Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/0islEelmID6mexFYTcuts1M8JC4.roa
File: 0islEelmID6mexFYTcuts1M8JC4.roa (raw, json)
Hash identifier: Mb30gOPPqew8TwOJ0PPPiSS8vc7RjWpo5TvcqrCdBIQ=
Subject key identifier: D2:2B:25:11:E9:66:20:3E:A6:7B:11:58:4D:CB:AD:B3:53:3C:24:2E
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 018EC67AAE79AAA744ACDAE43775B02D3130
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/0islEelmID6mexFYTcuts1M8JC4.roa
Signing time: Wed 10 Apr 2024 05:28:32 +0000
ROA not before: Wed 10 Apr 2024 05:28:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 37.221.124.0/22 maxlen: 24
45.67.228.0/24 maxlen: 24
45.67.229.0/24 maxlen: 24
45.67.230.0/24 maxlen: 24
45.67.231.0/24 maxlen: 24
45.120.176.0/22 maxlen: 24
62.3.12.0/24 maxlen: 24
74.119.192.0/24 maxlen: 24
74.119.193.0/24 maxlen: 24
74.119.194.0/24 maxlen: 24
74.119.195.0/24 maxlen: 24
80.92.204.0/24 maxlen: 24
80.92.205.0/24 maxlen: 24
80.92.206.0/24 maxlen: 24
86.104.72.0/22 maxlen: 24
89.221.224.0/24 maxlen: 24
89.221.225.0/24 maxlen: 24
91.194.161.0/24 maxlen: 24
91.225.217.0/24 maxlen: 24
91.225.218.0/24 maxlen: 24
91.225.219.0/24 maxlen: 24
103.35.188.0/22 maxlen: 24
103.106.0.0/22 maxlen: 24
103.113.68.0/22 maxlen: 24
176.120.64.0/22 maxlen: 24
176.120.64.0/24 maxlen: 24
176.120.72.0/22 maxlen: 24
185.234.64.0/22 maxlen: 24
185.235.240.0/22 maxlen: 24
185.236.232.0/22 maxlen: 24
185.242.84.0/24 maxlen: 24
185.242.85.0/24 maxlen: 24
185.242.86.0/24 maxlen: 24
185.242.87.0/24 maxlen: 24
185.250.148.0/24 maxlen: 24
185.250.149.0/24 maxlen: 24
185.250.150.0/24 maxlen: 24
185.250.151.0/24 maxlen: 24
193.203.202.0/24 maxlen: 24
194.246.114.0/24 maxlen: 24
194.246.115.0/24 maxlen: 24
195.149.87.0/24 maxlen: 24
2a09:7c40::/32 maxlen: 32
2a09:7c41::/32 maxlen: 32
2a09:7c42::/32 maxlen: 32
2a09:7c43::/32 maxlen: 32
2a09:7c44::/32 maxlen: 32
2a09:7c45::/32 maxlen: 32
2a09:7c46::/32 maxlen: 32
2a09:7c47::/32 maxlen: 32
2a11:3805::/32 maxlen: 32
2a11:3c02::/32 maxlen: 32
2a11:3c03::/32 maxlen: 32
2a14:2d80::/32 maxlen: 32
2a14:2d81::/32 maxlen: 32
2a14:2d82::/32 maxlen: 32
2a14:2e80::/32 maxlen: 32
2a14:2f80::/32 maxlen: 32
2a14:3080::/32 maxlen: 32
2a14:3880::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 10 Apr 2024 12:47:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c6:7a:ae:79:aa:a7:44:ac:da:e4:37:75:b0:2d:31:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Apr 10 05:28:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d22b2511e966203ea67b11584dcbadb3533c242e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6e:3d:f4:eb:bc:63:7b:55:40:20:6f:9c:9b:
aa:40:96:42:ec:64:23:9a:41:04:fe:85:86:58:e9:
c9:3a:e2:8a:a1:33:61:b8:66:d6:01:b4:f8:2f:02:
ab:69:3b:5c:fb:40:cb:9e:4b:55:54:da:14:54:67:
3a:5e:92:ca:76:c2:b6:71:6d:34:a6:75:35:a4:1c:
d7:0e:d1:72:1d:18:6b:7e:0e:46:ce:22:0f:9e:8a:
24:e6:9c:1d:dd:c3:f0:55:73:12:6d:c3:45:4d:f5:
5e:7e:30:39:3b:6b:4b:12:c7:15:86:5e:8d:6c:ec:
50:f4:b2:83:5b:35:13:99:7c:57:e3:c0:3e:39:3a:
e4:1b:5f:bc:81:3b:49:c8:5a:d2:bf:a0:10:74:c3:
3f:32:6a:70:68:f2:f7:c5:60:32:3f:8a:f1:bd:2e:
17:72:1e:cd:8e:a1:84:bf:53:d1:a9:db:45:13:38:
b8:e1:a7:46:6c:9d:67:da:2e:64:1b:bc:4b:bf:ed:
b7:01:59:e2:06:8c:bb:29:1d:fe:a4:c1:9c:46:80:
20:17:78:6f:63:05:94:a6:4e:8f:97:52:60:c6:45:
83:ff:1b:6f:85:ad:c7:3e:0d:7e:f8:fb:41:46:ae:
7b:3f:1a:37:6d:8b:8a:5f:24:01:1d:33:e9:18:95:
ae:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:2B:25:11:E9:66:20:3E:A6:7B:11:58:4D:CB:AD:B3:53:3C:24:2E
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/0islEelmID6mexFYTcuts1M8JC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.124.0/22
45.67.228.0/22
45.120.176.0/22
62.3.12.0/24
74.119.192.0/22
80.92.204.0-80.92.206.255
86.104.72.0/22
89.221.224.0/23
91.194.161.0/24
91.225.217.0-91.225.219.255
103.35.188.0/22
103.106.0.0/22
103.113.68.0/22
176.120.64.0/22
176.120.72.0/22
185.234.64.0/22
185.235.240.0/22
185.236.232.0/22
185.242.84.0/22
185.250.148.0/22
193.203.202.0/24
194.246.114.0/23
195.149.87.0/24
IPv6:
2a09:7c40::/29
2a11:3805::/32
2a11:3c02::/31
2a14:2d80::-2a14:2d82:ffff:ffff:ffff:ffff:ffff:ffff
2a14:2e80::/32
2a14:2f80::/32
2a14:3080::/32
2a14:3880::/32
Signature Algorithm: sha256WithRSAEncryption
88:9f:0b:18:ea:8e:2d:bb:16:9b:af:11:8c:3c:6f:c8:bb:54:
1d:9b:11:3f:99:39:5f:c2:a7:fd:80:aa:a1:01:53:41:fb:d7:
0e:cc:05:a7:47:12:6b:db:86:fe:cd:8c:8e:e5:6f:57:36:eb:
4e:f6:65:39:24:f0:16:2a:bc:df:0d:0c:ec:72:e5:45:6a:a3:
83:0c:c3:6c:bd:ee:a3:68:8c:b7:47:52:3f:49:ee:36:f1:b6:
d6:58:f5:b4:12:4f:7f:1f:ec:c8:3d:04:12:bf:ae:ea:23:6e:
e5:31:ac:e0:f1:1d:5b:0b:66:f8:eb:dd:92:1b:a8:50:ed:c0:
c9:44:73:5b:60:33:d4:74:70:bf:84:a0:69:ee:30:11:dc:04:
ce:a3:a3:da:09:78:df:d7:f8:f2:6e:b4:20:f4:6c:24:49:33:
18:ae:42:1a:97:d0:4a:02:25:0c:2a:06:ce:c8:97:9a:3f:f5:
d3:e1:20:00:f9:74:b7:76:a1:b5:7d:9d:f4:e6:28:cd:d7:f8:
83:90:33:15:5a:ce:ec:ee:41:31:cf:5a:21:9c:67:f2:69:65:
ac:a4:04:64:bf:81:31:55:8b:fe:7d:ff:fc:66:db:c2:fc:c5:
f1:0e:98:56:4e:d2:30:f3:a0:49:08:7d:23:da:07:69:be:31:
38:c3:3b:6e
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgISAY7Geq55qqdErNrkN3WwLTEwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjQwNDEwMDUyODMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjJiMjUxMWU5NjYyMDNlYTY3YjExNTg0ZGNiYWRiMzUzM2MyNDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2499Ou8Y3tVQCBvnJuqQJZC7GQj
mkEE/oWGWOnJOuKKoTNhuGbWAbT4LwKraTtc+0DLnktVVNoUVGc6XpLKdsK2cW00
pnU1pBzXDtFyHRhrfg5GziIPnook5pwd3cPwVXMSbcNFTfVefjA5O2tLEscVhl6N
bOxQ9LKDWzUTmXxX48A+OTrkG1+8gTtJyFrSv6AQdMM/MmpwaPL3xWAyP4rxvS4X
ch7NjqGEv1PRqdtFEzi44adGbJ1n2i5kG7xLv+23AVniBoy7KR3+pMGcRoAgF3hv
YwWUpk6Pl1JgxkWD/xtvha3HPg1++PtBRq57Pxo3bYuKXyQBHTPpGJWujwIDAQAB
o4IC7DCCAugwHQYDVR0OBBYEFNIrJRHpZiA+pnsRWE3LrbNTPCQuMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvMGlzbEVlbG1JRDZtZXhGWVRjdXRzMU04SkM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAAYIKwYBBQUHAQcBAf8EgfAwge0wgaEEAgABMIGaAwQC
Jd18AwQCLUPkAwQCLXiwAwQAPgMMAwQCSnfAMAwDBAJQXMwDBABQXM4DBAJWaEgD
BAFZ3eADBABbwqEwDAMEAFvh2QMEAlvh2AMEAmcjvAMEAmdqAAMEAmdxRAMEArB4
QAMEArB4SAMEArnqQAMEArnr8AMEArns6AMEArnyVAMEArn6lAMEAMHLygMEAcL2
cgMEAMOVVzBHBAIAAjBBAwUDKgl8QAMFACoROAUDBQEqETwCMA4DBQcqFC2AAwUA
KhQtggMFACoULoADBQAqFC+AAwUAKhQwgAMFACoUOIAwDQYJKoZIhvcNAQELBQAD
ggEBAIifCxjqji27FpuvEYw8b8i7VB2bET+ZOV/Cp/2AqqEBU0H71w7MBadHEmvb
hv7NjI7lb1c26072ZTkk8BYqvN8NDOxy5UVqo4MMw2y97qNojLdHUj9J7jbxttZY
9bQST38f7Mg9BBK/ruojbuUxrODxHVsLZvjr3ZIbqFDtwMlEc1tgM9R0cL+EoGnu
MBHcBM6jo9oJeN/X+PJutCD0bCRJMxiuQhqX0EoCJQwqBs7Il5o/9dPhIAD5dLd2
obV9nfTmKM3X+IOQMxVazuzuQTHPWiGcZ/JpZaykBGS/gTFVi/59//xm28L8xfEO
mFZO0jDzoEkIfSPaB2m+MTjDO24=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:28 2024 by rpki-client on console-ams.rpki-client.org