Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/3z6jfriACRONbgga8pZ--oPJmYU.roa
File: 3z6jfriACRONbgga8pZ--oPJmYU.roa (raw, json)
Hash identifier: NTM9kRu/E753ElQ5FaAWa5uDjH12tC3HOhTaBtdUSvs=
Subject key identifier: DF:3E:A3:7E:B8:80:09:13:8D:6E:08:1A:F2:96:7E:FA:83:C9:99:85
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 018B8AC25E6D771E2EB6D4588CFFE107E112
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/3z6jfriACRONbgga8pZ--oPJmYU.roa
Signing time: Wed 01 Nov 2023 12:01:15 +0000
ROA not before: Wed 01 Nov 2023 12:01:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9125
IP address blocks: 93.93.192.0/21 maxlen: 21
92.42.253.0/24 maxlen: 24
92.42.252.0/24 maxlen: 24
92.42.248.0/22 maxlen: 22
92.42.254.0/24 maxlen: 24
92.42.255.0/24 maxlen: 24
89.23.93.0/24 maxlen: 24
193.104.68.0/24 maxlen: 24
89.23.68.0/23 maxlen: 23
89.23.70.0/24 maxlen: 24
89.23.66.0/23 maxlen: 23
89.23.65.0/24 maxlen: 24
89.23.75.0/24 maxlen: 24
89.23.74.0/24 maxlen: 24
89.23.90.0/24 maxlen: 24
178.254.133.0/24 maxlen: 24
178.254.136.0/22 maxlen: 22
178.254.144.0/20 maxlen: 20
178.254.145.0/24 maxlen: 24
178.254.140.0/22 maxlen: 22
178.254.165.0/24 maxlen: 24
178.254.163.0/24 maxlen: 24
178.254.172.0/24 maxlen: 24
178.254.169.0/24 maxlen: 24
178.254.175.0/24 maxlen: 24
178.254.177.0/24 maxlen: 24
178.254.183.0/24 maxlen: 24
178.254.182.0/24 maxlen: 24
178.254.184.0/24 maxlen: 24
178.254.128.0/21 maxlen: 21
95.140.112.0/22 maxlen: 22
95.140.116.0/22 maxlen: 22
95.140.115.0/24 maxlen: 24
95.140.120.0/23 maxlen: 23
95.140.124.0/22 maxlen: 22
95.140.125.0/24 maxlen: 24
178.254.188.0/22 maxlen: 24
178.254.187.0/24 maxlen: 24
185.157.44.0/24 maxlen: 24
109.111.254.0/24 maxlen: 24
217.169.208.0/20 maxlen: 20
217.169.208.0/22 maxlen: 22
217.169.212.0/22 maxlen: 22
217.169.219.0/24 maxlen: 24
217.169.216.0/22 maxlen: 22
217.169.220.0/22 maxlen: 22
5.172.34.0/24 maxlen: 24
5.172.33.0/24 maxlen: 24
5.172.34.0/23 maxlen: 23
5.172.36.0/23 maxlen: 23
5.172.36.0/22 maxlen: 22
109.111.226.0/24 maxlen: 24
109.111.225.0/24 maxlen: 24
109.111.224.0/24 maxlen: 24
109.111.232.0/22 maxlen: 22
109.111.229.0/24 maxlen: 24
109.111.228.0/24 maxlen: 24
109.111.230.0/23 maxlen: 23
109.111.227.0/24 maxlen: 24
109.111.240.0/24 maxlen: 24
109.111.236.0/22 maxlen: 22
109.111.246.0/24 maxlen: 24
109.111.243.0/24 maxlen: 24
109.111.245.0/24 maxlen: 24
109.111.244.0/24 maxlen: 24
109.111.250.0/24 maxlen: 24
109.111.252.0/23 maxlen: 23
109.111.247.0/24 maxlen: 24
109.111.248.0/24 maxlen: 24
2a02:b58::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 30 Nov 2023 10:24:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8a:c2:5e:6d:77:1e:2e:b6:d4:58:8c:ff:e1:07:e1:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Nov 1 12:01:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df3ea37eb88009138d6e081af2967efa83c99985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:e9:4d:73:ac:be:70:a0:32:22:78:9d:7c:6d:
2e:c6:21:3c:09:4f:df:d7:cc:06:bf:c9:10:b9:73:
e9:68:71:90:aa:54:81:c3:5c:47:29:dd:e6:e5:7c:
45:a8:ae:93:af:2e:7f:be:6b:ef:9d:cc:04:25:2a:
7a:96:64:8e:f7:bc:e5:cc:34:27:59:76:36:d1:97:
ab:8c:1a:68:07:b3:01:a2:29:cc:5c:50:a0:5d:3d:
c3:cc:4d:60:81:1e:ab:e9:f6:cc:4d:59:63:48:b9:
8d:81:65:c6:1e:78:4c:77:71:d3:22:59:27:49:0d:
42:5f:a7:8c:e1:ed:30:2a:0b:1e:4b:b2:1d:12:e0:
5a:0e:34:53:bf:05:ad:47:ea:d1:d5:1a:b0:a1:18:
2f:9f:a2:e3:f2:28:16:a7:62:22:54:6e:fd:7b:eb:
af:a4:94:9e:a1:9f:d1:7c:0f:07:0e:7b:f8:d1:76:
11:9f:31:7d:32:a7:88:fd:2c:80:d9:18:60:d1:c0:
58:4b:4c:31:f7:6d:6a:64:1d:d0:88:97:37:ad:2d:
3f:41:6e:36:25:f6:e8:0d:9f:4a:d6:99:65:6e:51:
da:6a:93:18:2b:7c:76:9d:68:c0:30:bd:74:2d:80:
d4:be:c9:0c:6d:47:3f:20:28:7b:39:83:5f:62:99:
46:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:3E:A3:7E:B8:80:09:13:8D:6E:08:1A:F2:96:7E:FA:83:C9:99:85
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/3z6jfriACRONbgga8pZ--oPJmYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.33.0-5.172.39.255
89.23.65.0-89.23.70.255
89.23.74.0/23
89.23.90.0/24
89.23.93.0/24
92.42.248.0/21
93.93.192.0/21
95.140.112.0-95.140.121.255
95.140.124.0/22
109.111.224.0-109.111.240.255
109.111.243.0-109.111.248.255
109.111.250.0/24
109.111.252.0-109.111.254.255
178.254.128.0/19
178.254.163.0/24
178.254.165.0/24
178.254.169.0/24
178.254.172.0/24
178.254.175.0/24
178.254.177.0/24
178.254.182.0-178.254.184.255
178.254.187.0-178.254.191.255
185.157.44.0/24
193.104.68.0/24
217.169.208.0/20
IPv6:
2a02:b58::/32
Signature Algorithm: sha256WithRSAEncryption
18:ff:b1:27:f4:05:ed:cb:72:d6:f4:a6:49:42:76:e7:44:5e:
e7:27:a0:95:9c:46:50:00:15:05:be:c9:af:19:53:e5:4c:66:
0e:7d:3a:5d:b6:e0:e9:10:eb:35:23:1d:c2:20:76:37:87:7e:
f0:6a:8f:21:28:1e:e4:99:c1:cb:5f:b2:46:f6:76:3c:f4:55:
34:8d:d7:88:50:cd:d9:c0:17:84:01:bf:13:df:41:c1:21:96:
1d:4b:ad:de:a8:b3:a9:dd:04:e6:6a:9d:99:c5:c1:4c:af:fe:
2c:60:1f:60:42:12:34:d6:b7:1d:f4:b0:9a:92:d1:25:39:45:
ad:e6:27:f4:6d:c7:b2:c0:78:7f:38:68:21:53:55:4e:37:e4:
f7:1a:41:a1:a6:a9:d9:2a:34:b8:a3:3d:0b:dc:85:c3:99:d8:
01:6d:66:25:d1:7b:23:ca:1d:28:99:b2:84:25:2a:2b:d0:8f:
3e:59:96:68:df:5d:13:a9:33:e2:66:3a:e0:b7:f7:f1:dc:b9:
c8:5b:42:a2:62:89:dd:e4:93:3e:67:e5:d6:4e:80:b9:8e:19:
9e:50:de:06:7f:98:a6:20:22:2b:71:b4:34:e8:41:2a:71:20:
23:b4:71:07:06:56:18:3e:30:33:5b:f6:b3:ed:fc:a0:65:49:
31:a3:16:ab
-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgISAYuKwl5tdx4uttRYjP/hB+ESMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjMxMTAxMTIwMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjNlYTM3ZWI4ODAwOTEzOGQ2ZTA4MWFmMjk2N2VmYTgzYzk5OTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhulNc6y+cKAyInidfG0uxiE8CU/f
18wGv8kQuXPpaHGQqlSBw1xHKd3m5XxFqK6Try5/vmvvncwEJSp6lmSO97zlzDQn
WXY20ZerjBpoB7MBoinMXFCgXT3DzE1ggR6r6fbMTVljSLmNgWXGHnhMd3HTIlkn
SQ1CX6eM4e0wKgseS7IdEuBaDjRTvwWtR+rR1RqwoRgvn6Lj8igWp2IiVG79e+uv
pJSeoZ/RfA8HDnv40XYRnzF9MqeI/SyA2Rhg0cBYS0wx921qZB3QiJc3rS0/QW42
JfboDZ9K1pllblHaapMYK3x2nWjAML10LYDUvskMbUc/ICh7OYNfYplGZwIDAQAB
o4IC7jCCAuowHQYDVR0OBBYEFN8+o364gAkTjW4IGvKWfvqDyZmFMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvM3o2amZyaUFDUk9OYmdnYThwWi0tb1BKbVlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAgYIKwYBBQUHAQcBAf8EgfIwge8wgd0EAgABMIHWMAwD
BAAFrCEDBAMFrCAwDAMEAFkXQQMEAFkXRgMEAVkXSgMEAFkXWgMEAFkXXQMEA1wq
+AMEA11dwDAMAwQEX4xwAwQBX4x4AwQCX4x8MAwDBAVtb+ADBABtb/AwDAMEAG1v
8wMEAG1v+AMEAG1v+jAMAwQCbW/8AwQAbW/+AwQFsv6AAwQAsv6jAwQAsv6lAwQA
sv6pAwQAsv6sAwQAsv6vAwQAsv6xMAwDBAGy/rYDBACy/rgwDAMEALL+uwMEBrL+
gAMEALmdLAMEAMFoRAMEBNmp0DANBAIAAjAHAwUAKgILWDANBgkqhkiG9w0BAQsF
AAOCAQEAGP+xJ/QF7cty1vSmSUJ250Re5yeglZxGUAAVBb7JrxlT5UxmDn06Xbbg
6RDrNSMdwiB2N4d+8GqPISge5JnBy1+yRvZ2PPRVNI3XiFDN2cAXhAG/E99BwSGW
HUut3qizqd0E5mqdmcXBTK/+LGAfYEISNNa3HfSwmpLRJTlFreYn9G3HssB4fzho
IVNVTjfk9xpBoaap2So0uKM9C9yFw5nYAW1mJdF7I8odKJmyhCUqK9CPPlmWaN9d
E6kz4mY64Lf38dy5yFtComKJ3eSTPmfl1k6AuY4ZnlDeBn+YpiAiK3G0NOhBKnEg
I7RxBwZWGD4wM1v2s+38oGVJMaMWqw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:45 2024 by rpki-client on console-fra.rpki-client.org