Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/KYicHrGUIghumHNCcU7ubRJZCf0.roa
File: KYicHrGUIghumHNCcU7ubRJZCf0.roa (raw, json)
Hash identifier: 2sppNN8wyhKgYgiEmKRvYXom+58rNWHaYBMz/OHGsYY=
Subject key identifier: 29:88:9C:1E:B1:94:22:08:6E:98:73:42:71:4E:EE:6D:12:59:09:FD
Certificate issuer: /CN=e909ee3d618974da0cbd805a2da80410a4989881
Certificate serial: 01881EA72090D537F59D2A5D25BB3509F562
Authority key identifier: E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/KYicHrGUIghumHNCcU7ubRJZCf0.roa
Signing time: Mon 15 May 2023 09:04:09 +0000
ROA not before: Mon 15 May 2023 09:04:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30781
IP address blocks: 46.231.216.0/21 maxlen: 24
185.53.80.0/22 maxlen: 24
46.22.192.0/20 maxlen: 24
46.255.200.0/21 maxlen: 24
185.114.100.0/22 maxlen: 24
94.100.160.0/20 maxlen: 24
37.110.192.0/21 maxlen: 24
193.151.84.0/24 maxlen: 24
193.151.84.0/22 maxlen: 24
193.151.87.0/24 maxlen: 24
37.26.184.0/21 maxlen: 24
194.116.142.0/23 maxlen: 24
185.15.140.0/22 maxlen: 24
185.62.184.0/22 maxlen: 24
212.85.229.0/24 maxlen: 24
212.85.230.0/23 maxlen: 24
195.234.35.0/24 maxlen: 24
95.143.64.0/20 maxlen: 24
91.224.162.0/23 maxlen: 24
176.241.120.0/21 maxlen: 24
212.18.240.0/21 maxlen: 24
82.96.128.0/18 maxlen: 24
78.153.224.0/19 maxlen: 24
91.226.193.0/24 maxlen: 24
185.61.184.0/22 maxlen: 24
185.61.184.0/21 maxlen: 24
185.61.188.0/22 maxlen: 24
31.172.232.0/21 maxlen: 24
31.172.238.0/24 maxlen: 24
185.78.156.0/22 maxlen: 24
185.92.36.0/22 maxlen: 24
31.7.248.0/21 maxlen: 24
31.172.160.0/22 maxlen: 24
193.189.124.0/23 maxlen: 24
185.4.60.0/23 maxlen: 24
185.4.62.0/24 maxlen: 24
185.91.224.0/22 maxlen: 24
77.72.88.0/21 maxlen: 24
37.61.240.0/21 maxlen: 24
85.31.192.0/19 maxlen: 24
82.163.36.0/22 maxlen: 24
149.232.160.0/20 maxlen: 24
5.226.0.0/21 maxlen: 24
88.212.144.0/21 maxlen: 24
185.209.52.0/22 maxlen: 24
82.196.24.0/21 maxlen: 24
77.246.80.0/20 maxlen: 24
195.128.147.0/24 maxlen: 24
2a03:bdc0::/32 maxlen: 48
2a02:398::/32 maxlen: 48
2a0b:41c0::/29 maxlen: 48
2a00:68c0::/32 maxlen: 48
2a04:cc00::/29 maxlen: 48
2a01:240::/32 maxlen: 48
2a01:290::/32 maxlen: 48
2a00:78c0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1e:a7:20:90:d5:37:f5:9d:2a:5d:25:bb:35:09:f5:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e909ee3d618974da0cbd805a2da80410a4989881
Validity
Not Before: May 15 09:04:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29889c1eb19422086e987342714eee6d125909fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a8:63:b8:ca:ee:e9:22:71:c3:34:eb:ba:d7:
0a:c4:11:60:fc:eb:14:47:73:32:6d:7c:c6:db:f9:
be:58:86:e1:89:0a:d0:5f:2e:86:9a:67:cb:4c:d7:
8d:b2:7c:eb:d9:83:ec:33:b0:36:06:f4:e0:84:6e:
ed:ee:e7:a1:34:2b:52:8d:05:69:9d:e0:ff:14:92:
b7:e7:c5:49:68:64:34:6e:be:60:39:6e:4d:f8:4a:
0d:2c:ab:12:91:5c:bc:e3:4a:b9:86:c1:c2:de:fd:
c5:53:db:3b:70:b3:66:fc:d5:86:92:f2:e3:35:ca:
cf:04:24:2f:6b:5d:d9:fb:55:af:c4:d9:d1:10:9c:
ad:08:9f:0f:fd:0b:2f:c6:30:71:61:1e:d5:00:89:
c4:cb:4e:44:e2:f1:04:fb:2b:60:25:45:31:8e:8b:
85:2e:ed:ba:c4:47:13:4b:ed:aa:d1:90:df:22:4f:
b1:f7:5b:e0:72:a7:0e:af:f3:29:37:42:41:bf:f0:
ac:87:e2:72:7c:9b:85:54:bc:83:4c:21:0d:51:03:
25:63:58:7f:90:aa:dc:9d:11:ed:eb:98:04:e5:42:
97:b7:88:40:94:3f:e8:6d:d0:e5:96:64:25:14:c8:
9d:b5:9e:af:34:10:51:3e:0f:fb:b9:c6:06:7e:af:
34:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:88:9C:1E:B1:94:22:08:6E:98:73:42:71:4E:EE:6D:12:59:09:FD
X509v3 Authority Key Identifier:
keyid:E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/KYicHrGUIghumHNCcU7ubRJZCf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.0.0/21
31.7.248.0/21
31.172.160.0/22
31.172.232.0/21
37.26.184.0/21
37.61.240.0/21
37.110.192.0/21
46.22.192.0/20
46.231.216.0/21
46.255.200.0/21
77.72.88.0/21
77.246.80.0/20
78.153.224.0/19
82.96.128.0/18
82.163.36.0/22
82.196.24.0/21
85.31.192.0/19
88.212.144.0/21
91.224.162.0/23
91.226.193.0/24
94.100.160.0/20
95.143.64.0/20
149.232.160.0/20
176.241.120.0/21
185.4.60.0-185.4.62.255
185.15.140.0/22
185.53.80.0/22
185.61.184.0/21
185.62.184.0/22
185.78.156.0/22
185.91.224.0/22
185.92.36.0/22
185.114.100.0/22
185.209.52.0/22
193.151.84.0/22
193.189.124.0/23
194.116.142.0/23
195.128.147.0/24
195.234.35.0/24
212.18.240.0/21
212.85.229.0-212.85.231.255
IPv6:
2a00:68c0::/32
2a00:78c0::/29
2a01:240::/32
2a01:290::/32
2a02:398::/32
2a03:bdc0::/32
2a04:cc00::/29
2a0b:41c0::/29
Signature Algorithm: sha256WithRSAEncryption
78:4b:64:fd:b3:b2:80:5f:fd:64:16:eb:4a:a8:20:c3:89:4a:
4a:7e:2f:c8:a7:ab:89:52:59:e0:97:99:82:26:7f:94:61:d7:
75:eb:67:cd:d5:36:2e:0e:a8:85:8c:00:26:96:bb:97:e2:89:
09:18:dc:94:a3:bd:da:7d:30:00:4f:23:e1:f3:03:ac:8c:31:
9f:b0:b0:c5:e3:7a:b4:c5:89:6b:3d:f7:06:88:db:d7:ba:14:
98:ff:83:0f:0f:35:f9:47:84:10:bc:22:6c:5b:04:15:d4:2e:
df:cb:39:84:9f:27:93:2f:ec:f1:31:c9:1b:54:34:9b:2c:72:
f9:f3:ad:d7:bf:75:b4:4c:ab:29:82:c3:f3:bc:ef:cf:fb:ec:
f4:f6:e1:5b:9d:64:87:24:49:1d:63:d8:c7:ae:aa:0a:f6:29:
b8:36:f3:c8:99:c4:50:e8:86:69:f1:72:b9:e3:e8:62:54:b5:
e8:86:43:80:78:4c:1e:c2:d1:9a:05:62:bd:27:c1:03:3f:8a:
95:5e:0b:8c:e9:84:3d:0d:59:90:3a:e5:29:ff:e7:c4:da:81:
eb:b1:52:20:98:19:ef:c3:e7:e8:d0:c8:dc:4c:37:79:79:90:
da:ab:13:ae:78:94:66:ba:e7:53:b9:89:51:a5:1e:d2:35:35:
a8:dd:b1:dc
-----BEGIN CERTIFICATE-----
MIIGRzCCBS+gAwIBAgISAYgepyCQ1Tf1nSpdJbs1CfViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MDllZTNkNjE4OTc0ZGEwY2JkODA1YTJkYTgwNDEwYTQ5
ODk4ODEwHhcNMjMwNTE1MDkwNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTg4OWMxZWIxOTQyMjA4NmU5ODczNDI3MTRlZWU2ZDEyNTkwOWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKhjuMru6SJxwzTrutcKxBFg/OsU
R3MybXzG2/m+WIbhiQrQXy6GmmfLTNeNsnzr2YPsM7A2BvTghG7t7uehNCtSjQVp
neD/FJK358VJaGQ0br5gOW5N+EoNLKsSkVy840q5hsHC3v3FU9s7cLNm/NWGkvLj
NcrPBCQva13Z+1WvxNnREJytCJ8P/QsvxjBxYR7VAInEy05E4vEE+ytgJUUxjouF
Lu26xEcTS+2q0ZDfIk+x91vgcqcOr/MpN0JBv/Csh+JyfJuFVLyDTCENUQMlY1h/
kKrcnRHt65gE5UKXt4hAlD/obdDllmQlFMidtZ6vNBBRPg/7ucYGfq80jQIDAQAB
o4IDUzCCA08wHQYDVR0OBBYEFCmInB6xlCIIbphzQnFO7m0SWQn9MB8GA1UdIwQY
MBaAFOkJ7j1hiXTaDL2AWi2oBBCkmJiBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEt
ZGQxMTVmOWUzMzAxLzEvS1lpY0hyR1VJZ2h1bUhOQ2NVN3ViUkpaQ2YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEtZGQxMTVmOWUzMzAx
LzEvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZwYIKwYBBQUHAQcBAf8EggFWMIIBUjCCAQ4EAgABMIIB
BgMEAwXiAAMEAx8H+AMEAh+soAMEAx+s6AMEAyUauAMEAyU98AMEAyVuwAMEBC4W
wAMEAy7n2AMEAy7/yAMEA01IWAMEBE32UAMEBU6Z4AMEBlJggAMEAlKjJAMEA1LE
GAMEBVUfwAMEA1jUkAMEAVvgogMEAFviwQMEBF5koAMEBF+PQAMEBJXooAMEA7Dx
eDAMAwQCuQQ8AwQAuQQ+AwQCuQ+MAwQCuTVQAwQDuT24AwQCuT64AwQCuU6cAwQC
uVvgAwQCuVwkAwQCuXJkAwQCudE0AwQCwZdUAwQBwb18AwQBwnSOAwQAw4CTAwQA
w+ojAwQD1BLwMAwDBADUVeUDBAPUVeAwPgQCAAIwOAMFACoAaMADBQMqAHjAAwUA
KgECQAMFACoBApADBQAqAgOYAwUAKgO9wAMFAyoEzAADBQMqC0HAMA0GCSqGSIb3
DQEBCwUAA4IBAQB4S2T9s7KAX/1kFutKqCDDiUpKfi/Ip6uJUlngl5mCJn+UYdd1
62fN1TYuDqiFjAAmlruX4okJGNyUo73afTAATyPh8wOsjDGfsLDF43q0xYlrPfcG
iNvXuhSY/4MPDzX5R4QQvCJsWwQV1C7fyzmEnyeTL+zxMckbVDSbLHL5863Xv3W0
TKspgsPzvO/P++z09uFbnWSHJEkdY9jHrqoK9im4NvPImcRQ6IZp8XK54+hiVLXo
hkOAeEwewtGaBWK9J8EDP4qVXguM6YQ9DVmQOuUp/+fE2oHrsVIgmBnvw+fo0Mjc
TDd5eZDaqxOueJRmuudTuYlRpR7SNTWo3bHc
-----END CERTIFICATE-----
Generated at Wed Oct 11 12:01:38 2023 by rpki-client on console-ams.rpki-client.org