Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/vmlDvv81OQL3kWqRhgxRl6ag_XQ.roa
File: vmlDvv81OQL3kWqRhgxRl6ag_XQ.roa (raw, json)
Hash identifier: L/wC34syu0NgKFc6WoQ7X0g0kvThZndCe0uGCG5+lqs=
Subject key identifier: BE:69:43:BE:FF:35:39:02:F7:91:6A:91:86:0C:51:97:A6:A0:FD:74
Certificate issuer: /CN=237f7db033314c473cda194e0df79f1c375da3f4
Certificate serial: 0186728FE0E03A479C631BC6B8823DD4D95D
Authority key identifier: 23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/vmlDvv81OQL3kWqRhgxRl6ag_XQ.roa
Signing time: Tue 21 Feb 2023 06:01:17 +0000
ROA not before: Tue 21 Feb 2023 06:01:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3225
IP address blocks: 91.140.221.0/24 maxlen: 24
91.140.220.0/24 maxlen: 24
91.140.224.0/24 maxlen: 24
91.140.222.0/24 maxlen: 24
91.140.223.0/24 maxlen: 24
91.140.224.0/22 maxlen: 22
91.140.226.0/24 maxlen: 24
91.140.233.0/24 maxlen: 24
91.140.228.0/22 maxlen: 22
91.140.232.0/24 maxlen: 24
91.140.240.0/24 maxlen: 24
91.140.235.0/24 maxlen: 24
91.140.234.0/24 maxlen: 24
91.140.238.0/24 maxlen: 24
91.140.239.0/24 maxlen: 24
91.140.236.0/24 maxlen: 24
91.140.237.0/24 maxlen: 24
91.140.242.0/24 maxlen: 24
91.140.241.0/24 maxlen: 24
91.140.244.0/22 maxlen: 22
91.140.246.0/24 maxlen: 24
91.140.248.0/24 maxlen: 24
91.140.249.0/24 maxlen: 24
91.140.248.0/22 maxlen: 22
91.140.252.0/24 maxlen: 24
91.140.253.0/24 maxlen: 24
91.140.250.0/24 maxlen: 24
91.140.252.0/22 maxlen: 22
91.140.251.0/24 maxlen: 24
91.140.255.0/24 maxlen: 24
91.140.254.0/24 maxlen: 24
91.140.164.0/22 maxlen: 22
185.16.4.0/22 maxlen: 22
91.140.160.0/22 maxlen: 22
91.140.172.0/22 maxlen: 22
94.187.224.0/19 maxlen: 24
91.140.180.0/22 maxlen: 22
94.187.232.0/22 maxlen: 22
91.140.192.0/22 maxlen: 24
91.140.188.0/22 maxlen: 22
94.187.228.0/22 maxlen: 22
94.187.236.0/22 maxlen: 22
91.140.196.0/22 maxlen: 24
94.187.240.0/22 maxlen: 24
91.140.201.0/24 maxlen: 24
91.140.200.0/22 maxlen: 22
91.140.203.0/24 maxlen: 24
94.187.244.0/22 maxlen: 22
91.140.204.0/22 maxlen: 22
91.140.202.0/24 maxlen: 24
91.140.212.0/22 maxlen: 22
94.187.252.0/22 maxlen: 22
91.140.207.0/24 maxlen: 24
94.187.248.0/22 maxlen: 22
91.140.208.0/22 maxlen: 22
91.140.128.0/22 maxlen: 22
91.140.128.0/17 maxlen: 17
91.140.132.0/22 maxlen: 22
91.140.140.0/22 maxlen: 22
91.140.152.0/22 maxlen: 22
91.140.148.0/22 maxlen: 22
194.54.241.0/24 maxlen: 24
194.54.244.0/22 maxlen: 22
194.54.243.0/24 maxlen: 24
194.54.248.0/22 maxlen: 22
194.54.252.0/22 maxlen: 22
194.54.192.0/19 maxlen: 24
194.54.192.0/18 maxlen: 18
194.54.194.0/23 maxlen: 23
194.54.196.0/22 maxlen: 22
194.54.204.0/22 maxlen: 22
194.54.200.0/22 maxlen: 22
194.54.202.0/24 maxlen: 24
194.54.209.0/24 maxlen: 24
194.54.208.0/22 maxlen: 22
194.54.208.0/24 maxlen: 24
194.54.212.0/22 maxlen: 22
194.54.216.0/22 maxlen: 22
194.54.224.0/19 maxlen: 19
194.54.220.0/24 maxlen: 24
194.54.220.0/22 maxlen: 22
194.54.224.0/22 maxlen: 22
194.54.232.0/22 maxlen: 22
194.54.228.0/22 maxlen: 22
194.54.234.0/24 maxlen: 24
194.54.236.0/22 maxlen: 22
194.54.240.0/22 maxlen: 24
2a01:7780::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:72:8f:e0:e0:3a:47:9c:63:1b:c6:b8:82:3d:d4:d9:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=237f7db033314c473cda194e0df79f1c375da3f4
Validity
Not Before: Feb 21 06:01:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be6943beff353902f7916a91860c5197a6a0fd74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:56:10:c5:75:81:4a:59:66:23:a5:d4:52:6d:
65:41:21:95:72:c8:db:bc:a2:77:be:5f:e6:9e:cd:
29:a2:1e:0a:58:d5:e6:26:ec:84:61:e6:55:67:f1:
d2:a1:74:06:35:38:1f:53:bc:77:11:f0:09:37:8f:
3e:51:af:dc:2a:55:da:bc:d6:5e:59:53:f3:fe:f5:
ed:12:5b:4b:8f:c3:57:2f:ad:12:e9:83:17:87:87:
72:0f:de:61:a6:09:38:2d:90:ce:b9:29:58:07:f5:
f6:30:59:54:17:b1:2e:8a:8a:54:c1:31:a2:db:8f:
11:ed:44:2e:55:ca:ce:2d:5d:ad:8b:35:0a:cf:53:
b7:86:07:ea:97:e1:41:4d:5e:f4:29:18:e1:25:32:
97:84:32:6d:2c:3e:83:ba:99:4d:68:36:a8:c3:f6:
fa:c3:11:46:1c:28:80:e2:b7:54:18:fd:e4:c0:dc:
45:5c:fb:da:f7:0e:f0:f7:26:17:4c:49:fd:2e:0d:
23:4a:d0:d9:92:19:85:e4:39:3b:14:6e:85:91:d9:
48:45:f2:3c:c5:a8:c9:15:2e:0c:5d:6c:cc:a4:67:
4a:0c:cb:53:e5:2b:f4:55:3c:73:8a:8f:72:f8:dc:
11:4f:45:b4:bf:48:a2:a2:70:46:fd:3b:ea:be:a9:
80:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:69:43:BE:FF:35:39:02:F7:91:6A:91:86:0C:51:97:A6:A0:FD:74
X509v3 Authority Key Identifier:
keyid:23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/vmlDvv81OQL3kWqRhgxRl6ag_XQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/I399sDMxTEc82hlODfefHDddo_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.140.128.0/17
94.187.224.0/19
185.16.4.0/22
194.54.192.0/18
IPv6:
2a01:7780::/32
Signature Algorithm: sha256WithRSAEncryption
1d:9f:e2:e8:74:33:0a:66:2b:de:e9:9c:ba:a1:41:a9:6e:85:
9b:4c:94:a4:cd:92:d2:73:3e:55:f1:9e:4c:ba:25:26:9d:c4:
74:93:17:86:62:51:b8:0f:6f:38:09:23:a1:7e:07:ab:dd:ff:
9b:b6:87:35:f5:bb:01:1b:cd:d4:8b:20:0d:82:24:c8:3f:f8:
89:e7:0d:b1:ea:93:fc:8d:37:d5:84:50:da:52:b6:7e:e3:8b:
7a:dd:21:8f:6f:36:40:a8:43:c4:c8:a7:2b:44:46:d8:08:25:
dc:4d:8e:2a:60:66:30:11:da:a2:49:d6:1f:34:42:e4:8f:eb:
e3:01:ca:b1:67:b1:aa:ff:7c:01:15:b4:f5:70:55:2f:1d:23:
85:e3:fb:a8:3e:81:bc:05:1d:43:0f:57:e7:fb:e8:a6:ce:1f:
cc:9a:2a:9e:b6:7c:f3:62:e4:48:39:ee:97:8d:8b:97:a0:ff:
d4:4c:f8:b4:56:13:02:92:d9:b5:00:00:02:a4:db:69:3b:c7:
08:ef:64:84:56:36:94:95:11:fe:7f:9e:87:59:13:cb:8e:4e:
a2:5e:2f:d5:8b:f6:29:23:56:5b:bf:22:4d:8c:57:d3:22:1c:
43:6a:3c:46:00:c3:87:5e:b8:57:e7:b2:eb:37:c6:9c:fc:37:
fe:a7:b6:e6
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYZyj+DgOkecYxvGuII91NldMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzN2Y3ZGIwMzMzMTRjNDczY2RhMTk0ZTBkZjc5ZjFjMzc1
ZGEzZjQwHhcNMjMwMjIxMDYwMTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTY5NDNiZWZmMzUzOTAyZjc5MTZhOTE4NjBjNTE5N2E2YTBmZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFYQxXWBSllmI6XUUm1lQSGVcsjb
vKJ3vl/mns0poh4KWNXmJuyEYeZVZ/HSoXQGNTgfU7x3EfAJN48+Ua/cKlXavNZe
WVPz/vXtEltLj8NXL60S6YMXh4dyD95hpgk4LZDOuSlYB/X2MFlUF7EuiopUwTGi
248R7UQuVcrOLV2tizUKz1O3hgfql+FBTV70KRjhJTKXhDJtLD6DuplNaDaow/b6
wxFGHCiA4rdUGP3kwNxFXPva9w7w9yYXTEn9Lg0jStDZkhmF5Dk7FG6FkdlIRfI8
xajJFS4MXWzMpGdKDMtT5Sv0VTxzio9y+NwRT0W0v0iionBG/TvqvqmAWwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFL5pQ77/NTkC95FqkYYMUZemoP10MB8GA1UdIwQY
MBaAFCN/fbAzMUxHPNoZTg33nxw3XaP0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTM5OXNETXhURWM4MmhsT0RmZWZIRGRkb19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9lZWY1NTctMGUxMC00MGNlLWE0OGYt
ZWUwNjAzOTQ5ZjkzLzEvdm1sRHZ2ODFPUUwza1dxUmhneFJsNmFnX1hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9lZWY1NTctMGUxMC00MGNlLWE0OGYtZWUwNjAzOTQ5Zjkz
LzEvSTM5OXNETXhURWM4MmhsT0RmZWZIRGRkb19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQHW4yAAwQF
XrvgAwQCuRAEAwQGwjbAMA0EAgACMAcDBQAqAXeAMA0GCSqGSIb3DQEBCwUAA4IB
AQAdn+LodDMKZive6Zy6oUGpboWbTJSkzZLScz5V8Z5MuiUmncR0kxeGYlG4D284
CSOhfger3f+btoc19bsBG83UiyANgiTIP/iJ5w2x6pP8jTfVhFDaUrZ+44t63SGP
bzZAqEPEyKcrREbYCCXcTY4qYGYwEdqiSdYfNELkj+vjAcqxZ7Gq/3wBFbT1cFUv
HSOF4/uoPoG8BR1DD1fn++imzh/MmiqetnzzYuRIOe6XjYuXoP/UTPi0VhMCktm1
AAACpNtpO8cI72SEVjaUlRH+f56HWRPLjk6iXi/Vi/YpI1ZbvyJNjFfTIhxDajxG
AMOHXrhX57LrN8ac/Df+p7bm
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:40 2023 by rpki-client on console-ams.rpki-client.org