05:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202448
IP address blocks: 45.137.151.0/24 maxlen: 24
45.137.150.0/24 maxlen: 24
45.137.148.0/24 maxlen: 32
45.137.149.0/24 maxlen: 24
2.56.213.0/24 maxlen: 24
2.56.212.0/24 maxlen: 24
89.43.33.0/24 maxlen: 24
194.26.213.0/24 maxlen: 24
86.107.197.0/24 maxlen: 24
93.114.128.0/24 maxlen: 24
2.56.215.0/24 maxlen: 24
2.56.214.0/24 maxlen: 24
62.3.32.0/24 maxlen: 24
194.32.78.0/24 maxlen: 24
194.32.77.0/24 maxlen: 24
194.32.76.0/24 maxlen: 24
194.32.79.0/24 maxlen: 24
91.250.248.0/24 maxlen: 32
91.250.249.0/24 maxlen: 32
185.234.52.0/24 maxlen: 32
193.201.15.0/24 maxlen: 24
185.96.163.0/24 maxlen: 24
178.157.82.0/24 maxlen: 24
185.170.213.0/24 maxlen: 24
178.157.91.0/24 maxlen: 24
185.170.212.0/24 maxlen: 24
178.157.90.0/24 maxlen: 24
185.170.215.0/24 maxlen: 24
185.170.214.0/24 maxlen: 24
45.153.184.0/24 maxlen: 24
45.153.186.0/24 maxlen: 24
45.153.185.0/24 maxlen: 24
45.153.187.0/24 maxlen: 24
86.106.181.0/24 maxlen: 24
89.38.135.0/24 maxlen: 32
91.227.41.0/24 maxlen: 24
91.227.40.0/24 maxlen: 24
86.105.252.0/24 maxlen: 24
94.176.182.0/24 maxlen: 24
185.243.214.0/24 maxlen: 32
185.243.215.0/24 maxlen: 24
194.99.23.0/24 maxlen: 24
194.99.22.0/24 maxlen: 24
194.99.21.0/24 maxlen: 24
194.99.20.0/24 maxlen: 24
89.38.131.0/24 maxlen: 24
31.14.238.0/24 maxlen: 24
89.38.130.0/24 maxlen: 24
89.38.129.0/24 maxlen: 24
89.38.128.0/24 maxlen: 24
188.212.125.0/24 maxlen: 24
188.212.124.0/24 maxlen: 24
93.114.133.0/24 maxlen: 24
93.115.16.0/24 maxlen: 24
93.115.17.0/24 maxlen: 24
93.115.23.0/24 maxlen: 24
93.115.22.0/24 maxlen: 24
93.115.21.0/24 maxlen: 24
93.115.20.0/24 maxlen: 24
93.115.19.0/24 maxlen: 24
93.115.18.0/24 maxlen: 24
31.222.229.0/24 maxlen: 24
2a05:8280::/32 maxlen: 32
2a09:cd42::/32 maxlen: 32
2a09:cd45::/32 maxlen: 32
2a09:cd43::/32 maxlen: 32
2a0c:b9c1::/32 maxlen: 32
2a09:cd41::/32 maxlen: 32
2a09:cd40::/32 maxlen: 32
2a0c:b9c0::/32 maxlen: 32
2a09:cd46::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b1:9d:4b:90:58:11:d6:8d:ac:cd:97:88:a5:96:af:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Validity
Not Before: Nov 9 01:05:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f7ea15964d07a59b51c0707ff289c988dc70d6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ab:15:f6:56:2e:6b:ef:f2:0d:4f:48:b1:b7:
7b:b3:c3:1e:85:8b:00:aa:f1:c9:4a:95:a7:fc:c1:
ba:14:ae:77:c8:1b:a6:c5:20:e1:ee:05:b5:9a:03:
50:c9:a7:45:4d:e2:f5:88:90:fa:7a:b0:a4:35:83:
ec:7f:09:85:25:4e:32:5f:b1:f2:94:41:96:d9:ca:
d1:bc:52:e6:fc:f6:c3:77:c3:7a:65:fb:70:7c:ae:
43:77:15:f2:8d:07:0e:a5:67:f8:41:f6:5e:86:3a:
6f:8f:6c:58:d3:ce:3c:9d:c7:11:5e:db:bc:5d:d9:
cd:24:a1:24:9d:76:e1:83:2d:18:98:a1:05:3e:01:
c7:9a:99:42:77:41:4f:e4:25:46:2d:9b:e8:0c:aa:
0a:47:77:0e:cc:e7:8b:43:de:d6:eb:4f:93:66:17:
10:15:8b:86:3c:85:d1:e1:ae:93:a9:7f:c0:2a:91:
7e:d4:4f:88:4a:af:4c:60:54:65:bf:76:05:23:49:
da:31:5d:71:10:38:dc:cf:8a:a4:0f:e7:3f:e1:96:
7d:ba:a4:45:42:5a:9a:e1:a6:28:02:fe:9a:e6:d9:
1f:dc:9e:a2:51:93:30:ec:8f:34:47:1d:69:ab:3a:
68:a7:90:5b:af:63:76:94:52:d9:8a:a1:11:50:f6:
d2:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:7E:A1:59:64:D0:7A:59:B5:1C:07:07:FF:28:9C:98:8D:C7:0D:6C
X509v3 Authority Key Identifier:
keyid:F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/X36hWWTQelm1HAcH_yicmI3HDWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.212.0/22
31.14.238.0/24
31.222.229.0/24
45.137.148.0/22
45.153.184.0/22
62.3.32.0/24
86.105.252.0/24
86.106.181.0/24
86.107.197.0/24
89.38.128.0/22
89.38.135.0/24
89.43.33.0/24
91.227.40.0/23
91.250.248.0/23
93.114.128.0/24
93.114.133.0/24
93.115.16.0/21
94.176.182.0/24
178.157.82.0/24
178.157.90.0/23
185.96.163.0/24
185.170.212.0/22
185.234.52.0/24
185.243.214.0/23
188.212.124.0/23
193.201.15.0/24
194.26.213.0/24
194.32.76.0/22
194.99.20.0/22
IPv6:
2a05:8280::/32
2a09:cd40::/30
2a09:cd45::-2a09:cd46:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:b9c0::/31
Signature Algorithm: sha256WithRSAEncryption
93:be:99:94:65:09:22:0a:2e:37:4b:ad:4a:ea:2f:d3:39:33:
e7:fb:bb:64:42:ee:48:09:10:c1:59:9d:aa:97:26:22:5b:1c:
6f:0c:5d:95:72:02:9f:bd:bf:6b:8c:df:53:d2:0c:1e:6d:af:
dc:a2:36:f9:03:1c:c9:61:6e:e9:44:a3:5d:f6:69:81:7a:a4:
74:a7:5a:c5:9a:49:98:2c:78:55:c4:7e:83:48:09:25:ce:42:
cd:ee:bd:67:51:00:d8:41:04:76:b8:4b:8e:59:d5:86:6b:ba:
1a:23:8f:3a:e1:9b:4c:3d:b9:b1:29:7a:3d:74:c8:33:19:5c:
ea:1b:f2:dd:32:99:83:a0:ec:64:b2:1c:19:0d:ba:39:c1:05:
f1:65:9e:79:fc:82:53:7a:9d:0e:56:1a:83:73:5a:4b:c4:89:
6c:e9:25:ff:9f:5f:ef:27:df:d5:87:e5:64:f9:70:60:1f:6e:
a3:63:7b:b0:23:30:c5:b9:3a:cb:53:b7:3b:41:9e:2a:17:f8:
bf:98:e7:ad:8a:b5:14:03:71:09:ab:bd:a8:74:cb:0e:b9:3b:
80:5a:47:57:e5:fe:38:73:93:ff:3d:22:db:88:81:0d:67:03:
48:52:b1:e6:63:56:53:40:d2:5d:08:96:e7:19:c7:f2:28:72:
26:63:cc:38
-----BEGIN CERTIFICATE-----
MIIF1zCCBL+gAwIBAgISAYuxnUuQWBHWjazNl4illq+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0M2JmOTA4MDhhZTdlY2EwNjNmNzQ2YThmMWQ4ODg2NTcz
NGM4YTMwHhcNMjMxMTA5MDEwNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjdlYTE1OTY0ZDA3YTU5YjUxYzA3MDdmZjI4OWM5ODhkYzcwZDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5KsV9lYua+/yDU9Isbd7s8MehYsA
qvHJSpWn/MG6FK53yBumxSDh7gW1mgNQyadFTeL1iJD6erCkNYPsfwmFJU4yX7Hy
lEGW2crRvFLm/PbDd8N6ZftwfK5DdxXyjQcOpWf4QfZehjpvj2xY0848nccRXtu8
XdnNJKEknXbhgy0YmKEFPgHHmplCd0FP5CVGLZvoDKoKR3cOzOeLQ97W60+TZhcQ
FYuGPIXR4a6TqX/AKpF+1E+ISq9MYFRlv3YFI0naMV1xEDjcz4qkD+c/4ZZ9uqRF
Qlqa4aYoAv6a5tkf3J6iUZMw7I80Rx1pqzpop5Bbr2N2lFLZiqERUPbS4QIDAQAB
o4IC4zCCAt8wHQYDVR0OBBYEFF9+oVlk0HpZtRwHB/8onJiNxw1sMB8GA1UdIwQY
MBaAFPQ7+QgIrn7KBj90ao8diIZXNMijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAt
Mzg5MTk1YzRmMDdiLzEvWDM2aFdXVFFlbG0xSEFjSF95aWNtSTNIRFd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAtMzg5MTk1YzRmMDdi
LzEvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH4BggrBgEFBQcBBwEB/wSB6DCB5TCBtQQCAAEwga4DBAIC
ONQDBAAfDu4DBAAf3uUDBAItiZQDBAItmbgDBAA+AyADBABWafwDBABWarUDBABW
a8UDBAJZJoADBABZJocDBABZKyEDBAFb4ygDBAFb+vgDBABdcoADBABdcoUDBANd
cxADBABesLYDBACynVIDBAGynVoDBAC5YKMDBAK5qtQDBAC56jQDBAG589YDBAG8
1HwDBADByQ8DBADCGtUDBALCIEwDBALCYxQwKwQCAAIwJQMFACoFgoADBQIqCc1A
MA4DBQAqCc1FAwUAKgnNRgMFASoMucAwDQYJKoZIhvcNAQELBQADggEBAJO+mZRl
CSIKLjdLrUrqL9M5M+f7u2RC7kgJEMFZnaqXJiJbHG8MXZVyAp+9v2uM31PSDB5t
r9yiNvkDHMlhbulEo132aYF6pHSnWsWaSZgseFXEfoNICSXOQs3uvWdRANhBBHa4
S45Z1YZruhojjzrhm0w9ubEpej10yDMZXOob8t0ymYOg7GSyHBkNujnBBfFlnnn8
glN6nQ5WGoNzWkvEiWzpJf+fX+8n39WH5WT5cGAfbqNje7AjMMW5OstTtztBnioX
+L+Y562KtRQDcQmrvah0yw65O4BaR1fl/jhzk/89ItuIgQ1nA0hSseZjVlNA0l0I
lucZx/IociZjzDg=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:26 2024 by rpki-client on console-ams.rpki-client.org