Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/BM34jHw22sPtLXQlzXYx_9PCnYk.roa
File: BM34jHw22sPtLXQlzXYx_9PCnYk.roa (raw, json)
Hash identifier: BRfY+FMlrC38vr/CEXFDS1F5KAJhS27bEEMD9gnFM+U=
Subject key identifier: 04:CD:F8:8C:7C:36:DA:C3:ED:2D:74:25:CD:76:31:FF:D3:C2:9D:89
Certificate issuer: /CN=72e81fb5cf0fb32c4575f8413acbd41aa84b82f4
Certificate serial: 018FDDD9C58066FA267187BAF3DDFCC82211
Authority key identifier: 72:E8:1F:B5:CF:0F:B3:2C:45:75:F8:41:3A:CB:D4:1A:A8:4B:82:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cugftc8PsyxFdfhBOsvUGqhLgvQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/BM34jHw22sPtLXQlzXYx_9PCnYk.roa
Signing time: Mon 03 Jun 2024 11:26:27 +0000
ROA not before: Mon 03 Jun 2024 11:26:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15695
IP address blocks: 5.253.88.0/24 maxlen: 24
5.253.89.0/24 maxlen: 24
5.253.90.0/24 maxlen: 24
5.253.91.0/24 maxlen: 24
37.26.224.0/24 maxlen: 24
37.26.225.0/24 maxlen: 24
37.26.226.0/24 maxlen: 24
37.26.227.0/24 maxlen: 24
37.26.228.0/24 maxlen: 24
37.26.229.0/24 maxlen: 24
37.26.230.0/24 maxlen: 24
37.26.231.0/24 maxlen: 24
45.81.220.0/24 maxlen: 24
45.81.221.0/24 maxlen: 24
45.81.222.0/24 maxlen: 24
45.81.223.0/24 maxlen: 24
45.93.84.0/24 maxlen: 24
45.93.85.0/24 maxlen: 24
45.93.87.0/24 maxlen: 24
45.94.190.0/24 maxlen: 24
45.95.216.0/24 maxlen: 24
45.95.217.0/24 maxlen: 24
45.95.218.0/24 maxlen: 24
45.95.219.0/24 maxlen: 24
63.247.192.0/24 maxlen: 24
63.247.193.0/24 maxlen: 24
63.247.194.0/24 maxlen: 24
63.247.195.0/24 maxlen: 24
63.247.196.0/24 maxlen: 24
63.247.197.0/24 maxlen: 24
63.247.198.0/24 maxlen: 24
63.247.199.0/24 maxlen: 24
63.247.200.0/24 maxlen: 24
63.247.201.0/24 maxlen: 24
63.247.202.0/24 maxlen: 24
63.247.203.0/24 maxlen: 24
63.247.204.0/24 maxlen: 24
63.247.205.0/24 maxlen: 24
63.247.206.0/24 maxlen: 24
63.247.207.0/24 maxlen: 24
86.48.208.0/24 maxlen: 24
86.48.209.0/24 maxlen: 24
86.48.210.0/24 maxlen: 24
86.48.211.0/24 maxlen: 24
86.48.212.0/24 maxlen: 24
86.48.216.0/24 maxlen: 24
86.48.217.0/24 maxlen: 24
86.48.218.0/24 maxlen: 24
86.48.219.0/24 maxlen: 24
86.48.220.0/24 maxlen: 24
86.48.221.0/24 maxlen: 24
86.48.222.0/24 maxlen: 24
86.48.223.0/24 maxlen: 24
86.48.224.0/24 maxlen: 24
86.48.240.0/24 maxlen: 24
86.48.241.0/24 maxlen: 24
86.48.242.0/24 maxlen: 24
91.103.16.0/24 maxlen: 24
91.103.17.0/24 maxlen: 24
91.103.18.0/24 maxlen: 24
91.103.19.0/24 maxlen: 24
91.103.21.0/24 maxlen: 24
91.103.23.0/24 maxlen: 24
185.62.116.0/24 maxlen: 24
185.62.117.0/24 maxlen: 24
185.62.118.0/24 maxlen: 24
185.62.119.0/24 maxlen: 24
193.160.134.0/24 maxlen: 24
193.160.135.0/24 maxlen: 24
195.238.244.0/24 maxlen: 24
216.172.64.0/24 maxlen: 24
216.172.65.0/24 maxlen: 24
216.172.66.0/24 maxlen: 24
216.172.67.0/24 maxlen: 24
216.172.68.0/24 maxlen: 24
216.172.69.0/24 maxlen: 24
216.172.70.0/24 maxlen: 24
216.172.71.0/24 maxlen: 24
216.172.72.0/24 maxlen: 24
216.172.73.0/24 maxlen: 24
216.172.74.0/24 maxlen: 24
216.172.75.0/24 maxlen: 24
216.172.76.0/24 maxlen: 24
216.172.77.0/24 maxlen: 24
216.172.78.0/24 maxlen: 24
216.172.79.0/24 maxlen: 24
2a00:cb8:31::/48 maxlen: 48
2a00:cb8:33::/48 maxlen: 48
2a00:cb8:34::/48 maxlen: 48
2a00:cb8:39::/48 maxlen: 48
2a00:cb8:41::/48 maxlen: 48
2a00:cb8:44::/48 maxlen: 48
2a00:cb8:48::/48 maxlen: 48
2a00:cb8:49::/48 maxlen: 48
2a00:cb8:144::/48 maxlen: 48
2a00:cb8:353::/48 maxlen: 48
2a00:cb8:971::/48 maxlen: 48
2a0c:5900:3000::/36 maxlen: 36
2a0c:5900:3001::/48 maxlen: 48
2a0c:5900:4000::/36 maxlen: 36
2a0c:5900:4001::/48 maxlen: 48
2a0c:5900:5000::/36 maxlen: 36
2a0c:5900:5001::/48 maxlen: 48
2a0c:5900:5002::/48 maxlen: 48
2a0c:5900:8000::/36 maxlen: 36
2a0c:5900:8001::/48 maxlen: 48
2a0c:5900:8002::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 10 Jun 2024 01:19:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:dd:d9:c5:80:66:fa:26:71:87:ba:f3:dd:fc:c8:22:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72e81fb5cf0fb32c4575f8413acbd41aa84b82f4
Validity
Not Before: Jun 3 11:26:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04cdf88c7c36dac3ed2d7425cd7631ffd3c29d89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a1:20:b4:07:f4:dd:13:6f:dd:6f:5c:c4:c1:
16:51:2f:3f:db:45:fd:66:50:2a:49:94:5e:9e:eb:
c9:e9:e9:36:7b:15:e6:e2:6a:3c:d9:e3:58:6c:34:
f5:89:24:0d:55:1d:02:a5:2e:82:53:a9:f1:9d:c8:
dc:e4:50:14:b3:c3:8e:47:5b:87:fe:fd:22:df:40:
5e:34:6a:30:53:3a:1d:98:e4:5f:1a:88:3c:01:60:
6a:8c:ff:8c:83:e5:39:87:01:d9:8a:b8:0a:a5:31:
fe:a2:8f:d8:6e:4e:14:2a:35:4e:23:a3:fb:16:76:
b0:db:b2:71:64:6f:2f:a2:20:b2:15:6e:bb:11:e9:
7d:30:2e:fe:b9:74:fe:0c:1d:16:af:1b:26:e9:35:
87:b7:0c:71:30:66:74:ac:00:7b:38:6f:63:9c:55:
1e:09:a6:d6:5d:9e:bd:4b:d1:24:a7:5d:e4:f6:16:
ed:8a:d5:66:30:40:02:a1:59:e4:a4:b0:35:39:a7:
4e:fa:02:f9:9f:e2:11:ee:52:0c:4f:eb:c4:78:47:
b4:dd:01:76:84:d5:a3:67:5c:b5:6a:f8:35:0a:4f:
94:c1:f1:9d:21:9a:cf:c7:e2:aa:e1:9d:95:4a:f2:
c9:6c:c7:22:ef:0c:64:50:5f:dc:d2:f8:52:ee:7c:
54:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:CD:F8:8C:7C:36:DA:C3:ED:2D:74:25:CD:76:31:FF:D3:C2:9D:89
X509v3 Authority Key Identifier:
keyid:72:E8:1F:B5:CF:0F:B3:2C:45:75:F8:41:3A:CB:D4:1A:A8:4B:82:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cugftc8PsyxFdfhBOsvUGqhLgvQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/BM34jHw22sPtLXQlzXYx_9PCnYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/cugftc8PsyxFdfhBOsvUGqhLgvQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.88.0/22
37.26.224.0/21
45.81.220.0/22
45.93.84.0/23
45.93.87.0/24
45.94.190.0/24
45.95.216.0/22
63.247.192.0/20
86.48.208.0-86.48.212.255
86.48.216.0-86.48.224.255
86.48.240.0-86.48.242.255
91.103.16.0/22
91.103.21.0/24
91.103.23.0/24
185.62.116.0/22
193.160.134.0/23
195.238.244.0/24
216.172.64.0/20
IPv6:
2a00:cb8:31::/48
2a00:cb8:33::-2a00:cb8:34:ffff:ffff:ffff:ffff:ffff
2a00:cb8:39::/48
2a00:cb8:41::/48
2a00:cb8:44::/48
2a00:cb8:48::/47
2a00:cb8:144::/48
2a00:cb8:353::/48
2a00:cb8:971::/48
2a0c:5900:3000::-2a0c:5900:5fff:ffff:ffff:ffff:ffff:ffff
2a0c:5900:8000::/36
Signature Algorithm: sha256WithRSAEncryption
40:29:4f:14:27:62:58:d4:14:8a:d8:e2:18:87:01:33:16:cb:
c4:7e:ae:ab:16:b5:9c:2f:59:b4:9c:c1:dd:9b:88:5b:ac:e2:
bf:33:2e:1a:a1:6c:04:5d:17:ee:f6:99:a7:5e:9a:b7:1e:1c:
68:34:3c:d0:81:cd:5b:5f:9e:66:0c:17:18:3b:41:ca:59:4a:
f1:7a:d1:46:d3:ed:39:d4:7d:0c:bc:17:94:cc:e7:54:ff:2e:
14:5a:55:04:91:42:73:7d:a8:ef:58:85:27:d0:6b:26:3a:9a:
7e:22:ac:5f:38:dd:d0:cf:74:c1:3d:b5:7a:5b:70:8d:08:b6:
5a:69:50:6b:e8:0d:53:85:74:a3:0a:39:e8:fc:f4:9c:eb:f8:
29:e4:1a:c1:1c:07:55:b2:64:36:97:c3:7c:4c:96:6c:7f:be:
9d:91:be:64:b8:d9:c2:7f:74:0d:6b:73:96:9f:43:79:a4:86:
83:8a:97:d3:55:c8:2a:bb:91:ff:ea:b9:d1:81:01:a5:12:35:
50:00:b2:6e:39:39:3a:b7:dd:aa:c3:a2:b0:71:b5:c1:6f:6e:
7c:65:23:dd:76:08:f7:74:77:b8:57:a0:a2:ca:b5:d6:82:d2:
7e:58:7e:5c:dd:b2:2f:e8:38:87:f8:e1:f0:20:5c:dc:54:fe:
7d:cc:8f:51
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgISAY/d2cWAZvomcYe68938yCIRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZTgxZmI1Y2YwZmIzMmM0NTc1Zjg0MTNhY2JkNDFhYTg0
YjgyZjQwHhcNMjQwNjAzMTEyNjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGNkZjg4YzdjMzZkYWMzZWQyZDc0MjVjZDc2MzFmZmQzYzI5ZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqEgtAf03RNv3W9cxMEWUS8/20X9
ZlAqSZRenuvJ6ek2exXm4mo82eNYbDT1iSQNVR0CpS6CU6nxncjc5FAUs8OOR1uH
/v0i30BeNGowUzodmORfGog8AWBqjP+Mg+U5hwHZirgKpTH+oo/Ybk4UKjVOI6P7
Fnaw27JxZG8voiCyFW67Eel9MC7+uXT+DB0Wrxsm6TWHtwxxMGZ0rAB7OG9jnFUe
CabWXZ69S9Ekp13k9hbtitVmMEACoVnkpLA1OadO+gL5n+IR7lIMT+vEeEe03QF2
hNWjZ1y1avg1Ck+UwfGdIZrPx+Kq4Z2VSvLJbMci7wxkUF/c0vhS7nxUrQIDAQAB
o4IDDTCCAwkwHQYDVR0OBBYEFATN+Ix8NtrD7S10Jc12Mf/Twp2JMB8GA1UdIwQY
MBaAFHLoH7XPD7MsRXX4QTrL1BqoS4L0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VnZnRjOFBzeXhGZGZoQk9zdlVHcWhMZ3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9mMDY4YTctNWY4Yy00ZjMyLWFiOTQt
Y2RhNmUxOWZmYjg4LzEvQk0zNGpIdzIyc1B0TFhRbHpYWXhfOVBDbllrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9mMDY4YTctNWY4Yy00ZjMyLWFiOTQtY2RhNmUxOWZmYjg4
LzEvY3VnZnRjOFBzeXhGZGZoQk9zdlVHcWhMZ3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIQYIKwYBBQUHAQcBAf8EggEQMIIBDDCBiwQCAAEwgYQD
BAIF/VgDBAMlGuADBAItUdwDBAEtXVQDBAAtXVcDBAAtXr4DBAItX9gDBAQ/98Aw
DAMEBFYw0AMEAFYw1DAMAwQDVjDYAwQAVjDgMAwDBARWMPADBABWMPIDBAJbZxAD
BABbZxUDBABbZxcDBAK5PnQDBAHBoIYDBADD7vQDBATYrEAwfAQCAAIwdgMHACoA
DLgAMTASAwcAKgAMuAAzAwcAKgAMuAA0AwcAKgAMuAA5AwcAKgAMuABBAwcAKgAM
uABEAwcBKgAMuABIAwcAKgAMuAFEAwcAKgAMuANTAwcAKgAMuAlxMBADBgQqDFkA
MAMGBSoMWQBAAwYEKgxZAIAwDQYJKoZIhvcNAQELBQADggEBAEApTxQnYljUFIrY
4hiHATMWy8R+rqsWtZwvWbScwd2biFus4r8zLhqhbARdF+72mademrceHGg0PNCB
zVtfnmYMFxg7QcpZSvF60UbT7TnUfQy8F5TM51T/LhRaVQSRQnN9qO9YhSfQayY6
mn4irF843dDPdME9tXpbcI0ItlppUGvoDVOFdKMKOej89Jzr+CnkGsEcB1WyZDaX
w3xMlmx/vp2RvmS42cJ/dA1rc5afQ3mkhoOKl9NVyCq7kf/qudGBAaUSNVAAsm45
OTq33arDorBxtcFvbnxlI912CPd0d7hXoKLKtdaC0n5Yflzdsi/oOIf44fAgXNxU
/n3Mj1E=
-----END CERTIFICATE-----
Generated at Mon Jun 10 03:23:44 2024 by rpki-client on console-fra.rpki-client.org