Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/fB2kCs-a4QBPxoMzNFMSu5WXuAk.roa
File: fB2kCs-a4QBPxoMzNFMSu5WXuAk.roa (raw, json)
Hash identifier: zTyhLion/DgTbrhASujK9qqacUBRBhldav+mt7BNTpA=
Subject key identifier: 7C:1D:A4:0A:CF:9A:E1:00:4F:C6:83:33:34:53:12:BB:95:97:B8:09
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 0185BAFBCAB231937E889B27A55846A04B50
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/fB2kCs-a4QBPxoMzNFMSu5WXuAk.roa
Signing time: Mon 16 Jan 2023 14:29:01 +0000
ROA not before: Mon 16 Jan 2023 14:29:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42473
IP address blocks: 185.228.148.0/22 maxlen: 22
37.235.4.0/24 maxlen: 24
37.235.3.0/24 maxlen: 24
37.235.5.0/24 maxlen: 24
185.2.176.0/22 maxlen: 32
144.208.192.0/18 maxlen: 32
144.208.205.0/24 maxlen: 24
144.208.206.0/24 maxlen: 24
144.208.212.0/22 maxlen: 32
144.208.207.0/24 maxlen: 24
178.255.152.0/21 maxlen: 32
94.16.125.0/24 maxlen: 24
193.33.114.0/23 maxlen: 32
176.123.54.0/23 maxlen: 23
213.227.160.0/19 maxlen: 32
194.1.206.0/24 maxlen: 32
185.116.97.0/24 maxlen: 24
185.116.98.0/24 maxlen: 24
185.116.96.0/24 maxlen: 24
185.116.99.0/24 maxlen: 24
217.146.0.0/19 maxlen: 24
188.172.249.0/24 maxlen: 24
188.172.247.0/24 maxlen: 24
188.172.254.0/24 maxlen: 24
45.132.61.0/24 maxlen: 24
45.132.62.0/23 maxlen: 24
188.172.192.0/18 maxlen: 32
185.81.209.0/24 maxlen: 24
188.172.208.0/24 maxlen: 24
188.65.72.0/21 maxlen: 32
37.252.226.0/24 maxlen: 24
37.252.224.0/19 maxlen: 32
37.252.234.0/24 maxlen: 24
37.252.243.0/24 maxlen: 24
37.252.253.0/24 maxlen: 24
37.252.251.0/24 maxlen: 24
185.50.232.0/23 maxlen: 23
185.50.235.0/24 maxlen: 24
144.208.216.0/24 maxlen: 24
144.208.219.0/24 maxlen: 24
144.208.217.0/24 maxlen: 24
144.208.226.0/24 maxlen: 24
144.208.224.0/24 maxlen: 24
144.208.225.0/24 maxlen: 24
144.208.223.0/24 maxlen: 24
144.208.221.0/24 maxlen: 24
144.208.222.0/24 maxlen: 24
144.208.228.0/24 maxlen: 24
2a00:11c0:66::/48 maxlen: 48
2a00:11c0:dc::/48 maxlen: 48
2a00:11c0::/32 maxlen: 128
2a01:aea0:dd1::/48 maxlen: 48
2a00:11c0:19::/48 maxlen: 48
2a00:11c0:42::/48 maxlen: 48
2a00:11c0:dd::/48 maxlen: 48
2a00:11c0:96::/48 maxlen: 48
2a00:11c0:9a::/48 maxlen: 48
2a01:aea0::/40 maxlen: 40
2a01:aea0::/32 maxlen: 32
2a00:11c0:43::/48 maxlen: 48
2a00:11c0:83::/48 maxlen: 48
2a00:11c0:86::/48 maxlen: 48
2a00:11c0:97::/48 maxlen: 48
2a00:11c0:4a::/48 maxlen: 48
2a00:11c0:de::/48 maxlen: 48
2a01:aea0:df1::/48 maxlen: 48
2a00:11c0:98::/48 maxlen: 48
2a00:11c0:29::/48 maxlen: 48
2a00:11c0:84::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ba:fb:ca:b2:31:93:7e:88:9b:27:a5:58:46:a0:4b:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Jan 16 14:29:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c1da40acf9ae1004fc68333345312bb9597b809
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ae:b3:a4:12:12:a6:f7:20:ec:f5:94:e8:e5:
8a:3c:39:72:bb:62:51:c5:2d:c9:32:7e:79:52:20:
a7:44:c4:b2:46:d3:93:cc:91:0a:55:3a:47:1c:79:
2a:ea:2e:e6:3c:e4:80:05:7d:ac:f6:7a:9c:7d:55:
42:35:78:d1:f6:98:40:b0:dc:96:97:10:b9:fd:48:
b9:1f:0b:41:d0:d5:81:f3:b4:4b:75:f9:a6:52:f8:
a9:7c:e9:68:93:66:1e:7a:74:41:25:17:68:48:99:
b9:23:c4:3d:4f:35:17:68:ea:61:41:15:4e:8c:e0:
97:78:67:0d:4e:f7:d7:5a:c6:be:98:e6:9d:30:61:
a6:d7:a2:f9:a4:c1:15:09:63:6b:e2:11:b5:cf:fc:
89:98:63:a9:f1:2e:c9:f6:d2:d2:66:a3:cd:23:f4:
12:95:8d:16:ba:c3:5c:b8:87:17:a9:e2:9d:4e:fb:
cd:5d:60:b5:64:b8:ee:dc:4b:36:90:57:62:f2:41:
56:02:dc:7f:36:1f:c2:05:14:9a:7d:cd:aa:aa:0e:
ac:24:4f:1d:ef:ec:07:75:58:f0:6a:50:df:88:24:
28:cf:c9:6d:fe:3b:6f:f0:16:53:15:fd:03:ce:14:
72:53:f8:0b:f0:fe:9c:b7:f2:a2:1e:e1:46:be:31:
63:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:1D:A4:0A:CF:9A:E1:00:4F:C6:83:33:34:53:12:BB:95:97:B8:09
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/fB2kCs-a4QBPxoMzNFMSu5WXuAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.3.0-37.235.5.255
37.252.224.0/19
45.132.61.0-45.132.63.255
94.16.125.0/24
144.208.192.0/18
176.123.54.0/23
178.255.152.0/21
185.2.176.0/22
185.50.232.0/23
185.50.235.0/24
185.81.209.0/24
185.116.96.0/22
185.228.148.0/22
188.65.72.0/21
188.172.192.0/18
193.33.114.0/23
194.1.206.0/24
213.227.160.0/19
217.146.0.0/19
IPv6:
2a00:11c0::/32
2a01:aea0::/32
Signature Algorithm: sha256WithRSAEncryption
4e:83:d2:ce:03:eb:1e:e7:cd:3d:50:c1:43:71:b0:a5:fd:48:
d4:7a:fc:de:ad:26:dc:c8:f7:3d:fc:97:ba:17:af:01:ae:09:
72:ec:a0:8e:a4:e1:61:b5:2a:31:81:8d:54:ca:42:b1:24:b0:
a6:be:10:2b:e9:1b:2b:fe:e2:d2:8f:24:ef:53:83:92:62:64:
07:33:58:bf:b3:66:e4:fe:6a:01:dc:d8:fe:f1:32:48:12:01:
f4:ca:72:34:66:21:c5:56:b6:2e:97:c3:81:53:18:f1:25:0c:
30:b7:f0:12:a2:3f:46:d2:37:ad:a1:c4:1a:9e:d9:1c:ff:77:
6e:95:a4:f6:82:58:67:16:4f:f6:a4:49:f1:bb:9c:ec:02:4e:
de:9d:75:fa:e2:a6:91:fa:e7:b9:35:d8:50:85:e2:dd:2e:26:
f6:b9:87:d3:93:ad:35:a9:0d:7b:fa:2a:69:3a:2b:e8:99:fd:
ef:58:e8:a1:12:be:d2:45:f6:5a:69:65:58:6f:16:f5:20:6c:
0b:f2:7e:7a:e3:8c:c6:b7:c1:42:52:7d:ef:cd:b1:7a:a7:62:
c6:6a:a1:58:15:54:f2:70:e4:bf:69:45:8e:42:db:8e:c7:7d:
1f:a9:76:aa:7e:da:23:88:51:8c:93:89:73:8c:64:de:00:58:
34:a0:6d:f4
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYW6+8qyMZN+iJsnpVhGoEtQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjMwMTE2MTQyOTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzFkYTQwYWNmOWFlMTAwNGZjNjgzMzMzNDUzMTJiYjk1OTdiODA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3q6zpBISpvcg7PWU6OWKPDlyu2JR
xS3JMn55UiCnRMSyRtOTzJEKVTpHHHkq6i7mPOSABX2s9nqcfVVCNXjR9phAsNyW
lxC5/Ui5HwtB0NWB87RLdfmmUvipfOlok2YeenRBJRdoSJm5I8Q9TzUXaOphQRVO
jOCXeGcNTvfXWsa+mOadMGGm16L5pMEVCWNr4hG1z/yJmGOp8S7J9tLSZqPNI/QS
lY0WusNcuIcXqeKdTvvNXWC1ZLju3Es2kFdi8kFWAtx/Nh/CBRSafc2qqg6sJE8d
7+wHdVjwalDfiCQoz8lt/jtv8BZTFf0DzhRyU/gL8P6ct/KiHuFGvjFjiQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFHwdpArPmuEAT8aDMzRTEruVl7gJMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvZkIya0NzLWE0UUJQeG9Nek5GTVN1NVdYdUFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBiQQCAAEwgYIwDAME
ACXrAwMEASXrBAMEBSX84DAMAwQALYQ9AwQGLYQAAwQAXhB9AwQGkNDAAwQBsHs2
AwQDsv+YAwQCuQKwAwQBuTLoAwQAuTLrAwQAuVHRAwQCuXRgAwQCueSUAwQDvEFI
AwQGvKzAAwQBwSFyAwQAwgHOAwQF1eOgAwQF2ZIAMBQEAgACMA4DBQAqABHAAwUA
KgGuoDANBgkqhkiG9w0BAQsFAAOCAQEAToPSzgPrHufNPVDBQ3Gwpf1I1Hr83q0m
3Mj3PfyXuhevAa4JcuygjqThYbUqMYGNVMpCsSSwpr4QK+kbK/7i0o8k71ODkmJk
BzNYv7Nm5P5qAdzY/vEySBIB9MpyNGYhxVa2LpfDgVMY8SUMMLfwEqI/RtI3raHE
Gp7ZHP93bpWk9oJYZxZP9qRJ8buc7AJO3p11+uKmkfrnuTXYUIXi3S4m9rmH05Ot
NakNe/oqaTor6Jn971jooRK+0kX2WmllWG8W9SBsC/J+euOMxrfBQlJ9782xeqdi
xmqhWBVU8nDkv2lFjkLbjsd9H6l2qn7aI4hRjJOJc4xk3gBYNKBt9A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:37 2023 by rpki-client on console-fra.rpki-client.org