Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/DX2SsPAFzPTPw0Il16aSlfn_QM8.roa
File: DX2SsPAFzPTPw0Il16aSlfn_QM8.roa (raw, json)
Hash identifier: +5OudBXsVcbOJl1wSaN8rX8SaI0pJB8+XcIhIFWbsYs=
Subject key identifier: 0D:7D:92:B0:F0:05:CC:F4:CF:C3:42:25:D7:A6:92:95:F9:FF:40:CF
Certificate issuer: /CN=9d23f4cb4bab5c10801a770658df891cfb8c68c6
Certificate serial: 018570396B56C20CC923BD0FF476421CFFE6
Authority key identifier: 9D:23:F4:CB:4B:AB:5C:10:80:1A:77:06:58:DF:89:1C:FB:8C:68:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSP0y0urXBCAGncGWN-JHPuMaMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/DX2SsPAFzPTPw0Il16aSlfn_QM8.roa
Signing time: Mon 02 Jan 2023 02:04:49 +0000
ROA not before: Mon 02 Jan 2023 02:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29802
IP address blocks: 149.255.39.0/24 maxlen: 24
45.158.38.0/24 maxlen: 24
45.158.36.0/23 maxlen: 32
45.158.39.0/24 maxlen: 24
37.72.168.0/21 maxlen: 32
37.72.172.0/23 maxlen: 23
37.72.171.0/24 maxlen: 24
37.72.170.0/23 maxlen: 23
37.72.170.0/24 maxlen: 24
37.72.174.0/23 maxlen: 23
194.126.172.0/24 maxlen: 24
194.126.172.0/22 maxlen: 24
194.126.175.0/24 maxlen: 24
194.126.173.0/24 maxlen: 24
94.100.16.0/20 maxlen: 32
94.100.16.0/24 maxlen: 24
94.100.17.0/24 maxlen: 24
94.100.23.0/24 maxlen: 24
94.100.24.0/24 maxlen: 24
94.100.21.0/24 maxlen: 24
94.100.22.0/24 maxlen: 24
94.100.19.0/24 maxlen: 24
94.100.20.0/24 maxlen: 24
94.100.18.0/24 maxlen: 24
94.100.30.0/24 maxlen: 24
94.100.31.0/24 maxlen: 24
94.100.28.0/24 maxlen: 24
94.100.29.0/24 maxlen: 24
94.100.26.0/24 maxlen: 24
94.100.27.0/24 maxlen: 24
94.100.25.0/24 maxlen: 24
217.79.240.0/24 maxlen: 24
217.79.242.0/23 maxlen: 24
217.79.240.0/20 maxlen: 24
149.255.37.0/24 maxlen: 24
149.255.38.0/24 maxlen: 24
149.255.32.0/21 maxlen: 32
149.255.35.0/24 maxlen: 24
149.255.36.0/24 maxlen: 32
89.233.104.0/24 maxlen: 24
89.233.104.0/21 maxlen: 24
89.233.105.0/24 maxlen: 24
89.233.106.0/24 maxlen: 24
89.233.107.0/24 maxlen: 24
46.21.144.0/24 maxlen: 24
46.21.145.0/24 maxlen: 24
46.21.144.0/20 maxlen: 32
46.21.151.0/24 maxlen: 24
46.21.152.0/24 maxlen: 24
46.21.150.0/24 maxlen: 24
46.21.148.0/24 maxlen: 24
46.21.146.0/24 maxlen: 24
46.21.147.0/24 maxlen: 24
46.21.158.0/23 maxlen: 23
46.21.156.0/24 maxlen: 24
46.21.157.0/24 maxlen: 24
46.21.153.0/24 maxlen: 24
195.242.152.0/23 maxlen: 24
195.242.153.0/24 maxlen: 24
2a02:748:f000::/36 maxlen: 36
2a02:748:c000::/35 maxlen: 35
2a02:748::/35 maxlen: 35
2a02:748:e000::/35 maxlen: 35
2a02:748::/32 maxlen: 48
2a0f:5180::/32 maxlen: 32
2a02:748:6000::/48 maxlen: 48
2a0f:5180::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 15 Jun 2023 22:36:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:6b:56:c2:0c:c9:23:bd:0f:f4:76:42:1c:ff:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d23f4cb4bab5c10801a770658df891cfb8c68c6
Validity
Not Before: Jan 2 02:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d7d92b0f005ccf4cfc34225d7a69295f9ff40cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a4:de:d7:52:ea:d6:b7:cc:ee:00:96:e5:9e:
60:dc:c9:c9:9c:07:62:0c:92:67:9a:81:e3:e2:7a:
19:84:f2:28:6c:27:ac:15:05:ad:27:ce:66:ab:4b:
0f:47:0a:c5:74:ee:65:1c:36:c2:ef:7f:8e:18:61:
e4:9c:e8:ce:9b:da:21:a8:12:2c:b6:68:9f:b1:ed:
d9:f1:e4:97:59:8b:14:78:e4:86:b8:a7:8c:01:05:
ba:c4:63:fd:a7:4b:d8:79:dd:44:8f:5a:70:50:19:
26:16:62:ff:40:70:04:f6:c2:c1:30:31:c2:a4:d7:
e8:f8:b4:e3:b2:9d:d8:c3:82:14:b2:cf:77:2d:31:
7a:80:13:ce:b2:a4:55:f1:86:25:d3:cd:7f:a5:70:
0c:79:a4:a3:d0:51:1f:b1:3d:66:73:8d:98:35:fe:
3f:4a:a2:ea:4e:61:e6:04:4a:e4:a4:e0:e5:3e:d5:
fd:ec:00:10:11:40:22:b3:19:c8:f5:1f:0d:51:c9:
9a:0a:a1:ff:65:b2:ba:54:be:88:77:bf:bb:bf:88:
d2:3e:37:5f:1d:c0:8f:c7:d3:66:89:dd:3b:15:31:
70:76:77:46:5f:c0:5e:a2:44:90:9b:9c:51:a1:34:
26:8e:4f:c7:66:95:f0:f2:0a:1c:ae:cb:ad:28:f3:
1d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:7D:92:B0:F0:05:CC:F4:CF:C3:42:25:D7:A6:92:95:F9:FF:40:CF
X509v3 Authority Key Identifier:
keyid:9D:23:F4:CB:4B:AB:5C:10:80:1A:77:06:58:DF:89:1C:FB:8C:68:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSP0y0urXBCAGncGWN-JHPuMaMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/DX2SsPAFzPTPw0Il16aSlfn_QM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/nSP0y0urXBCAGncGWN-JHPuMaMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.168.0/21
45.158.36.0/22
46.21.144.0/20
89.233.104.0/21
94.100.16.0/20
149.255.32.0/21
194.126.172.0/22
195.242.152.0/23
217.79.240.0/20
IPv6:
2a02:748::/32
2a0f:5180::/29
Signature Algorithm: sha256WithRSAEncryption
4d:c8:78:55:82:ee:9f:35:9c:3b:67:98:36:64:fb:f3:f0:0e:
78:26:1a:50:5b:b5:79:89:a3:01:7b:d5:98:38:06:89:ef:ce:
38:3b:99:18:e9:42:27:4a:80:8c:b2:47:69:c8:32:38:76:5c:
41:cf:48:aa:18:b4:a1:31:b7:fa:5c:c2:b0:18:40:9d:de:d7:
30:25:6b:f5:e2:e9:7c:3c:cd:09:c7:3b:d6:b6:a7:f6:e0:4f:
0c:9d:34:0e:16:19:80:cc:ce:f3:5f:92:fb:3c:37:44:7f:54:
e1:8b:e2:5b:30:e8:b7:f8:cc:d7:58:58:79:60:aa:10:5a:b5:
f3:15:0f:91:d5:f3:0f:1d:89:4a:a5:d3:bd:e6:77:77:bf:e6:
a8:00:70:3b:8d:c2:10:99:52:96:5e:a1:d8:80:a9:9d:f3:64:
25:a2:20:49:96:32:aa:31:54:1b:3d:57:2d:cc:69:ac:4a:a0:
ee:5c:23:85:f3:9a:b0:31:44:d6:c2:37:fd:11:e5:c0:ba:04:
52:be:50:84:9c:ea:99:bd:92:16:a1:f8:dd:64:6d:e4:ac:9b:
64:e4:96:68:47:6c:96:ce:6f:7c:8f:1d:26:6c:db:1a:53:2e:
dd:9e:63:8b:50:77:4e:75:8c:59:3b:05:b4:66:51:35:f1:c4:
a5:1a:d6:07
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYVwOWtWwgzJI70P9HZCHP/mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjNmNGNiNGJhYjVjMTA4MDFhNzcwNjU4ZGY4OTFjZmI4
YzY4YzYwHhcNMjMwMTAyMDIwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDdkOTJiMGYwMDVjY2Y0Y2ZjMzQyMjVkN2E2OTI5NWY5ZmY0MGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaTe11Lq1rfM7gCW5Z5g3MnJnAdi
DJJnmoHj4noZhPIobCesFQWtJ85mq0sPRwrFdO5lHDbC73+OGGHknOjOm9ohqBIs
tmifse3Z8eSXWYsUeOSGuKeMAQW6xGP9p0vYed1Ej1pwUBkmFmL/QHAE9sLBMDHC
pNfo+LTjsp3Yw4IUss93LTF6gBPOsqRV8YYl081/pXAMeaSj0FEfsT1mc42YNf4/
SqLqTmHmBErkpODlPtX97AAQEUAisxnI9R8NUcmaCqH/ZbK6VL6Id7+7v4jSPjdf
HcCPx9Nmid07FTFwdndGX8BeokSQm5xRoTQmjk/HZpXw8gocrsutKPMdxwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFA19krDwBcz0z8NCJdemkpX5/0DPMB8GA1UdIwQY
MBaAFJ0j9MtLq1wQgBp3BljfiRz7jGjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNQMHkwdXJYQkNBR25jR1dOLUpIUHVNYU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZWNhNGQtM2EyZS00YTg0LWE3ODkt
MDE1NzdhOTI3ZmE5LzEvRFgyU3NQQUZ6UFRQdzBJbDE2YVNsZm5fUU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZWNhNGQtM2EyZS00YTg0LWE3ODktMDE1NzdhOTI3ZmE5
LzEvblNQMHkwdXJYQkNBR25jR1dOLUpIUHVNYU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQDJUioAwQC
LZ4kAwQELhWQAwQDWeloAwQEXmQQAwQDlf8gAwQCwn6sAwQBw/KYAwQE2U/wMBQE
AgACMA4DBQAqAgdIAwUDKg9RgDANBgkqhkiG9w0BAQsFAAOCAQEATch4VYLunzWc
O2eYNmT78/AOeCYaUFu1eYmjAXvVmDgGie/OODuZGOlCJ0qAjLJHacgyOHZcQc9I
qhi0oTG3+lzCsBhAnd7XMCVr9eLpfDzNCcc71ran9uBPDJ00DhYZgMzO81+S+zw3
RH9U4YviWzDot/jM11hYeWCqEFq18xUPkdXzDx2JSqXTveZ3d7/mqABwO43CEJlS
ll6h2ICpnfNkJaIgSZYyqjFUGz1XLcxprEqg7lwjhfOasDFE1sI3/RHlwLoEUr5Q
hJzqmb2SFqH43WRt5KybZOSWaEdsls5vfI8dJmzbGlMu3Z5ji1B3TnWMWTsFtGZR
NfHEpRrWBw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:16 2024 by rpki-client on console-fra.rpki-client.org