Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1oTeR3y4Wty5puxUayAOJoPnCcQ.roa
File: 1oTeR3y4Wty5puxUayAOJoPnCcQ.roa (raw, json)
Hash identifier: Icbb1ydval6mjct5pktrhZeQZZcwl9++vdYr1wIGHZE=
Subject key identifier: D6:84:DE:47:7C:B8:5A:DC:B9:A6:EC:54:6B:20:0E:26:83:E7:09:C4
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018BEC5B3272FFD77FE9DC8DB9EB9214CF44
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1oTeR3y4Wty5puxUayAOJoPnCcQ.roa
Signing time: Mon 20 Nov 2023 10:51:21 +0000
ROA not before: Mon 20 Nov 2023 10:51:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7393
IP address blocks: 146.19.151.0/24 maxlen: 24
37.140.222.0/24 maxlen: 24
188.241.248.0/24 maxlen: 24
193.221.210.0/24 maxlen: 24
146.19.184.0/24 maxlen: 24
94.154.126.0/24 maxlen: 24
146.19.110.0/24 maxlen: 24
146.19.132.0/24 maxlen: 24
185.161.123.0/24 maxlen: 24
194.26.200.0/24 maxlen: 24
62.3.57.0/24 maxlen: 24
185.151.145.0/24 maxlen: 24
185.184.216.0/24 maxlen: 24
62.3.5.0/24 maxlen: 24
146.19.232.0/24 maxlen: 24
79.110.228.0/24 maxlen: 24
79.110.230.0/24 maxlen: 24
62.106.91.0/24 maxlen: 24
45.86.37.0/24 maxlen: 24
188.244.126.0/24 maxlen: 24
193.163.192.0/24 maxlen: 24
193.163.195.0/24 maxlen: 24
194.150.76.0/24 maxlen: 24
193.163.193.0/24 maxlen: 24
91.247.172.0/24 maxlen: 24
37.72.136.0/24 maxlen: 24
213.109.149.0/24 maxlen: 24
213.109.156.0/24 maxlen: 24
213.109.159.0/24 maxlen: 24
176.126.119.0/24 maxlen: 24
62.106.74.0/24 maxlen: 24
193.201.14.0/24 maxlen: 24
193.201.12.0/24 maxlen: 24
146.19.40.0/24 maxlen: 24
193.9.25.0/24 maxlen: 24
188.241.159.0/24 maxlen: 24
62.204.60.0/24 maxlen: 24
62.197.128.0/24 maxlen: 24
5.180.178.0/24 maxlen: 24
146.19.30.0/24 maxlen: 24
146.19.36.0/24 maxlen: 24
212.24.123.0/24 maxlen: 24
46.253.135.0/24 maxlen: 24
62.122.191.0/24 maxlen: 24
89.38.136.0/24 maxlen: 24
78.142.243.0/24 maxlen: 24
212.52.10.0/24 maxlen: 24
212.52.11.0/24 maxlen: 24
212.52.9.0/24 maxlen: 24
193.38.154.0/24 maxlen: 24
212.18.102.0/24 maxlen: 24
212.18.106.0/24 maxlen: 24
217.119.135.0/24 maxlen: 24
185.234.15.0/24 maxlen: 24
213.173.37.0/24 maxlen: 24
91.209.12.0/24 maxlen: 24
176.118.35.0/24 maxlen: 24
91.246.32.0/24 maxlen: 24
109.205.186.0/24 maxlen: 24
91.246.37.0/24 maxlen: 24
193.3.180.0/24 maxlen: 24
91.246.63.0/24 maxlen: 24
193.3.181.0/24 maxlen: 24
91.242.233.0/24 maxlen: 24
193.3.187.0/24 maxlen: 24
176.97.198.0/24 maxlen: 24
176.97.195.0/24 maxlen: 24
185.235.225.0/24 maxlen: 24
176.97.200.0/24 maxlen: 24
185.235.228.0/24 maxlen: 24
176.97.211.0/24 maxlen: 24
185.252.213.0/24 maxlen: 24
62.233.32.0/24 maxlen: 24
62.233.38.0/24 maxlen: 24
91.242.252.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:5b:32:72:ff:d7:7f:e9:dc:8d:b9:eb:92:14:cf:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 20 10:51:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d684de477cb85adcb9a6ec546b200e2683e709c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ac:5b:0c:06:23:93:46:2e:c3:e9:6d:35:d8:
fc:df:5c:13:55:6b:93:49:95:ba:50:44:a7:4d:54:
95:99:d5:b9:5b:53:a6:bb:c6:39:5b:14:29:68:5a:
11:c0:82:ba:90:28:b4:13:46:1c:63:d1:8d:c5:03:
99:21:cf:52:ee:00:87:c2:6f:13:1e:d7:4c:c0:b9:
2c:10:de:3d:e2:55:0c:43:f8:a2:49:3f:72:c1:5c:
2c:1b:2a:39:ee:63:85:9d:c8:4f:1c:67:9a:6d:87:
0c:c0:7b:fb:e7:28:0a:47:56:3b:df:4c:b3:87:88:
a5:f1:0c:b7:62:31:8d:73:39:36:92:a7:43:61:ef:
f6:a4:9c:0e:3f:60:65:5d:89:2c:0d:9a:b2:31:3c:
9f:62:dc:17:39:59:09:c2:31:57:68:a5:d3:be:c2:
9e:72:e8:1e:da:79:82:8a:db:ff:0c:16:d4:e5:91:
64:e3:4a:78:24:39:ef:97:d0:18:4b:cd:77:6e:b5:
50:3f:82:1c:63:d8:9f:7d:67:5c:44:d5:3c:51:f7:
a1:30:78:73:2c:5c:e8:a7:fe:fd:1b:66:4b:f3:bf:
87:5c:e1:ef:03:f2:29:a5:7b:4f:7a:21:9b:04:fd:
5c:ba:c2:c3:27:72:61:3b:34:e1:4d:20:d4:2f:28:
3f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:84:DE:47:7C:B8:5A:DC:B9:A6:EC:54:6B:20:0E:26:83:E7:09:C4
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1oTeR3y4Wty5puxUayAOJoPnCcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.178.0/24
37.72.136.0/24
37.140.222.0/24
45.86.37.0/24
46.253.135.0/24
62.3.5.0/24
62.3.57.0/24
62.106.74.0/24
62.106.91.0/24
62.122.191.0/24
62.197.128.0/24
62.204.60.0/24
62.233.32.0/24
62.233.38.0/24
78.142.243.0/24
79.110.228.0/24
79.110.230.0/24
89.38.136.0/24
91.209.12.0/24
91.242.233.0/24
91.242.252.0/24
91.246.32.0/24
91.246.37.0/24
91.246.63.0/24
91.247.172.0/24
94.154.126.0/24
109.205.186.0/24
146.19.30.0/24
146.19.36.0/24
146.19.40.0/24
146.19.110.0/24
146.19.132.0/24
146.19.151.0/24
146.19.184.0/24
146.19.232.0/24
176.97.195.0/24
176.97.198.0/24
176.97.200.0/24
176.97.211.0/24
176.118.35.0/24
176.126.119.0/24
185.151.145.0/24
185.161.123.0/24
185.184.216.0/24
185.234.15.0/24
185.235.225.0/24
185.235.228.0/24
185.252.213.0/24
188.241.159.0/24
188.241.248.0/24
188.244.126.0/24
193.3.180.0/23
193.3.187.0/24
193.9.25.0/24
193.38.154.0/24
193.163.192.0/23
193.163.195.0/24
193.201.12.0/24
193.201.14.0/24
193.221.210.0/24
194.26.200.0/24
194.150.76.0/24
212.18.102.0/24
212.18.106.0/24
212.24.123.0/24
212.52.9.0-212.52.11.255
213.109.149.0/24
213.109.156.0/24
213.109.159.0/24
213.173.37.0/24
217.119.135.0/24
Signature Algorithm: sha256WithRSAEncryption
47:47:f0:09:65:7f:08:77:15:cb:d2:28:6d:de:58:63:c2:19:
42:0d:30:63:26:e3:df:b9:ad:cf:e5:f7:cd:52:bb:17:b0:fe:
1c:9d:c7:cc:de:4e:d8:b6:1f:5b:cd:88:25:77:7d:77:a8:d8:
6f:48:e8:56:99:03:de:b1:09:58:30:28:21:1a:04:2f:db:3f:
ea:6b:7b:a0:c9:f0:8a:61:73:5a:cf:68:59:19:68:30:3a:10:
36:f6:87:5c:dc:d3:dd:4b:ca:27:a7:80:4e:00:a8:27:ae:52:
d3:b5:88:15:13:53:8d:52:72:33:9f:7a:36:19:1a:57:2c:ba:
4e:46:24:a1:96:fe:1d:27:47:9d:b4:66:4b:bf:fc:d2:f5:3a:
86:e2:c1:96:2f:34:0e:56:96:5a:4b:f6:25:40:58:bd:de:92:
47:2d:4d:49:e0:25:84:d0:c2:01:57:53:74:d7:69:d3:0e:d0:
ca:be:bb:b3:6d:60:7b:40:b6:17:28:5c:17:11:ee:00:b1:3e:
1c:41:18:2e:fb:56:19:59:ea:9d:a0:8f:a5:ca:fb:64:86:c2:
15:89:7d:00:ce:3c:60:6e:18:7d:06:f3:9e:56:6a:e5:b0:a1:
c3:fa:fa:36:da:c8:29:e7:a5:2c:fa:ed:dd:92:13:a9:ff:9d:
5d:42:47:95
-----BEGIN CERTIFICATE-----
MIIGszCCBZugAwIBAgISAYvsWzJy/9d/6dyNueuSFM9EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTIwMTA1MTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjg0ZGU0NzdjYjg1YWRjYjlhNmVjNTQ2YjIwMGUyNjgzZTcwOWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKxbDAYjk0Yuw+ltNdj831wTVWuT
SZW6UESnTVSVmdW5W1Omu8Y5WxQpaFoRwIK6kCi0E0YcY9GNxQOZIc9S7gCHwm8T
HtdMwLksEN494lUMQ/iiST9ywVwsGyo57mOFnchPHGeabYcMwHv75ygKR1Y730yz
h4il8Qy3YjGNczk2kqdDYe/2pJwOP2BlXYksDZqyMTyfYtwXOVkJwjFXaKXTvsKe
cuge2nmCitv/DBbU5ZFk40p4JDnvl9AYS813brVQP4IcY9iffWdcRNU8UfehMHhz
LFzop/79G2ZL87+HXOHvA/IppXtPeiGbBP1cusLDJ3JhOzThTSDULyg/vQIDAQAB
o4IDvzCCA7swHQYDVR0OBBYEFNaE3kd8uFrcuabsVGsgDiaD5wnEMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMW9UZVIzeTRXdHk1cHV4VWF5QU9Kb1BuQ2NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB0wYIKwYBBQUHAQcBAf8EggHCMIIBvjCCAboEAgABMIIB
sgMEAAW0sgMEACVIiAMEACWM3gMEAC1WJQMEAC79hwMEAD4DBQMEAD4DOQMEAD5q
SgMEAD5qWwMEAD56vwMEAD7FgAMEAD7MPAMEAD7pIAMEAD7pJgMEAE6O8wMEAE9u
5AMEAE9u5gMEAFkmiAMEAFvRDAMEAFvy6QMEAFvy/AMEAFv2IAMEAFv2JQMEAFv2
PwMEAFv3rAMEAF6afgMEAG3NugMEAJITHgMEAJITJAMEAJITKAMEAJITbgMEAJIT
hAMEAJITlwMEAJITuAMEAJIT6AMEALBhwwMEALBhxgMEALBhyAMEALBh0wMEALB2
IwMEALB+dwMEALmXkQMEALmhewMEALm42AMEALnqDwMEALnr4QMEALnr5AMEALn8
1QMEALzxnwMEALzx+AMEALz0fgMEAcEDtAMEAMEDuwMEAMEJGQMEAMEmmgMEAcGj
wAMEAMGjwwMEAMHJDAMEAMHJDgMEAMHd0gMEAMIayAMEAMKWTAMEANQSZgMEANQS
agMEANQYezAMAwQA1DQJAwQC1DQIAwQA1W2VAwQA1W2cAwQA1W2fAwQA1a0lAwQA
2XeHMA0GCSqGSIb3DQEBCwUAA4IBAQBHR/AJZX8IdxXL0iht3lhjwhlCDTBjJuPf
ua3P5ffNUrsXsP4cncfM3k7Yth9bzYgld313qNhvSOhWmQPesQlYMCghGgQv2z/q
a3ugyfCKYXNaz2hZGWgwOhA29odc3NPdS8onp4BOAKgnrlLTtYgVE1ONUnIzn3o2
GRpXLLpORiShlv4dJ0edtGZLv/zS9TqG4sGWLzQOVpZaS/YlQFi93pJHLU1J4CWE
0MIBV1N012nTDtDKvruzbWB7QLYXKFwXEe4AsT4cQRgu+1YZWeqdoI+lyvtkhsIV
iX0Azjxgbhh9BvOeVmrlsKHD+vo22sgp56Us+u3dkhOp/51dQkeV
Generated at Mon Nov 20 12:12:17 2023 by rpki-client on console-fra.rpki-client.org