Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/ed51ec-78e6-4ff0-ba58-076c88b8802f/1/86pFHbf12Yw_khUHiCNd6zLvpjo.roa
File: 86pFHbf12Yw_khUHiCNd6zLvpjo.roa (raw, json)
Hash identifier: P1NRpV5fkLtagk4VJoFUZge7j26yjbd1oUNhWWlHS9U=
Subject key identifier: F3:AA:45:1D:B7:F5:D9:8C:3F:92:15:07:88:23:5D:EB:32:EF:A6:3A
Certificate issuer: /CN=65df379faaf210a7036dac05de6b5772dbe4dd6c
Certificate serial: 0187B7E6163CCF21A4D60CEB7DAB63CAAF21
Authority key identifier: 65:DF:37:9F:AA:F2:10:A7:03:6D:AC:05:DE:6B:57:72:DB:E4:DD:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zd83n6ryEKcDbawF3mtXctvk3Ww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/ed51ec-78e6-4ff0-ba58-076c88b8802f/1/86pFHbf12Yw_khUHiCNd6zLvpjo.roa
Signing time: Tue 25 Apr 2023 10:12:02 +0000
ROA not before: Tue 25 Apr 2023 10:12:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201838
IP address blocks: 89.36.112.0/20 maxlen: 20
188.215.16.0/23 maxlen: 23
95.214.228.0/22 maxlen: 22
45.93.172.0/22 maxlen: 22
79.171.156.0/22 maxlen: 22
79.171.154.0/23 maxlen: 23
79.171.153.0/24 maxlen: 24
45.148.12.0/22 maxlen: 22
45.94.60.0/22 maxlen: 22
45.117.136.0/22 maxlen: 22
45.90.172.0/22 maxlen: 22
188.215.74.0/23 maxlen: 23
185.238.220.0/22 maxlen: 22
89.45.176.0/20 maxlen: 20
93.113.26.0/23 maxlen: 23
45.89.156.0/22 maxlen: 22
45.89.84.0/22 maxlen: 22
192.166.208.0/22 maxlen: 22
62.133.48.0/22 maxlen: 22
45.150.144.0/22 maxlen: 22
94.177.138.0/23 maxlen: 23
147.12.128.0/17 maxlen: 17
193.164.20.0/22 maxlen: 22
185.241.164.0/22 maxlen: 22
95.214.184.0/22 maxlen: 22
80.76.56.0/22 maxlen: 22
171.22.104.0/22 maxlen: 22
185.59.124.0/22 maxlen: 22
188.241.106.0/23 maxlen: 23
103.7.204.0/22 maxlen: 22
45.146.8.0/22 maxlen: 22
45.159.88.0/22 maxlen: 22
46.102.171.0/24 maxlen: 24
46.102.170.0/24 maxlen: 24
46.102.170.0/23 maxlen: 23
185.240.196.0/22 maxlen: 22
94.176.208.0/23 maxlen: 23
45.149.220.0/22 maxlen: 22
45.95.248.0/22 maxlen: 22
212.132.192.0/18 maxlen: 18
185.237.60.0/22 maxlen: 22
94.247.86.0/23 maxlen: 23
188.212.122.0/23 maxlen: 23
45.94.176.0/22 maxlen: 22
185.71.36.0/22 maxlen: 22
45.148.56.0/22 maxlen: 22
45.128.32.0/22 maxlen: 22
45.141.236.0/22 maxlen: 22
45.81.72.0/22 maxlen: 22
45.91.112.0/22 maxlen: 22
185.111.172.0/22 maxlen: 22
45.128.136.0/22 maxlen: 22
2a03:3820::/32 maxlen: 32
2a02:6b60::/29 maxlen: 29
2a02:6b60::/28 maxlen: 28
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b7:e6:16:3c:cf:21:a4:d6:0c:eb:7d:ab:63:ca:af:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65df379faaf210a7036dac05de6b5772dbe4dd6c
Validity
Not Before: Apr 25 10:12:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3aa451db7f5d98c3f92150788235deb32efa63a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:5c:9d:7d:e7:7e:38:5f:f3:b7:59:38:01:0f:
c8:cb:73:38:e5:c4:a7:a0:43:93:06:0f:c6:da:8b:
da:89:de:ad:f3:70:96:5c:d1:ca:65:ff:3f:1b:b7:
5f:44:28:08:50:80:c9:ce:b7:29:61:9a:51:72:97:
97:4d:d0:80:9f:8d:67:11:3c:60:22:d1:1c:62:be:
b1:2a:a7:9a:bf:d7:61:a4:e0:ff:09:a7:af:55:a6:
a0:e2:4e:87:a8:ee:19:18:aa:be:35:f4:7f:bb:0c:
e5:81:b2:75:d7:9d:a3:e8:dd:c8:48:4e:2e:e6:e0:
83:4e:99:18:50:ca:e6:76:f2:d9:f7:92:6f:8d:6f:
bb:56:5f:fa:79:6d:31:cb:29:37:b5:13:2a:df:7c:
bd:19:14:36:37:9b:c0:60:b0:44:8b:71:bb:74:83:
8f:84:ef:00:0c:81:1e:1c:5b:36:d7:fa:ce:c7:46:
69:0d:4b:ea:06:94:bc:61:21:58:aa:d6:47:ed:35:
93:c2:3d:8a:d3:1a:ea:04:4f:d7:bc:4a:c1:ab:a0:
66:9f:f3:6f:45:98:ec:69:53:20:82:e5:7e:55:ea:
e2:68:83:3a:a9:06:a6:f4:c3:69:da:ca:c2:ad:25:
24:de:4a:35:88:1d:0a:e4:b1:ae:c2:48:c7:6b:66:
52:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:AA:45:1D:B7:F5:D9:8C:3F:92:15:07:88:23:5D:EB:32:EF:A6:3A
X509v3 Authority Key Identifier:
keyid:65:DF:37:9F:AA:F2:10:A7:03:6D:AC:05:DE:6B:57:72:DB:E4:DD:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zd83n6ryEKcDbawF3mtXctvk3Ww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/ed51ec-78e6-4ff0-ba58-076c88b8802f/1/86pFHbf12Yw_khUHiCNd6zLvpjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/ed51ec-78e6-4ff0-ba58-076c88b8802f/1/Zd83n6ryEKcDbawF3mtXctvk3Ww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.72.0/22
45.89.84.0/22
45.89.156.0/22
45.90.172.0/22
45.91.112.0/22
45.93.172.0/22
45.94.60.0/22
45.94.176.0/22
45.95.248.0/22
45.117.136.0/22
45.128.32.0/22
45.128.136.0/22
45.141.236.0/22
45.146.8.0/22
45.148.12.0/22
45.148.56.0/22
45.149.220.0/22
45.150.144.0/22
45.159.88.0/22
46.102.170.0/23
62.133.48.0/22
79.171.153.0-79.171.159.255
80.76.56.0/22
89.36.112.0/20
89.45.176.0/20
93.113.26.0/23
94.176.208.0/23
94.177.138.0/23
94.247.86.0/23
95.214.184.0/22
95.214.228.0/22
103.7.204.0/22
147.12.128.0/17
171.22.104.0/22
185.59.124.0/22
185.71.36.0/22
185.111.172.0/22
185.237.60.0/22
185.238.220.0/22
185.240.196.0/22
185.241.164.0/22
188.212.122.0/23
188.215.16.0/23
188.215.74.0/23
188.241.106.0/23
192.166.208.0/22
193.164.20.0/22
212.132.192.0/18
IPv6:
2a02:6b60::/28
2a03:3820::/32
Signature Algorithm: sha256WithRSAEncryption
64:b8:72:41:55:99:9c:1c:0b:ea:e6:3a:0d:7e:19:c3:ba:4e:
f3:53:92:0a:fe:e5:23:a0:42:f2:7e:0f:d5:6a:d4:5d:90:75:
42:98:ab:7c:ab:d1:b0:4e:8b:8a:52:28:27:64:8f:ed:1d:60:
43:dc:6c:14:28:e5:e1:e4:4d:4d:6e:7e:71:56:82:43:9c:8a:
aa:d3:39:15:77:25:79:5a:ea:08:98:60:e0:97:a2:49:86:5b:
72:20:2c:91:3e:16:4f:0b:80:80:75:b5:38:b3:67:f9:32:d1:
27:1e:3a:16:07:e1:f3:f1:da:3d:5a:bc:62:96:99:aa:9e:6e:
54:05:73:c6:4b:f3:ea:ad:9c:b4:f0:1f:76:b8:6e:0a:2c:82:
1d:0f:0f:13:a9:75:22:84:78:0e:2a:42:6e:a7:e5:da:61:db:
22:11:e4:80:35:a8:83:19:f7:65:ed:36:4c:bd:b3:1b:fd:45:
15:59:c2:e1:53:9f:81:26:bc:a4:95:60:e8:f6:8e:a8:8c:e0:
78:46:2a:b4:08:47:53:cd:78:dd:cc:28:2a:79:a4:12:09:8f:
e9:3f:fd:47:29:f5:c2:0c:c0:70:b1:3b:7d:2b:f8:4c:b1:9f:
ec:ef:a5:bc:e1:ff:2c:52:9c:8a:6f:2b:84:2e:23:55:74:c9:
00:ca:e3:06
-----BEGIN CERTIFICATE-----
MIIGPzCCBSegAwIBAgISAYe35hY8zyGk1gzrfatjyq8hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZGYzNzlmYWFmMjEwYTcwMzZkYWMwNWRlNmI1NzcyZGJl
NGRkNmMwHhcNMjMwNDI1MTAxMjAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2FhNDUxZGI3ZjVkOThjM2Y5MjE1MDc4ODIzNWRlYjMyZWZhNjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Vydfed+OF/zt1k4AQ/Iy3M45cSn
oEOTBg/G2ovaid6t83CWXNHKZf8/G7dfRCgIUIDJzrcpYZpRcpeXTdCAn41nETxg
ItEcYr6xKqeav9dhpOD/CaevVaag4k6HqO4ZGKq+NfR/uwzlgbJ1152j6N3ISE4u
5uCDTpkYUMrmdvLZ95JvjW+7Vl/6eW0xyyk3tRMq33y9GRQ2N5vAYLBEi3G7dIOP
hO8ADIEeHFs21/rOx0ZpDUvqBpS8YSFYqtZH7TWTwj2K0xrqBE/XvErBq6Bmn/Nv
RZjsaVMgguV+VeriaIM6qQam9MNp2srCrSUk3ko1iB0K5LGuwkjHa2ZS1wIDAQAB
o4IDSzCCA0cwHQYDVR0OBBYEFPOqRR239dmMP5IVB4gjXesy76Y6MB8GA1UdIwQY
MBaAFGXfN5+q8hCnA22sBd5rV3Lb5N1sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmQ4M242cnlFS2NEYmF3RjNtdFhjdHZrM1d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9lZDUxZWMtNzhlNi00ZmYwLWJhNTgt
MDc2Yzg4Yjg4MDJmLzEvODZwRkhiZjEyWXdfa2hVSGlDTmQ2ekx2cGpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9lZDUxZWMtNzhlNi00ZmYwLWJhNTgtMDc2Yzg4Yjg4MDJm
LzEvWmQ4M242cnlFS2NEYmF3RjNtdFhjdHZrM1d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXwYIKwYBBQUHAQcBAf8EggFOMIIBSjCCATAEAgABMIIB
KAMEAi1RSAMEAi1ZVAMEAi1ZnAMEAi1arAMEAi1bcAMEAi1drAMEAi1ePAMEAi1e
sAMEAi1f+AMEAi11iAMEAi2AIAMEAi2AiAMEAi2N7AMEAi2SCAMEAi2UDAMEAi2U
OAMEAi2V3AMEAi2WkAMEAi2fWAMEAS5mqgMEAj6FMDAMAwQAT6uZAwQFT6uAAwQC
UEw4AwQEWSRwAwQEWS2wAwQBXXEaAwQBXrDQAwQBXrGKAwQBXvdWAwQCX9a4AwQC
X9bkAwQCZwfMAwQHkwyAAwQCqxZoAwQCuTt8AwQCuUckAwQCuW+sAwQCue08AwQC
ue7cAwQCufDEAwQCufGkAwQBvNR6AwQBvNcQAwQBvNdKAwQBvPFqAwQCwKbQAwQC
waQUAwQG1ITAMBQEAgACMA4DBQQqAmtgAwUAKgM4IDANBgkqhkiG9w0BAQsFAAOC
AQEAZLhyQVWZnBwL6uY6DX4Zw7pO81OSCv7lI6BC8n4P1WrUXZB1QpirfKvRsE6L
ilIoJ2SP7R1gQ9xsFCjl4eRNTW5+cVaCQ5yKqtM5FXcleVrqCJhg4JeiSYZbciAs
kT4WTwuAgHW1OLNn+TLRJx46Fgfh8/HaPVq8YpaZqp5uVAVzxkvz6q2ctPAfdrhu
CiyCHQ8PE6l1IoR4DipCbqfl2mHbIhHkgDWogxn3Ze02TL2zG/1FFVnC4VOfgSa8
pJVg6PaOqIzgeEYqtAhHU8143cwoKnmkEgmP6T/9Ryn1wgzAcLE7fSv4TLGf7O+l
vOH/LFKcim8rhC4jVXTJAMrjBg==
-----END CERTIFICATE-----
Generated at Mon Oct 2 14:32:05 2023 by rpki-client on console-ams.rpki-client.org