Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/OnQH6CtzWSaAMU3nGWz8CHRsBOk.roa
File: OnQH6CtzWSaAMU3nGWz8CHRsBOk.roa (raw, json)
Hash identifier: nYYYX6GyayBurELanUDhq45ukOcLAUoZ8wp9YEhIE60=
Subject key identifier: 3A:74:07:E8:2B:73:59:26:80:31:4D:E7:19:6C:FC:08:74:6C:04:E9
Certificate issuer: /CN=be550b8eff90cccee9f8d3134b6438996b7d27cd
Certificate serial: 0191C21418D45840326E7FB885368A6C8888
Authority key identifier: BE:55:0B:8E:FF:90:CC:CE:E9:F8:D3:13:4B:64:38:99:6B:7D:27:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/OnQH6CtzWSaAMU3nGWz8CHRsBOk.roa
Signing time: Thu 05 Sep 2024 12:06:22 +0000
ROA not before: Thu 05 Sep 2024 12:06:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204170
IP address blocks: 5.102.176.0/21 maxlen: 21
5.102.176.0/24 maxlen: 24
5.102.177.0/24 maxlen: 24
5.102.178.0/24 maxlen: 24
5.102.179.0/24 maxlen: 24
5.102.180.0/24 maxlen: 24
5.102.181.0/24 maxlen: 24
5.102.182.0/24 maxlen: 24
5.102.183.0/24 maxlen: 24
78.111.32.0/20 maxlen: 20
78.111.32.0/24 maxlen: 24
78.111.33.0/24 maxlen: 24
78.111.34.0/24 maxlen: 24
78.111.35.0/24 maxlen: 24
78.111.36.0/24 maxlen: 24
78.111.37.0/24 maxlen: 24
78.111.38.0/24 maxlen: 24
78.111.39.0/24 maxlen: 24
78.111.40.0/24 maxlen: 24
78.111.41.0/24 maxlen: 24
78.111.42.0/24 maxlen: 24
78.111.43.0/24 maxlen: 24
78.111.44.0/24 maxlen: 24
78.111.45.0/24 maxlen: 24
78.111.46.0/24 maxlen: 24
78.111.47.0/24 maxlen: 24
84.242.32.0/20 maxlen: 20
84.242.32.0/24 maxlen: 24
84.242.33.0/24 maxlen: 24
84.242.34.0/24 maxlen: 24
84.242.35.0/24 maxlen: 24
84.242.36.0/24 maxlen: 24
84.242.37.0/24 maxlen: 24
84.242.38.0/24 maxlen: 24
84.242.39.0/24 maxlen: 24
84.242.40.0/24 maxlen: 24
84.242.41.0/24 maxlen: 24
84.242.42.0/24 maxlen: 24
84.242.43.0/24 maxlen: 24
84.242.44.0/24 maxlen: 24
84.242.45.0/24 maxlen: 24
84.242.46.0/24 maxlen: 24
84.242.47.0/24 maxlen: 24
94.176.16.0/20 maxlen: 20
94.176.16.0/24 maxlen: 24
94.176.17.0/24 maxlen: 24
94.176.18.0/24 maxlen: 24
94.176.19.0/24 maxlen: 24
94.176.20.0/24 maxlen: 24
94.176.21.0/24 maxlen: 24
94.176.22.0/24 maxlen: 24
94.176.23.0/24 maxlen: 24
94.176.24.0/24 maxlen: 24
94.176.25.0/24 maxlen: 24
94.176.26.0/24 maxlen: 24
94.176.27.0/24 maxlen: 24
94.176.28.0/24 maxlen: 24
94.176.29.0/24 maxlen: 24
94.176.30.0/24 maxlen: 24
94.176.31.0/24 maxlen: 24
96.9.128.0/19 maxlen: 19
96.9.128.0/24 maxlen: 24
96.9.129.0/24 maxlen: 24
96.9.130.0/24 maxlen: 24
96.9.131.0/24 maxlen: 24
96.9.132.0/24 maxlen: 24
96.9.133.0/24 maxlen: 24
96.9.134.0/24 maxlen: 24
96.9.135.0/24 maxlen: 24
96.9.136.0/24 maxlen: 24
96.9.137.0/24 maxlen: 24
96.9.138.0/24 maxlen: 24
96.9.139.0/24 maxlen: 24
96.9.140.0/24 maxlen: 24
96.9.141.0/24 maxlen: 24
96.9.142.0/24 maxlen: 24
96.9.143.0/24 maxlen: 24
96.9.144.0/24 maxlen: 24
96.9.146.0/24 maxlen: 24
96.9.147.0/24 maxlen: 24
96.9.148.0/24 maxlen: 24
96.9.149.0/24 maxlen: 24
96.9.150.0/24 maxlen: 24
96.9.151.0/24 maxlen: 24
96.9.152.0/24 maxlen: 24
96.9.153.0/24 maxlen: 24
96.9.154.0/24 maxlen: 24
96.9.155.0/24 maxlen: 24
96.9.156.0/24 maxlen: 24
96.9.157.0/24 maxlen: 24
96.9.158.0/24 maxlen: 24
96.9.159.0/24 maxlen: 24
141.105.168.0/21 maxlen: 21
141.105.168.0/24 maxlen: 24
141.105.169.0/24 maxlen: 24
141.105.170.0/24 maxlen: 24
141.105.171.0/24 maxlen: 24
141.105.172.0/24 maxlen: 24
141.105.173.0/24 maxlen: 24
141.105.174.0/24 maxlen: 24
141.105.175.0/24 maxlen: 24
178.20.16.0/21 maxlen: 21
178.20.16.0/24 maxlen: 24
178.20.17.0/24 maxlen: 24
178.20.18.0/24 maxlen: 24
178.20.19.0/24 maxlen: 24
178.20.20.0/24 maxlen: 24
178.20.21.0/24 maxlen: 24
178.20.22.0/24 maxlen: 24
178.20.23.0/24 maxlen: 24
185.29.140.0/22 maxlen: 22
185.29.140.0/24 maxlen: 24
185.29.141.0/24 maxlen: 24
185.29.142.0/24 maxlen: 24
185.29.143.0/24 maxlen: 24
185.112.104.0/22 maxlen: 22
185.112.104.0/24 maxlen: 24
185.112.105.0/24 maxlen: 24
185.112.106.0/24 maxlen: 24
185.112.107.0/24 maxlen: 24
199.48.224.0/24 maxlen: 24
206.167.33.0/24 maxlen: 24
2a0a:c740:2::/48 maxlen: 48
2a0a:c740:4::/48 maxlen: 48
2a0a:c740:5::/48 maxlen: 48
2a0a:c740:7::/48 maxlen: 48
2a0a:c740:8::/48 maxlen: 48
2a0a:c740:100::/48 maxlen: 48
2a0a:c740:9998::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 11 Sep 2024 04:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c2:14:18:d4:58:40:32:6e:7f:b8:85:36:8a:6c:88:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be550b8eff90cccee9f8d3134b6438996b7d27cd
Validity
Not Before: Sep 5 12:06:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a7407e82b73592680314de7196cfc08746c04e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3c:18:65:a0:17:ef:6d:fe:96:1e:8c:d3:e8:
c7:4b:4f:92:93:10:fc:e9:b0:8b:37:9e:2f:21:f9:
ef:7a:6c:ea:5a:1f:a5:ba:ee:99:c3:57:6a:42:8a:
fd:d0:ed:1e:b3:91:45:e1:9e:dc:a3:3a:87:6e:f1:
56:b9:cf:cf:13:56:a0:9c:b6:86:42:7d:db:41:a6:
f4:fa:a5:cb:9f:75:fb:6f:ea:c9:51:8b:1c:c9:48:
be:4e:10:d6:fa:02:1e:e8:88:f9:04:ee:b5:46:78:
16:39:c9:27:d4:c1:c4:9f:e0:17:3b:0f:cb:6e:11:
80:0b:3a:43:4a:8f:9e:44:9d:25:db:5e:76:a5:05:
5d:8d:9c:e2:08:b5:27:69:74:e5:95:6d:2b:11:5a:
9d:38:3d:59:02:d2:80:b6:07:ca:09:80:3f:ef:7e:
2a:ce:0d:f5:57:f9:7c:3f:9f:bf:54:21:eb:17:0d:
da:04:96:56:fe:8d:50:32:16:06:51:41:1a:55:a4:
b6:31:34:ea:25:ab:98:e7:bc:f3:19:ee:26:05:a2:
d1:33:e8:54:4d:78:70:e2:94:b2:14:e4:a8:30:1a:
e3:a5:81:b2:ec:22:52:91:ed:f1:fc:56:1f:15:74:
15:93:49:04:bf:a5:80:ec:c3:d0:57:38:28:c8:7f:
50:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:74:07:E8:2B:73:59:26:80:31:4D:E7:19:6C:FC:08:74:6C:04:E9
X509v3 Authority Key Identifier:
keyid:BE:55:0B:8E:FF:90:CC:CE:E9:F8:D3:13:4B:64:38:99:6B:7D:27:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/OnQH6CtzWSaAMU3nGWz8CHRsBOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/vlULjv-QzM7p-NMTS2Q4mWt9J80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.176.0/21
78.111.32.0/20
84.242.32.0/20
94.176.16.0/20
96.9.128.0/19
141.105.168.0/21
178.20.16.0/21
185.29.140.0/22
185.112.104.0/22
199.48.224.0/24
206.167.33.0/24
IPv6:
2a0a:c740:2::/48
2a0a:c740:4::/47
2a0a:c740:7::-2a0a:c740:8:ffff:ffff:ffff:ffff:ffff
2a0a:c740:100::/48
2a0a:c740:9998::/48
Signature Algorithm: sha256WithRSAEncryption
8d:7a:7e:94:81:fa:02:65:d3:51:00:84:74:b7:1f:a5:26:46:
b7:ec:f2:cd:cd:07:61:2e:c1:d7:a8:38:a3:65:6f:46:14:b1:
9d:4b:58:bd:64:9b:30:c3:82:09:da:24:69:fd:98:89:6f:db:
63:de:3e:4a:04:ef:29:84:e4:dc:a1:d9:3e:68:5f:22:2f:19:
35:70:40:f9:72:03:fa:15:45:69:f0:56:f7:f6:b5:6d:65:ee:
2c:3a:82:43:bf:29:7d:12:62:67:e7:2d:a4:56:c3:da:de:ab:
9c:7b:d6:e5:ab:17:63:41:20:5f:2e:7b:e2:02:b8:85:18:66:
54:ee:fc:7b:bb:35:c3:eb:96:f9:98:39:ab:d0:57:36:47:1c:
f4:5e:5a:f6:78:15:99:36:6d:42:81:c5:0e:ca:fe:65:1c:8d:
5c:44:36:b5:18:be:63:c9:24:69:1c:0a:3c:81:86:5e:5b:1b:
8e:11:46:70:78:98:ef:7a:6e:f6:45:59:c9:22:67:83:1c:82:
ba:04:42:43:65:17:21:46:62:fc:91:3d:9b:91:fe:1b:d4:da:
39:83:b6:3e:d2:a3:79:10:11:50:01:a0:e9:db:83:d5:e7:3f:
08:47:41:ca:66:b9:5d:66:19:3b:e8:e7:ce:6c:db:3c:89:0c:
fb:86:4d:c8
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZHCFBjUWEAybn+4hTaKbIiIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNTUwYjhlZmY5MGNjY2VlOWY4ZDMxMzRiNjQzODk5NmI3
ZDI3Y2QwHhcNMjQwOTA1MTIwNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTc0MDdlODJiNzM1OTI2ODAzMTRkZTcxOTZjZmMwODc0NmMwNGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozwYZaAX723+lh6M0+jHS0+SkxD8
6bCLN54vIfnvemzqWh+luu6Zw1dqQor90O0es5FF4Z7cozqHbvFWuc/PE1agnLaG
Qn3bQab0+qXLn3X7b+rJUYscyUi+ThDW+gIe6Ij5BO61RngWOckn1MHEn+AXOw/L
bhGACzpDSo+eRJ0l2152pQVdjZziCLUnaXTllW0rEVqdOD1ZAtKAtgfKCYA/734q
zg31V/l8P5+/VCHrFw3aBJZW/o1QMhYGUUEaVaS2MTTqJauY57zzGe4mBaLRM+hU
TXhw4pSyFOSoMBrjpYGy7CJSke3x/FYfFXQVk0kEv6WA7MPQVzgoyH9QGwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFDp0B+grc1kmgDFN5xls/Ah0bATpMB8GA1UdIwQY
MBaAFL5VC47/kMzO6fjTE0tkOJlrfSfNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmxVTGp2LVF6TTdwLU5NVFMyUTRtV3Q5SjgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8zNDBkY2QtM2FlZS00MDEyLTkyMzMt
YzE1NTMyYmFmZjdkLzEvT25RSDZDdHpXU2FBTVUzbkdXejhDSFJzQk9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8zNDBkY2QtM2FlZS00MDEyLTkyMzMtYzE1NTMyYmFmZjdk
LzEvdmxVTGp2LVF6TTdwLU5NVFMyUTRtV3Q5SjgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijBIBAIAATBCAwQDBWaw
AwQETm8gAwQEVPIgAwQEXrAQAwQFYAmAAwQDjWmoAwQDshQQAwQCuR2MAwQCuXBo
AwQAxzDgAwQAzqchMD4EAgACMDgDBwAqCsdAAAIDBwEqCsdAAAQwEgMHACoKx0AA
BwMHACoKx0AACAMHACoKx0ABAAMHACoKx0CZmDANBgkqhkiG9w0BAQsFAAOCAQEA
jXp+lIH6AmXTUQCEdLcfpSZGt+zyzc0HYS7B16g4o2VvRhSxnUtYvWSbMMOCCdok
af2YiW/bY94+SgTvKYTk3KHZPmhfIi8ZNXBA+XID+hVFafBW9/a1bWXuLDqCQ78p
fRJiZ+ctpFbD2t6rnHvW5asXY0EgXy574gK4hRhmVO78e7s1w+uW+Zg5q9BXNkcc
9F5a9ngVmTZtQoHFDsr+ZRyNXEQ2tRi+Y8kkaRwKPIGGXlsbjhFGcHiY73pu9kVZ
ySJngxyCugRCQ2UXIUZi/JE9m5H+G9TaOYO2PtKjeRARUAGg6duD1ec/CEdByma5
XWYZO+jnzmzbPIkM+4ZNyA==
-----END CERTIFICATE-----
Generated at Wed Sep 11 05:50:31 2024 by rpki-client on console-fra.rpki-client.org