Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/4s2MIuaLNfRP80z69f_7PoKs6sI.roa
File: 4s2MIuaLNfRP80z69f_7PoKs6sI.roa (raw, json)
Hash identifier: ipjrvvkaDpVNExXLoTWmZGikN3nNxkN/iedkGUMcEkY=
Subject key identifier: E2:CD:8C:22:E6:8B:35:F4:4F:F3:4C:FA:F5:FF:FB:3E:82:AC:EA:C2
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 01856D5CF39B783CDC9BF0437D689ACF3F33
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/4s2MIuaLNfRP80z69f_7PoKs6sI.roa
Signing time: Sun 01 Jan 2023 12:44:46 +0000
ROA not before: Sun 01 Jan 2023 12:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49685
IP address blocks: 185.110.172.0/22 maxlen: 24
93.191.128.0/21 maxlen: 24
185.110.173.0/24 maxlen: 24
83.96.216.0/22 maxlen: 24
83.96.224.0/19 maxlen: 24
83.96.236.0/22 maxlen: 24
83.96.240.0/22 maxlen: 24
83.96.244.0/22 maxlen: 24
83.96.252.0/22 maxlen: 24
213.187.240.0/21 maxlen: 24
193.93.172.0/22 maxlen: 24
171.33.128.0/21 maxlen: 24
81.30.32.0/20 maxlen: 24
171.33.128.0/24 maxlen: 24
193.242.119.0/24 maxlen: 24
80.255.240.0/20 maxlen: 24
185.110.200.0/22 maxlen: 24
91.205.32.0/22 maxlen: 24
79.170.88.0/21 maxlen: 24
217.21.240.0/20 maxlen: 24
83.96.204.0/22 maxlen: 24
83.96.200.0/22 maxlen: 24
83.96.212.0/22 maxlen: 24
185.15.248.0/22 maxlen: 24
83.96.128.0/17 maxlen: 24
83.96.157.0/24 maxlen: 24
89.31.96.0/21 maxlen: 24
81.4.112.0/22 maxlen: 24
91.216.162.0/24 maxlen: 24
81.4.112.0/21 maxlen: 24
80.246.192.0/20 maxlen: 24
81.4.64.0/19 maxlen: 24
80.246.207.0/24 maxlen: 24
185.95.68.0/22 maxlen: 24
81.4.84.0/22 maxlen: 24
37.17.208.0/20 maxlen: 24
81.4.96.0/22 maxlen: 24
178.18.80.0/20 maxlen: 24
91.142.240.0/20 maxlen: 24
185.21.188.0/22 maxlen: 24
217.149.128.0/20 maxlen: 24
31.223.160.0/20 maxlen: 24
81.21.136.0/21 maxlen: 24
37.230.96.0/21 maxlen: 24
31.3.96.0/21 maxlen: 24
194.60.207.0/24 maxlen: 24
141.138.192.0/20 maxlen: 24
80.84.224.0/20 maxlen: 24
80.84.224.0/19 maxlen: 24
85.158.248.0/21 maxlen: 24
193.138.204.0/22 maxlen: 24
78.108.128.0/20 maxlen: 24
80.84.240.0/20 maxlen: 24
176.74.224.0/19 maxlen: 24
185.3.208.0/22 maxlen: 24
37.34.48.0/21 maxlen: 24
85.10.160.0/19 maxlen: 24
85.222.224.0/21 maxlen: 24
85.10.176.0/22 maxlen: 24
2001:4cb8::/29 maxlen: 48
2001:4cb8:40b::/48 maxlen: 48
2001:4cb8:e::/48 maxlen: 48
2a02:348::/32 maxlen: 48
2a02:348:28::/48 maxlen: 48
2a02:348:29::/48 maxlen: 48
2001:828::/32 maxlen: 48
2a02:348:7d::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 04 Dec 2023 13:52:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5c:f3:9b:78:3c:dc:9b:f0:43:7d:68:9a:cf:3f:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jan 1 12:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2cd8c22e68b35f44ff34cfaf5fffb3e82aceac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:38:26:fc:28:5a:cd:86:4c:e7:80:87:c3:dd:
73:f2:02:fe:ec:37:b4:7d:d5:bd:af:f7:cf:35:d5:
42:c7:a0:90:ae:90:ad:03:2e:d6:5b:5e:e0:09:6a:
b5:8d:77:ff:29:02:a2:a2:41:7f:ab:d6:3d:be:eb:
2e:87:f8:e8:3d:34:ed:00:40:7a:02:5f:62:ae:85:
46:12:a9:37:37:81:23:9a:fd:a3:be:a1:23:77:96:
ad:d4:89:cb:a2:e9:ae:3a:f4:f9:a6:55:54:a5:a8:
56:2f:cc:1c:fd:c1:97:8b:e1:cf:02:e2:5d:c8:d4:
6b:b0:87:e5:b6:39:4c:f7:97:8b:e8:e5:c7:22:d7:
e8:8a:74:ee:f6:1b:53:57:1d:10:3e:7e:5c:e3:d9:
6c:b5:16:62:eb:09:c7:9e:31:7f:61:6d:25:3e:7a:
82:39:03:9f:e9:0a:21:18:7c:51:8e:68:99:ab:4f:
73:43:35:f9:8f:ec:8b:0b:68:6d:f9:ca:25:b2:15:
4b:d5:bd:fb:8f:9d:7f:87:25:00:45:04:5d:0d:a5:
db:d3:6c:32:27:b7:72:29:a8:55:e2:f2:dc:d3:94:
19:64:e2:a0:79:8c:e2:b6:5b:cc:66:65:d5:6a:84:
9b:fc:4c:98:b2:72:69:0b:05:fb:a3:d1:c0:00:f5:
6b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:CD:8C:22:E6:8B:35:F4:4F:F3:4C:FA:F5:FF:FB:3E:82:AC:EA:C2
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/4s2MIuaLNfRP80z69f_7PoKs6sI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.96.0/21
31.223.160.0/20
37.17.208.0/20
37.34.48.0/21
37.230.96.0/21
78.108.128.0/20
79.170.88.0/21
80.84.224.0/19
80.246.192.0/20
80.255.240.0/20
81.4.64.0-81.4.99.255
81.4.112.0/21
81.21.136.0/21
81.30.32.0/20
83.96.128.0/17
85.10.160.0/19
85.158.248.0/21
85.222.224.0/21
89.31.96.0/21
91.142.240.0/20
91.205.32.0/22
91.216.162.0/24
93.191.128.0/21
141.138.192.0/20
171.33.128.0/21
176.74.224.0/19
178.18.80.0/20
185.3.208.0/22
185.15.248.0/22
185.21.188.0/22
185.95.68.0/22
185.110.172.0/22
185.110.200.0/22
193.93.172.0/22
193.138.204.0/22
193.242.119.0/24
194.60.207.0/24
213.187.240.0/21
217.21.240.0/20
217.149.128.0/20
IPv6:
2001:828::/32
2001:4cb8::/29
2a02:348::/32
Signature Algorithm: sha256WithRSAEncryption
42:66:14:3c:61:58:c9:94:1f:b8:90:a2:b5:b4:d9:c0:a7:8d:
21:90:0c:26:a3:49:50:8b:b4:fb:10:d3:04:a2:73:fb:71:b1:
bb:0c:05:b5:2c:fa:80:7a:f3:24:65:28:8d:91:21:de:fd:7a:
20:4f:46:87:d9:80:ca:3c:4c:e4:63:4b:4d:20:6e:09:32:c9:
98:8b:24:bb:f7:5d:3b:4d:e9:a4:18:ea:d1:b1:4a:72:08:ec:
4e:23:f8:a8:31:db:44:58:b1:a0:03:02:63:1c:7b:97:02:9a:
74:b8:a8:5c:bb:7d:26:67:aa:8f:fd:af:ac:4d:b7:44:6f:15:
e6:db:47:0f:36:d4:68:39:64:63:91:68:37:7b:1a:82:f3:f3:
b8:07:44:53:81:83:f9:a2:64:8a:5e:98:67:99:74:58:86:04:
fd:90:6f:95:44:56:e1:57:2e:a3:6d:66:f8:c8:58:89:fe:39:
3f:4e:09:94:63:28:dc:9e:03:12:4b:cf:dd:1c:78:c5:88:27:
e5:58:79:ed:71:3b:c5:54:8d:e2:32:b6:4f:6b:59:00:3b:25:
ed:63:8c:a7:7d:2d:6f:0e:d0:05:5b:eb:7e:4f:54:4f:b2:4b:
00:a5:6b:4c:75:12:53:96:8d:eb:67:06:48:44:8c:ec:16:41:
51:d3:34:d7
-----BEGIN CERTIFICATE-----
MIIGFDCCBPygAwIBAgISAYVtXPObeDzcm/BDfWiazz8zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjMwMTAxMTI0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmNkOGMyMmU2OGIzNWY0NGZmMzRjZmFmNWZmZmIzZTgyYWNlYWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijgm/ChazYZM54CHw91z8gL+7De0
fdW9r/fPNdVCx6CQrpCtAy7WW17gCWq1jXf/KQKiokF/q9Y9vusuh/joPTTtAEB6
Al9iroVGEqk3N4Ejmv2jvqEjd5at1InLoumuOvT5plVUpahWL8wc/cGXi+HPAuJd
yNRrsIfltjlM95eL6OXHItfoinTu9htTVx0QPn5c49lstRZi6wnHnjF/YW0lPnqC
OQOf6QohGHxRjmiZq09zQzX5j+yLC2ht+colshVL1b37j51/hyUARQRdDaXb02wy
J7dyKahV4vLc05QZZOKgeYzitlvMZmXVaoSb/EyYsnJpCwX7o9HAAPVrMQIDAQAB
o4IDIDCCAxwwHQYDVR0OBBYEFOLNjCLmizX0T/NM+vX/+z6CrOrCMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvNHMyTUl1YUxOZlJQODB6NjlmXzdQb0tzNnNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNAYIKwYBBQUHAQcBAf8EggEjMIIBHzCB/wQCAAEwgfgD
BAMfA2ADBAQf36ADBAQlEdADBAMlIjADBAMl5mADBARObIADBANPqlgDBAVQVOAD
BARQ9sADBARQ//AwDAMEBlEEQAMEAlEEYAMEA1EEcAMEA1EViAMEBFEeIAMEB1Ng
gAMEBVUKoAMEA1We+AMEA1Xe4AMEA1kfYAMEBFuO8AMEAlvNIAMEAFvYogMEA12/
gAMEBI2KwAMEA6shgAMEBbBK4AMEBLISUAMEArkD0AMEArkP+AMEArkVvAMEArlf
RAMEArlurAMEArluyAMEAsFdrAMEAsGKzAMEAMHydwMEAMI8zwMEA9W78AMEBNkV
8AMEBNmVgDAbBAIAAjAVAwUAIAEIKAMFAyABTLgDBQAqAgNIMA0GCSqGSIb3DQEB
CwUAA4IBAQBCZhQ8YVjJlB+4kKK1tNnAp40hkAwmo0lQi7T7ENMEonP7cbG7DAW1
LPqAevMkZSiNkSHe/XogT0aH2YDKPEzkY0tNIG4JMsmYiyS79107TemkGOrRsUpy
COxOI/ioMdtEWLGgAwJjHHuXApp0uKhcu30mZ6qP/a+sTbdEbxXm20cPNtRoOWRj
kWg3exqC8/O4B0RTgYP5omSKXphnmXRYhgT9kG+VRFbhVy6jbWb4yFiJ/jk/TgmU
YyjcngMSS8/dHHjFiCflWHntcTvFVI3iMrZPa1kAOyXtY4ynfS1vDtAFW+t+T1RP
sksApWtMdRJTlo3rZwZIRIzsFkFR0zTX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:01 2024 by rpki-client on console-fra.rpki-client.org