Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/ckEAfNnTtoybL8vgyxaL0ID5NVw.roa
File: ckEAfNnTtoybL8vgyxaL0ID5NVw.roa (raw, json)
Hash identifier: rANGOb/+arbB/RI3JN921IDGdcgsPqAKwBTBwhhn5dI=
Subject key identifier: 72:41:00:7C:D9:D3:B6:8C:9B:2F:CB:E0:CB:16:8B:D0:80:F9:35:5C
Certificate issuer: /CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Certificate serial: 018750BD11B76D7B06967E55B3AAFACAD9D0
Authority key identifier: 1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/ckEAfNnTtoybL8vgyxaL0ID5NVw.roa
Signing time: Wed 05 Apr 2023 09:26:20 +0000
ROA not before: Wed 05 Apr 2023 09:26:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 89.46.152.0/21 maxlen: 32
84.39.224.0/21 maxlen: 32
93.114.0.0/20 maxlen: 32
93.114.11.0/24 maxlen: 24
93.114.10.0/24 maxlen: 24
92.43.84.0/22 maxlen: 32
95.215.36.0/22 maxlen: 32
185.221.221.0/24 maxlen: 32
202.181.20.0/22 maxlen: 32
91.197.252.0/22 maxlen: 32
103.204.212.0/22 maxlen: 32
58.97.128.0/21 maxlen: 32
78.138.1.0/24 maxlen: 32
78.138.2.0/24 maxlen: 32
138.124.144.0/22 maxlen: 32
89.249.51.0/24 maxlen: 32
78.138.16.0/24 maxlen: 32
89.249.56.0/22 maxlen: 32
185.225.104.0/22 maxlen: 32
94.177.56.0/23 maxlen: 32
94.177.52.0/22 maxlen: 32
94.176.216.0/22 maxlen: 32
185.240.252.0/24 maxlen: 32
185.240.255.0/24 maxlen: 32
89.19.42.0/23 maxlen: 24
93.113.124.0/23 maxlen: 32
89.19.40.0/22 maxlen: 32
93.180.224.0/20 maxlen: 32
188.241.146.0/24 maxlen: 32
45.116.168.0/22 maxlen: 32
188.214.93.0/24 maxlen: 32
89.32.129.0/24 maxlen: 32
93.180.192.0/20 maxlen: 32
185.125.192.0/22 maxlen: 32
77.95.116.0/22 maxlen: 32
176.119.8.0/21 maxlen: 32
89.44.245.0/24 maxlen: 32
45.95.48.0/22 maxlen: 32
45.142.92.0/22 maxlen: 32
185.243.108.0/22 maxlen: 32
45.142.96.0/22 maxlen: 32
185.223.56.0/24 maxlen: 32
185.223.58.0/23 maxlen: 32
94.176.163.0/24 maxlen: 32
203.166.156.0/23 maxlen: 32
188.119.116.0/22 maxlen: 32
188.95.152.0/21 maxlen: 32
94.176.112.0/20 maxlen: 32
91.132.184.0/22 maxlen: 32
185.38.102.0/24 maxlen: 32
150.129.92.0/22 maxlen: 32
45.149.148.0/22 maxlen: 32
31.14.219.0/24 maxlen: 32
203.109.52.0/22 maxlen: 32
89.38.132.0/23 maxlen: 32
203.109.60.0/22 maxlen: 32
31.14.236.0/23 maxlen: 32
58.97.232.0/21 maxlen: 32
83.229.76.0/22 maxlen: 24
119.13.192.0/19 maxlen: 32
58.97.240.0/20 maxlen: 32
119.13.208.0/20 maxlen: 32
89.34.7.0/24 maxlen: 32
83.229.104.0/22 maxlen: 32
121.91.80.0/21 maxlen: 32
78.138.25.0/24 maxlen: 32
185.90.243.0/24 maxlen: 32
78.138.30.0/24 maxlen: 32
91.245.235.0/24 maxlen: 32
78.138.40.0/24 maxlen: 32
78.138.47.0/24 maxlen: 32
78.138.48.0/24 maxlen: 32
78.138.50.0/24 maxlen: 32
45.94.244.0/22 maxlen: 32
89.44.115.0/24 maxlen: 32
45.138.232.0/22 maxlen: 32
89.41.62.0/24 maxlen: 32
209.20.160.0/19 maxlen: 32
185.131.220.0/24 maxlen: 32
93.115.12.0/23 maxlen: 32
77.81.104.0/21 maxlen: 32
89.34.78.0/23 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:50:bd:11:b7:6d:7b:06:96:7e:55:b3:aa:fa:ca:d9:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Validity
Not Before: Apr 5 09:26:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7241007cd9d3b68c9b2fcbe0cb168bd080f9355c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:3b:38:89:66:da:06:c8:96:13:3f:32:8b:97:
27:e6:ca:7a:94:04:2b:7b:00:13:ff:d1:3b:f2:cf:
fc:e9:0f:ca:ae:82:35:67:25:cc:69:ef:d3:c5:37:
50:bd:89:d6:cb:68:c0:95:98:7c:84:36:82:0c:0f:
a4:24:33:e4:4a:05:e8:ec:77:44:83:f3:d8:9f:6b:
e2:aa:a1:ec:17:e5:03:b8:e0:83:39:45:e8:93:bb:
43:12:f8:4e:6f:16:07:3c:03:70:7e:0c:63:da:ea:
34:46:ba:fb:49:80:c7:f6:c6:9f:fa:d4:69:07:71:
9c:f1:18:c6:7d:a0:d7:3c:c4:c0:39:80:56:6d:9f:
bf:bf:10:44:25:60:f4:ae:95:e4:64:1d:94:22:a0:
05:e2:2b:b2:6c:24:73:39:37:da:6d:49:46:63:8f:
8f:51:0f:9f:07:0d:8e:bd:77:3e:58:72:03:03:0a:
80:1a:ba:cf:f5:74:56:08:2d:3e:7f:31:24:49:8e:
aa:28:1e:f3:79:ef:70:aa:19:91:ca:78:38:44:d1:
ed:b8:8f:01:76:07:cf:85:f2:b7:da:ac:1b:dd:c0:
e3:e2:9a:87:ae:45:99:b7:4e:21:04:82:55:33:71:
6c:63:65:5b:04:97:f6:7b:b0:c8:27:b8:04:82:44:
7e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:41:00:7C:D9:D3:B6:8C:9B:2F:CB:E0:CB:16:8B:D0:80:F9:35:5C
X509v3 Authority Key Identifier:
keyid:1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/ckEAfNnTtoybL8vgyxaL0ID5NVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.219.0/24
31.14.236.0/23
45.94.244.0/22
45.95.48.0/22
45.116.168.0/22
45.138.232.0/22
45.142.92.0-45.142.99.255
45.149.148.0/22
58.97.128.0/21
58.97.232.0-58.97.255.255
77.81.104.0/21
77.95.116.0/22
78.138.1.0-78.138.2.255
78.138.16.0/24
78.138.25.0/24
78.138.30.0/24
78.138.40.0/24
78.138.47.0-78.138.48.255
78.138.50.0/24
83.229.76.0/22
83.229.104.0/22
84.39.224.0/21
89.19.40.0/22
89.32.129.0/24
89.34.7.0/24
89.34.78.0/23
89.38.132.0/23
89.41.62.0/24
89.44.115.0/24
89.44.245.0/24
89.46.152.0/21
89.249.51.0/24
89.249.56.0/22
91.132.184.0/22
91.197.252.0/22
91.245.235.0/24
92.43.84.0/22
93.113.124.0/23
93.114.0.0/20
93.115.12.0/23
93.180.192.0/20
93.180.224.0/20
94.176.112.0/20
94.176.163.0/24
94.176.216.0/22
94.177.52.0-94.177.57.255
95.215.36.0/22
103.204.212.0/22
119.13.192.0/19
121.91.80.0/21
138.124.144.0/22
150.129.92.0/22
176.119.8.0/21
185.38.102.0/24
185.90.243.0/24
185.125.192.0/22
185.131.220.0/24
185.221.221.0/24
185.223.56.0/24
185.223.58.0/23
185.225.104.0/22
185.240.252.0/24
185.240.255.0/24
185.243.108.0/22
188.95.152.0/21
188.119.116.0/22
188.214.93.0/24
188.241.146.0/24
202.181.20.0/22
203.109.52.0/22
203.109.60.0/22
203.166.156.0/23
209.20.160.0/19
Signature Algorithm: sha256WithRSAEncryption
95:6c:ec:f9:15:87:1f:f1:77:e2:4a:23:c6:a0:b8:bc:67:f2:
ba:20:bb:9a:74:5b:9d:3c:98:58:ea:67:91:a1:3f:82:9d:41:
57:54:ae:e7:aa:89:f2:ed:5a:87:46:63:3a:df:c6:4c:cb:00:
b3:38:7f:2f:77:63:41:40:3c:20:e8:e4:5b:54:44:93:71:b5:
f6:c6:eb:a8:85:c3:f5:af:f2:08:a9:ed:93:1d:45:98:2f:35:
7d:44:25:12:1a:44:db:30:6a:22:66:fa:78:64:ae:90:2c:52:
41:3b:cc:f2:2c:09:20:a8:ee:f6:9b:89:c6:de:b4:6a:6c:e2:
8a:cf:72:05:cd:72:87:04:ad:58:e6:0c:3a:6e:aa:c8:bb:28:
0e:4a:0b:56:3c:ac:d8:26:1a:a1:ec:10:d4:5a:ba:d9:b3:1a:
d9:18:15:dd:25:7d:5b:4e:1e:d7:ed:f4:8c:d8:8c:d8:b1:a5:
19:56:73:ab:d9:26:9f:f1:54:90:e0:b5:4d:65:aa:97:ef:84:
a2:ab:5c:7e:b6:74:f3:a1:90:f3:f5:30:8a:9e:30:fb:3d:10:
a9:6d:4e:fc:26:9d:b3:73:68:ae:15:5f:c1:2b:91:70:bd:a3:
4f:92:34:a9:79:01:38:d9:f3:dd:97:b2:1c:55:bd:19:b5:c2:
50:66:83:15
-----BEGIN CERTIFICATE-----
MIIG3jCCBcagAwIBAgISAYdQvRG3bXsGln5Vs6r6ytnQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYTUxYTBiYzBmMGFmZWJiZjZkNWQ5MjdmZTFmOTgxNmY1
MjM1MmQwHhcNMjMwNDA1MDkyNjIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjQxMDA3Y2Q5ZDNiNjhjOWIyZmNiZTBjYjE2OGJkMDgwZjkzNTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijs4iWbaBsiWEz8yi5cn5sp6lAQr
ewAT/9E78s/86Q/KroI1ZyXMae/TxTdQvYnWy2jAlZh8hDaCDA+kJDPkSgXo7HdE
g/PYn2viqqHsF+UDuOCDOUXok7tDEvhObxYHPANwfgxj2uo0Rrr7SYDH9saf+tRp
B3Gc8RjGfaDXPMTAOYBWbZ+/vxBEJWD0rpXkZB2UIqAF4iuybCRzOTfabUlGY4+P
UQ+fBw2OvXc+WHIDAwqAGrrP9XRWCC0+fzEkSY6qKB7zee9wqhmRyng4RNHtuI8B
dgfPhfK32qwb3cDj4pqHrkWZt04hBIJVM3FsY2VbBJf2e7DIJ7gEgkR+fQIDAQAB
o4ID6jCCA+YwHQYDVR0OBBYEFHJBAHzZ07aMmy/L4MsWi9CA+TVcMB8GA1UdIwQY
MBaAFBulGgvA8K/rv21dkn/h+YFvUjUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQt
ODcxZjllZDcwOGUwLzEvY2tFQWZOblR0b3liTDh2Z3l4YUwwSUQ1TlZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQtODcxZjllZDcwOGUw
LzEvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB/gYIKwYBBQUHAQcBAf8EggHtMIIB6TCCAeUEAgABMIIB
3QMEAB8O2wMEAR8O7AMEAi1e9AMEAi1fMAMEAi10qAMEAi2K6DAMAwQCLY5cAwQC
LY5gAwQCLZWUAwQDOmGAMAsDBAM6YegDAwE6YAMEA01RaAMEAk1fdDAMAwQATooB
AwQATooCAwQATooQAwQATooZAwQATooeAwQAToooMAwDBABOii8DBABOijADBABO
ijIDBAJT5UwDBAJT5WgDBANUJ+ADBAJZEygDBABZIIEDBABZIgcDBAFZIk4DBAFZ
JoQDBABZKT4DBABZLHMDBABZLPUDBANZLpgDBABZ+TMDBAJZ+TgDBAJbhLgDBAJb
xfwDBABb9esDBAJcK1QDBAFdcXwDBARdcgADBAFdcwwDBARdtMADBARdtOADBARe
sHADBABesKMDBAJesNgwDAMEAl6xNAMEAV6xOAMEAl/XJAMEAmfM1AMEBXcNwAME
A3lbUAMEAop8kAMEApaBXAMEA7B3CAMEALkmZgMEALla8wMEArl9wAMEALmD3AME
ALnd3QMEALnfOAMEAbnfOgMEArnhaAMEALnw/AMEALnw/wMEArnzbAMEA7xfmAME
Arx3dAMEALzWXQMEALzxkgMEAsq1FAMEAsttNAMEAsttPAMEAcumnAMEBdEUoDAN
BgkqhkiG9w0BAQsFAAOCAQEAlWzs+RWHH/F34kojxqC4vGfyuiC7mnRbnTyYWOpn
kaE/gp1BV1Su56qJ8u1ah0ZjOt/GTMsAszh/L3djQUA8IOjkW1REk3G19sbrqIXD
9a/yCKntkx1FmC81fUQlEhpE2zBqImb6eGSukCxSQTvM8iwJIKju9puJxt60amzi
is9yBc1yhwStWOYMOm6qyLsoDkoLVjys2CYaoewQ1Fq62bMa2RgV3SV9W04e1+30
jNiM2LGlGVZzq9kmn/FUkOC1TWWql++EoqtcfrZ086GQ8/Uwip4w+z0QqW1O/Cad
s3NorhVfwSuRcL2jT5I0qXkBONnz3ZeyHFW9GbXCUGaDFQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-fra.rpki-client.org