Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/3DP7_51yLn972_xr87ME8lUGcOw.roa
File: 3DP7_51yLn972_xr87ME8lUGcOw.roa (raw, json)
Hash identifier: /PSTbcfe1d+ROpPinNLo+ci7BM9iwKxZV3e53X/mfC0=
Subject key identifier: DC:33:FB:FF:9D:72:2E:7F:7B:DB:FC:6B:F3:B3:04:F2:55:06:70:EC
Certificate issuer: /CN=7fcad89df1bf99a36f290cc3ef0f1e7b4d027533
Certificate serial: 018F62111163DBAA1F81D222F0E771BCBEAE
Authority key identifier: 7F:CA:D8:9D:F1:BF:99:A3:6F:29:0C:C3:EF:0F:1E:7B:4D:02:75:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f8rYnfG_maNvKQzD7w8ee00CdTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/3DP7_51yLn972_xr87ME8lUGcOw.roa
Signing time: Fri 10 May 2024 10:33:56 +0000
ROA not before: Fri 10 May 2024 10:33:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204601
IP address blocks: 5.8.248.0/24 maxlen: 24
45.81.224.0/22 maxlen: 22
45.82.68.0/22 maxlen: 22
45.82.176.0/22 maxlen: 22
45.87.0.0/22 maxlen: 22
45.136.84.0/24 maxlen: 24
45.136.85.0/24 maxlen: 24
45.136.86.0/24 maxlen: 24
45.136.87.0/24 maxlen: 24
45.137.64.0/22 maxlen: 22
46.18.107.0/24 maxlen: 24
46.21.250.0/24 maxlen: 24
77.220.212.0/22 maxlen: 22
77.220.212.0/24 maxlen: 24
77.220.213.0/24 maxlen: 24
77.220.214.0/24 maxlen: 24
77.220.215.0/24 maxlen: 24
81.31.197.0/24 maxlen: 24
91.201.25.0/24 maxlen: 24
91.208.127.0/24 maxlen: 24
91.209.226.0/24 maxlen: 24
91.228.56.0/24 maxlen: 24
94.124.78.0/24 maxlen: 24
178.159.38.0/24 maxlen: 24
178.159.39.0/24 maxlen: 24
178.159.42.0/24 maxlen: 24
178.159.43.0/24 maxlen: 24
185.23.108.0/24 maxlen: 24
185.51.121.0/24 maxlen: 24
185.51.246.0/24 maxlen: 24
185.51.247.0/24 maxlen: 24
185.93.6.0/24 maxlen: 24
185.107.237.0/24 maxlen: 24
185.201.252.0/24 maxlen: 24
185.204.109.0/24 maxlen: 24
185.229.251.0/24 maxlen: 24
185.232.164.0/24 maxlen: 24
185.235.128.0/24 maxlen: 24
185.235.129.0/24 maxlen: 24
185.235.130.0/24 maxlen: 24
185.235.131.0/24 maxlen: 24
185.241.52.0/24 maxlen: 24
185.241.53.0/24 maxlen: 24
185.241.54.0/24 maxlen: 24
185.241.55.0/24 maxlen: 24
185.244.216.0/22 maxlen: 22
185.244.216.0/24 maxlen: 24
185.244.217.0/24 maxlen: 24
185.244.218.0/24 maxlen: 24
185.244.219.0/24 maxlen: 24
185.250.204.0/24 maxlen: 24
185.250.205.0/24 maxlen: 24
185.250.206.0/24 maxlen: 24
185.250.207.0/24 maxlen: 24
185.251.25.0/24 maxlen: 24
193.22.21.0/24 maxlen: 24
193.56.8.0/24 maxlen: 24
193.163.7.0/24 maxlen: 24
193.163.113.0/24 maxlen: 24
193.169.105.0/24 maxlen: 24
194.15.46.0/24 maxlen: 24
194.29.53.0/24 maxlen: 24
212.8.244.0/24 maxlen: 24
212.8.246.0/24 maxlen: 24
212.23.221.0/24 maxlen: 24
212.86.101.0/24 maxlen: 24
212.86.102.0/24 maxlen: 24
212.86.108.0/24 maxlen: 24
212.86.109.0/24 maxlen: 24
212.86.114.0/24 maxlen: 24
212.86.115.0/24 maxlen: 24
212.162.152.0/22 maxlen: 24
213.166.68.0/24 maxlen: 24
213.166.69.0/24 maxlen: 24
213.166.70.0/24 maxlen: 24
213.166.71.0/24 maxlen: 24
2a07:5980::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 14 May 2024 09:26:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:62:11:11:63:db:aa:1f:81:d2:22:f0:e7:71:bc:be:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fcad89df1bf99a36f290cc3ef0f1e7b4d027533
Validity
Not Before: May 10 10:33:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc33fbff9d722e7f7bdbfc6bf3b304f2550670ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:25:12:8f:26:73:8e:52:01:f5:56:7d:2a:f7:
77:f4:a8:be:d8:e3:48:58:2f:38:cd:45:10:b5:fb:
c4:6f:53:20:c7:ed:c3:16:86:33:6e:ac:0f:1e:7a:
85:88:05:5a:60:ae:29:c9:95:23:5a:35:02:2c:b6:
7e:58:7d:1f:b8:05:f8:45:8e:0d:72:41:00:3d:81:
56:82:61:62:5c:aa:53:84:f8:12:2c:8a:b9:4c:01:
8f:51:70:37:61:7d:56:69:a2:5c:a7:e5:ce:95:74:
52:fe:13:16:22:90:3a:5f:0f:7a:92:ff:dc:ca:70:
e0:e7:ee:fa:7d:6e:a3:05:ca:b9:86:b1:dc:0e:0e:
c8:62:9e:d0:63:27:97:97:de:79:ce:ce:c1:bd:18:
cd:51:1a:e9:d3:52:a8:32:0f:49:5d:d0:87:e8:5c:
60:1b:59:a4:b2:54:63:e8:e9:64:e5:0c:73:58:99:
b9:81:f0:5d:50:c6:fe:30:46:26:b8:87:1e:f0:24:
85:a8:a6:09:d9:fc:0d:5f:da:2a:27:f9:4b:e5:29:
bd:77:87:e6:d9:b7:49:ef:7d:bb:bd:d0:81:d6:ff:
37:f5:9f:b3:99:69:9f:e9:a0:3c:57:74:da:cf:8e:
13:dc:7c:ff:49:7f:e0:ce:5b:42:24:dd:db:0c:d5:
e5:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:33:FB:FF:9D:72:2E:7F:7B:DB:FC:6B:F3:B3:04:F2:55:06:70:EC
X509v3 Authority Key Identifier:
keyid:7F:CA:D8:9D:F1:BF:99:A3:6F:29:0C:C3:EF:0F:1E:7B:4D:02:75:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8rYnfG_maNvKQzD7w8ee00CdTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/3DP7_51yLn972_xr87ME8lUGcOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/f8rYnfG_maNvKQzD7w8ee00CdTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.248.0/24
45.81.224.0/22
45.82.68.0/22
45.82.176.0/22
45.87.0.0/22
45.136.84.0/22
45.137.64.0/22
46.18.107.0/24
46.21.250.0/24
77.220.212.0/22
81.31.197.0/24
91.201.25.0/24
91.208.127.0/24
91.209.226.0/24
91.228.56.0/24
94.124.78.0/24
178.159.38.0/23
178.159.42.0/23
185.23.108.0/24
185.51.121.0/24
185.51.246.0/23
185.93.6.0/24
185.107.237.0/24
185.201.252.0/24
185.204.109.0/24
185.229.251.0/24
185.232.164.0/24
185.235.128.0/22
185.241.52.0/22
185.244.216.0/22
185.250.204.0/22
185.251.25.0/24
193.22.21.0/24
193.56.8.0/24
193.163.7.0/24
193.163.113.0/24
193.169.105.0/24
194.15.46.0/24
194.29.53.0/24
212.8.244.0/24
212.8.246.0/24
212.23.221.0/24
212.86.101.0-212.86.102.255
212.86.108.0/23
212.86.114.0/23
212.162.152.0/22
213.166.68.0/22
IPv6:
2a07:5980::/29
Signature Algorithm: sha256WithRSAEncryption
95:c9:0a:3e:fb:7c:7d:8e:40:0e:d4:0e:11:e5:64:c0:87:af:
e6:be:9c:29:e7:4a:e1:82:0a:fc:0e:c8:33:a4:55:54:f2:16:
df:47:83:ce:35:44:a0:00:93:86:5c:40:4b:73:24:38:4c:11:
49:c3:9e:94:23:58:7b:2f:b2:b0:87:a1:c4:bc:6a:6f:d4:f5:
60:15:cb:b9:ca:d6:00:92:38:0d:31:70:ca:46:7f:be:37:49:
16:9a:72:b4:97:6f:ef:1a:71:d2:78:37:dd:35:0a:3e:ed:ba:
88:15:0c:0c:7e:11:f9:fb:ff:88:c2:c8:15:48:6f:b0:57:83:
89:c5:ea:87:4a:d5:f0:13:98:2e:5b:5d:27:91:6b:1e:f1:f1:
91:89:af:cb:1c:7a:d2:06:ef:5a:1b:8c:b2:1c:67:4c:21:c9:
ef:25:ea:66:b1:83:23:c7:dd:a3:2c:3a:94:20:ba:6a:38:78:
15:3d:fd:90:59:bc:e9:92:4b:a6:a6:cd:6d:84:14:e0:60:2e:
81:0e:e6:01:86:59:d9:9c:00:31:39:5c:a9:32:82:25:d0:38:
00:44:a3:31:da:75:60:29:54:96:4d:2a:6a:41:94:ff:b2:d8:
09:eb:be:ad:02:23:c1:67:5b:2e:24:10:4c:f6:ca:73:1c:6f:
2a:85:32:74
-----BEGIN CERTIFICATE-----
MIIGMjCCBRqgAwIBAgISAY9iERFj26ofgdIi8OdxvL6uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmY2FkODlkZjFiZjk5YTM2ZjI5MGNjM2VmMGYxZTdiNGQw
Mjc1MzMwHhcNMjQwNTEwMTAzMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzMzZmJmZjlkNzIyZTdmN2JkYmZjNmJmM2IzMDRmMjU1MDY3MGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyUSjyZzjlIB9VZ9Kvd39Ki+2ONI
WC84zUUQtfvEb1Mgx+3DFoYzbqwPHnqFiAVaYK4pyZUjWjUCLLZ+WH0fuAX4RY4N
ckEAPYFWgmFiXKpThPgSLIq5TAGPUXA3YX1WaaJcp+XOlXRS/hMWIpA6Xw96kv/c
ynDg5+76fW6jBcq5hrHcDg7IYp7QYyeXl955zs7BvRjNURrp01KoMg9JXdCH6Fxg
G1mkslRj6Olk5QxzWJm5gfBdUMb+MEYmuIce8CSFqKYJ2fwNX9oqJ/lL5Sm9d4fm
2bdJ7327vdCB1v839Z+zmWmf6aA8V3Taz44T3Hz/SX/gzltCJN3bDNXlZQIDAQAB
o4IDPjCCAzowHQYDVR0OBBYEFNwz+/+dci5/e9v8a/OzBPJVBnDsMB8GA1UdIwQY
MBaAFH/K2J3xv5mjbykMw+8PHntNAnUzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjhyWW5mR19tYU52S1F6RDd3OGVlMDBDZFRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85ZjhiMTYtMjg0Zi00NTEyLWIzZGMt
MDE1ZDlmMWI0YjUwLzEvM0RQN181MXlMbjk3Ml94cjg3TUU4bFVHY093LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85ZjhiMTYtMjg0Zi00NTEyLWIzZGMtMDE1ZDlmMWI0YjUw
LzEvZjhyWW5mR19tYU52S1F6RDd3OGVlMDBDZFRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUgYIKwYBBQUHAQcBAf8EggFBMIIBPTCCASoEAgABMIIB
IgMEAAUI+AMEAi1R4AMEAi1SRAMEAi1SsAMEAi1XAAMEAi2IVAMEAi2JQAMEAC4S
awMEAC4V+gMEAk3c1AMEAFEfxQMEAFvJGQMEAFvQfwMEAFvR4gMEAFvkOAMEAF58
TgMEAbKfJgMEAbKfKgMEALkXbAMEALkzeQMEAbkz9gMEALldBgMEALlr7QMEALnJ
/AMEALnMbQMEALnl+wMEALnopAMEArnrgAMEArnxNAMEArn02AMEArn6zAMEALn7
GQMEAMEWFQMEAME4CAMEAMGjBwMEAMGjcQMEAMGpaQMEAMIPLgMEAMIdNQMEANQI
9AMEANQI9gMEANQX3TAMAwQA1FZlAwQA1FZmAwQB1FZsAwQB1FZyAwQC1KKYAwQC
1aZEMA0EAgACMAcDBQMqB1mAMA0GCSqGSIb3DQEBCwUAA4IBAQCVyQo++3x9jkAO
1A4R5WTAh6/mvpwp50rhggr8DsgzpFVU8hbfR4PONUSgAJOGXEBLcyQ4TBFJw56U
I1h7L7Kwh6HEvGpv1PVgFcu5ytYAkjgNMXDKRn++N0kWmnK0l2/vGnHSeDfdNQo+
7bqIFQwMfhH5+/+IwsgVSG+wV4OJxeqHStXwE5guW10nkWse8fGRia/LHHrSBu9a
G4yyHGdMIcnvJepmsYMjx92jLDqUILpqOHgVPf2QWbzpkkumps1thBTgYC6BDuYB
hlnZnAAxOVypMoIl0DgARKMx2nVgKVSWTSpqQZT/stgJ676tAiPBZ1suJBBM9spz
HG8qhTJ0
-----END CERTIFICATE-----
Generated at Tue May 14 12:52:44 2024 by rpki-client on console-ams.rpki-client.org