Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/FE2z6slO2-PCnUqD5R3YX-A3kRg.roa
File: FE2z6slO2-PCnUqD5R3YX-A3kRg.roa (raw, json)
Hash identifier: lQBTt0WEp/flEjOXW500lTmKq/k/TvRU/hx9IBoWyzI=
Subject key identifier: 14:4D:B3:EA:C9:4E:DB:E3:C2:9D:4A:83:E5:1D:D8:5F:E0:37:91:18
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 018BDEBCDE3E3E5B95BD4F061ABAE4E66446
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/FE2z6slO2-PCnUqD5R3YX-A3kRg.roa
Signing time: Fri 17 Nov 2023 19:23:21 +0000
ROA not before: Fri 17 Nov 2023 19:23:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1680
IP address blocks: 212.29.192.0/18 maxlen: 18
176.13.0.0/16 maxlen: 24
212.235.0.0/17 maxlen: 24
147.161.8.0/21 maxlen: 24
89.138.0.0/16 maxlen: 16
207.232.0.0/18 maxlen: 18
62.90.135.0/24 maxlen: 24
37.26.144.0/21 maxlen: 24
212.29.244.0/24 maxlen: 24
147.234.84.0/24 maxlen: 24
147.234.83.0/24 maxlen: 24
147.234.86.0/24 maxlen: 24
147.234.26.0/24 maxlen: 24
147.234.28.0/24 maxlen: 24
147.234.27.0/24 maxlen: 24
147.234.27.0/25 maxlen: 25
147.234.27.128/25 maxlen: 25
82.166.201.128/25 maxlen: 25
147.234.43.0/24 maxlen: 24
212.150.0.0/16 maxlen: 24
176.12.128.0/17 maxlen: 24
194.90.1.0/24 maxlen: 24
62.90.0.0/16 maxlen: 24
194.90.0.0/16 maxlen: 24
46.117.0.0/16 maxlen: 16
212.143.194.0/24 maxlen: 24
46.210.0.0/16 maxlen: 24
93.173.0.0/16 maxlen: 16
141.226.134.0/24 maxlen: 24
199.203.1.0/24 maxlen: 24
199.203.0.0/16 maxlen: 16
89.139.0.0/16 maxlen: 16
82.166.0.0/16 maxlen: 24
199.203.21.0/24 maxlen: 24
85.65.0.0/16 maxlen: 16
46.116.0.0/16 maxlen: 16
212.143.0.0/16 maxlen: 24
147.234.17.0/24 maxlen: 24
199.203.191.0/24 maxlen: 24
147.234.22.0/24 maxlen: 24
80.250.144.0/20 maxlen: 24
95.35.0.0/16 maxlen: 24
82.166.100.0/22 maxlen: 24
82.166.112.0/21 maxlen: 24
192.118.30.0/23 maxlen: 23
192.118.28.0/22 maxlen: 22
192.118.28.0/23 maxlen: 23
93.172.0.0/16 maxlen: 16
62.0.88.0/22 maxlen: 24
62.0.87.0/24 maxlen: 24
62.0.94.0/24 maxlen: 24
62.0.92.0/23 maxlen: 24
109.253.0.0/16 maxlen: 24
62.0.0.0/16 maxlen: 24
85.64.0.0/16 maxlen: 16
217.132.0.0/16 maxlen: 16
109.186.0.0/16 maxlen: 16
85.250.0.0/16 maxlen: 16
141.226.132.0/24 maxlen: 24
62.0.116.0/22 maxlen: 24
62.0.114.0/23 maxlen: 24
62.0.120.0/21 maxlen: 24
62.0.128.0/23 maxlen: 24
2001:4df0::/32 maxlen: 32
2a02:148::/32 maxlen: 32
2a02:149::/32 maxlen: 32
2001:4df2::/32 maxlen: 32
2001:4df3::/32 maxlen: 32
2a02:148::/29 maxlen: 32
2a02:14b::/32 maxlen: 32
2a03:c5c0::/32 maxlen: 48
2a02:14f::/32 maxlen: 32
2001:4df7::/32 maxlen: 32
2a02:14e::/32 maxlen: 32
2001:4df6::/32 maxlen: 32
2001:4df5::/32 maxlen: 32
2a02:14c::/32 maxlen: 32
2001:4df0::/29 maxlen: 32
2001:4df1::/32 maxlen: 32
2a02:14a::/32 maxlen: 32
2001:4df4::/32 maxlen: 32
2a02:14d::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:de:bc:de:3e:3e:5b:95:bd:4f:06:1a:ba:e4:e6:64:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Nov 17 19:23:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=144db3eac94edbe3c29d4a83e51dd85fe0379118
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:a1:69:00:0b:22:a3:bd:6a:67:09:64:09:14:
d7:00:85:ad:7d:ab:1c:3b:d0:f8:e7:e8:22:7f:05:
74:9f:af:c8:99:7a:d4:5e:b4:75:71:1d:28:61:53:
09:b9:b9:63:f3:b5:5e:9f:e8:21:9c:20:5d:4e:88:
02:49:4b:46:6f:79:c2:63:4f:4c:d4:e3:75:1e:f1:
a7:db:af:84:31:be:be:ac:22:ad:1c:fa:47:f8:80:
b3:79:73:ad:73:ff:a1:10:b5:b5:72:fd:2b:68:f3:
99:6a:37:bd:c0:18:56:3e:b0:58:f8:18:74:80:f5:
23:cb:d9:a1:5e:fb:da:8e:be:3d:57:ff:35:85:1a:
8c:b0:42:7e:fe:7e:06:01:fb:4c:87:f8:0c:a8:59:
3b:18:d6:08:62:85:4a:fb:66:95:93:6a:14:e3:82:
22:da:58:7b:09:28:b9:21:3f:f3:42:fc:21:b3:b1:
e6:63:96:46:09:dd:d8:b7:74:58:f7:68:48:bc:49:
41:2e:ac:3c:e7:f4:43:b8:e8:42:fb:a1:94:df:c2:
ae:05:24:02:18:f3:a7:6c:93:bc:8a:4e:55:c4:20:
d1:fb:e8:63:c4:b7:7e:80:a9:cf:cb:1a:42:fb:bf:
c0:4e:0a:c0:ff:36:4a:25:11:25:66:8f:6b:05:ef:
c9:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:4D:B3:EA:C9:4E:DB:E3:C2:9D:4A:83:E5:1D:D8:5F:E0:37:91:18
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/FE2z6slO2-PCnUqD5R3YX-A3kRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.144.0/21
46.116.0.0/15
46.210.0.0/16
62.0.0.0/16
62.90.0.0/16
80.250.144.0/20
82.166.0.0/16
85.64.0.0/15
85.250.0.0/16
89.138.0.0/15
93.172.0.0/15
95.35.0.0/16
109.186.0.0/16
109.253.0.0/16
141.226.132.0/24
141.226.134.0/24
147.161.8.0/21
147.234.17.0/24
147.234.22.0/24
147.234.26.0-147.234.28.255
147.234.43.0/24
147.234.83.0-147.234.84.255
147.234.86.0/24
176.12.128.0-176.13.255.255
192.118.28.0/22
194.90.0.0/16
199.203.0.0/16
207.232.0.0/18
212.29.192.0/18
212.143.0.0/16
212.150.0.0/16
212.235.0.0/17
217.132.0.0/16
IPv6:
2001:4df0::/29
2a02:148::/29
2a03:c5c0::/32
Signature Algorithm: sha256WithRSAEncryption
4b:94:97:c6:4b:b3:5c:26:55:c1:f8:8d:e7:fb:73:c4:d7:a6:
36:fb:59:0a:96:30:15:b4:2f:74:6e:6c:ac:9a:6f:6a:99:21:
a5:16:4b:2d:d6:2d:ed:0f:8c:8f:e9:8b:6a:05:16:dd:b3:52:
22:ee:92:ad:12:c4:16:12:cb:4c:ff:fc:55:74:90:0d:8b:a2:
c3:bd:07:87:bb:93:0d:b7:88:38:5a:a2:4d:b3:4c:de:cb:64:
a8:ea:5b:f7:c9:ce:a4:2a:6a:f0:fa:d0:45:2e:6f:ea:ba:6a:
e0:77:c7:55:67:aa:80:6e:3d:44:69:72:a9:d0:4b:aa:9a:f2:
bc:a9:4a:c1:21:e1:a1:4e:e0:9d:7a:96:b1:17:cd:83:e2:b5:
fd:d9:ae:fa:4f:dc:71:63:8a:9d:10:4a:cb:80:7e:e0:ea:a8:
bb:0d:54:4a:c1:9a:57:18:43:29:12:54:5f:8b:d1:50:63:04:
df:52:e5:9e:dd:32:eb:59:50:09:fa:cc:20:b2:c6:dc:8a:5d:
f4:be:45:e7:68:12:99:5d:89:22:aa:13:96:7d:30:98:f3:98:
e6:51:f4:94:b0:f5:48:30:7e:01:ac:d0:74:18:37:62:a2:a2:
7c:9b:6c:09:93:42:a3:3d:d6:04:5c:97:1f:e4:b0:66:d2:73:
97:82:19:d4
-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgISAYvevN4+PluVvU8GGrrk5mRGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjMxMTE3MTkyMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDRkYjNlYWM5NGVkYmUzYzI5ZDRhODNlNTFkZDg1ZmUwMzc5MTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6FpAAsio71qZwlkCRTXAIWtfasc
O9D45+gifwV0n6/ImXrUXrR1cR0oYVMJublj87Ven+ghnCBdTogCSUtGb3nCY09M
1ON1HvGn26+EMb6+rCKtHPpH+ICzeXOtc/+hELW1cv0raPOZaje9wBhWPrBY+Bh0
gPUjy9mhXvvajr49V/81hRqMsEJ+/n4GAftMh/gMqFk7GNYIYoVK+2aVk2oU44Ii
2lh7CSi5IT/zQvwhs7HmY5ZGCd3Yt3RY92hIvElBLqw85/RDuOhC+6GU38KuBSQC
GPOnbJO8ik5VxCDR++hjxLd+gKnPyxpC+7/ATgrA/zZKJRElZo9rBe/J4QIDAQAB
o4IC8jCCAu4wHQYDVR0OBBYEFBRNs+rJTtvjwp1Kg+Ud2F/gN5EYMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvRkUyejZzbE8yLVBDblVxRDVSM1lYLUEza1JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBgYIKwYBBQUHAQcBAf8EgfYwgfMwgdMEAgABMIHMAwQD
JRqQAwMBLnQDAwAu0gMDAD4AAwMAPloDBARQ+pADAwBSpgMDAVVAAwMAVfoDAwFZ
igMDAV2sAwMAXyMDAwBtugMDAG39AwQAjeKEAwQAjeKGAwQDk6EIAwQAk+oRAwQA
k+oWMAwDBAGT6hoDBACT6hwDBACT6iswDAMEAJPqUwMEAJPqVAMEAJPqVjALAwQH
sAyAAwMBsAwDBALAdhwDAwDCWgMDAMfLAwQGz+gAAwQG1B3AAwMA1I8DAwDUlgME
B9TrAAMDANmEMBsEAgACMBUDBQMgAU3wAwUDKgIBSAMFACoDxcAwDQYJKoZIhvcN
AQELBQADggEBAEuUl8ZLs1wmVcH4jef7c8TXpjb7WQqWMBW0L3RubKyab2qZIaUW
Sy3WLe0PjI/pi2oFFt2zUiLukq0SxBYSy0z//FV0kA2LosO9B4e7kw23iDhaok2z
TN7LZKjqW/fJzqQqavD60EUub+q6auB3x1VnqoBuPURpcqnQS6qa8rypSsEh4aFO
4J16lrEXzYPitf3ZrvpP3HFjip0QSsuAfuDqqLsNVErBmlcYQykSVF+L0VBjBN9S
5Z7dMutZUAn6zCCyxtyKXfS+RedoEpldiSKqE5Z9MJjzmOZR9JSw9UgwfgGs0HQY
N2KionybbAmTQqM91gRclx/ksGbSc5eCGdQ=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:44 2024 by rpki-client on console-ams.rpki-client.org