Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/IUreutNLZwTF3cmp2FH7odQTxmk.roa
File: IUreutNLZwTF3cmp2FH7odQTxmk.roa (raw, json)
Hash identifier: FLI3vxEwA9K65u6stgy5ybih2NjV2QSSTiKW9pSUxaM=
Subject key identifier: 21:4A:DE:BA:D3:4B:67:04:C5:DD:C9:A9:D8:51:FB:A1:D4:13:C6:69
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018FA50101C4709ACCF0D5019B859C2D075F
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/IUreutNLZwTF3cmp2FH7odQTxmk.roa
Signing time: Thu 23 May 2024 10:30:57 +0000
ROA not before: Thu 23 May 2024 10:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48031
IP address blocks: 31.216.57.0/24 maxlen: 24
31.216.63.0/24 maxlen: 24
77.87.120.0/24 maxlen: 24
84.246.84.0/24 maxlen: 24
84.246.86.0/24 maxlen: 24
84.246.87.0/24 maxlen: 24
84.246.106.0/24 maxlen: 24
84.246.109.0/24 maxlen: 24
87.236.151.0/24 maxlen: 24
88.151.15.0/24 maxlen: 24
89.107.14.0/24 maxlen: 24
89.107.15.0/24 maxlen: 24
89.248.70.0/24 maxlen: 24
91.190.153.0/24 maxlen: 24
91.246.34.0/24 maxlen: 24
91.246.48.0/24 maxlen: 24
91.246.53.0/24 maxlen: 24
91.246.54.0/24 maxlen: 24
91.247.161.0/24 maxlen: 24
91.247.165.0/24 maxlen: 24
91.247.166.0/24 maxlen: 24
91.247.167.0/24 maxlen: 24
91.247.173.0/24 maxlen: 24
91.247.183.0/24 maxlen: 24
93.157.104.0/24 maxlen: 24
93.157.109.0/24 maxlen: 24
109.94.161.0/24 maxlen: 24
109.94.163.0/24 maxlen: 24
109.107.136.0/24 maxlen: 24
109.107.141.0/24 maxlen: 24
109.107.142.0/24 maxlen: 24
109.107.144.0/24 maxlen: 24
109.107.147.0/24 maxlen: 24
109.107.148.0/24 maxlen: 24
109.205.184.0/24 maxlen: 24
109.205.188.0/24 maxlen: 24
176.97.199.0/24 maxlen: 24
176.97.203.0/24 maxlen: 24
176.97.208.0/24 maxlen: 24
176.97.222.0/24 maxlen: 24
176.97.223.0/24 maxlen: 24
176.116.3.0/24 maxlen: 24
193.160.219.0/24 maxlen: 24
193.163.22.0/24 maxlen: 24
194.26.224.0/24 maxlen: 24
194.105.60.0/24 maxlen: 24
194.107.92.0/24 maxlen: 24
212.52.25.0/24 maxlen: 24
212.52.26.0/24 maxlen: 24
217.198.176.0/24 maxlen: 24
217.198.178.0/24 maxlen: 24
217.198.179.0/24 maxlen: 24
217.198.180.0/24 maxlen: 24
217.198.181.0/24 maxlen: 24
217.198.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 May 2024 10:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a5:01:01:c4:70:9a:cc:f0:d5:01:9b:85:9c:2d:07:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: May 23 10:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=214adebad34b6704c5ddc9a9d851fba1d413c669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:bd:b3:4c:2c:3e:29:69:18:da:0a:45:a4:1d:
df:bb:49:f5:9d:c1:b2:87:17:40:06:30:4e:6d:1c:
2e:a0:79:1c:51:4a:80:55:a7:85:75:15:ad:ad:93:
ae:68:12:68:94:85:e2:8c:5d:e8:0f:b9:69:10:e9:
c2:85:f9:6e:e7:97:3c:25:97:c2:69:b1:70:91:d2:
d6:c6:5b:3e:43:d7:fd:9b:e9:4c:0c:10:2b:31:a3:
53:65:07:6d:4d:db:ac:a0:a1:cc:74:f9:6d:69:c3:
cc:3e:95:fb:05:d5:d5:f2:7e:c5:19:fe:53:ba:1e:
a2:05:31:ce:d3:5b:ed:88:ec:7d:04:63:c8:20:52:
a5:8d:ac:ef:bf:bc:2d:0f:df:f8:98:3d:6c:de:90:
40:ad:62:6a:a6:3a:86:62:22:8a:e1:8f:f3:4d:45:
61:53:fa:fb:39:39:23:03:72:1d:69:7c:c6:a4:04:
a1:90:f5:2b:b6:94:a5:46:d5:3f:c9:6d:04:3a:1d:
f9:b5:d1:91:d2:8a:14:68:ce:e0:3e:43:34:0d:a9:
73:65:fd:ff:b9:1c:e9:11:92:d2:e1:2f:da:4b:23:
ac:47:29:6f:67:cd:ca:cb:f4:ae:00:83:6b:7b:e3:
43:17:60:90:55:4f:59:6d:b0:27:f9:3d:03:89:af:
f2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:4A:DE:BA:D3:4B:67:04:C5:DD:C9:A9:D8:51:FB:A1:D4:13:C6:69
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/IUreutNLZwTF3cmp2FH7odQTxmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.57.0/24
31.216.63.0/24
77.87.120.0/24
84.246.84.0/24
84.246.86.0/23
84.246.106.0/24
84.246.109.0/24
87.236.151.0/24
88.151.15.0/24
89.107.14.0/23
89.248.70.0/24
91.190.153.0/24
91.246.34.0/24
91.246.48.0/24
91.246.53.0-91.246.54.255
91.247.161.0/24
91.247.165.0-91.247.167.255
91.247.173.0/24
91.247.183.0/24
93.157.104.0/24
93.157.109.0/24
109.94.161.0/24
109.94.163.0/24
109.107.136.0/24
109.107.141.0-109.107.142.255
109.107.144.0/24
109.107.147.0-109.107.148.255
109.205.184.0/24
109.205.188.0/24
176.97.199.0/24
176.97.203.0/24
176.97.208.0/24
176.97.222.0/23
176.116.3.0/24
193.160.219.0/24
193.163.22.0/24
194.26.224.0/24
194.105.60.0/24
194.107.92.0/24
212.52.25.0-212.52.26.255
217.198.176.0/24
217.198.178.0-217.198.182.255
Signature Algorithm: sha256WithRSAEncryption
02:fa:05:76:6b:bf:d1:36:5c:e3:b1:6a:ce:10:30:cc:55:a1:
51:0d:7d:2a:66:3c:6f:6f:f5:f6:2f:89:55:b1:7f:8f:e2:26:
1a:dd:7a:ea:fd:8c:f5:83:ed:47:b8:15:a6:06:4c:c6:9a:c6:
22:6b:dd:91:ba:e4:78:16:7a:4a:90:24:a9:83:08:80:9e:5f:
9f:f5:8d:2a:19:f2:35:2a:db:08:9a:04:dc:d7:81:98:73:88:
6c:8f:21:57:72:8b:ea:97:bc:79:c2:be:85:9d:36:fd:1f:f1:
63:a9:8c:1e:26:b3:6d:9e:ae:e5:f6:dd:8e:b2:55:f9:03:a4:
1c:52:03:6e:6d:23:18:0e:3a:a0:4e:a1:49:d2:40:c7:77:f1:
45:3f:8f:7e:ee:48:7b:73:d2:48:ed:32:b0:1b:ec:05:15:6c:
99:d2:b5:20:e1:2a:f2:8f:ef:d1:f8:b3:dc:f6:9c:45:06:cf:
c5:ec:be:4b:37:9a:f7:70:48:a3:47:b1:0a:5c:da:c8:71:45:
f8:4a:94:6d:89:07:45:72:96:53:6b:9b:7c:56:6f:0a:15:43:
b7:96:2f:09:8d:17:1b:fa:5c:ec:5c:b0:89:0b:ef:72:55:49:
97:44:81:2b:a9:61:e1:25:83:c1:72:87:26:c3:3d:17:9f:86:
7e:e1:93:f9
-----BEGIN CERTIFICATE-----
MIIGLTCCBRWgAwIBAgISAY+lAQHEcJrM8NUBm4WcLQdfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwNTIzMTAzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTRhZGViYWQzNGI2NzA0YzVkZGM5YTlkODUxZmJhMWQ0MTNjNjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2L2zTCw+KWkY2gpFpB3fu0n1ncGy
hxdABjBObRwuoHkcUUqAVaeFdRWtrZOuaBJolIXijF3oD7lpEOnChflu55c8JZfC
abFwkdLWxls+Q9f9m+lMDBArMaNTZQdtTdusoKHMdPltacPMPpX7BdXV8n7FGf5T
uh6iBTHO01vtiOx9BGPIIFKljazvv7wtD9/4mD1s3pBArWJqpjqGYiKK4Y/zTUVh
U/r7OTkjA3IdaXzGpAShkPUrtpSlRtU/yW0EOh35tdGR0ooUaM7gPkM0DalzZf3/
uRzpEZLS4S/aSyOsRylvZ83Ky/SuAINre+NDF2CQVU9ZbbAn+T0Dia/yvwIDAQAB
o4IDOTCCAzUwHQYDVR0OBBYEFCFK3rrTS2cExd3JqdhR+6HUE8ZpMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvSVVyZXV0Tkxad1RGM2NtcDJGSDdvZFFUeG1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBTQYIKwYBBQUHAQcBAf8EggE8MIIBODCCATQEAgABMIIB
LAMEAB/YOQMEAB/YPwMEAE1XeAMEAFT2VAMEAVT2VgMEAFT2agMEAFT2bQMEAFfs
lwMEAFiXDwMEAVlrDgMEAFn4RgMEAFu+mQMEAFv2IgMEAFv2MDAMAwQAW/Y1AwQA
W/Y2AwQAW/ehMAwDBABb96UDBANb96ADBABb960DBABb97cDBABdnWgDBABdnW0D
BABtXqEDBABtXqMDBABta4gwDAMEAG1rjQMEAG1rjgMEAG1rkDAMAwQAbWuTAwQA
bWuUAwQAbc24AwQAbc28AwQAsGHHAwQAsGHLAwQAsGHQAwQBsGHeAwQAsHQDAwQA
waDbAwQAwaMWAwQAwhrgAwQAwmk8AwQAwmtcMAwDBADUNBkDBADUNBoDBADZxrAw
DAMEAdnGsgMEANnGtjANBgkqhkiG9w0BAQsFAAOCAQEAAvoFdmu/0TZc47FqzhAw
zFWhUQ19KmY8b2/19i+JVbF/j+ImGt166v2M9YPtR7gVpgZMxprGImvdkbrkeBZ6
SpAkqYMIgJ5fn/WNKhnyNSrbCJoE3NeBmHOIbI8hV3KL6pe8ecK+hZ02/R/xY6mM
HiazbZ6u5fbdjrJV+QOkHFIDbm0jGA46oE6hSdJAx3fxRT+Pfu5Ie3PSSO0ysBvs
BRVsmdK1IOEq8o/v0fiz3PacRQbPxey+Szea93BIo0exClzayHFF+EqUbYkHRXKW
U2ubfFZvChVDt5YvCY0XG/pc7FywiQvvclVJl0SBK6lh4SWDwXKHJsM9F5+GfuGT
+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:48 2024 by rpki-client on console-ams.rpki-client.org