Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/e9e087-e768-44d8-9ec8-88e4466915f8/1/3B4DTvzWTaP6KKBNwcGoy4invJE.roa
File: 3B4DTvzWTaP6KKBNwcGoy4invJE.roa (raw, json)
Hash identifier: BHQW5vILOgLA+6t5XAhdZqeFVQ5KVOme93yGm5qkm3o=
Subject key identifier: DC:1E:03:4E:FC:D6:4D:A3:FA:28:A0:4D:C1:C1:A8:CB:88:A7:BC:91
Certificate issuer: /CN=595b243a7233e571c3c173eb8249111906326019
Certificate serial: 018A832CE605EF383F5313851CCD6CC231F7
Authority key identifier: 59:5B:24:3A:72:33:E5:71:C3:C1:73:EB:82:49:11:19:06:32:60:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WVskOnIz5XHDwXPrgkkRGQYyYBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/e9e087-e768-44d8-9ec8-88e4466915f8/1/3B4DTvzWTaP6KKBNwcGoy4invJE.roa
Signing time: Mon 11 Sep 2023 07:37:52 +0000
ROA not before: Mon 11 Sep 2023 07:37:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39824
IP address blocks: 79.134.37.0/24 maxlen: 24
79.134.36.0/24 maxlen: 24
79.134.32.0/22 maxlen: 24
79.134.38.0/23 maxlen: 24
79.134.44.0/22 maxlen: 24
79.134.42.0/23 maxlen: 24
79.134.41.0/24 maxlen: 24
79.134.40.0/24 maxlen: 24
46.36.132.0/22 maxlen: 24
46.36.130.0/23 maxlen: 24
46.36.128.0/23 maxlen: 24
46.36.136.0/22 maxlen: 24
46.36.144.0/23 maxlen: 24
46.36.140.0/22 maxlen: 24
46.36.146.0/23 maxlen: 24
46.36.152.0/22 maxlen: 24
46.36.148.0/22 maxlen: 24
46.36.159.0/24 maxlen: 24
46.36.158.0/24 maxlen: 24
46.36.156.0/23 maxlen: 24
185.103.170.0/23 maxlen: 24
185.103.168.0/23 maxlen: 24
185.103.179.0/24 maxlen: 24
185.103.178.0/24 maxlen: 24
185.103.177.0/24 maxlen: 24
185.103.176.0/24 maxlen: 24
185.103.184.0/23 maxlen: 24
185.103.186.0/23 maxlen: 24
185.100.224.0/22 maxlen: 24
62.84.36.0/22 maxlen: 24
62.84.32.0/22 maxlen: 24
62.84.42.0/23 maxlen: 24
62.84.40.0/23 maxlen: 24
62.84.44.0/23 maxlen: 24
62.84.48.0/20 maxlen: 24
62.84.46.0/23 maxlen: 24
109.239.32.0/21 maxlen: 24
185.106.158.0/23 maxlen: 24
185.106.156.0/23 maxlen: 24
81.88.144.0/21 maxlen: 24
81.88.152.0/22 maxlen: 24
81.88.156.0/22 maxlen: 24
212.45.82.0/23 maxlen: 24
212.45.80.0/23 maxlen: 24
212.45.85.0/24 maxlen: 24
212.45.84.0/24 maxlen: 24
212.45.88.0/22 maxlen: 24
212.45.86.0/23 maxlen: 24
212.45.94.0/23 maxlen: 24
212.45.92.0/23 maxlen: 24
185.102.118.0/24 maxlen: 24
185.102.117.0/24 maxlen: 24
185.102.116.0/24 maxlen: 24
185.102.119.0/24 maxlen: 24
185.102.128.0/22 maxlen: 24
80.249.138.0/23 maxlen: 24
80.249.137.0/24 maxlen: 24
80.249.142.0/23 maxlen: 24
80.249.140.0/23 maxlen: 24
80.249.152.0/21 maxlen: 24
213.232.196.0/23 maxlen: 24
213.232.201.0/24 maxlen: 24
109.239.40.0/22 maxlen: 24
109.239.44.0/22 maxlen: 24
185.98.88.0/22 maxlen: 24
213.232.218.0/23 maxlen: 24
213.232.220.0/22 maxlen: 24
213.232.224.0/24 maxlen: 24
213.232.230.0/23 maxlen: 24
213.232.242.0/23 maxlen: 24
213.232.246.0/23 maxlen: 24
213.232.244.0/24 maxlen: 24
185.98.76.0/22 maxlen: 24
2a06:1a00::/29 maxlen: 34
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:83:2c:e6:05:ef:38:3f:53:13:85:1c:cd:6c:c2:31:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=595b243a7233e571c3c173eb8249111906326019
Validity
Not Before: Sep 11 07:37:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc1e034efcd64da3fa28a04dc1c1a8cb88a7bc91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b5:71:4d:e1:fe:18:ca:8a:95:28:34:49:49:
d8:6b:46:8f:df:20:6b:14:2c:17:fe:1b:52:47:8c:
6c:fb:3d:72:ea:05:e5:27:8b:51:97:9c:64:2a:d1:
66:9f:3d:9d:3e:b0:9f:82:49:c1:54:4b:16:09:e2:
82:57:32:b2:61:c6:34:42:ee:81:4b:76:20:e3:9e:
4b:0c:6a:ec:72:fe:61:2c:c5:08:43:d5:08:c3:5b:
d8:ba:1b:a7:8f:f7:92:12:6f:31:ab:a0:67:44:6c:
bb:a7:99:b9:07:78:c2:b2:a1:d1:42:61:52:99:2b:
04:e3:ba:d3:2b:05:07:ea:db:f1:1e:82:8d:95:28:
ee:29:1a:7d:73:9a:a1:b4:49:ed:fb:4f:23:60:85:
32:bd:a6:29:39:f8:4d:7a:bc:42:17:c5:bb:0f:fd:
5f:c8:34:bb:45:a7:12:3e:ff:03:8b:15:96:dc:92:
b6:8e:c6:44:8a:23:f0:f7:8d:be:f2:c2:a8:fc:ff:
af:2a:5d:96:1f:2a:95:4c:7b:40:cc:85:6c:dc:b3:
36:67:d7:b2:17:2c:8d:75:db:18:76:89:70:ec:ae:
22:84:f8:3d:86:96:cf:8b:18:3a:ac:44:51:9e:49:
65:a2:b1:da:e7:3d:e8:d8:d5:ed:93:9d:4c:ff:b7:
85:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:1E:03:4E:FC:D6:4D:A3:FA:28:A0:4D:C1:C1:A8:CB:88:A7:BC:91
X509v3 Authority Key Identifier:
keyid:59:5B:24:3A:72:33:E5:71:C3:C1:73:EB:82:49:11:19:06:32:60:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WVskOnIz5XHDwXPrgkkRGQYyYBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/e9e087-e768-44d8-9ec8-88e4466915f8/1/3B4DTvzWTaP6KKBNwcGoy4invJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/e9e087-e768-44d8-9ec8-88e4466915f8/1/WVskOnIz5XHDwXPrgkkRGQYyYBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.128.0/19
62.84.32.0/19
79.134.32.0/20
80.249.137.0-80.249.143.255
80.249.152.0/21
81.88.144.0/20
109.239.32.0/20
185.98.76.0/22
185.98.88.0/22
185.100.224.0/22
185.102.116.0/22
185.102.128.0/22
185.103.168.0/22
185.103.176.0/22
185.103.184.0/22
185.106.156.0/22
212.45.80.0/20
213.232.196.0/23
213.232.201.0/24
213.232.218.0-213.232.224.255
213.232.230.0/23
213.232.242.0-213.232.244.255
213.232.246.0/23
IPv6:
2a06:1a00::/29
Signature Algorithm: sha256WithRSAEncryption
72:e7:87:3c:3e:fe:01:a2:b3:fa:dd:05:23:97:cf:3a:b1:83:
75:17:1c:83:98:af:91:6e:46:d3:7e:44:eb:30:cb:ff:80:03:
46:ca:a2:cd:ab:e2:05:b2:02:36:1f:57:7b:0d:5c:81:eb:b2:
ce:9b:8d:4f:56:be:45:72:a8:e2:9d:15:1b:14:db:ff:06:f9:
e4:ad:dd:33:16:30:01:b2:db:b9:e2:18:7c:4c:76:ef:57:5e:
51:5f:32:31:ec:f3:40:fe:2b:5c:7b:a0:fc:42:73:60:04:04:
f5:33:3b:f8:6d:2b:61:e0:17:a8:b0:8d:11:bb:37:10:55:05:
45:aa:81:8a:df:ad:85:04:a6:95:95:ca:fe:49:46:97:d4:a3:
bc:e4:37:9a:75:8c:7d:46:a9:85:bf:d0:f5:2c:41:cb:be:c3:
ad:93:3a:53:de:36:61:38:00:d5:d4:de:72:b3:14:e7:67:11:
e1:21:4a:37:2c:7d:04:be:e9:3b:58:16:36:7d:23:42:5a:31:
e4:3b:5f:9b:99:15:0c:2d:23:9c:41:85:33:2c:4a:0c:d2:97:
67:8d:bd:e5:94:b4:19:18:31:f1:5d:35:2c:de:e7:fc:6d:95:
46:4a:b5:e2:08:aa:da:11:b0:eb:32:10:6d:49:03:3b:d0:a6:
36:b7:89:09
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYqDLOYF7zg/UxOFHM1swjH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NWIyNDNhNzIzM2U1NzFjM2MxNzNlYjgyNDkxMTE5MDYz
MjYwMTkwHhcNMjMwOTExMDczNzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzFlMDM0ZWZjZDY0ZGEzZmEyOGEwNGRjMWMxYThjYjg4YTdiYzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLVxTeH+GMqKlSg0SUnYa0aP3yBr
FCwX/htSR4xs+z1y6gXlJ4tRl5xkKtFmnz2dPrCfgknBVEsWCeKCVzKyYcY0Qu6B
S3Yg455LDGrscv5hLMUIQ9UIw1vYuhunj/eSEm8xq6BnRGy7p5m5B3jCsqHRQmFS
mSsE47rTKwUH6tvxHoKNlSjuKRp9c5qhtEnt+08jYIUyvaYpOfhNerxCF8W7D/1f
yDS7RacSPv8DixWW3JK2jsZEiiPw942+8sKo/P+vKl2WHyqVTHtAzIVs3LM2Z9ey
FyyNddsYdolw7K4ihPg9hpbPixg6rERRnkllorHa5z3o2NXtk51M/7eFcQIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFNweA0781k2j+iigTcHBqMuIp7yRMB8GA1UdIwQY
MBaAFFlbJDpyM+Vxw8Fz64JJERkGMmAZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1Zza09uSXo1WEhEd1hQcmdra1JHUVl5WUJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9lOWUwODctZTc2OC00NGQ4LTllYzgt
ODhlNDQ2NjkxNWY4LzEvM0I0RFR2eldUYVA2S0tCTndjR295NGludkpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9lOWUwODctZTc2OC00NGQ4LTllYzgtODhlNDQ2NjkxNWY4
LzEvV1Zza09uSXo1WEhEd1hQcmdra1JHUVl5WUJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBqQQCAAEwgaIDBAUu
JIADBAU+VCADBARPhiAwDAMEAFD5iQMEBFD5gAMEA1D5mAMEBFFYkAMEBG3vIAME
ArliTAMEArliWAMEArlk4AMEArlmdAMEArlmgAMEArlnqAMEArlnsAMEArlnuAME
ArlqnAMEBNQtUAMEAdXoxAMEANXoyTAMAwQB1ejaAwQA1ejgAwQB1ejmMAwDBAHV
6PIDBADV6PQDBAHV6PYwDQQCAAIwBwMFAyoGGgAwDQYJKoZIhvcNAQELBQADggEB
AHLnhzw+/gGis/rdBSOXzzqxg3UXHIOYr5FuRtN+ROswy/+AA0bKos2r4gWyAjYf
V3sNXIHrss6bjU9WvkVyqOKdFRsU2/8G+eSt3TMWMAGy27niGHxMdu9XXlFfMjHs
80D+K1x7oPxCc2AEBPUzO/htK2HgF6iwjRG7NxBVBUWqgYrfrYUEppWVyv5JRpfU
o7zkN5p1jH1GqYW/0PUsQcu+w62TOlPeNmE4ANXU3nKzFOdnEeEhSjcsfQS+6TtY
FjZ9I0JaMeQ7X5uZFQwtI5xBhTMsSgzSl2eNveWUtBkYMfFdNSze5/xtlUZKteII
qtoRsOsyEG1JAzvQpja3iQk=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:39 2024 by rpki-client on console-ams.rpki-client.org