Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/f1Ai8Drkw7TxjtHi-v7F9vXCVyA.roa
File: f1Ai8Drkw7TxjtHi-v7F9vXCVyA.roa (raw, json)
Hash identifier: NrcbADM1YyywIC1Gf/dBLIZHcTlnWfV8yzdtEh0kUCU=
Subject key identifier: 7F:50:22:F0:3A:E4:C3:B4:F1:8E:D1:E2:FA:FE:C5:F6:F5:C2:57:20
Certificate issuer: /CN=d79785de62dcf9e7930babd7b1d39c5853d1944f
Certificate serial: 01857169A958E27724DCCB1F87FC84334032
Authority key identifier: D7:97:85:DE:62:DC:F9:E7:93:0B:AB:D7:B1:D3:9C:58:53:D1:94:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/f1Ai8Drkw7TxjtHi-v7F9vXCVyA.roa
Signing time: Mon 02 Jan 2023 07:37:08 +0000
ROA not before: Mon 02 Jan 2023 07:37:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43996
IP address blocks: 5.57.16.0/22 maxlen: 22
5.57.16.0/21 maxlen: 21
5.57.17.0/24 maxlen: 24
5.57.16.0/24 maxlen: 24
5.57.23.0/24 maxlen: 24
5.57.18.0/24 maxlen: 24
5.57.22.0/24 maxlen: 24
5.57.19.0/24 maxlen: 24
37.10.4.0/24 maxlen: 24
37.10.0.0/24 maxlen: 24
37.10.4.0/22 maxlen: 22
37.10.5.0/24 maxlen: 24
37.10.6.0/24 maxlen: 24
37.10.7.0/24 maxlen: 24
37.10.24.0/23 maxlen: 23
37.10.24.0/24 maxlen: 24
185.28.220.0/23 maxlen: 23
185.28.223.0/24 maxlen: 24
185.28.221.0/24 maxlen: 24
185.28.222.0/24 maxlen: 24
185.28.220.0/24 maxlen: 24
91.206.232.0/24 maxlen: 24
91.206.233.0/24 maxlen: 24
91.206.232.0/23 maxlen: 23
37.10.26.0/24 maxlen: 24
37.10.25.0/24 maxlen: 24
37.10.27.0/24 maxlen: 24
37.10.28.0/24 maxlen: 24
37.10.38.0/24 maxlen: 24
37.10.33.0/24 maxlen: 24
37.10.32.0/24 maxlen: 24
37.10.36.0/24 maxlen: 24
37.10.37.0/24 maxlen: 24
37.10.34.0/24 maxlen: 24
37.10.35.0/24 maxlen: 24
37.10.56.0/23 maxlen: 23
37.10.57.0/24 maxlen: 24
37.10.58.0/24 maxlen: 24
37.10.56.0/24 maxlen: 24
37.10.60.0/23 maxlen: 23
37.10.60.0/24 maxlen: 24
37.10.61.0/24 maxlen: 24
37.10.63.0/24 maxlen: 24
91.195.237.0/24 maxlen: 24
91.195.236.0/24 maxlen: 24
2a01:5040:40::/48 maxlen: 48
2a01:5040:1000::/48 maxlen: 48
2a01:5040::/48 maxlen: 48
2a01:5040:a100::/48 maxlen: 48
2a01:5040:a000::/48 maxlen: 48
2a01:5040:2000::/48 maxlen: 48
2a01:5042:202::/48 maxlen: 48
2a01:5041:200::/40 maxlen: 40
2a01:5041:100::/40 maxlen: 40
2a01:5042:100::/40 maxlen: 40
2a01:5042:200::/40 maxlen: 40
2a01:5042::/32 maxlen: 32
2a01:5041:2002::/48 maxlen: 48
2a01:5041:2::/48 maxlen: 48
2a01:5043::/32 maxlen: 32
2a01:5043:2000::/36 maxlen: 36
2a01:5040:6000::/36 maxlen: 36
2a01:5040:2000::/36 maxlen: 36
2a01:5040:a000::/36 maxlen: 36
2a01:5040::/36 maxlen: 36
2a01:5040:1000::/36 maxlen: 36
2a01:5040:2020::/48 maxlen: 48
2a01:5040:20::/48 maxlen: 48
2a01:5040:1020::/48 maxlen: 48
2a01:5041:2001::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 24 Jan 2023 10:35:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:a9:58:e2:77:24:dc:cb:1f:87:fc:84:33:40:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79785de62dcf9e7930babd7b1d39c5853d1944f
Validity
Not Before: Jan 2 07:37:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f5022f03ae4c3b4f18ed1e2fafec5f6f5c25720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:de:b1:ff:01:65:fd:92:e1:b6:fe:85:fd:d5:
d1:4c:5d:98:61:9c:2b:11:96:4b:c5:d1:04:49:76:
6a:79:8a:af:c5:ef:33:75:2b:2f:62:b1:7c:07:07:
a3:f5:30:81:d4:a4:af:44:1a:04:b3:6d:17:e3:d0:
a7:03:9c:82:20:87:a3:ba:53:28:53:96:1c:50:59:
a6:d5:5b:4a:d6:2a:da:80:41:76:df:08:13:08:8f:
6a:c7:4b:31:7e:96:9c:4b:59:57:a2:89:c0:5a:53:
31:5b:d8:de:92:e7:aa:37:e7:56:3d:c7:a8:16:19:
e8:1c:de:e9:e5:7c:e2:d1:4c:0c:8c:77:6f:b3:bd:
f7:74:47:60:56:4c:19:70:26:c2:83:9a:50:97:12:
c0:e0:30:ff:dd:28:42:f8:84:c1:c6:21:ab:ad:b5:
21:ed:49:d1:a3:cb:5c:9c:9a:ff:b2:d1:0a:8b:45:
78:58:9c:ea:9d:b3:ae:95:2f:7c:36:55:07:bf:5b:
c5:21:4d:c2:5c:e9:42:91:19:cf:b1:81:f3:49:28:
b6:20:a6:25:69:5f:83:3d:45:a4:81:01:c6:00:55:
c7:0f:96:8f:e7:e0:fb:aa:c0:d5:ea:36:da:41:1e:
55:47:09:90:b5:2d:4c:20:17:2d:5d:7e:30:8b:10:
7b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:50:22:F0:3A:E4:C3:B4:F1:8E:D1:E2:FA:FE:C5:F6:F5:C2:57:20
X509v3 Authority Key Identifier:
keyid:D7:97:85:DE:62:DC:F9:E7:93:0B:AB:D7:B1:D3:9C:58:53:D1:94:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/f1Ai8Drkw7TxjtHi-v7F9vXCVyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/15eF3mLc-eeTC6vXsdOcWFPRlE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.16.0/21
37.10.0.0/24
37.10.4.0/22
37.10.24.0-37.10.28.255
37.10.32.0-37.10.38.255
37.10.56.0-37.10.58.255
37.10.60.0/23
37.10.63.0/24
91.195.236.0/23
91.206.232.0/23
185.28.220.0/22
IPv6:
2a01:5040::-2a01:5040:2fff:ffff:ffff:ffff:ffff:ffff
2a01:5040:6000::/36
2a01:5040:a000::/36
2a01:5041:2::/48
2a01:5041:100::-2a01:5041:2ff:ffff:ffff:ffff:ffff:ffff
2a01:5041:2001::-2a01:5041:2002:ffff:ffff:ffff:ffff:ffff
2a01:5042::/31
Signature Algorithm: sha256WithRSAEncryption
0a:a5:30:4f:57:1c:b1:43:8c:ba:e6:c2:07:d1:15:8e:10:09:
4d:01:84:14:72:8b:8a:71:be:76:0b:e4:f0:b3:fa:cb:e3:c4:
25:b7:89:cb:2f:ce:47:cc:b2:48:75:4a:92:d4:90:90:9f:ab:
d4:76:b7:8b:a3:1a:fe:9f:50:2e:77:b1:1e:37:71:c6:77:5b:
42:6b:9b:59:73:18:85:bb:39:27:6b:cc:04:b2:e1:bc:ec:c6:
62:ca:e6:4c:47:1a:54:8b:e3:2a:0c:08:dc:69:2e:c3:76:67:
1d:4b:bc:52:6d:8f:d6:a0:0a:23:00:22:19:04:dc:fe:fb:eb:
85:39:c8:6e:75:4f:d9:7c:91:d0:d4:5b:94:51:fd:00:35:d7:
b5:23:73:12:26:bd:89:b4:61:2e:91:6b:40:89:0a:0f:88:16:
05:93:fd:56:7c:fc:8b:9d:42:90:1f:5a:75:a2:d3:20:41:53:
d4:43:c3:aa:13:fd:a5:19:07:66:5f:87:af:af:36:79:8f:7d:
b7:f4:c0:65:4f:90:53:2c:80:95:08:65:64:be:90:47:a5:c7:
e4:d4:0e:c6:54:17:95:01:35:49:54:b1:2d:35:95:f6:21:d3:
d7:ff:c6:c6:a0:e4:da:0a:2f:2d:29:5a:63:66:4c:1f:83:00:
ef:77:79:be
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYVxaalY4nck3Msfh/yEM0AyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OTc4NWRlNjJkY2Y5ZTc5MzBiYWJkN2IxZDM5YzU4NTNk
MTk0NGYwHhcNMjMwMTAyMDczNzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjUwMjJmMDNhZTRjM2I0ZjE4ZWQxZTJmYWZlYzVmNmY1YzI1NzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAod6x/wFl/ZLhtv6F/dXRTF2YYZwr
EZZLxdEESXZqeYqvxe8zdSsvYrF8Bwej9TCB1KSvRBoEs20X49CnA5yCIIejulMo
U5YcUFmm1VtK1iragEF23wgTCI9qx0sxfpacS1lXoonAWlMxW9jekueqN+dWPceo
FhnoHN7p5Xzi0UwMjHdvs733dEdgVkwZcCbCg5pQlxLA4DD/3ShC+ITBxiGrrbUh
7UnRo8tcnJr/stEKi0V4WJzqnbOulS98NlUHv1vFIU3CXOlCkRnPsYHzSSi2IKYl
aV+DPUWkgQHGAFXHD5aP5+D7qsDV6jbaQR5VRwmQtS1MIBctXX4wixB7jwIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFH9QIvA65MO08Y7R4vr+xfb1wlcgMB8GA1UdIwQY
MBaAFNeXhd5i3Pnnkwur17HTnFhT0ZRPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTVlRjNtTGMtZWVUQzZ2WHNkT2NXRlBSbEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi83Zjk3MjgtOTU1OS00MjYzLWJjZmEt
NzU4NTVkYjcxNTFmLzEvZjFBaThEcmt3N1R4anRIaS12N0Y5dlhDVnlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi83Zjk3MjgtOTU1OS00MjYzLWJjZmEtNzU4NTVkYjcxNTFm
LzEvMTVlRjNtTGMtZWVUQzZ2WHNkT2NXRlBSbEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTBgBAIAATBaAwQDBTkQ
AwQAJQoAAwQCJQoEMAwDBAMlChgDBAAlChwwDAMEBSUKIAMEACUKJjAMAwQDJQo4
AwQAJQo6AwQBJQo8AwQAJQo/AwQBW8PsAwQBW87oAwQCuRzcMF0EAgACMFcwDwMF
BioBUEADBgQqAVBAIAMGBCoBUEBgAwYEKgFQQKADBwAqAVBBAAIwEAMGACoBUEEB
AwYAKgFQQQIwEgMHACoBUEEgAQMHACoBUEEgAgMFASoBUEIwDQYJKoZIhvcNAQEL
BQADggEBAAqlME9XHLFDjLrmwgfRFY4QCU0BhBRyi4pxvnYL5PCz+svjxCW3icsv
zkfMskh1SpLUkJCfq9R2t4ujGv6fUC53sR43ccZ3W0Jrm1lzGIW7OSdrzASy4bzs
xmLK5kxHGlSL4yoMCNxpLsN2Zx1LvFJtj9agCiMAIhkE3P7764U5yG51T9l8kdDU
W5RR/QA117UjcxImvYm0YS6Ra0CJCg+IFgWT/VZ8/IudQpAfWnWi0yBBU9RDw6oT
/aUZB2Zfh6+vNnmPfbf0wGVPkFMsgJUIZWS+kEelx+TUDsZUF5UBNUlUsS01lfYh
09f/xsag5NoKLy0pWmNmTB+DAO93eb4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:51 2024 by rpki-client on console-fra.rpki-client.org