Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mhxgOJqHeSuy5WAFDbo_P6fxl74.roa
File: mhxgOJqHeSuy5WAFDbo_P6fxl74.roa (raw, json)
Hash identifier: VQuj4mpS2OSPanJoNUYYjejTBR1UlOQFUKLGVp8FE60=
Subject key identifier: 9A:1C:60:38:9A:87:79:2B:B2:E5:60:05:0D:BA:3F:3F:A7:F1:97:BE
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018BECA9B1866DEA044923E3BC7656175CEC
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mhxgOJqHeSuy5WAFDbo_P6fxl74.roa
Signing time: Mon 20 Nov 2023 12:17:05 +0000
ROA not before: Mon 20 Nov 2023 12:17:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7393
IP address blocks: 146.19.151.0/24 maxlen: 24
37.140.222.0/24 maxlen: 24
188.241.248.0/24 maxlen: 24
193.221.210.0/24 maxlen: 24
146.19.184.0/24 maxlen: 24
146.19.182.0/24 maxlen: 24
94.154.126.0/24 maxlen: 24
146.19.110.0/24 maxlen: 24
146.19.132.0/24 maxlen: 24
185.161.123.0/24 maxlen: 24
194.26.200.0/24 maxlen: 24
62.3.57.0/24 maxlen: 24
185.151.145.0/24 maxlen: 24
185.184.216.0/24 maxlen: 24
62.3.5.0/24 maxlen: 24
146.19.225.0/24 maxlen: 24
146.19.221.0/24 maxlen: 24
146.19.232.0/24 maxlen: 24
79.110.228.0/24 maxlen: 24
79.110.230.0/24 maxlen: 24
62.106.91.0/24 maxlen: 24
45.86.37.0/24 maxlen: 24
188.244.126.0/24 maxlen: 24
193.163.192.0/24 maxlen: 24
193.163.195.0/24 maxlen: 24
194.150.76.0/24 maxlen: 24
193.163.193.0/24 maxlen: 24
91.247.172.0/24 maxlen: 24
37.72.136.0/24 maxlen: 24
213.109.149.0/24 maxlen: 24
213.109.156.0/24 maxlen: 24
213.109.159.0/24 maxlen: 24
176.126.119.0/24 maxlen: 24
62.106.74.0/24 maxlen: 24
193.201.14.0/24 maxlen: 24
193.201.12.0/24 maxlen: 24
146.19.40.0/24 maxlen: 24
193.9.25.0/24 maxlen: 24
188.241.159.0/24 maxlen: 24
62.204.60.0/24 maxlen: 24
62.197.128.0/24 maxlen: 24
5.180.178.0/24 maxlen: 24
146.19.30.0/24 maxlen: 24
146.19.36.0/24 maxlen: 24
212.24.123.0/24 maxlen: 24
46.253.135.0/24 maxlen: 24
62.122.191.0/24 maxlen: 24
89.38.136.0/24 maxlen: 24
78.142.243.0/24 maxlen: 24
212.52.10.0/24 maxlen: 24
212.52.11.0/24 maxlen: 24
212.52.9.0/24 maxlen: 24
193.38.154.0/24 maxlen: 24
212.18.102.0/24 maxlen: 24
212.18.106.0/24 maxlen: 24
217.119.135.0/24 maxlen: 24
185.234.15.0/24 maxlen: 24
213.173.37.0/24 maxlen: 24
91.209.12.0/24 maxlen: 24
176.118.35.0/24 maxlen: 24
91.246.32.0/24 maxlen: 24
109.205.186.0/24 maxlen: 24
91.246.37.0/24 maxlen: 24
193.3.180.0/24 maxlen: 24
91.246.63.0/24 maxlen: 24
193.3.181.0/24 maxlen: 24
91.242.233.0/24 maxlen: 24
193.3.187.0/24 maxlen: 24
176.97.198.0/24 maxlen: 24
176.97.195.0/24 maxlen: 24
185.235.225.0/24 maxlen: 24
176.97.200.0/24 maxlen: 24
185.235.228.0/24 maxlen: 24
176.97.211.0/24 maxlen: 24
185.252.213.0/24 maxlen: 24
62.233.32.0/24 maxlen: 24
62.233.38.0/24 maxlen: 24
91.242.252.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:a9:b1:86:6d:ea:04:49:23:e3:bc:76:56:17:5c:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 20 12:17:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a1c60389a87792bb2e560050dba3f3fa7f197be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:bf:cf:60:37:69:0c:76:12:ed:da:84:25:06:
a3:86:b1:9e:49:f2:47:94:3e:b1:72:0f:61:9d:e1:
c2:4b:d5:0c:61:1d:85:e4:32:52:d6:b6:8e:40:bb:
0e:20:48:86:c1:e3:3d:b9:04:0a:12:09:c5:b7:c2:
52:8c:0c:0e:a8:38:0b:66:3a:21:6f:94:2f:36:92:
b0:f0:e6:a2:86:f3:c8:9d:cb:56:aa:2b:dd:ff:22:
06:4f:41:81:e3:eb:a2:82:4f:ee:6c:7b:9d:17:96:
7b:eb:da:cc:16:ea:a3:64:31:b9:f4:c8:ca:d4:f5:
8a:74:5a:30:a0:76:b3:1d:7b:aa:1f:b1:f9:af:5a:
75:f7:65:40:dc:3a:92:7c:6a:c7:9c:9b:ef:53:95:
45:c6:f0:d8:0f:75:3c:e0:8a:ee:18:8c:5f:e3:3f:
c5:b6:74:d6:5e:90:f6:cb:99:8b:9e:5f:47:06:7e:
03:ab:f8:12:52:91:04:15:2f:1c:d6:28:79:f9:cd:
93:2a:c1:0e:38:98:fb:50:fe:91:e4:cc:e2:60:ee:
d7:21:53:fe:78:62:60:ab:93:b8:e7:c8:b3:10:15:
86:18:a9:47:ff:a4:71:24:76:3a:35:46:8c:f0:4a:
8b:89:00:3b:3e:66:1f:52:89:92:9c:88:2c:a5:af:
5e:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:1C:60:38:9A:87:79:2B:B2:E5:60:05:0D:BA:3F:3F:A7:F1:97:BE
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mhxgOJqHeSuy5WAFDbo_P6fxl74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.178.0/24
37.72.136.0/24
37.140.222.0/24
45.86.37.0/24
46.253.135.0/24
62.3.5.0/24
62.3.57.0/24
62.106.74.0/24
62.106.91.0/24
62.122.191.0/24
62.197.128.0/24
62.204.60.0/24
62.233.32.0/24
62.233.38.0/24
78.142.243.0/24
79.110.228.0/24
79.110.230.0/24
89.38.136.0/24
91.209.12.0/24
91.242.233.0/24
91.242.252.0/24
91.246.32.0/24
91.246.37.0/24
91.246.63.0/24
91.247.172.0/24
94.154.126.0/24
109.205.186.0/24
146.19.30.0/24
146.19.36.0/24
146.19.40.0/24
146.19.110.0/24
146.19.132.0/24
146.19.151.0/24
146.19.182.0/24
146.19.184.0/24
146.19.221.0/24
146.19.225.0/24
146.19.232.0/24
176.97.195.0/24
176.97.198.0/24
176.97.200.0/24
176.97.211.0/24
176.118.35.0/24
176.126.119.0/24
185.151.145.0/24
185.161.123.0/24
185.184.216.0/24
185.234.15.0/24
185.235.225.0/24
185.235.228.0/24
185.252.213.0/24
188.241.159.0/24
188.241.248.0/24
188.244.126.0/24
193.3.180.0/23
193.3.187.0/24
193.9.25.0/24
193.38.154.0/24
193.163.192.0/23
193.163.195.0/24
193.201.12.0/24
193.201.14.0/24
193.221.210.0/24
194.26.200.0/24
194.150.76.0/24
212.18.102.0/24
212.18.106.0/24
212.24.123.0/24
212.52.9.0-212.52.11.255
213.109.149.0/24
213.109.156.0/24
213.109.159.0/24
213.173.37.0/24
217.119.135.0/24
Signature Algorithm: sha256WithRSAEncryption
55:c9:31:f7:2b:53:83:e4:53:bb:b5:a4:05:f5:88:6f:ac:c3:
11:98:47:dd:77:0f:6e:d8:cd:e7:64:2d:3b:d3:0f:68:a3:38:
0c:d3:a3:3b:34:67:6f:a5:08:c1:3a:fc:28:fa:8c:9a:f6:b3:
76:a0:cb:37:98:d3:92:e2:e7:56:da:31:9d:fb:b2:63:a5:f3:
2f:83:00:7d:9c:6b:da:f5:c2:f2:bb:ae:a6:e5:0e:8b:35:c5:
8b:97:96:45:97:55:97:9b:d5:55:d8:6b:1e:eb:5b:22:8c:71:
3b:c1:ad:82:ad:e5:90:06:08:68:8a:56:17:be:6b:9f:b5:96:
98:bc:81:95:fd:6e:cf:1b:b4:02:51:15:c8:b0:35:fa:a4:6c:
76:d9:e8:54:95:f7:4e:81:76:6c:73:69:37:ed:ff:fd:ef:16:
6b:91:c3:e2:3b:13:04:f4:83:1f:67:88:f5:47:54:11:7b:71:
6c:6b:6e:f8:d6:4e:58:56:78:6e:ad:6d:ca:e0:9c:ee:9b:1a:
13:b5:ac:97:6b:b0:b5:47:b3:56:c8:77:ce:67:47:65:b2:12:
66:a0:ab:01:b2:2b:a6:e4:27:7f:48:ef:58:ad:74:b0:fe:d0:
df:50:39:fe:3f:6a:af:6d:20:07:db:7c:2b:fb:b4:ba:83:d7:
a3:d5:26:1f
-----BEGIN CERTIFICATE-----
MIIGxTCCBa2gAwIBAgISAYvsqbGGbeoESSPjvHZWF1zsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTIwMTIxNzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTFjNjAzODlhODc3OTJiYjJlNTYwMDUwZGJhM2YzZmE3ZjE5N2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5L/PYDdpDHYS7dqEJQajhrGeSfJH
lD6xcg9hneHCS9UMYR2F5DJS1raOQLsOIEiGweM9uQQKEgnFt8JSjAwOqDgLZjoh
b5QvNpKw8OaihvPInctWqivd/yIGT0GB4+uigk/ubHudF5Z769rMFuqjZDG59MjK
1PWKdFowoHazHXuqH7H5r1p192VA3DqSfGrHnJvvU5VFxvDYD3U84IruGIxf4z/F
tnTWXpD2y5mLnl9HBn4Dq/gSUpEEFS8c1ih5+c2TKsEOOJj7UP6R5MziYO7XIVP+
eGJgq5O458izEBWGGKlH/6RxJHY6NUaM8EqLiQA7PmYfUomSnIgspa9eqwIDAQAB
o4ID0TCCA80wHQYDVR0OBBYEFJocYDiah3krsuVgBQ26Pz+n8Ze+MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbWh4Z09KcUhlU3V5NVdBRkRib19QNmZ4bDc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB5QYIKwYBBQUHAQcBAf8EggHUMIIB0DCCAcwEAgABMIIB
xAMEAAW0sgMEACVIiAMEACWM3gMEAC1WJQMEAC79hwMEAD4DBQMEAD4DOQMEAD5q
SgMEAD5qWwMEAD56vwMEAD7FgAMEAD7MPAMEAD7pIAMEAD7pJgMEAE6O8wMEAE9u
5AMEAE9u5gMEAFkmiAMEAFvRDAMEAFvy6QMEAFvy/AMEAFv2IAMEAFv2JQMEAFv2
PwMEAFv3rAMEAF6afgMEAG3NugMEAJITHgMEAJITJAMEAJITKAMEAJITbgMEAJIT
hAMEAJITlwMEAJITtgMEAJITuAMEAJIT3QMEAJIT4QMEAJIT6AMEALBhwwMEALBh
xgMEALBhyAMEALBh0wMEALB2IwMEALB+dwMEALmXkQMEALmhewMEALm42AMEALnq
DwMEALnr4QMEALnr5AMEALn81QMEALzxnwMEALzx+AMEALz0fgMEAcEDtAMEAMED
uwMEAMEJGQMEAMEmmgMEAcGjwAMEAMGjwwMEAMHJDAMEAMHJDgMEAMHd0gMEAMIa
yAMEAMKWTAMEANQSZgMEANQSagMEANQYezAMAwQA1DQJAwQC1DQIAwQA1W2VAwQA
1W2cAwQA1W2fAwQA1a0lAwQA2XeHMA0GCSqGSIb3DQEBCwUAA4IBAQBVyTH3K1OD
5FO7taQF9YhvrMMRmEfddw9u2M3nZC070w9oozgM06M7NGdvpQjBOvwo+oya9rN2
oMs3mNOS4udW2jGd+7JjpfMvgwB9nGva9cLyu66m5Q6LNcWLl5ZFl1WXm9VV2Gse
61sijHE7wa2CreWQBghoilYXvmuftZaYvIGV/W7PG7QCURXIsDX6pGx22ehUlfdO
gXZsc2k37f/97xZrkcPiOxME9IMfZ4j1R1QRe3Fsa2741k5YVnhurW3K4JzumxoT
tayXa7C1R7NWyHfOZ0dlshJmoKsBsium5Cd/SO9YrXSw/tDfUDn+P2qvbSAH23wr
+7S6g9ej1SYf
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:28 2024 by rpki-client on console-fra.rpki-client.org