Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/sPGEOKzhA2UwpgJJxYhFXQVLC5w.roa
File: sPGEOKzhA2UwpgJJxYhFXQVLC5w.roa (raw, json)
Hash identifier: cJBiHf+ybyMt2wTm0tgczc32RNk2IsJo28bhff5/XkE=
Subject key identifier: B0:F1:84:38:AC:E1:03:65:30:A6:02:49:C5:88:45:5D:05:4B:0B:9C
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 018AFAA9AAF8C7C9967D132439B8BD3EC980
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/sPGEOKzhA2UwpgJJxYhFXQVLC5w.roa
Signing time: Wed 04 Oct 2023 12:28:57 +0000
ROA not before: Wed 04 Oct 2023 12:28:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42473
IP address blocks: 185.228.148.0/22 maxlen: 22
94.16.98.0/24 maxlen: 24
37.235.4.0/24 maxlen: 24
37.235.3.0/24 maxlen: 24
37.235.5.0/24 maxlen: 24
185.2.176.0/22 maxlen: 32
144.208.192.0/18 maxlen: 32
144.208.205.0/24 maxlen: 24
144.208.206.0/24 maxlen: 24
144.208.212.0/22 maxlen: 32
144.208.207.0/24 maxlen: 24
178.255.152.0/21 maxlen: 32
94.16.125.0/24 maxlen: 24
94.16.126.0/24 maxlen: 24
193.33.114.0/23 maxlen: 32
176.123.54.0/23 maxlen: 23
213.227.160.0/19 maxlen: 32
194.1.206.0/24 maxlen: 32
185.116.97.0/24 maxlen: 24
185.116.98.0/24 maxlen: 24
185.116.96.0/24 maxlen: 24
185.116.99.0/24 maxlen: 24
188.172.230.0/23 maxlen: 23
217.146.0.0/19 maxlen: 24
188.172.249.0/24 maxlen: 24
188.172.247.0/24 maxlen: 24
188.172.254.0/24 maxlen: 24
45.132.61.0/24 maxlen: 24
45.132.62.0/23 maxlen: 24
185.81.206.0/24 maxlen: 24
188.172.192.0/18 maxlen: 32
185.81.209.0/24 maxlen: 24
188.172.208.0/24 maxlen: 24
188.65.72.0/21 maxlen: 32
37.252.226.0/24 maxlen: 24
37.252.224.0/19 maxlen: 32
37.252.228.0/24 maxlen: 32
37.252.234.0/24 maxlen: 24
37.252.243.0/24 maxlen: 24
37.252.244.0/24 maxlen: 24
37.252.253.0/24 maxlen: 24
37.252.251.0/24 maxlen: 24
185.50.232.0/23 maxlen: 23
185.50.235.0/24 maxlen: 24
144.208.216.0/24 maxlen: 24
144.208.219.0/24 maxlen: 24
144.208.217.0/24 maxlen: 24
144.208.226.0/24 maxlen: 24
144.208.224.0/24 maxlen: 24
144.208.225.0/24 maxlen: 24
144.208.223.0/24 maxlen: 24
144.208.221.0/24 maxlen: 24
144.208.222.0/24 maxlen: 24
144.208.229.0/24 maxlen: 24
144.208.230.0/24 maxlen: 24
144.208.228.0/24 maxlen: 24
144.208.233.0/24 maxlen: 24
144.208.231.0/24 maxlen: 24
144.208.232.0/24 maxlen: 24
144.208.236.0/24 maxlen: 24
144.208.237.0/24 maxlen: 24
144.208.235.0/24 maxlen: 24
144.208.244.0/24 maxlen: 24
2a00:11c0:66::/48 maxlen: 48
2a00:11c0:dc::/48 maxlen: 48
2a00:11c0::/32 maxlen: 128
2a01:aea0:dd1::/48 maxlen: 48
2a00:11c0:19::/48 maxlen: 48
2a00:11c0:99::/48 maxlen: 48
2a00:11c0:42::/48 maxlen: 48
2a00:11c0:dd::/48 maxlen: 48
2a00:11c0:13::/48 maxlen: 48
2a00:11c0:96::/48 maxlen: 48
2a00:11c0:9a::/48 maxlen: 48
2a00:11c0:1335::/48 maxlen: 48
2a00:11c0:24::/48 maxlen: 48
2a01:aea0::/40 maxlen: 40
2a01:aea0::/32 maxlen: 32
2a00:11c0:43::/48 maxlen: 48
2a00:11c0:83::/48 maxlen: 48
2a00:11c0:86::/48 maxlen: 48
2a00:11c0:97::/48 maxlen: 48
2a00:11c0:4a::/48 maxlen: 48
2a00:11c0:de::/48 maxlen: 48
2a01:aea0:df1::/48 maxlen: 48
2a00:11c0:79::/48 maxlen: 48
2a00:11c0:22::/48 maxlen: 48
2a00:11c0:98::/48 maxlen: 48
2a00:11c0:87::/48 maxlen: 48
2a00:11c0:29::/48 maxlen: 48
2a00:11c0:84::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fa:a9:aa:f8:c7:c9:96:7d:13:24:39:b8:bd:3e:c9:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Oct 4 12:28:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0f18438ace1036530a60249c588455d054b0b9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:42:30:4e:36:09:c9:e3:ef:55:99:6d:43:25:
b2:0d:a0:6b:c6:ca:2e:36:1b:0f:20:f6:aa:a5:fb:
5a:16:86:bb:d8:5d:2c:58:8b:1d:eb:c5:82:2b:2f:
f9:fc:6d:2d:e6:05:a6:b7:70:7e:41:1d:65:2c:f2:
f8:98:6c:07:3f:98:62:4e:0b:b2:93:2f:7e:59:61:
a9:81:3b:c0:2c:10:82:00:e5:5e:20:ae:b8:57:8a:
db:81:65:29:4b:83:51:a5:c7:05:9c:05:b1:ac:19:
d6:95:aa:1d:04:77:ba:25:fb:13:8d:3e:73:61:ea:
ed:06:f8:cd:08:17:54:bd:e0:6d:3d:7f:fc:e9:dd:
56:14:97:83:23:d8:67:0e:5a:15:21:d2:33:fd:6e:
b0:98:05:96:86:95:e0:bd:be:8b:65:0f:38:90:ae:
a9:dc:0d:24:df:d9:ac:2e:ff:8a:dc:d0:45:71:e9:
7e:bb:b7:7c:e6:f5:a2:91:44:b9:70:a6:71:ec:4c:
ee:4d:83:47:4f:ee:ca:de:da:c6:99:68:a9:34:9a:
8b:c7:a4:68:ff:05:fe:1c:ad:c9:a7:ac:fd:3b:7e:
1c:2f:70:a7:ac:a5:37:88:6d:b1:77:1b:79:8e:fd:
04:6b:2b:fd:33:ac:38:15:a8:0a:36:98:76:81:fb:
8a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:F1:84:38:AC:E1:03:65:30:A6:02:49:C5:88:45:5D:05:4B:0B:9C
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/sPGEOKzhA2UwpgJJxYhFXQVLC5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.3.0-37.235.5.255
37.252.224.0/19
45.132.61.0-45.132.63.255
94.16.98.0/24
94.16.125.0-94.16.126.255
144.208.192.0/18
176.123.54.0/23
178.255.152.0/21
185.2.176.0/22
185.50.232.0/23
185.50.235.0/24
185.81.206.0/24
185.81.209.0/24
185.116.96.0/22
185.228.148.0/22
188.65.72.0/21
188.172.192.0/18
193.33.114.0/23
194.1.206.0/24
213.227.160.0/19
217.146.0.0/19
IPv6:
2a00:11c0::/32
2a01:aea0::/32
Signature Algorithm: sha256WithRSAEncryption
9a:2d:44:bc:36:a1:8f:68:de:05:a7:d4:75:34:15:3b:40:35:
65:31:f6:eb:1b:36:a7:80:bf:84:69:20:2b:3a:d3:21:b7:8a:
14:79:6d:51:fb:32:28:4a:eb:3c:70:8c:d9:2e:13:ce:1a:18:
96:6b:5c:c3:41:e1:c0:b5:9a:5a:af:6f:a9:e3:a7:1f:8f:da:
44:88:59:83:00:5a:2e:38:05:ba:3a:39:0d:a8:dd:6f:df:e9:
f6:ed:cd:81:d7:4e:15:cd:43:90:d9:7b:52:a6:7f:ab:98:c8:
3a:24:fa:90:bd:13:d9:88:54:02:c9:9c:33:17:0a:88:f3:b8:
fb:40:d1:09:c7:d3:ce:cc:47:f7:fc:f6:52:a3:47:36:86:a3:
d2:39:f9:1a:8f:93:88:40:57:1f:05:4e:af:06:87:97:96:2b:
44:99:73:a4:0d:d7:a9:c0:4e:45:3d:9c:de:2a:bf:cd:6a:0e:
ea:f5:6b:fb:12:e0:18:9d:26:99:6a:86:9e:7d:8f:6f:92:f8:
0d:5c:b9:42:04:1f:62:6d:95:48:c0:bb:3b:8e:f6:03:f5:0d:
1c:48:db:2d:13:af:46:b2:b5:d1:5f:05:e5:06:8d:b9:b3:c3:
51:cc:d9:fa:51:2e:61:64:d7:49:c1:76:c1:85:c3:1c:f0:cb:
f2:6d:be:e9
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYr6qar4x8mWfRMkObi9PsmAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjMxMDA0MTIyODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGYxODQzOGFjZTEwMzY1MzBhNjAyNDljNTg4NDU1ZDA1NGIwYjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0IwTjYJyePvVZltQyWyDaBrxsou
NhsPIPaqpftaFoa72F0sWIsd68WCKy/5/G0t5gWmt3B+QR1lLPL4mGwHP5hiTguy
ky9+WWGpgTvALBCCAOVeIK64V4rbgWUpS4NRpccFnAWxrBnWlaodBHe6JfsTjT5z
YertBvjNCBdUveBtPX/86d1WFJeDI9hnDloVIdIz/W6wmAWWhpXgvb6LZQ84kK6p
3A0k39msLv+K3NBFcel+u7d85vWikUS5cKZx7EzuTYNHT+7K3trGmWipNJqLx6Ro
/wX+HK3Jp6z9O34cL3CnrKU3iG2xdxt5jv0Eayv9M6w4FagKNph2gfuKQQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFLDxhDis4QNlMKYCScWIRV0FSwucMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvc1BHRU9LemhBMlV3cGdKSnhZaEZYUVZMQzV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBnQQCAAEwgZYwDAME
ACXrAwMEASXrBAMEBSX84DAMAwQALYQ9AwQGLYQAAwQAXhBiMAwDBABeEH0DBABe
EH4DBAaQ0MADBAGwezYDBAOy/5gDBAK5ArADBAG5MugDBAC5MusDBAC5Uc4DBAC5
UdEDBAK5dGADBAK55JQDBAO8QUgDBAa8rMADBAHBIXIDBADCAc4DBAXV46ADBAXZ
kgAwFAQCAAIwDgMFACoAEcADBQAqAa6gMA0GCSqGSIb3DQEBCwUAA4IBAQCaLUS8
NqGPaN4Fp9R1NBU7QDVlMfbrGzangL+EaSArOtMht4oUeW1R+zIoSus8cIzZLhPO
GhiWa1zDQeHAtZpar2+p46cfj9pEiFmDAFouOAW6OjkNqN1v3+n27c2B104VzUOQ
2XtSpn+rmMg6JPqQvRPZiFQCyZwzFwqI87j7QNEJx9POzEf3/PZSo0c2hqPSOfka
j5OIQFcfBU6vBoeXlitEmXOkDdepwE5FPZzeKr/Nag7q9Wv7EuAYnSaZaoaefY9v
kvgNXLlCBB9ibZVIwLs7jvYD9Q0cSNstE69GsrXRXwXlBo25s8NRzNn6US5hZNdJ
wXbBhcMc8Mvybb7p
-----END CERTIFICATE-----
Generated at Thu Oct 5 12:33:02 2023 by rpki-client on console-fra.rpki-client.org