Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/kA-2pGfkeaLIK6MavOin3reaYGQ.roa
File: kA-2pGfkeaLIK6MavOin3reaYGQ.roa (raw, json)
Hash identifier: J8ZumCmO/M+Mj/n5g/P0QE+dsy+KPXeKXEZtS5Tp0YE=
Subject key identifier: 90:0F:B6:A4:67:E4:79:A2:C8:2B:A3:1A:BC:E8:A7:DE:B7:9A:60:64
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 018BB3396DE8C3891F09E7330D0C4DB19A0A
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/kA-2pGfkeaLIK6MavOin3reaYGQ.roa
Signing time: Thu 09 Nov 2023 08:36:07 +0000
ROA not before: Thu 09 Nov 2023 08:36:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49037
IP address blocks: 95.174.98.0/24 maxlen: 24
95.174.96.0/23 maxlen: 23
95.174.102.0/24 maxlen: 24
95.174.101.0/24 maxlen: 24
95.174.100.0/24 maxlen: 24
95.174.99.0/24 maxlen: 24
95.174.105.0/24 maxlen: 24
95.174.104.0/24 maxlen: 24
95.174.103.0/24 maxlen: 24
95.174.109.0/24 maxlen: 24
95.174.108.0/24 maxlen: 24
95.174.107.0/24 maxlen: 24
95.174.106.0/24 maxlen: 24
95.174.112.0/24 maxlen: 24
95.174.111.0/24 maxlen: 24
95.174.110.0/24 maxlen: 24
95.174.116.0/24 maxlen: 24
95.174.115.0/24 maxlen: 24
95.174.114.0/24 maxlen: 24
95.174.113.0/24 maxlen: 24
95.174.118.0/24 maxlen: 24
95.174.117.0/24 maxlen: 24
95.174.125.0/24 maxlen: 24
95.174.124.0/24 maxlen: 24
95.174.123.0/24 maxlen: 24
95.174.120.0/24 maxlen: 24
95.174.119.0/24 maxlen: 24
95.174.127.0/24 maxlen: 24
95.174.126.0/24 maxlen: 24
185.9.186.0/24 maxlen: 24
185.9.184.0/24 maxlen: 24
185.9.187.0/24 maxlen: 24
185.230.242.0/24 maxlen: 24
185.230.241.0/24 maxlen: 24
185.230.240.0/24 maxlen: 24
80.72.24.0/24 maxlen: 24
80.72.25.0/24 maxlen: 24
92.118.73.0/24 maxlen: 24
92.118.72.0/24 maxlen: 24
2a00:8740:25::/48 maxlen: 48
2a00:8740:100::/48 maxlen: 48
2a00:8740:ff00::/48 maxlen: 48
2a00:8740:1b::/48 maxlen: 48
2a00:8740:36::/48 maxlen: 48
2a00:8740:2f::/48 maxlen: 48
2a00:8740:18::/48 maxlen: 48
2a00:8740:33::/48 maxlen: 48
2a00:8740:11::/48 maxlen: 48
2a00:8740:111::/48 maxlen: 48
2a00:8740:2c::/48 maxlen: 48
2a00:8740:15::/48 maxlen: 48
2a00:8740:30::/48 maxlen: 48
2a00:8740:26::/48 maxlen: 48
2a00:8740:29::/48 maxlen: 48
2a00:8740:1f::/48 maxlen: 48
2a00:8740:2d::/48 maxlen: 48
2a00:8740:23::/48 maxlen: 48
2a00:8740:1c::/48 maxlen: 48
2a00:8740:112::/48 maxlen: 48
2a00:8740:20::/48 maxlen: 48
2a00:8740::/47 maxlen: 47
2a00:8740:16::/48 maxlen: 48
2a00:8740:34::/48 maxlen: 48
2a00:8740:1d::/48 maxlen: 48
2a00:8740:2e::/48 maxlen: 48
2a00:8740:27::/48 maxlen: 48
2a00:8740:2::/48 maxlen: 48
2a00:8740:35::/48 maxlen: 48
2a00:8740:10::/48 maxlen: 48
2a00:8740:110::/48 maxlen: 48
2a00:8740:2b::/48 maxlen: 48
2a00:8740:24::/48 maxlen: 48
2a00:8740:1a::/48 maxlen: 48
2a00:8740:28::/48 maxlen: 48
2a00:8740:1e::/48 maxlen: 48
2a00:8740:21::/48 maxlen: 48
2a00:8740:17::/48 maxlen: 48
2a00:8740:32::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 25 Nov 2023 10:55:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b3:39:6d:e8:c3:89:1f:09:e7:33:0d:0c:4d:b1:9a:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Nov 9 08:36:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=900fb6a467e479a2c82ba31abce8a7deb79a6064
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:63:94:cf:53:b6:8f:47:cd:37:e8:82:52:d4:
29:6b:ce:f3:b6:e9:a0:c1:b9:c7:85:79:cb:df:f6:
9d:58:a2:e5:d0:dd:ca:b2:0a:b4:a6:82:c9:d1:79:
65:03:99:3b:bb:76:ee:8f:f3:0c:34:ec:fb:53:9f:
5d:ca:59:d4:57:16:57:2b:af:47:24:aa:d3:06:b0:
4d:03:3f:88:c2:b7:92:07:25:6c:db:da:8b:45:4b:
78:b6:cc:b2:68:c8:82:93:52:26:9d:1a:c3:78:34:
cb:01:77:d9:25:61:39:10:a3:e7:bc:67:a2:62:d1:
fb:11:52:7d:89:56:e3:68:5d:69:0f:36:8f:68:e2:
74:6a:a1:93:2f:63:12:a7:7a:b7:82:d9:0f:7f:37:
f1:c5:1c:78:64:40:c2:2c:44:f5:89:de:51:21:4a:
9e:f0:db:db:58:a4:ae:66:e1:4f:dd:09:f2:d9:e5:
59:44:ca:52:ad:27:be:f9:d6:2d:45:8a:ba:03:38:
5e:9d:83:e4:27:f3:16:20:4c:dd:05:31:37:87:13:
38:d1:29:69:1a:e4:18:c6:a3:f2:28:b2:5e:0d:c5:
ac:56:2e:97:f6:e8:58:ad:32:1b:71:96:39:f1:06:
f7:25:92:b1:16:23:34:20:0c:37:c4:c6:a0:af:3a:
82:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:0F:B6:A4:67:E4:79:A2:C8:2B:A3:1A:BC:E8:A7:DE:B7:9A:60:64
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/kA-2pGfkeaLIK6MavOin3reaYGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.24.0/23
92.118.72.0/23
95.174.96.0-95.174.120.255
95.174.123.0-95.174.127.255
185.9.184.0/24
185.9.186.0/23
185.230.240.0-185.230.242.255
IPv6:
2a00:8740::-2a00:8740:2:ffff:ffff:ffff:ffff:ffff
2a00:8740:10::/47
2a00:8740:15::-2a00:8740:18:ffff:ffff:ffff:ffff:ffff
2a00:8740:1a::-2a00:8740:21:ffff:ffff:ffff:ffff:ffff
2a00:8740:23::-2a00:8740:29:ffff:ffff:ffff:ffff:ffff
2a00:8740:2b::-2a00:8740:30:ffff:ffff:ffff:ffff:ffff
2a00:8740:32::-2a00:8740:36:ffff:ffff:ffff:ffff:ffff
2a00:8740:100::/48
2a00:8740:110::-2a00:8740:112:ffff:ffff:ffff:ffff:ffff
2a00:8740:ff00::/48
Signature Algorithm: sha256WithRSAEncryption
1e:9d:0b:e4:8e:ec:05:be:f1:69:73:93:6e:25:8c:ec:c3:73:
0d:25:52:15:c7:56:31:70:ae:15:c3:b1:bf:b6:e3:a6:9d:36:
cc:68:45:c1:42:d1:21:82:e6:23:6c:bd:4e:b8:38:1c:b5:62:
8c:ec:1b:73:7f:08:63:4c:c0:6f:51:a2:73:4b:f1:ac:67:41:
25:3a:70:58:4e:d0:47:f0:20:41:09:3e:3f:d0:a5:44:eb:db:
80:74:60:fe:ae:5c:bf:b1:b1:a1:03:c1:f1:38:c4:18:d3:e5:
d8:aa:56:43:1a:f9:98:7b:b7:b1:d5:9d:32:5b:99:8b:98:e8:
dc:2f:43:1b:0c:38:6c:a5:31:1f:8a:95:e0:67:57:a6:14:62:
32:18:9d:f7:9d:c6:33:b4:b7:98:ac:4a:47:12:7f:22:27:15:
76:d3:40:74:06:a2:75:a4:bd:c0:3a:fc:1a:70:6a:1b:33:19:
5b:71:7e:51:9c:f9:c7:4c:ad:45:70:d5:d5:57:a4:28:3e:92:
1c:ec:c8:04:61:f8:ce:97:74:eb:5e:2f:eb:cb:33:4c:7b:74:
3b:3d:cd:eb:c0:3f:e6:e8:42:86:89:66:1b:5f:a3:f6:71:7f:
bd:ff:0e:29:e1:a2:94:01:a8:00:e7:07:f2:e6:f8:77:2d:9a:
59:54:60:21
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgISAYuzOW3ow4kfCeczDQxNsZoKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjMxMTA5MDgzNjA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDBmYjZhNDY3ZTQ3OWEyYzgyYmEzMWFiY2U4YTdkZWI3OWE2MDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5GOUz1O2j0fNN+iCUtQpa87ztumg
wbnHhXnL3/adWKLl0N3Ksgq0poLJ0XllA5k7u3buj/MMNOz7U59dylnUVxZXK69H
JKrTBrBNAz+IwreSByVs29qLRUt4tsyyaMiCk1ImnRrDeDTLAXfZJWE5EKPnvGei
YtH7EVJ9iVbjaF1pDzaPaOJ0aqGTL2MSp3q3gtkPfzfxxRx4ZEDCLET1id5RIUqe
8NvbWKSuZuFP3Qny2eVZRMpSrSe++dYtRYq6AzhenYPkJ/MWIEzdBTE3hxM40Slp
GuQYxqPyKLJeDcWsVi6X9uhYrTIbcZY58Qb3JZKxFiM0IAw3xMagrzqC0QIDAQAB
o4IC+DCCAvQwHQYDVR0OBBYEFJAPtqRn5HmiyCujGrzop963mmBkMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEva0EtMnBHZmtlYUxJSzZNYXZPaW4zcmVhWUdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDAYIKwYBBQUHAQcBAf8EgfwwgfkwSAQCAAEwQgMEAVBI
GAMEAVx2SDAMAwQFX65gAwQAX654MAwDBABfrnsDBAdfrgADBAC5CbgDBAG5Cbow
DAMEBLnm8AMEALnm8jCBrAQCAAIwgaUwEAMFBioAh0ADBwAqAIdAAAIDBwEqAIdA
ABAwEgMHACoAh0AAFQMHACoAh0AAGDASAwcBKgCHQAAaAwcBKgCHQAAgMBIDBwAq
AIdAACMDBwEqAIdAACgwEgMHACoAh0AAKwMHACoAh0AAMDASAwcBKgCHQAAyAwcA
KgCHQAA2AwcAKgCHQAEAMBIDBwQqAIdAARADBwAqAIdAARIDBwAqAIdA/wAwDQYJ
KoZIhvcNAQELBQADggEBAB6dC+SO7AW+8Wlzk24ljOzDcw0lUhXHVjFwrhXDsb+2
46adNsxoRcFC0SGC5iNsvU64OBy1YozsG3N/CGNMwG9RonNL8axnQSU6cFhO0Efw
IEEJPj/QpUTr24B0YP6uXL+xsaEDwfE4xBjT5diqVkMa+Zh7t7HVnTJbmYuY6Nwv
QxsMOGylMR+KleBnV6YUYjIYnfedxjO0t5isSkcSfyInFXbTQHQGonWkvcA6/Bpw
ahszGVtxflGc+cdMrUVw1dVXpCg+khzsyARh+M6XdOteL+vLM0x7dDs9zevAP+bo
QoaJZhtfo/Zxf73/DinhopQBqADnB/Lm+HctmllUYCE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:08 2024 by rpki-client on console-ams.rpki-client.org