Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/Pm9GAzV2VAs6SLXo2_AMMymxmqg.roa
File: Pm9GAzV2VAs6SLXo2_AMMymxmqg.roa (raw, json)
Hash identifier: lZOWH3OirAs/k5ui3C+oDcSZ/7Wwa2jtEEDzTq80HWs=
Subject key identifier: 3E:6F:46:03:35:76:54:0B:3A:48:B5:E8:DB:F0:0C:33:29:B1:9A:A8
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 018BAE98004A856920100AA9CF1B7FE66EBB
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/Pm9GAzV2VAs6SLXo2_AMMymxmqg.roa
Signing time: Wed 08 Nov 2023 11:01:19 +0000
ROA not before: Wed 08 Nov 2023 11:01:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200598
IP address blocks: 194.149.76.0/22 maxlen: 24
188.215.12.0/22 maxlen: 24
79.110.184.0/22 maxlen: 24
121.127.48.0/20 maxlen: 24
195.78.90.0/23 maxlen: 24
173.214.200.0/22 maxlen: 24
66.9.96.0/20 maxlen: 24
162.216.138.0/23 maxlen: 24
89.39.184.0/23 maxlen: 24
24.235.22.0/23 maxlen: 24
91.210.80.0/22 maxlen: 24
204.15.4.0/22 maxlen: 24
69.72.72.0/22 maxlen: 24
162.250.216.0/22 maxlen: 24
89.20.50.0/23 maxlen: 24
95.215.144.0/22 maxlen: 24
217.144.108.0/22 maxlen: 24
141.193.108.0/22 maxlen: 24
205.220.216.0/23 maxlen: 24
205.134.244.0/22 maxlen: 24
128.0.60.0/22 maxlen: 24
85.204.28.0/23 maxlen: 24
86.106.28.0/23 maxlen: 24
176.111.54.0/23 maxlen: 24
199.48.230.0/23 maxlen: 24
168.149.248.0/23 maxlen: 24
193.91.8.0/23 maxlen: 24
141.193.214.0/23 maxlen: 24
91.217.106.0/23 maxlen: 24
74.124.204.0/22 maxlen: 24
89.37.60.0/23 maxlen: 24
50.20.224.0/20 maxlen: 24
66.117.8.0/22 maxlen: 24
31.187.92.0/22 maxlen: 24
89.40.236.0/23 maxlen: 24
134.199.80.0/20 maxlen: 24
198.145.112.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ae:98:00:4a:85:69:20:10:0a:a9:cf:1b:7f:e6:6e:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Nov 8 11:01:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e6f46033576540b3a48b5e8dbf00c3329b19aa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0d:a1:ea:44:d9:91:5b:50:e0:8e:29:28:4e:
9e:63:d5:4a:fd:a4:c5:f5:3f:d2:cb:2e:04:4b:a2:
ed:7b:bb:d1:7d:f1:5b:68:ab:17:90:fc:f8:4e:cf:
ff:28:5d:2d:ac:b7:ea:e0:0a:8f:6e:ce:b0:ca:dd:
64:b2:f5:66:7e:bf:6d:8b:19:7c:59:f0:b2:d0:c7:
36:7b:1c:a4:1d:5d:18:26:0b:5b:f4:0b:2f:ee:73:
e3:d6:94:8d:ea:c0:59:84:66:27:b8:54:a6:24:65:
14:51:5d:05:21:cc:a9:da:01:bf:4c:da:34:fc:45:
52:8c:b1:7b:24:9e:97:12:bd:8e:2a:e6:e8:ef:18:
ef:9d:52:be:64:e4:ff:6d:c6:22:5d:24:1e:8c:da:
2a:0b:00:c8:de:a9:5a:b5:2e:00:b8:6d:f1:a6:00:
07:aa:10:70:f5:ed:38:3c:0a:1c:80:c2:d0:1a:06:
76:ba:0d:2d:bd:bf:56:03:07:b5:f9:81:ee:06:17:
55:9c:ad:f9:ab:be:ee:d4:9a:2f:34:16:42:c0:33:
65:0d:07:7b:02:02:b1:3e:2a:d8:f1:ae:ea:89:b2:
ba:47:73:50:28:17:3d:d7:73:5f:e0:17:68:31:f5:
10:0f:f4:c8:bf:e1:15:18:c0:61:e1:26:5d:96:c3:
31:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:6F:46:03:35:76:54:0B:3A:48:B5:E8:DB:F0:0C:33:29:B1:9A:A8
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/Pm9GAzV2VAs6SLXo2_AMMymxmqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.235.22.0/23
31.187.92.0/22
50.20.224.0/20
66.9.96.0/20
66.117.8.0/22
69.72.72.0/22
74.124.204.0/22
79.110.184.0/22
85.204.28.0/23
86.106.28.0/23
89.20.50.0/23
89.37.60.0/23
89.39.184.0/23
89.40.236.0/23
91.210.80.0/22
91.217.106.0/23
95.215.144.0/22
121.127.48.0/20
128.0.60.0/22
134.199.80.0/20
141.193.108.0/22
141.193.214.0/23
162.216.138.0/23
162.250.216.0/22
168.149.248.0/23
173.214.200.0/22
176.111.54.0/23
188.215.12.0/22
193.91.8.0/23
194.149.76.0/22
195.78.90.0/23
198.145.112.0/22
199.48.230.0/23
204.15.4.0/22
205.134.244.0/22
205.220.216.0/23
217.144.108.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:55:c7:3e:3d:5a:0b:a7:67:e5:37:68:6f:e9:cf:9f:3c:b9:
9f:0a:f7:b2:a7:0a:87:f3:fd:e1:2d:e1:79:b5:bb:12:35:4d:
35:b8:dd:40:52:5c:72:21:2e:cd:7e:e9:8d:87:cf:45:0f:2f:
c1:23:f4:4c:aa:8b:79:7d:6e:68:61:d9:7f:3c:45:63:2a:79:
24:37:49:81:2c:ff:74:61:ed:13:4b:ae:27:51:23:13:92:26:
28:ea:d1:ae:43:1f:f4:cb:b7:2d:2a:07:7a:e8:9e:58:80:17:
e0:97:9e:9d:91:bd:75:d5:d0:71:15:ec:64:1c:00:05:f3:00:
6b:f6:53:65:f4:1f:1e:59:c0:e5:ee:50:05:25:cb:e0:e2:12:
d4:56:ed:e7:11:22:69:87:24:d6:d8:f9:dd:97:68:00:d7:a6:
cc:44:bd:8b:9b:0b:ea:dd:94:9c:69:9c:20:ad:d8:aa:6b:52:
8f:c5:80:bf:aa:be:c1:70:77:d0:30:c3:c2:71:12:24:ff:bf:
60:ad:ca:a8:07:ab:73:ae:99:0d:49:c6:93:18:0f:52:9f:f8:
4f:08:21:da:5b:3f:77:5e:4e:5d:1a:80:c2:fe:fe:e5:92:ee:
21:46:fd:64:d5:67:65:22:e0:4b:f1:28:54:67:a8:81:80:e7:
db:2a:f9:43
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAYuumABKhWkgEAqpzxt/5m67MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjMxMTA4MTEwMTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTZmNDYwMzM1NzY1NDBiM2E0OGI1ZThkYmYwMGMzMzI5YjE5YWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQ2h6kTZkVtQ4I4pKE6eY9VK/aTF
9T/Syy4ES6Lte7vRffFbaKsXkPz4Ts//KF0trLfq4AqPbs6wyt1ksvVmfr9tixl8
WfCy0Mc2exykHV0YJgtb9Asv7nPj1pSN6sBZhGYnuFSmJGUUUV0FIcyp2gG/TNo0
/EVSjLF7JJ6XEr2OKubo7xjvnVK+ZOT/bcYiXSQejNoqCwDI3qlatS4AuG3xpgAH
qhBw9e04PAocgMLQGgZ2ug0tvb9WAwe1+YHuBhdVnK35q77u1JovNBZCwDNlDQd7
AgKxPirY8a7qibK6R3NQKBc913Nf4BdoMfUQD/TIv+EVGMBh4SZdlsMx5QIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFD5vRgM1dlQLOki16NvwDDMpsZqoMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvUG05R0F6VjJWQXM2U0xYbzJfQU1NeW14bXFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCB5QQCAAEwgd4DBAEY
6xYDBAIfu1wDBAQyFOADBARCCWADBAJCdQgDBAJFSEgDBAJKfMwDBAJPbrgDBAFV
zBwDBAFWahwDBAFZFDIDBAFZJTwDBAFZJ7gDBAFZKOwDBAJb0lADBAFb2WoDBAJf
15ADBAR5fzADBAKAADwDBASGx1ADBAKNwWwDBAGNwdYDBAGi2IoDBAKi+tgDBAGo
lfgDBAKt1sgDBAGwbzYDBAK81wwDBAHBWwgDBALClUwDBAHDTloDBALGkXADBAHH
MOYDBALMDwQDBALNhvQDBAHN3NgDBALZkGwwDQYJKoZIhvcNAQELBQADggEBABxV
xz49WgunZ+U3aG/pz588uZ8K97KnCofz/eEt4Xm1uxI1TTW43UBSXHIhLs1+6Y2H
z0UPL8Ej9Eyqi3l9bmhh2X88RWMqeSQ3SYEs/3Rh7RNLridRIxOSJijq0a5DH/TL
ty0qB3ronliAF+CXnp2RvXXV0HEV7GQcAAXzAGv2U2X0Hx5ZwOXuUAUly+DiEtRW
7ecRImmHJNbY+d2XaADXpsxEvYubC+rdlJxpnCCt2KprUo/FgL+qvsFwd9Aww8Jx
EiT/v2CtyqgHq3OumQ1JxpMYD1Kf+E8IIdpbP3deTl0agML+/uWS7iFG/WTVZ2Ui
4EvxKFRnqIGA59sq+UM=
-----END CERTIFICATE-----
Generated at Tue Nov 14 20:05:54 2023 by rpki-client on console-ams.rpki-client.org