Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/35HPWckaOhhguafQ7MH0_SYQ0ps.roa
File: 35HPWckaOhhguafQ7MH0_SYQ0ps.roa (raw, json)
Hash identifier: LUUrKlUl/obkw4t+ur5ysFBbAjoNBn1LTpaL6hirrs0=
Subject key identifier: DF:91:CF:59:C9:1A:3A:18:60:B9:A7:D0:EC:C1:F4:FD:26:10:D2:9B
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 018CCA2A24174B80B699B677B4FF75638CFB
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/35HPWckaOhhguafQ7MH0_SYQ0ps.roa
Signing time: Tue 02 Jan 2024 12:33:28 +0000
ROA not before: Tue 02 Jan 2024 12:33:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48309
IP address blocks: 37.191.92.0/22 maxlen: 24
37.191.64.0/22 maxlen: 22
37.191.68.0/22 maxlen: 22
37.191.74.0/24 maxlen: 24
37.191.72.0/22 maxlen: 22
37.191.76.0/22 maxlen: 22
37.191.80.0/21 maxlen: 24
37.191.88.0/22 maxlen: 22
188.136.161.0/24 maxlen: 24
188.136.163.0/24 maxlen: 24
188.136.165.0/24 maxlen: 24
188.136.160.0/24 maxlen: 24
188.136.162.0/24 maxlen: 24
188.136.164.0/24 maxlen: 24
188.136.166.0/24 maxlen: 24
188.136.167.0/24 maxlen: 24
188.136.169.0/24 maxlen: 24
188.136.171.0/24 maxlen: 24
188.136.168.0/24 maxlen: 24
188.136.170.0/24 maxlen: 24
188.136.172.0/24 maxlen: 24
188.136.173.0/24 maxlen: 24
188.136.175.0/24 maxlen: 24
188.136.176.0/21 maxlen: 21
188.136.174.0/24 maxlen: 24
188.136.185.0/24 maxlen: 24
188.136.184.0/24 maxlen: 24
188.136.186.0/24 maxlen: 24
188.136.192.0/23 maxlen: 23
188.136.187.0/24 maxlen: 24
188.136.188.0/24 maxlen: 24
188.136.190.0/24 maxlen: 24
188.136.189.0/24 maxlen: 24
188.136.191.0/24 maxlen: 24
188.136.194.0/24 maxlen: 24
188.136.196.0/24 maxlen: 24
188.136.196.0/22 maxlen: 22
188.136.195.0/24 maxlen: 24
188.136.200.0/24 maxlen: 24
188.136.202.0/24 maxlen: 24
188.136.204.0/24 maxlen: 24
188.136.206.0/24 maxlen: 24
188.136.201.0/24 maxlen: 24
188.136.203.0/24 maxlen: 24
188.136.205.0/24 maxlen: 24
188.136.208.0/24 maxlen: 24
188.136.210.0/24 maxlen: 24
188.136.212.0/24 maxlen: 24
188.136.207.0/24 maxlen: 24
188.136.209.0/24 maxlen: 24
188.136.211.0/24 maxlen: 24
188.136.213.0/24 maxlen: 24
188.136.129.0/24 maxlen: 24
188.136.131.0/24 maxlen: 24
188.136.128.0/24 maxlen: 24
188.136.130.0/24 maxlen: 24
188.136.132.0/24 maxlen: 24
188.136.133.0/24 maxlen: 24
188.136.135.0/24 maxlen: 24
188.136.134.0/24 maxlen: 24
188.136.141.0/24 maxlen: 24
188.136.143.0/24 maxlen: 24
188.136.145.0/24 maxlen: 24
188.136.140.0/22 maxlen: 24
188.136.144.0/22 maxlen: 22
188.136.142.0/24 maxlen: 24
188.136.144.0/24 maxlen: 24
31.25.104.0/22 maxlen: 22
188.136.149.0/24 maxlen: 24
188.136.147.0/24 maxlen: 24
188.136.151.0/24 maxlen: 24
31.25.108.0/24 maxlen: 24
31.25.110.0/23 maxlen: 23
188.136.146.0/24 maxlen: 24
188.136.150.0/24 maxlen: 24
188.136.152.0/24 maxlen: 24
31.25.109.0/24 maxlen: 24
188.136.153.0/24 maxlen: 24
188.136.155.0/24 maxlen: 24
188.136.157.0/24 maxlen: 24
188.136.159.0/24 maxlen: 24
188.136.154.0/24 maxlen: 24
188.136.156.0/24 maxlen: 24
188.136.158.0/24 maxlen: 24
188.136.214.0/24 maxlen: 24
188.136.216.0/22 maxlen: 22
188.136.215.0/24 maxlen: 24
188.136.222.0/24 maxlen: 24
188.136.223.0/24 maxlen: 24
185.85.68.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 26 Jun 2024 12:29:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:24:17:4b:80:b6:99:b6:77:b4:ff:75:63:8c:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Jan 2 12:33:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df91cf59c91a3a1860b9a7d0ecc1f4fd2610d29b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:de:f1:cb:2f:64:d3:e7:03:c7:6e:2f:3d:8b:
b9:32:b0:ee:36:e9:bc:be:39:3b:c4:eb:c4:0c:3b:
50:d9:e6:15:60:11:b1:2a:6d:eb:0a:f6:1d:79:5c:
33:0a:31:c5:65:92:d1:73:2b:7e:1e:e1:2c:62:0d:
b1:8b:ee:e2:f2:31:8d:96:73:1d:b8:96:30:93:4e:
4d:fb:ad:45:ff:e9:8c:fd:37:05:13:a3:14:1c:54:
17:47:01:04:c8:1e:fd:00:20:53:e8:33:e7:3b:15:
5f:16:a8:bb:fd:16:35:1d:9c:73:c7:ca:ad:29:26:
54:9f:fd:54:49:23:cd:69:1b:2c:c5:e1:28:9d:04:
72:1a:c1:e9:a1:0e:6c:3d:c7:31:fe:6a:25:9a:1a:
1c:1d:e2:8c:f7:ac:5f:19:64:33:29:2b:f5:3b:b0:
e6:b0:5a:da:24:94:71:ca:8a:a0:35:1c:9c:0b:3a:
36:ce:f0:bd:52:b9:82:e9:f5:5b:31:e8:d2:4b:fd:
c0:b5:4d:4e:13:89:24:ae:da:e1:43:25:eb:da:2d:
75:d2:f9:4d:ad:71:7b:a1:9d:b3:14:3f:7f:6a:0c:
56:e2:fd:d0:3a:79:a1:e6:5c:29:05:b0:78:fa:ab:
13:44:ed:11:96:30:d6:9a:cd:cc:ab:64:a3:5a:74:
a8:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:91:CF:59:C9:1A:3A:18:60:B9:A7:D0:EC:C1:F4:FD:26:10:D2:9B
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/35HPWckaOhhguafQ7MH0_SYQ0ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.104.0/21
37.191.64.0/19
185.85.68.0/22
188.136.128.0/21
188.136.140.0-188.136.147.255
188.136.149.0-188.136.219.255
188.136.222.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:0b:95:0f:00:f0:9f:62:67:5b:b9:e0:9a:e9:c4:7a:04:57:
d1:16:81:0b:ce:0f:d9:97:66:b7:f2:7c:3f:e8:c4:8e:21:18:
57:b9:fb:21:3e:58:bd:b0:95:4a:29:60:be:71:b7:b5:51:ef:
e7:83:8b:51:85:87:a6:e3:e4:1f:f3:25:d1:a9:e1:4b:73:09:
c1:4e:8f:4b:cf:ec:ed:cb:40:fb:41:e8:6e:b1:2e:a3:ec:36:
4f:e1:36:7b:f8:b8:23:52:ee:8d:e5:2b:a4:4b:09:d7:16:cf:
9e:40:d4:5d:b4:f2:7e:35:9d:40:b8:61:66:b3:3b:1f:3c:a8:
79:2b:80:20:43:74:c3:30:c8:b1:7a:e4:d1:bc:3d:08:bb:d5:
31:23:86:57:14:0b:d0:24:69:cd:f4:48:57:77:52:1e:de:5b:
81:5b:0c:f4:fe:b1:9d:9f:ce:cc:6f:99:21:31:64:16:c8:8f:
ba:b6:0d:86:1c:d1:b9:cb:b7:7a:18:05:3d:9d:d9:ce:cc:cb:
32:49:7d:2c:0f:3b:e9:76:2e:c1:80:70:63:2a:31:a3:db:fa:
b9:92:96:41:29:7f:05:ea:eb:91:81:36:a1:52:d5:e5:a5:1d:
d0:c9:e3:6d:43:44:54:27:6a:cd:20:ad:71:87:30:4b:65:bf:
44:6f:51:68
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzKKiQXS4C2mbZ3tP91Y4z7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjQwMTAyMTIzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjkxY2Y1OWM5MWEzYTE4NjBiOWE3ZDBlY2MxZjRmZDI2MTBkMjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAut7xyy9k0+cDx24vPYu5MrDuNum8
vjk7xOvEDDtQ2eYVYBGxKm3rCvYdeVwzCjHFZZLRcyt+HuEsYg2xi+7i8jGNlnMd
uJYwk05N+61F/+mM/TcFE6MUHFQXRwEEyB79ACBT6DPnOxVfFqi7/RY1HZxzx8qt
KSZUn/1USSPNaRssxeEonQRyGsHpoQ5sPccx/molmhocHeKM96xfGWQzKSv1O7Dm
sFraJJRxyoqgNRycCzo2zvC9UrmC6fVbMejSS/3AtU1OE4kkrtrhQyXr2i110vlN
rXF7oZ2zFD9/agxW4v3QOnmh5lwpBbB4+qsTRO0RljDWms3Mq2SjWnSoSwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFN+Rz1nJGjoYYLmn0OzB9P0mENKbMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvMzVIUFdja2FPaGhndWFmUTdNSDBfU1lRMHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQDHxloAwQF
Jb9AAwQCuVVEAwQDvIiAMAwDBAK8iIwDBAK8iJAwDAMEALyIlQMEAryI2AMEAbyI
3jANBgkqhkiG9w0BAQsFAAOCAQEAoguVDwDwn2JnW7ngmunEegRX0RaBC84P2Zdm
t/J8P+jEjiEYV7n7IT5YvbCVSilgvnG3tVHv54OLUYWHpuPkH/Ml0anhS3MJwU6P
S8/s7ctA+0HobrEuo+w2T+E2e/i4I1LujeUrpEsJ1xbPnkDUXbTyfjWdQLhhZrM7
HzyoeSuAIEN0wzDIsXrk0bw9CLvVMSOGVxQL0CRpzfRIV3dSHt5bgVsM9P6xnZ/O
zG+ZITFkFsiPurYNhhzRucu3ehgFPZ3ZzszLMkl9LA876XYuwYBwYyoxo9v6uZKW
QSl/BerrkYE2oVLV5aUd0MnjbUNEVCdqzSCtcYcwS2W/RG9RaA==
-----END CERTIFICATE-----
Generated at Wed Jun 26 19:05:29 2024 by rpki-client on console-fra.rpki-client.org