Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/RH3wjCe3R6uLOPYozJe9IRJzrAo.roa
File: RH3wjCe3R6uLOPYozJe9IRJzrAo.roa (raw, json)
Hash identifier: kaWmp/bG5gxTE7V++9s1imxf/DMYiSScTJiwEGxbNdo=
Subject key identifier: 44:7D:F0:8C:27:B7:47:AB:8B:38:F6:28:CC:97:BD:21:12:73:AC:0A
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 0186B21C8C218FDAC2A690679A8395F6C46A
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/RH3wjCe3R6uLOPYozJe9IRJzrAo.roa
Signing time: Sun 05 Mar 2023 14:11:00 +0000
ROA not before: Sun 05 Mar 2023 14:11:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48309
IP address blocks: 37.191.92.0/22 maxlen: 22
37.191.64.0/22 maxlen: 22
37.191.68.0/22 maxlen: 22
37.191.74.0/24 maxlen: 24
37.191.72.0/22 maxlen: 22
37.191.76.0/22 maxlen: 22
37.191.80.0/21 maxlen: 24
37.191.88.0/22 maxlen: 22
188.136.161.0/24 maxlen: 24
188.136.163.0/24 maxlen: 24
188.136.165.0/24 maxlen: 24
188.136.160.0/24 maxlen: 24
188.136.162.0/24 maxlen: 24
188.136.164.0/24 maxlen: 24
188.136.166.0/24 maxlen: 24
188.136.167.0/24 maxlen: 24
188.136.169.0/24 maxlen: 24
188.136.171.0/24 maxlen: 24
188.136.168.0/24 maxlen: 24
188.136.170.0/24 maxlen: 24
188.136.172.0/24 maxlen: 24
188.136.173.0/24 maxlen: 24
188.136.175.0/24 maxlen: 24
188.136.176.0/21 maxlen: 21
188.136.174.0/24 maxlen: 24
188.136.185.0/24 maxlen: 24
188.136.184.0/24 maxlen: 24
188.136.186.0/24 maxlen: 24
188.136.192.0/23 maxlen: 23
188.136.187.0/24 maxlen: 24
188.136.188.0/24 maxlen: 24
188.136.190.0/24 maxlen: 24
188.136.189.0/24 maxlen: 24
188.136.191.0/24 maxlen: 24
188.136.194.0/24 maxlen: 24
188.136.196.0/24 maxlen: 24
188.136.196.0/22 maxlen: 22
188.136.195.0/24 maxlen: 24
188.136.200.0/24 maxlen: 24
188.136.202.0/24 maxlen: 24
188.136.204.0/24 maxlen: 24
188.136.206.0/24 maxlen: 24
188.136.201.0/24 maxlen: 24
188.136.203.0/24 maxlen: 24
188.136.205.0/24 maxlen: 24
188.136.208.0/24 maxlen: 24
188.136.210.0/24 maxlen: 24
188.136.212.0/24 maxlen: 24
188.136.207.0/24 maxlen: 24
188.136.209.0/24 maxlen: 24
188.136.211.0/24 maxlen: 24
188.136.213.0/24 maxlen: 24
188.136.129.0/24 maxlen: 24
188.136.131.0/24 maxlen: 24
188.136.128.0/24 maxlen: 24
188.136.130.0/24 maxlen: 24
188.136.132.0/24 maxlen: 24
188.136.133.0/24 maxlen: 24
188.136.135.0/24 maxlen: 24
188.136.134.0/24 maxlen: 24
188.136.141.0/24 maxlen: 24
188.136.143.0/24 maxlen: 24
188.136.145.0/24 maxlen: 24
188.136.144.0/22 maxlen: 22
188.136.140.0/24 maxlen: 24
188.136.142.0/24 maxlen: 24
188.136.144.0/24 maxlen: 24
31.25.104.0/22 maxlen: 22
188.136.149.0/24 maxlen: 24
188.136.147.0/24 maxlen: 24
188.136.151.0/24 maxlen: 24
31.25.108.0/24 maxlen: 24
31.25.110.0/23 maxlen: 23
188.136.146.0/24 maxlen: 24
188.136.150.0/24 maxlen: 24
188.136.152.0/24 maxlen: 24
31.25.109.0/24 maxlen: 24
188.136.153.0/24 maxlen: 24
188.136.155.0/24 maxlen: 24
188.136.157.0/24 maxlen: 24
188.136.159.0/24 maxlen: 24
188.136.154.0/24 maxlen: 24
188.136.156.0/24 maxlen: 24
188.136.158.0/24 maxlen: 24
188.136.214.0/24 maxlen: 24
188.136.216.0/22 maxlen: 22
188.136.215.0/24 maxlen: 24
188.136.222.0/24 maxlen: 24
188.136.223.0/24 maxlen: 24
185.85.68.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 02 Sep 2023 13:16:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b2:1c:8c:21:8f:da:c2:a6:90:67:9a:83:95:f6:c4:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Mar 5 14:11:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=447df08c27b747ab8b38f628cc97bd211273ac0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d0:bf:9a:2a:47:84:60:ff:12:25:f2:50:54:
40:a2:a4:ba:83:11:c0:a1:49:ef:09:f5:9d:53:66:
70:af:11:66:ac:f7:91:64:55:4e:a4:ac:ac:b4:0a:
ce:64:5e:21:2e:6d:b1:60:87:c5:57:fb:76:a6:7d:
19:c2:fe:31:74:18:92:90:de:11:30:15:67:6d:99:
fd:4c:0d:49:d6:06:8c:4c:22:b2:f7:82:26:a3:c3:
cd:3f:6f:b5:03:8c:46:20:94:94:7e:9b:4c:41:57:
d3:74:18:e3:b7:47:a3:a4:f6:a1:6e:d6:1c:58:0d:
07:8e:8f:e7:62:f9:90:be:dc:0a:7e:6e:37:6f:ce:
e0:7a:a4:05:1f:21:9b:5b:65:37:81:49:2e:da:e9:
e9:c3:e7:61:92:82:85:34:23:22:a8:c1:25:b2:47:
ee:5a:c3:8c:90:d8:fb:ef:b8:2d:46:2d:5b:ca:3e:
c1:6a:fd:17:d8:4f:ba:88:50:40:ee:f3:fa:71:a7:
30:80:f6:11:9b:8b:d2:0a:04:f7:3d:35:97:cf:95:
57:ec:d7:ce:b7:f3:cf:f5:fa:47:4c:37:ed:0d:9d:
cf:01:99:0e:12:99:ab:f3:5d:24:87:49:0b:ac:7e:
20:5f:38:9e:41:ca:14:64:20:56:3b:57:0d:6e:96:
1c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:7D:F0:8C:27:B7:47:AB:8B:38:F6:28:CC:97:BD:21:12:73:AC:0A
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/RH3wjCe3R6uLOPYozJe9IRJzrAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.104.0/21
37.191.64.0/19
185.85.68.0/22
188.136.128.0/21
188.136.140.0-188.136.147.255
188.136.149.0-188.136.219.255
188.136.222.0/23
Signature Algorithm: sha256WithRSAEncryption
09:fa:e3:60:5e:29:83:07:d0:bc:15:79:27:96:13:79:55:c9:
e9:8e:a1:71:fa:18:c6:cf:2c:a4:9d:5b:63:c0:d1:2a:4c:ec:
fd:c3:95:f5:ab:f1:c6:61:64:d8:24:ac:84:e2:4a:38:13:e0:
98:7c:59:9f:4c:02:f2:fb:27:1b:a8:61:43:f0:63:6f:dd:38:
e6:98:60:23:19:4f:fe:30:7c:93:da:b9:a3:d6:72:e4:78:98:
09:15:ea:ed:32:dd:95:4d:af:ab:c4:a6:f9:14:97:9f:62:b3:
37:cb:1e:cd:db:ae:44:97:61:3d:db:46:c7:46:6f:6e:8d:c1:
fe:d6:2a:4a:03:da:3b:c2:95:1e:1a:c3:30:82:a4:0d:51:e8:
e5:22:0d:2b:ad:86:df:c6:15:7f:58:74:7e:dc:f1:5c:3d:44:
17:86:1e:cf:4e:4a:31:9f:af:b9:77:ca:f7:d2:f3:99:0a:c6:
cc:6f:a1:23:60:72:fd:05:14:7e:da:89:c0:35:ae:3e:e8:21:
b2:2c:aa:b8:34:ec:4a:b0:db:8d:d8:e5:b3:e3:39:ab:75:07:
50:43:91:bf:a2:d2:c9:9d:1a:fc:fb:52:2c:d1:c7:4c:18:16:
32:b3:31:21:dd:b5:26:cc:f1:7d:4e:ba:d2:73:ff:00:c5:11:
41:04:89:4c
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYayHIwhj9rCppBnmoOV9sRqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjMwMzA1MTQxMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDdkZjA4YzI3Yjc0N2FiOGIzOGY2MjhjYzk3YmQyMTEyNzNhYzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9C/mipHhGD/EiXyUFRAoqS6gxHA
oUnvCfWdU2ZwrxFmrPeRZFVOpKystArOZF4hLm2xYIfFV/t2pn0Zwv4xdBiSkN4R
MBVnbZn9TA1J1gaMTCKy94Imo8PNP2+1A4xGIJSUfptMQVfTdBjjt0ejpPahbtYc
WA0Hjo/nYvmQvtwKfm43b87geqQFHyGbW2U3gUku2unpw+dhkoKFNCMiqMElskfu
WsOMkNj777gtRi1byj7Bav0X2E+6iFBA7vP6cacwgPYRm4vSCgT3PTWXz5VX7NfO
t/PP9fpHTDftDZ3PAZkOEpmr810kh0kLrH4gXzieQcoUZCBWO1cNbpYcgQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFER98Iwnt0erizj2KMyXvSESc6wKMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvUkgzd2pDZTNSNnVMT1BZb3pKZTlJUkp6ckFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQDHxloAwQF
Jb9AAwQCuVVEAwQDvIiAMAwDBAK8iIwDBAK8iJAwDAMEALyIlQMEAryI2AMEAbyI
3jANBgkqhkiG9w0BAQsFAAOCAQEACfrjYF4pgwfQvBV5J5YTeVXJ6Y6hcfoYxs8s
pJ1bY8DRKkzs/cOV9avxxmFk2CSshOJKOBPgmHxZn0wC8vsnG6hhQ/Bjb9045phg
IxlP/jB8k9q5o9Zy5HiYCRXq7TLdlU2vq8Sm+RSXn2KzN8sezduuRJdhPdtGx0Zv
bo3B/tYqSgPaO8KVHhrDMIKkDVHo5SINK62G38YVf1h0ftzxXD1EF4Yez05KMZ+v
uXfK99LzmQrGzG+hI2By/QUUftqJwDWuPughsiyquDTsSrDbjdjls+M5q3UHUEOR
v6LSyZ0a/PtSLNHHTBgWMrMxId21JszxfU660nP/AMURQQSJTA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:06 2024 by rpki-client on console-ams.rpki-client.org