Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/203cSadWDPKSfgpq8qBp3il7X4g.roa
File: 203cSadWDPKSfgpq8qBp3il7X4g.roa (raw, json)
Hash identifier: m5ec2YmsJ1V32O+4O+JlGqe203KkH6S8Zw2ffFPswjc=
Subject key identifier: DB:4D:DC:49:A7:56:0C:F2:92:7E:0A:6A:F2:A0:69:DE:29:7B:5F:88
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018E2E376198C636E6D4B579DDF6464EF53A
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/203cSadWDPKSfgpq8qBp3il7X4g.roa
Signing time: Mon 11 Mar 2024 15:52:45 +0000
ROA not before: Mon 11 Mar 2024 15:52:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48031
IP address blocks: 31.216.57.0/24 maxlen: 24
31.216.63.0/24 maxlen: 24
77.87.120.0/24 maxlen: 24
84.246.84.0/24 maxlen: 24
84.246.86.0/24 maxlen: 24
84.246.87.0/24 maxlen: 24
84.246.106.0/24 maxlen: 24
84.246.109.0/24 maxlen: 24
87.236.151.0/24 maxlen: 24
88.151.15.0/24 maxlen: 24
89.107.15.0/24 maxlen: 24
89.248.70.0/24 maxlen: 24
91.190.153.0/24 maxlen: 24
91.246.34.0/24 maxlen: 24
91.246.48.0/24 maxlen: 24
91.246.53.0/24 maxlen: 24
91.247.161.0/24 maxlen: 24
91.247.165.0/24 maxlen: 24
91.247.166.0/24 maxlen: 24
91.247.167.0/24 maxlen: 24
91.247.173.0/24 maxlen: 24
91.247.183.0/24 maxlen: 24
93.157.104.0/24 maxlen: 24
93.157.109.0/24 maxlen: 24
109.94.161.0/24 maxlen: 24
109.107.136.0/24 maxlen: 24
109.107.141.0/24 maxlen: 24
109.107.142.0/24 maxlen: 24
109.205.184.0/24 maxlen: 24
109.205.188.0/24 maxlen: 24
176.97.199.0/24 maxlen: 24
176.97.203.0/24 maxlen: 24
176.97.208.0/24 maxlen: 24
176.97.222.0/24 maxlen: 24
176.97.223.0/24 maxlen: 24
176.116.3.0/24 maxlen: 24
193.160.219.0/24 maxlen: 24
193.163.22.0/24 maxlen: 24
194.26.224.0/24 maxlen: 24
194.105.60.0/24 maxlen: 24
194.107.92.0/24 maxlen: 24
212.52.25.0/24 maxlen: 24
212.52.26.0/24 maxlen: 24
217.198.176.0/24 maxlen: 24
217.198.178.0/24 maxlen: 24
217.198.179.0/24 maxlen: 24
217.198.180.0/24 maxlen: 24
217.198.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 15:39:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2e:37:61:98:c6:36:e6:d4:b5:79:dd:f6:46:4e:f5:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Mar 11 15:52:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db4ddc49a7560cf2927e0a6af2a069de297b5f88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:83:94:5f:63:a5:ea:94:b9:c6:79:60:fd:e6:
d1:ea:25:78:4f:55:1b:67:a5:67:fb:c6:5b:5a:56:
b1:be:a3:c9:ad:cb:b7:63:a5:65:aa:bf:cf:46:ef:
6d:a4:5d:47:e3:9a:4b:7b:84:7e:42:08:a3:f1:c0:
c1:1a:75:54:20:34:f0:b3:0b:18:83:fa:6d:f7:50:
e5:90:62:6a:3b:22:92:29:91:85:e1:26:6d:08:5a:
13:83:d7:57:06:26:15:97:d6:73:f2:fc:80:fc:53:
94:5b:a5:6b:52:a7:d1:72:ae:f5:1f:05:04:24:cc:
fc:27:94:9e:80:d3:5b:73:70:43:86:bd:89:63:76:
1e:70:54:8f:e8:12:fa:4c:0e:8e:de:45:bb:61:34:
d1:3a:52:f6:5f:21:2e:61:cb:d6:30:a2:f2:e9:69:
e5:61:83:27:43:3d:41:d3:51:79:3e:8b:75:35:9b:
7e:fb:3b:7a:51:dc:5b:4c:b6:31:c1:2e:7f:e9:61:
d9:9d:fe:bb:60:91:5e:b0:5c:88:5c:6c:33:80:79:
a6:36:3d:b5:14:39:0a:24:12:42:69:38:0d:cd:1c:
65:d8:14:6c:ab:cb:dd:df:19:fc:7b:81:5e:7c:40:
b9:4b:08:0a:16:43:88:51:06:5c:88:ba:27:e5:a1:
c2:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:4D:DC:49:A7:56:0C:F2:92:7E:0A:6A:F2:A0:69:DE:29:7B:5F:88
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/203cSadWDPKSfgpq8qBp3il7X4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.57.0/24
31.216.63.0/24
77.87.120.0/24
84.246.84.0/24
84.246.86.0/23
84.246.106.0/24
84.246.109.0/24
87.236.151.0/24
88.151.15.0/24
89.107.15.0/24
89.248.70.0/24
91.190.153.0/24
91.246.34.0/24
91.246.48.0/24
91.246.53.0/24
91.247.161.0/24
91.247.165.0-91.247.167.255
91.247.173.0/24
91.247.183.0/24
93.157.104.0/24
93.157.109.0/24
109.94.161.0/24
109.107.136.0/24
109.107.141.0-109.107.142.255
109.205.184.0/24
109.205.188.0/24
176.97.199.0/24
176.97.203.0/24
176.97.208.0/24
176.97.222.0/23
176.116.3.0/24
193.160.219.0/24
193.163.22.0/24
194.26.224.0/24
194.105.60.0/24
194.107.92.0/24
212.52.25.0-212.52.26.255
217.198.176.0/24
217.198.178.0-217.198.180.255
217.198.182.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:ce:6e:d6:d2:4c:5e:03:5a:16:28:35:9c:d5:03:f8:40:d3:
94:20:c2:91:bf:4d:65:af:30:fb:f5:86:a1:3c:b3:82:d4:73:
5e:c3:99:9d:d0:f5:42:b1:04:83:7b:11:35:f0:a0:da:12:5a:
b7:0b:22:dd:7b:6f:65:b4:f6:cb:da:0e:f0:b4:1a:e3:20:16:
07:8f:4c:19:a9:98:a4:c0:2c:58:e2:9b:d9:ce:b9:05:d8:35:
10:dc:52:fb:d9:82:3c:99:55:31:10:84:ea:05:ed:9a:fc:7c:
1e:1f:9d:08:56:33:74:d3:b5:51:f3:3c:c8:3d:c3:e3:ff:a0:
cd:5b:dc:bc:c4:55:da:83:3b:bd:47:05:be:32:74:76:c2:2f:
56:f9:af:43:77:b3:5c:ce:31:32:f7:56:bc:02:23:d5:38:62:
3d:4e:5f:0c:66:22:d3:a6:65:b4:83:25:2c:6c:cd:dc:a1:a9:
5b:31:a7:c4:24:4b:34:7e:7f:b7:11:28:81:8b:8d:38:f5:5a:
44:52:a1:f6:47:40:49:7b:dd:28:bf:cc:28:2c:e0:64:ef:a1:
45:74:64:b9:fe:93:f7:89:ce:47:5d:1a:87:59:80:e7:0f:6a:
12:8a:f9:fe:0c:ee:c4:b6:7c:1f:4d:3f:d2:6e:cd:b0:1f:91:
d3:9c:31:68
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgISAY4uN2GYxjbm1LV53fZGTvU6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMzExMTU1MjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjRkZGM0OWE3NTYwY2YyOTI3ZTBhNmFmMmEwNjlkZTI5N2I1Zjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIOUX2Ol6pS5xnlg/ebR6iV4T1Ub
Z6Vn+8ZbWlaxvqPJrcu3Y6Vlqr/PRu9tpF1H45pLe4R+Qgij8cDBGnVUIDTwswsY
g/pt91DlkGJqOyKSKZGF4SZtCFoTg9dXBiYVl9Zz8vyA/FOUW6VrUqfRcq71HwUE
JMz8J5SegNNbc3BDhr2JY3YecFSP6BL6TA6O3kW7YTTROlL2XyEuYcvWMKLy6Wnl
YYMnQz1B01F5Pot1NZt++zt6UdxbTLYxwS5/6WHZnf67YJFesFyIXGwzgHmmNj21
FDkKJBJCaTgNzRxl2BRsq8vd3xn8e4FefEC5SwgKFkOIUQZciLon5aHCVQIDAQAB
o4IDHTCCAxkwHQYDVR0OBBYEFNtN3EmnVgzykn4KavKgad4pe1+IMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvMjAzY1NhZFdEUEtTZmdwcThxQnAzaWw3WDRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMQYIKwYBBQUHAQcBAf8EggEgMIIBHDCCARgEAgABMIIB
EAMEAB/YOQMEAB/YPwMEAE1XeAMEAFT2VAMEAVT2VgMEAFT2agMEAFT2bQMEAFfs
lwMEAFiXDwMEAFlrDwMEAFn4RgMEAFu+mQMEAFv2IgMEAFv2MAMEAFv2NQMEAFv3
oTAMAwQAW/elAwQDW/egAwQAW/etAwQAW/e3AwQAXZ1oAwQAXZ1tAwQAbV6hAwQA
bWuIMAwDBABta40DBABta44DBABtzbgDBABtzbwDBACwYccDBACwYcsDBACwYdAD
BAGwYd4DBACwdAMDBADBoNsDBADBoxYDBADCGuADBADCaTwDBADCa1wwDAMEANQ0
GQMEANQ0GgMEANnGsDAMAwQB2cayAwQA2ca0AwQA2ca2MA0GCSqGSIb3DQEBCwUA
A4IBAQCezm7W0kxeA1oWKDWc1QP4QNOUIMKRv01lrzD79YahPLOC1HNew5md0PVC
sQSDexE18KDaElq3CyLde29ltPbL2g7wtBrjIBYHj0wZqZikwCxY4pvZzrkF2DUQ
3FL72YI8mVUxEITqBe2a/HweH50IVjN007VR8zzIPcPj/6DNW9y8xFXagzu9RwW+
MnR2wi9W+a9Dd7NczjEy91a8AiPVOGI9Tl8MZiLTpmW0gyUsbM3coalbMafEJEs0
fn+3ESiBi4049VpEUqH2R0BJe90ov8woLOBk76FFdGS5/pP3ic5HXRqHWYDnD2oS
ivn+DO7EtnwfTT/Sbs2wH5HTnDFo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:22 2024 by rpki-client on console-fra.rpki-client.org