Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/mT35z9VN1HYxhXipFNtezWaYIoY.roa
File: mT35z9VN1HYxhXipFNtezWaYIoY.roa (raw, json)
Hash identifier: c2wt8QjrQljNPLJNd5Fb3iR8NKQw74/oIuYK+VadOJA=
Subject key identifier: 99:3D:F9:CF:D5:4D:D4:76:31:85:78:A9:14:DB:5E:CD:66:98:22:86
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 01916A9A4D148E9B2147B178FBB387480E15
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/mT35z9VN1HYxhXipFNtezWaYIoY.roa
Signing time: Mon 19 Aug 2024 12:26:22 +0000
ROA not before: Mon 19 Aug 2024 12:26:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3352
IP address blocks: 2.136.0.0/16 maxlen: 16
2.137.0.0/16 maxlen: 16
2.138.0.0/16 maxlen: 16
2.139.0.0/16 maxlen: 16
79.144.0.0/16 maxlen: 16
79.145.0.0/16 maxlen: 16
79.146.0.0/16 maxlen: 16
79.147.0.0/16 maxlen: 16
79.148.0.0/16 maxlen: 16
80.24.0.0/16 maxlen: 16
80.25.0.0/16 maxlen: 16
80.30.0.0/16 maxlen: 16
80.31.0.0/16 maxlen: 16
80.32.0.0/16 maxlen: 16
80.33.0.0/16 maxlen: 16
80.34.0.0/16 maxlen: 16
80.35.0.0/16 maxlen: 16
80.36.0.0/16 maxlen: 16
80.37.0.0/16 maxlen: 16
80.38.0.0/16 maxlen: 16
80.39.0.0/16 maxlen: 16
80.59.0.0/16 maxlen: 16
81.32.0.0/16 maxlen: 16
81.33.0.0/16 maxlen: 16
81.34.0.0/16 maxlen: 16
81.35.0.0/16 maxlen: 16
81.36.0.0/16 maxlen: 16
81.37.0.0/16 maxlen: 16
81.38.0.0/16 maxlen: 16
81.39.0.0/16 maxlen: 16
81.40.0.0/16 maxlen: 16
81.41.0.0/16 maxlen: 16
81.42.0.0/16 maxlen: 16
81.43.0.0/16 maxlen: 16
81.44.0.0/16 maxlen: 16
83.32.0.0/16 maxlen: 16
83.33.0.0/16 maxlen: 16
83.34.0.0/16 maxlen: 16
83.35.0.0/16 maxlen: 16
83.36.0.0/16 maxlen: 16
83.37.0.0/16 maxlen: 16
83.38.0.0/16 maxlen: 16
83.39.0.0/16 maxlen: 16
83.47.0.0/16 maxlen: 16
83.52.0.0/16 maxlen: 16
83.53.0.0/16 maxlen: 16
83.54.0.0/16 maxlen: 16
83.55.0.0/16 maxlen: 16
83.56.0.0/16 maxlen: 16
83.57.0.0/16 maxlen: 16
83.58.0.0/16 maxlen: 16
83.59.0.0/16 maxlen: 16
83.60.0.0/16 maxlen: 16
83.61.0.0/16 maxlen: 16
83.62.0.0/16 maxlen: 21
83.63.0.0/16 maxlen: 16
88.0.0.0/16 maxlen: 16
88.1.0.0/16 maxlen: 16
88.2.0.0/16 maxlen: 16
88.3.0.0/16 maxlen: 16
88.8.0.0/16 maxlen: 16
88.9.0.0/16 maxlen: 16
88.10.0.0/16 maxlen: 16
88.11.0.0/16 maxlen: 16
88.12.0.0/16 maxlen: 16
88.13.0.0/16 maxlen: 16
88.14.0.0/16 maxlen: 16
88.15.0.0/16 maxlen: 16
88.16.0.0/16 maxlen: 16
88.24.0.0/16 maxlen: 16
88.25.0.0/16 maxlen: 16
88.26.0.0/16 maxlen: 16
88.27.0.0/16 maxlen: 16
88.28.0.0/16 maxlen: 24
88.29.0.0/16 maxlen: 24
88.30.0.0/16 maxlen: 16
88.31.0.0/16 maxlen: 24
95.121.0.0/16 maxlen: 16
95.122.0.0/16 maxlen: 16
95.123.0.0/16 maxlen: 16
95.124.0.0/16 maxlen: 24
95.125.0.0/16 maxlen: 24
95.126.0.0/16 maxlen: 24
95.127.0.0/16 maxlen: 24
176.80.0.0/16 maxlen: 24
176.81.0.0/16 maxlen: 16
176.82.0.0/16 maxlen: 24
176.83.0.0/16 maxlen: 24
176.85.0.0/16 maxlen: 16
176.86.0.0/16 maxlen: 16
176.87.0.0/16 maxlen: 24
192.101.1.0/24 maxlen: 24
193.153.0.0/16 maxlen: 16
194.69.225.0/24 maxlen: 24
194.179.34.0/24 maxlen: 24
194.179.112.0/24 maxlen: 24
194.224.157.0/24 maxlen: 24
195.53.0.0/16 maxlen: 16
195.53.69.0/24 maxlen: 24
195.53.193.0/24 maxlen: 24
195.53.218.0/23 maxlen: 23
195.55.78.0/24 maxlen: 24
195.55.79.0/24 maxlen: 24
195.55.110.0/24 maxlen: 24
195.57.5.0/24 maxlen: 24
195.57.27.0/24 maxlen: 24
195.76.0.0/16 maxlen: 16
195.76.141.0/24 maxlen: 24
195.76.164.0/24 maxlen: 24
195.77.57.0/24 maxlen: 24
195.77.132.0/22 maxlen: 22
195.77.132.0/23 maxlen: 23
195.77.132.0/24 maxlen: 24
195.235.0.0/16 maxlen: 16
195.235.95.0/24 maxlen: 24
195.235.188.0/24 maxlen: 24
195.235.225.0/24 maxlen: 24
195.235.241.0/24 maxlen: 24
195.235.242.0/24 maxlen: 24
212.170.0.0/16 maxlen: 16
212.170.156.0/24 maxlen: 24
212.170.159.0/24 maxlen: 24
213.96.0.0/16 maxlen: 16
213.97.0.0/16 maxlen: 16
213.98.0.0/16 maxlen: 16
213.99.0.0/16 maxlen: 24
213.99.44.0/24 maxlen: 24
213.99.59.0/24 maxlen: 24
217.11.96.0/19 maxlen: 19
217.124.182.0/24 maxlen: 24
217.126.0.0/16 maxlen: 16
217.127.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Tue 20 Aug 2024 06:58:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6a:9a:4d:14:8e:9b:21:47:b1:78:fb:b3:87:48:0e:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Aug 19 12:26:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=993df9cfd54dd476318578a914db5ecd66982286
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:bb:bd:a3:b2:27:87:a5:86:04:a3:7b:df:fb:
83:27:2e:f5:85:77:29:a6:a2:e8:63:cf:38:d2:0b:
68:b0:1f:16:09:9e:0d:ef:f4:fa:75:cd:b7:ff:a2:
2a:7c:8e:79:aa:b6:df:17:73:2f:4e:39:f1:2b:45:
03:98:3e:3b:77:42:7f:df:48:27:4d:f7:9e:fb:47:
e1:38:47:ff:56:30:0e:67:3c:75:4b:0a:3c:9b:6d:
7b:b3:aa:73:a5:92:72:05:6c:99:5c:a2:10:73:5f:
1c:48:df:db:ef:64:cc:1b:cc:1e:c8:d7:d6:05:2d:
92:6f:59:01:ba:25:03:69:98:4a:49:ae:7d:95:1d:
17:ec:fa:c7:2b:f6:eb:0d:f6:06:d0:bc:04:73:8d:
59:b0:46:73:9e:6a:55:ec:ba:94:1a:f6:41:c5:00:
a3:9b:91:e8:68:6c:8f:b2:40:c8:f1:20:2e:57:3a:
eb:80:7b:f5:ff:67:86:a6:98:15:e1:53:c5:a2:22:
35:4e:ad:8e:bb:de:a7:f4:1f:e0:6c:9c:a4:a2:dc:
8f:04:8c:16:7b:64:ce:23:3e:52:36:96:4c:ff:c4:
89:de:d2:fb:49:fd:7c:7b:d1:e7:d7:5a:cb:68:a1:
38:3a:a3:ea:cf:f0:76:58:9b:83:32:df:7f:af:12:
dd:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:3D:F9:CF:D5:4D:D4:76:31:85:78:A9:14:DB:5E:CD:66:98:22:86
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/mT35z9VN1HYxhXipFNtezWaYIoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.136.0.0/14
79.144.0.0-79.148.255.255
80.24.0.0/15
80.30.0.0-80.39.255.255
80.59.0.0/16
81.32.0.0-81.44.255.255
83.32.0.0/13
83.47.0.0/16
83.52.0.0-83.63.255.255
88.0.0.0/14
88.8.0.0-88.16.255.255
88.24.0.0/13
95.121.0.0-95.127.255.255
176.80.0.0/14
176.85.0.0-176.87.255.255
192.101.1.0/24
193.153.0.0/16
194.69.225.0/24
194.179.34.0/24
194.179.112.0/24
194.224.157.0/24
195.53.0.0/16
195.55.78.0/23
195.55.110.0/24
195.57.5.0/24
195.57.27.0/24
195.76.0.0/16
195.77.57.0/24
195.77.132.0/22
195.235.0.0/16
212.170.0.0/16
213.96.0.0/14
217.11.96.0/19
217.124.182.0/24
217.126.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a6:ab:02:cd:6f:37:b3:5c:c8:79:18:a0:60:ae:7f:03:e1:43:
92:b6:67:c0:01:cc:e2:27:1a:ec:d6:c2:16:e9:00:45:d6:a1:
be:aa:25:33:f0:21:ab:65:58:5e:76:f3:d5:66:4f:11:68:e4:
d1:72:03:a9:23:a4:30:e0:4c:32:a8:4a:5e:9e:cc:ef:6e:e2:
00:00:d0:b9:db:08:7e:2d:df:79:ca:0b:d9:c0:d1:fe:7f:9f:
78:58:8d:7e:10:e9:07:68:a5:4f:6b:9b:bf:a9:1b:66:c3:7c:
f9:43:7c:b5:86:45:bf:17:f5:7d:48:3b:15:79:47:9d:2f:a2:
4b:55:e9:06:2b:2c:ab:d5:7f:4a:a9:56:5d:6d:52:ba:58:80:
c9:45:9e:33:89:eb:5f:10:d5:ea:85:67:70:98:e0:93:6a:36:
18:f7:1a:f5:ea:3d:1d:df:fc:49:03:ae:b6:5a:4b:b3:97:36:
69:ed:21:07:df:5c:05:72:1e:03:ec:b4:fa:1f:a0:b1:63:19:
b4:03:e4:55:08:b5:1f:d8:f9:29:8a:20:40:50:10:60:1a:a3:
05:f5:ab:1d:9d:d1:1a:c6:40:28:de:9d:8a:e2:4d:1f:b1:69:
99:37:07:c9:d4:e0:45:53:3a:29:9d:29:5a:8f:65:45:50:af:
96:ce:60:c4
-----BEGIN CERTIFICATE-----
MIIF6jCCBNKgAwIBAgISAZFqmk0UjpshR7F4+7OHSA4VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjQwODE5MTIyNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTNkZjljZmQ1NGRkNDc2MzE4NTc4YTkxNGRiNWVjZDY2OTgyMjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7u9o7Inh6WGBKN73/uDJy71hXcp
pqLoY8840gtosB8WCZ4N7/T6dc23/6IqfI55qrbfF3MvTjnxK0UDmD47d0J/30gn
Tfee+0fhOEf/VjAOZzx1Swo8m217s6pzpZJyBWyZXKIQc18cSN/b72TMG8weyNfW
BS2Sb1kBuiUDaZhKSa59lR0X7PrHK/brDfYG0LwEc41ZsEZznmpV7LqUGvZBxQCj
m5HoaGyPskDI8SAuVzrrgHv1/2eGppgV4VPFoiI1Tq2Ou96n9B/gbJykotyPBIwW
e2TOIz5SNpZM/8SJ3tL7Sf18e9Hn11rLaKE4OqPqz/B2WJuDMt9/rxLdXwIDAQAB
o4IC9jCCAvIwHQYDVR0OBBYEFJk9+c/VTdR2MYV4qRTbXs1mmCKGMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvbVQzNXo5Vk4xSFl4aFhpcEZOdGV6V2FZSW9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCgYIKwYBBQUHAQcBAf8EgfowgfcwgfQEAgABMIHtAwMC
AogwCgMDBE+QAwMAT5QDAwFQGDAKAwMBUB4DAwNQIAMDAFA7MAoDAwVRIAMDAFEs
AwMDUyADAwBTLzAKAwMCUzQDAwZTAAMDAlgAMAoDAwNYCAMDAFgQAwMDWBgwCgMD
AF95AwMHXwADAwKwUDAKAwMAsFUDAwOwUAMEAMBlAQMDAMGZAwQAwkXhAwQAwrMi
AwQAwrNwAwQAwuCdAwMAwzUDBAHDN04DBADDN24DBADDOQUDBADDORsDAwDDTAME
AMNNOQMEAsNNhAMDAMPrAwMA1KoDAwLVYAMEBdkLYAMEANl8tgMDAdl+MA0GCSqG
SIb3DQEBCwUAA4IBAQCmqwLNbzezXMh5GKBgrn8D4UOStmfAAcziJxrs1sIW6QBF
1qG+qiUz8CGrZVhedvPVZk8RaOTRcgOpI6Qw4EwyqEpenszvbuIAANC52wh+Ld95
ygvZwNH+f594WI1+EOkHaKVPa5u/qRtmw3z5Q3y1hkW/F/V9SDsVeUedL6JLVekG
Kyyr1X9KqVZdbVK6WIDJRZ4zietfENXqhWdwmOCTajYY9xr16j0d3/xJA662Wkuz
lzZp7SEH31wFch4D7LT6H6CxYxm0A+RVCLUf2PkpiiBAUBBgGqMF9asdndEaxkAo
3p2K4k0fsWmZNwfJ1OBFUzopnSlaj2VFUK+WzmDE
-----END CERTIFICATE-----
Generated at Tue Aug 20 10:01:35 2024 by rpki-client on console-ams.rpki-client.org