Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/r2CTYVCx6MAtGqu73d0ByYQJYP8.roa
File: r2CTYVCx6MAtGqu73d0ByYQJYP8.roa (raw, json)
Hash identifier: /Gi3KZHiXKluh8Ne8O6GnJIFl8Lm5Diczd6Vz2GjjKk=
Subject key identifier: AF:60:93:61:50:B1:E8:C0:2D:1A:AB:BB:DD:DD:01:C9:84:09:60:FF
Certificate issuer: /CN=3919f2ad91584baff0467447bac8fb978d1f9dd3
Certificate serial: 018CC34904C8B240C8A2472FA678E0C0AAB8
Authority key identifier: 39:19:F2:AD:91:58:4B:AF:F0:46:74:47:BA:C8:FB:97:8D:1F:9D:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/r2CTYVCx6MAtGqu73d0ByYQJYP8.roa
Signing time: Mon 01 Jan 2024 04:29:51 +0000
ROA not before: Mon 01 Jan 2024 04:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9021
IP address blocks: 213.161.128.0/19 maxlen: 19
213.161.128.0/21 maxlen: 21
213.161.136.0/21 maxlen: 21
213.161.135.0/24 maxlen: 24
213.161.145.0/24 maxlen: 24
213.161.144.0/23 maxlen: 23
213.161.144.0/24 maxlen: 24
213.161.146.0/24 maxlen: 24
213.161.150.0/24 maxlen: 24
213.161.148.0/23 maxlen: 23
213.161.149.0/24 maxlen: 24
213.161.148.0/24 maxlen: 24
213.161.152.0/24 maxlen: 24
213.161.151.0/24 maxlen: 24
213.161.152.0/21 maxlen: 21
90.159.128.0/20 maxlen: 20
90.159.136.0/21 maxlen: 21
90.159.136.0/24 maxlen: 24
90.159.44.0/22 maxlen: 22
90.159.50.0/24 maxlen: 24
90.159.51.0/24 maxlen: 24
90.159.58.0/24 maxlen: 24
90.159.59.0/24 maxlen: 24
90.159.68.0/24 maxlen: 24
90.159.64.0/18 maxlen: 18
90.159.240.0/20 maxlen: 20
90.159.246.0/24 maxlen: 24
90.158.136.0/21 maxlen: 21
90.158.139.0/24 maxlen: 24
212.98.0.0/19 maxlen: 19
212.98.2.0/24 maxlen: 24
212.98.1.0/24 maxlen: 24
90.158.161.0/24 maxlen: 24
212.98.0.0/20 maxlen: 20
90.158.160.0/24 maxlen: 24
212.98.8.0/21 maxlen: 21
212.98.9.0/24 maxlen: 24
212.98.16.0/24 maxlen: 24
212.98.16.0/21 maxlen: 21
90.158.96.0/22 maxlen: 22
90.158.101.0/24 maxlen: 24
90.158.100.0/24 maxlen: 24
90.158.105.0/24 maxlen: 24
90.158.104.0/24 maxlen: 24
90.158.102.0/23 maxlen: 23
90.158.111.0/24 maxlen: 24
90.158.110.0/24 maxlen: 24
90.158.109.0/24 maxlen: 24
90.158.114.0/24 maxlen: 24
90.158.112.0/20 maxlen: 20
90.158.117.0/24 maxlen: 24
90.158.116.0/24 maxlen: 24
90.158.119.0/24 maxlen: 24
90.158.122.0/24 maxlen: 24
90.158.121.0/24 maxlen: 24
90.158.120.0/24 maxlen: 24
90.158.123.0/24 maxlen: 24
90.158.126.0/24 maxlen: 24
90.158.128.0/21 maxlen: 21
90.158.127.0/24 maxlen: 24
90.158.128.0/17 maxlen: 17
90.158.240.0/21 maxlen: 21
90.158.251.0/24 maxlen: 24
90.158.248.0/21 maxlen: 21
90.158.249.0/24 maxlen: 24
90.159.2.0/24 maxlen: 24
90.159.1.0/24 maxlen: 24
90.159.0.0/24 maxlen: 24
90.159.0.0/22 maxlen: 22
90.159.4.0/23 maxlen: 23
90.159.3.0/24 maxlen: 24
90.159.0.0/16 maxlen: 16
90.159.10.0/24 maxlen: 24
90.159.15.0/24 maxlen: 24
90.159.20.0/24 maxlen: 24
90.159.26.0/24 maxlen: 24
90.159.29.0/24 maxlen: 24
90.159.27.0/24 maxlen: 24
90.159.31.0/24 maxlen: 24
90.159.33.0/24 maxlen: 24
90.159.36.0/24 maxlen: 24
90.159.34.0/24 maxlen: 24
90.159.38.0/24 maxlen: 24
90.159.37.0/24 maxlen: 24
212.98.28.0/22 maxlen: 22
90.158.200.0/23 maxlen: 23
90.158.224.0/22 maxlen: 22
213.143.255.0/24 maxlen: 24
213.143.254.0/24 maxlen: 24
90.158.28.0/24 maxlen: 24
90.158.27.0/24 maxlen: 24
90.158.26.0/24 maxlen: 24
90.158.31.0/24 maxlen: 24
90.158.30.0/24 maxlen: 24
90.158.29.0/24 maxlen: 24
90.158.32.0/24 maxlen: 24
90.158.33.0/24 maxlen: 24
90.158.37.0/24 maxlen: 24
90.158.36.0/24 maxlen: 24
90.158.39.0/24 maxlen: 24
90.158.41.0/24 maxlen: 24
90.158.44.0/24 maxlen: 24
90.158.43.0/24 maxlen: 24
90.158.50.0/23 maxlen: 23
90.158.51.0/24 maxlen: 24
90.158.46.0/24 maxlen: 24
90.158.45.0/24 maxlen: 24
90.158.48.0/20 maxlen: 20
90.158.48.0/24 maxlen: 24
90.158.47.0/24 maxlen: 24
90.158.52.0/23 maxlen: 23
90.158.53.0/24 maxlen: 24
90.158.52.0/24 maxlen: 24
90.158.56.0/24 maxlen: 24
90.158.55.0/24 maxlen: 24
90.158.54.0/23 maxlen: 23
90.158.60.0/24 maxlen: 24
90.158.62.0/24 maxlen: 24
90.158.64.0/21 maxlen: 21
90.158.64.0/24 maxlen: 24
90.158.66.0/24 maxlen: 24
90.158.65.0/24 maxlen: 24
90.158.68.0/24 maxlen: 24
90.158.67.0/24 maxlen: 24
90.158.73.0/24 maxlen: 24
90.158.72.0/24 maxlen: 24
90.158.72.0/22 maxlen: 22
90.158.75.0/24 maxlen: 24
90.158.74.0/24 maxlen: 24
90.158.0.0/23 maxlen: 23
90.158.0.0/22 maxlen: 22
90.158.0.0/18 maxlen: 18
90.158.3.0/24 maxlen: 24
90.158.0.0/16 maxlen: 16
90.158.8.0/24 maxlen: 24
90.158.16.0/24 maxlen: 24
90.158.15.0/24 maxlen: 24
90.158.18.0/24 maxlen: 24
90.158.19.0/24 maxlen: 24
90.158.24.0/24 maxlen: 24
213.143.224.0/20 maxlen: 20
213.143.226.0/24 maxlen: 24
213.143.226.0/23 maxlen: 23
213.143.228.0/24 maxlen: 24
213.143.227.0/24 maxlen: 24
213.143.230.0/24 maxlen: 24
213.143.229.0/24 maxlen: 24
213.143.233.0/24 maxlen: 24
213.143.235.0/24 maxlen: 24
213.143.234.0/24 maxlen: 24
213.143.238.0/24 maxlen: 24
213.143.236.0/22 maxlen: 22
213.143.240.0/24 maxlen: 24
213.143.240.0/22 maxlen: 22
213.143.239.0/24 maxlen: 24
213.143.240.0/20 maxlen: 20
213.143.241.0/24 maxlen: 24
213.143.244.0/22 maxlen: 22
213.143.243.0/24 maxlen: 24
213.143.252.0/24 maxlen: 24
213.143.251.0/24 maxlen: 24
213.143.250.0/24 maxlen: 24
213.143.253.0/24 maxlen: 24
2a00:1f90::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 29 Apr 2024 10:38:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:04:c8:b2:40:c8:a2:47:2f:a6:78:e0:c0:aa:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3919f2ad91584baff0467447bac8fb978d1f9dd3
Validity
Not Before: Jan 1 04:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af60936150b1e8c02d1aabbbdddd01c9840960ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:98:6d:1a:76:4e:db:5f:35:15:45:f2:0a:0e:
5a:5c:67:fa:e6:4c:67:09:23:67:d3:6d:23:18:f5:
71:c7:bf:a2:79:57:ea:29:e2:76:4a:78:4e:c0:ac:
df:45:f7:76:69:6d:e4:bd:40:72:db:bf:41:99:18:
3d:d2:53:d0:fd:47:1a:05:ed:d8:33:9b:fb:f6:c8:
31:f9:76:e8:47:49:bf:69:09:38:6a:d1:22:0c:ad:
6f:a0:ba:b3:6c:f5:cf:55:55:40:73:bc:0f:95:06:
6b:00:6d:08:d6:96:a5:c0:07:b5:44:06:95:92:bd:
1b:25:f9:69:f7:b2:17:66:b2:fb:46:5e:89:18:32:
a5:4a:07:64:ef:74:f0:0a:8d:cf:4f:b9:a1:13:39:
1a:24:df:65:70:d1:cb:0e:ba:60:2d:f9:c7:6f:3d:
7b:0f:40:0e:33:5b:2c:61:04:5d:38:6f:45:89:60:
ea:b5:84:76:be:1c:d5:28:23:c8:85:47:8b:e2:75:
96:9b:59:25:29:87:fb:ff:4e:4e:46:b1:28:ee:3e:
4e:41:df:6a:0c:19:d8:17:f6:7e:59:35:d7:66:bb:
5c:e0:26:6f:61:b3:99:41:9d:00:9a:a1:d0:7e:f3:
4d:06:e8:ce:6a:63:49:6c:09:07:e2:aa:10:f4:0d:
63:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:60:93:61:50:B1:E8:C0:2D:1A:AB:BB:DD:DD:01:C9:84:09:60:FF
X509v3 Authority Key Identifier:
keyid:39:19:F2:AD:91:58:4B:AF:F0:46:74:47:BA:C8:FB:97:8D:1F:9D:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/r2CTYVCx6MAtGqu73d0ByYQJYP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/ORnyrZFYS6_wRnRHusj7l40fndM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.158.0.0/15
212.98.0.0/19
213.143.224.0/19
213.161.128.0/19
IPv6:
2a00:1f90::/32
Signature Algorithm: sha256WithRSAEncryption
4a:71:5c:4a:c4:f1:7f:52:0e:28:f7:1c:86:70:83:e6:d3:ff:
06:d6:a4:08:fa:57:53:a3:77:36:8b:f5:8e:7f:e2:6d:ca:a2:
e9:1b:b4:69:9a:9a:31:24:1d:a4:34:85:4a:c4:56:ab:9b:01:
c6:56:f0:2e:cc:10:9b:a2:62:09:38:e8:d9:a7:a2:64:e3:a9:
9c:2c:d8:98:19:9f:ce:16:bc:84:25:e0:77:5d:92:b3:f1:59:
34:e5:73:13:bf:8e:9a:6e:a8:b8:85:b8:18:20:11:14:2c:3e:
41:2f:b5:5f:62:e1:e2:6e:45:9c:43:62:f8:66:e4:35:2c:cd:
56:df:57:e4:80:1c:46:10:63:ed:75:d6:b5:d5:6f:e2:e7:50:
ab:3b:2d:67:c9:3b:43:d4:9f:22:8e:fb:6e:0c:43:f5:2f:ea:
98:62:cb:93:4c:c3:aa:db:42:91:79:7a:24:57:14:42:cf:56:
a0:58:90:c9:06:a8:40:ed:5b:47:e1:c9:86:32:b2:87:ae:7b:
b4:fa:d1:03:5a:11:f4:d5:12:dd:36:ad:0d:1e:bd:b2:6b:ee:
f3:36:32:2f:ef:08:d7:80:0f:a6:74:b0:73:11:59:bf:64:ad:
34:61:5f:db:54:03:79:b6:63:78:0b:c8:92:68:5a:6c:af:5a:
8c:b6:12:0f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzDSQTIskDIokcvpnjgwKq4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MTlmMmFkOTE1ODRiYWZmMDQ2NzQ0N2JhYzhmYjk3OGQx
ZjlkZDMwHhcNMjQwMTAxMDQyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjYwOTM2MTUwYjFlOGMwMmQxYWFiYmJkZGRkMDFjOTg0MDk2MGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7JhtGnZO2181FUXyCg5aXGf65kxn
CSNn020jGPVxx7+ieVfqKeJ2SnhOwKzfRfd2aW3kvUBy279BmRg90lPQ/UcaBe3Y
M5v79sgx+XboR0m/aQk4atEiDK1voLqzbPXPVVVAc7wPlQZrAG0I1palwAe1RAaV
kr0bJflp97IXZrL7Rl6JGDKlSgdk73TwCo3PT7mhEzkaJN9lcNHLDrpgLfnHbz17
D0AOM1ssYQRdOG9FiWDqtYR2vhzVKCPIhUeL4nWWm1klKYf7/05ORrEo7j5OQd9q
DBnYF/Z+WTXXZrtc4CZvYbOZQZ0AmqHQfvNNBujOamNJbAkH4qoQ9A1jcQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFK9gk2FQsejALRqru93dAcmECWD/MB8GA1UdIwQY
MBaAFDkZ8q2RWEuv8EZ0R7rI+5eNH53TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1JueXJaRllTNl93Um5SSHVzajdsNDBmbmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85MTE4ZTItYWU3NC00YzI0LWE3NzUt
MzJhYTY3MzFjMjkxLzEvcjJDVFlWQ3g2TUF0R3F1NzNkMEJ5WVFKWVA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85MTE4ZTItYWU3NC00YzI0LWE3NzUtMzJhYTY3MzFjMjkx
LzEvT1JueXJaRllTNl93Um5SSHVzajdsNDBmbmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMBWp4DBAXU
YgADBAXVj+ADBAXVoYAwDQQCAAIwBwMFACoAH5AwDQYJKoZIhvcNAQELBQADggEB
AEpxXErE8X9SDij3HIZwg+bT/wbWpAj6V1OjdzaL9Y5/4m3KoukbtGmamjEkHaQ0
hUrEVqubAcZW8C7MEJuiYgk46NmnomTjqZws2JgZn84WvIQl4HddkrPxWTTlcxO/
jppuqLiFuBggERQsPkEvtV9i4eJuRZxDYvhm5DUszVbfV+SAHEYQY+111rXVb+Ln
UKs7LWfJO0PUnyKO+24MQ/Uv6phiy5NMw6rbQpF5eiRXFELPVqBYkMkGqEDtW0fh
yYYysoeue7T60QNaEfTVEt02rQ0evbJr7vM2Mi/vCNeAD6Z0sHMRWb9krTRhX9tU
A3m2Y3gLyJJoWmyvWoy2Eg8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:17 2024 by rpki-client on console-ams.rpki-client.org