Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/kQM6qu2BBR81bm2wipH_KZIRgh0.roa
File: kQM6qu2BBR81bm2wipH_KZIRgh0.roa (raw, json)
Hash identifier: +YEGL3/SVXNI0G2mUjOSumaoWRJi/y/M7/DQ+xzr3cA=
Subject key identifier: 91:03:3A:AA:ED:81:05:1F:35:6E:6D:B0:8A:91:FF:29:92:11:82:1D
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 0185E92E24B3A47D04B4DC931C2BA1D38E39
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/kQM6qu2BBR81bm2wipH_KZIRgh0.roa
Signing time: Wed 25 Jan 2023 13:46:33 +0000
ROA not before: Wed 25 Jan 2023 13:46:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58272
IP address blocks: 37.230.187.0/24 maxlen: 24
188.72.119.0/24 maxlen: 24
178.170.231.0/24 maxlen: 24
178.170.139.0/24 maxlen: 24
178.170.137.0/24 maxlen: 24
217.150.90.0/24 maxlen: 24
217.150.89.0/24 maxlen: 24
217.150.88.0/24 maxlen: 24
217.150.91.0/24 maxlen: 24
178.170.140.0/24 maxlen: 24
217.150.94.0/24 maxlen: 24
217.150.93.0/24 maxlen: 24
217.150.92.0/24 maxlen: 24
217.150.95.0/24 maxlen: 24
46.243.149.0/24 maxlen: 24
37.18.0.0/24 maxlen: 24
185.4.150.0/24 maxlen: 24
185.4.149.0/24 maxlen: 24
185.4.148.0/24 maxlen: 24
185.4.151.0/24 maxlen: 24
141.101.255.0/24 maxlen: 24
46.243.139.0/24 maxlen: 24
46.243.138.0/24 maxlen: 24
37.230.134.0/24 maxlen: 24
37.230.151.0/24 maxlen: 24
188.72.83.0/24 maxlen: 24
188.72.81.0/24 maxlen: 24
188.72.80.0/24 maxlen: 24
188.72.85.0/24 maxlen: 24
188.72.84.0/24 maxlen: 24
37.230.163.0/24 maxlen: 24
188.72.86.0/24 maxlen: 24
37.230.170.0/24 maxlen: 24
37.230.171.0/24 maxlen: 24
37.230.176.0/24 maxlen: 24
37.230.183.0/24 maxlen: 24
37.230.182.0/24 maxlen: 24
46.243.204.0/24 maxlen: 24
46.243.214.0/24 maxlen: 24
46.243.222.0/24 maxlen: 24
46.243.221.0/24 maxlen: 24
46.243.225.0/24 maxlen: 24
46.243.223.0/24 maxlen: 24
37.18.63.0/24 maxlen: 24
46.243.240.0/24 maxlen: 24
46.243.236.0/24 maxlen: 24
46.243.238.0/24 maxlen: 24
46.243.237.0/24 maxlen: 24
46.243.243.0/24 maxlen: 24
46.243.242.0/24 maxlen: 24
46.243.241.0/24 maxlen: 24
46.243.246.0/24 maxlen: 24
37.18.78.0/24 maxlen: 24
46.243.250.0/24 maxlen: 24
46.243.249.0/24 maxlen: 24
46.243.248.0/24 maxlen: 24
46.243.247.0/24 maxlen: 24
46.243.251.0/24 maxlen: 24
128.0.71.0/24 maxlen: 24
141.101.179.0/24 maxlen: 24
141.101.191.0/24 maxlen: 24
141.101.132.0/24 maxlen: 24
141.101.133.0/24 maxlen: 24
141.101.135.0/24 maxlen: 24
141.101.145.0/24 maxlen: 24
141.101.143.0/24 maxlen: 24
141.101.148.0/24 maxlen: 24
141.101.147.0/24 maxlen: 24
141.101.150.0/24 maxlen: 24
141.101.149.0/24 maxlen: 24
141.101.155.0/24 maxlen: 24
141.101.154.0/24 maxlen: 24
141.101.153.0/24 maxlen: 24
141.101.159.0/24 maxlen: 24
141.101.158.0/24 maxlen: 24
141.101.156.0/24 maxlen: 24
141.101.162.0/24 maxlen: 24
141.101.161.0/24 maxlen: 24
141.101.160.0/24 maxlen: 24
141.101.166.0/24 maxlen: 24
141.101.165.0/24 maxlen: 24
141.101.164.0/24 maxlen: 24
141.101.168.0/24 maxlen: 24
141.101.167.0/24 maxlen: 24
141.101.171.0/24 maxlen: 24
141.101.170.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e9:2e:24:b3:a4:7d:04:b4:dc:93:1c:2b:a1:d3:8e:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 25 13:46:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91033aaaed81051f356e6db08a91ff299211821d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9a:4a:9d:84:fd:10:f6:5d:cd:99:fd:42:c4:
87:5f:7a:6d:40:a1:f9:72:a7:f9:06:d2:8b:9a:af:
13:a3:59:04:a0:15:38:48:aa:fe:df:2c:a8:c1:f3:
72:af:83:44:db:a6:bc:73:87:b9:65:3a:55:1d:f5:
fb:67:78:ca:dc:22:33:96:e4:e4:26:0d:b7:7a:ce:
40:24:8b:c6:02:02:74:fd:cc:90:c3:0c:e8:fb:f6:
92:a7:12:9a:1d:0b:3f:7f:cd:9d:ca:33:4c:90:e3:
ac:c0:a8:cc:c1:62:da:8a:2b:1e:98:73:1d:15:ba:
d3:d9:b1:4b:52:38:ba:00:26:0c:42:fe:37:c8:20:
65:50:d7:48:8c:50:67:f0:79:e4:3f:97:1e:d7:b2:
a1:0c:e7:34:e9:9c:d2:fd:4a:eb:53:8d:69:11:58:
9f:7b:c7:36:88:5b:d7:da:28:a3:93:3b:2a:18:7d:
75:f9:06:cf:29:26:49:ee:4b:1a:c0:f9:7a:c7:a7:
0f:5d:75:2b:f7:a0:fd:32:a9:07:c7:d9:dd:3f:b2:
52:63:57:26:63:a4:3f:7d:7c:5c:fc:3b:72:b5:a4:
3a:cc:43:c9:c3:95:27:dc:96:85:89:a6:cc:80:02:
21:e2:d2:5d:24:e6:f0:4f:52:69:5b:f0:ae:54:aa:
2b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:03:3A:AA:ED:81:05:1F:35:6E:6D:B0:8A:91:FF:29:92:11:82:1D
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/kQM6qu2BBR81bm2wipH_KZIRgh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.0.0/24
37.18.63.0/24
37.18.78.0/24
37.230.134.0/24
37.230.151.0/24
37.230.163.0/24
37.230.170.0/23
37.230.176.0/24
37.230.182.0/23
37.230.187.0/24
46.243.138.0/23
46.243.149.0/24
46.243.204.0/24
46.243.214.0/24
46.243.221.0-46.243.223.255
46.243.225.0/24
46.243.236.0-46.243.238.255
46.243.240.0/22
46.243.246.0-46.243.251.255
128.0.71.0/24
141.101.132.0/23
141.101.135.0/24
141.101.143.0/24
141.101.145.0/24
141.101.147.0-141.101.150.255
141.101.153.0-141.101.156.255
141.101.158.0-141.101.162.255
141.101.164.0-141.101.168.255
141.101.170.0/23
141.101.179.0/24
141.101.191.0/24
141.101.255.0/24
178.170.137.0/24
178.170.139.0-178.170.140.255
178.170.231.0/24
185.4.148.0/22
188.72.80.0/23
188.72.83.0-188.72.86.255
188.72.119.0/24
217.150.88.0/21
Signature Algorithm: sha256WithRSAEncryption
bc:63:04:d5:70:2b:54:a0:31:68:c8:b4:70:ed:79:04:34:74:
98:e8:c9:49:75:13:b1:9d:c2:a6:04:1a:a0:ca:95:e9:78:79:
28:8d:3c:a5:f2:bc:46:65:64:18:f5:30:51:e7:20:68:fd:ac:
de:13:b0:fe:19:9c:6d:0f:51:04:fc:91:d0:37:84:34:4d:b1:
3e:ce:26:bd:dd:f4:f5:d4:b7:e7:26:92:0c:d1:82:1c:ea:cf:
f0:c6:ce:b9:5a:7b:d9:92:fb:92:b3:e1:3e:47:a0:6c:ca:25:
0f:ab:b1:e0:e0:6d:56:71:bc:5b:ab:e4:c8:0c:47:8a:01:02:
f2:76:b7:8e:22:fa:80:14:c0:c1:81:83:82:7e:0f:44:68:0c:
4c:5e:b7:21:5e:4a:ba:ad:01:d8:ec:03:a8:b1:14:1b:40:65:
91:2a:a9:d9:60:da:5f:da:2d:46:fc:5f:46:11:48:da:58:ce:
ad:70:bc:e9:57:c7:e4:16:8e:df:ab:aa:ef:f8:bc:ce:df:62:
26:ab:53:b7:6e:bf:a7:ef:0b:ee:85:08:17:6c:61:7f:b7:bc:
1e:ca:03:ce:62:7e:21:e3:32:e6:8b:71:0e:41:cd:62:bb:e3:
07:7c:fe:4e:ab:13:e2:e8:89:4e:b2:49:2c:ee:2d:20:5e:ec:
ec:d4:67:48
-----BEGIN CERTIFICATE-----
MIIGOTCCBSGgAwIBAgISAYXpLiSzpH0EtNyTHCuh0445MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjMwMTI1MTM0NjMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTAzM2FhYWVkODEwNTFmMzU2ZTZkYjA4YTkxZmYyOTkyMTE4MjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuppKnYT9EPZdzZn9QsSHX3ptQKH5
cqf5BtKLmq8To1kEoBU4SKr+3yyowfNyr4NE26a8c4e5ZTpVHfX7Z3jK3CIzluTk
Jg23es5AJIvGAgJ0/cyQwwzo+/aSpxKaHQs/f82dyjNMkOOswKjMwWLaiisemHMd
FbrT2bFLUji6ACYMQv43yCBlUNdIjFBn8HnkP5ce17KhDOc06ZzS/UrrU41pEVif
e8c2iFvX2iijkzsqGH11+QbPKSZJ7ksawPl6x6cPXXUr96D9MqkHx9ndP7JSY1cm
Y6Q/fXxc/DtytaQ6zEPJw5Un3JaFiabMgAIh4tJdJObwT1JpW/CuVKoryQIDAQAB
o4IDRTCCA0EwHQYDVR0OBBYEFJEDOqrtgQUfNW5tsIqR/ymSEYIdMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEva1FNNnF1MkJCUjgxYm0yd2lwSF9LWklSZ2gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBWQYIKwYBBQUHAQcBAf8EggFIMIIBRDCCAUAEAgABMIIB
OAMEACUSAAMEACUSPwMEACUSTgMEACXmhgMEACXmlwMEACXmowMEASXmqgMEACXm
sAMEASXmtgMEACXmuwMEAS7zigMEAC7zlQMEAC7zzAMEAC7z1jAMAwQALvPdAwQF
LvPAAwQALvPhMAwDBAIu8+wDBAAu8+4DBAIu8/AwDAMEAS7z9gMEAi7z+AMEAIAA
RwMEAY1lhAMEAI1lhwMEAI1ljwMEAI1lkTAMAwQAjWWTAwQAjWWWMAwDBACNZZkD
BACNZZwwDAMEAY1lngMEAI1lojAMAwQCjWWkAwQAjWWoAwQBjWWqAwQAjWWzAwQA
jWW/AwQAjWX/AwQAsqqJMAwDBACyqosDBACyqowDBACyqucDBAK5BJQDBAG8SFAw
DAMEALxIUwMEALxIVgMEALxIdwMEA9mWWDANBgkqhkiG9w0BAQsFAAOCAQEAvGME
1XArVKAxaMi0cO15BDR0mOjJSXUTsZ3CpgQaoMqV6Xh5KI08pfK8RmVkGPUwUecg
aP2s3hOw/hmcbQ9RBPyR0DeENE2xPs4mvd309dS35yaSDNGCHOrP8MbOuVp72ZL7
krPhPkegbMolD6ux4OBtVnG8W6vkyAxHigEC8na3jiL6gBTAwYGDgn4PRGgMTF63
IV5Kuq0B2OwDqLEUG0BlkSqp2WDaX9otRvxfRhFI2ljOrXC86VfH5BaO36uq7/i8
zt9iJqtTt26/p+8L7oUIF2xhf7e8HsoDzmJ+IeMy5otxDkHNYrvjB3z+TqsT4uiJ
TrJJLO4tIF7s7NRnSA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:32 2023 by rpki-client on console-ams.rpki-client.org