Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/oCPzViWqotCZ4lLUUGheqAQGV9E.roa
File: oCPzViWqotCZ4lLUUGheqAQGV9E.roa (raw, json)
Hash identifier: VZsqyTQwsjWfGFWtgPZePrDnXAl6C0j3g1QJRA9dqT8=
Subject key identifier: A0:23:F3:56:25:AA:A2:D0:99:E2:52:D4:50:68:5E:A8:04:06:57:D1
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018BEC73EB315DF3507A214D02BE20340FF4
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/oCPzViWqotCZ4lLUUGheqAQGV9E.roa
Signing time: Mon 20 Nov 2023 11:18:21 +0000
ROA not before: Mon 20 Nov 2023 11:18:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7393
IP address blocks: 146.19.151.0/24 maxlen: 24
37.140.222.0/24 maxlen: 24
188.241.248.0/24 maxlen: 24
193.221.210.0/24 maxlen: 24
146.19.184.0/24 maxlen: 24
146.19.182.0/24 maxlen: 24
94.154.126.0/24 maxlen: 24
146.19.110.0/24 maxlen: 24
146.19.132.0/24 maxlen: 24
185.161.123.0/24 maxlen: 24
194.26.200.0/24 maxlen: 24
62.3.57.0/24 maxlen: 24
185.151.145.0/24 maxlen: 24
185.184.216.0/24 maxlen: 24
62.3.5.0/24 maxlen: 24
146.19.221.0/24 maxlen: 24
146.19.232.0/24 maxlen: 24
79.110.228.0/24 maxlen: 24
79.110.230.0/24 maxlen: 24
62.106.91.0/24 maxlen: 24
45.86.37.0/24 maxlen: 24
188.244.126.0/24 maxlen: 24
193.163.192.0/24 maxlen: 24
193.163.195.0/24 maxlen: 24
194.150.76.0/24 maxlen: 24
193.163.193.0/24 maxlen: 24
91.247.172.0/24 maxlen: 24
37.72.136.0/24 maxlen: 24
213.109.149.0/24 maxlen: 24
213.109.156.0/24 maxlen: 24
213.109.159.0/24 maxlen: 24
176.126.119.0/24 maxlen: 24
62.106.74.0/24 maxlen: 24
193.201.14.0/24 maxlen: 24
193.201.12.0/24 maxlen: 24
146.19.40.0/24 maxlen: 24
193.9.25.0/24 maxlen: 24
188.241.159.0/24 maxlen: 24
62.204.60.0/24 maxlen: 24
62.197.128.0/24 maxlen: 24
5.180.178.0/24 maxlen: 24
146.19.30.0/24 maxlen: 24
146.19.36.0/24 maxlen: 24
212.24.123.0/24 maxlen: 24
46.253.135.0/24 maxlen: 24
62.122.191.0/24 maxlen: 24
89.38.136.0/24 maxlen: 24
78.142.243.0/24 maxlen: 24
212.52.10.0/24 maxlen: 24
212.52.11.0/24 maxlen: 24
212.52.9.0/24 maxlen: 24
193.38.154.0/24 maxlen: 24
212.18.102.0/24 maxlen: 24
212.18.106.0/24 maxlen: 24
217.119.135.0/24 maxlen: 24
185.234.15.0/24 maxlen: 24
213.173.37.0/24 maxlen: 24
91.209.12.0/24 maxlen: 24
176.118.35.0/24 maxlen: 24
91.246.32.0/24 maxlen: 24
109.205.186.0/24 maxlen: 24
91.246.37.0/24 maxlen: 24
193.3.180.0/24 maxlen: 24
91.246.63.0/24 maxlen: 24
193.3.181.0/24 maxlen: 24
91.242.233.0/24 maxlen: 24
193.3.187.0/24 maxlen: 24
176.97.198.0/24 maxlen: 24
176.97.195.0/24 maxlen: 24
185.235.225.0/24 maxlen: 24
176.97.200.0/24 maxlen: 24
185.235.228.0/24 maxlen: 24
176.97.211.0/24 maxlen: 24
185.252.213.0/24 maxlen: 24
62.233.32.0/24 maxlen: 24
62.233.38.0/24 maxlen: 24
91.242.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Nov 2023 12:17:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:73:eb:31:5d:f3:50:7a:21:4d:02:be:20:34:0f:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 20 11:18:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a023f35625aaa2d099e252d450685ea8040657d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0a:63:75:f0:6b:21:01:6d:11:9c:f3:e5:0a:
35:43:71:df:1d:2c:be:58:69:0b:eb:ac:65:cc:74:
23:40:2b:2b:5c:e0:f7:62:15:0c:c3:09:0d:03:47:
68:35:e9:10:92:89:22:91:d0:e0:e6:74:34:15:af:
22:96:40:a9:15:af:2a:a0:11:38:f1:5a:21:91:46:
8b:b5:51:ad:15:2a:1c:36:72:d7:37:96:e4:eb:f1:
42:ae:f8:ba:c2:92:21:e5:35:08:14:cf:3b:84:d8:
85:d8:47:3b:e6:97:69:0f:01:2c:ff:e0:aa:e9:da:
a6:25:f6:89:49:02:6f:4d:5d:9f:32:92:11:29:b9:
70:e6:54:90:bd:61:39:e6:c6:17:b0:5c:40:5f:e3:
79:ba:a6:0c:c6:dc:63:36:2e:cf:fb:10:2d:b6:7f:
43:d3:3e:85:18:8d:24:21:cb:1d:e3:5e:a8:da:3e:
72:26:0f:3a:ab:2b:4f:9f:c0:f5:31:51:91:f5:38:
94:aa:94:ea:cc:63:50:32:eb:95:f6:a2:3b:43:a5:
4c:4b:de:e4:ec:ce:ff:26:b0:38:ba:0a:d5:3a:68:
48:bd:2e:75:b0:cd:1c:d7:3c:8f:11:16:49:41:ec:
34:24:39:7f:53:35:8b:61:62:4c:4d:b1:db:1b:33:
14:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:23:F3:56:25:AA:A2:D0:99:E2:52:D4:50:68:5E:A8:04:06:57:D1
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/oCPzViWqotCZ4lLUUGheqAQGV9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.178.0/24
37.72.136.0/24
37.140.222.0/24
45.86.37.0/24
46.253.135.0/24
62.3.5.0/24
62.3.57.0/24
62.106.74.0/24
62.106.91.0/24
62.122.191.0/24
62.197.128.0/24
62.204.60.0/24
62.233.32.0/24
62.233.38.0/24
78.142.243.0/24
79.110.228.0/24
79.110.230.0/24
89.38.136.0/24
91.209.12.0/24
91.242.233.0/24
91.242.252.0/24
91.246.32.0/24
91.246.37.0/24
91.246.63.0/24
91.247.172.0/24
94.154.126.0/24
109.205.186.0/24
146.19.30.0/24
146.19.36.0/24
146.19.40.0/24
146.19.110.0/24
146.19.132.0/24
146.19.151.0/24
146.19.182.0/24
146.19.184.0/24
146.19.221.0/24
146.19.232.0/24
176.97.195.0/24
176.97.198.0/24
176.97.200.0/24
176.97.211.0/24
176.118.35.0/24
176.126.119.0/24
185.151.145.0/24
185.161.123.0/24
185.184.216.0/24
185.234.15.0/24
185.235.225.0/24
185.235.228.0/24
185.252.213.0/24
188.241.159.0/24
188.241.248.0/24
188.244.126.0/24
193.3.180.0/23
193.3.187.0/24
193.9.25.0/24
193.38.154.0/24
193.163.192.0/23
193.163.195.0/24
193.201.12.0/24
193.201.14.0/24
193.221.210.0/24
194.26.200.0/24
194.150.76.0/24
212.18.102.0/24
212.18.106.0/24
212.24.123.0/24
212.52.9.0-212.52.11.255
213.109.149.0/24
213.109.156.0/24
213.109.159.0/24
213.173.37.0/24
217.119.135.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:a7:e7:50:05:3b:3a:72:b8:fe:c1:4d:c8:46:a4:29:a3:e8:
8b:a9:61:d9:6d:9f:bb:8f:50:26:f7:94:fb:f2:5f:32:82:7b:
e9:a1:22:07:f3:6c:08:b4:dc:33:9d:a7:4f:67:3c:11:82:20:
92:e3:d5:2b:07:6d:6c:42:38:68:d8:a1:23:94:93:d6:a4:cf:
8f:6b:61:a6:ef:d2:71:4c:a7:b6:02:d3:9a:c7:a7:74:16:21:
53:67:e6:8f:19:5b:4d:9a:d1:1f:ff:e1:bc:e8:e1:a0:c6:06:
0d:2b:a3:6a:88:e7:8b:0a:40:ea:c7:da:df:08:f1:f3:e4:d9:
32:81:aa:18:25:53:24:ca:0e:29:56:b3:11:e8:23:b0:0d:09:
e8:05:f2:d5:eb:d3:fa:2e:ce:df:44:27:c3:7e:fc:ef:0b:94:
47:75:76:c2:d6:18:31:f3:e7:ca:31:3a:b8:14:36:1a:8a:00:
4f:78:07:e8:51:fa:88:97:d8:ca:ca:3a:a2:16:6d:d0:fa:6d:
03:ae:ff:0a:53:0e:98:e1:dd:35:61:05:f7:56:42:f5:18:ed:
0f:96:df:3c:8f:71:2b:18:dc:99:62:ea:7d:0e:5c:37:78:47:
cf:e3:94:2a:06:19:91:32:6f:da:1b:eb:30:c0:e5:95:07:9c:
d4:00:af:96
-----BEGIN CERTIFICATE-----
MIIGvzCCBaegAwIBAgISAYvsc+sxXfNQeiFNAr4gNA/0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTIwMTExODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDIzZjM1NjI1YWFhMmQwOTllMjUyZDQ1MDY4NWVhODA0MDY1N2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQpjdfBrIQFtEZzz5Qo1Q3HfHSy+
WGkL66xlzHQjQCsrXOD3YhUMwwkNA0doNekQkokikdDg5nQ0Fa8ilkCpFa8qoBE4
8VohkUaLtVGtFSocNnLXN5bk6/FCrvi6wpIh5TUIFM87hNiF2Ec75pdpDwEs/+Cq
6dqmJfaJSQJvTV2fMpIRKblw5lSQvWE55sYXsFxAX+N5uqYMxtxjNi7P+xAttn9D
0z6FGI0kIcsd416o2j5yJg86qytPn8D1MVGR9TiUqpTqzGNQMuuV9qI7Q6VMS97k
7M7/JrA4ugrVOmhIvS51sM0c1zyPERZJQew0JDl/UzWLYWJMTbHbGzMULwIDAQAB
o4IDyzCCA8cwHQYDVR0OBBYEFKAj81YlqqLQmeJS1FBoXqgEBlfRMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvb0NQelZpV3FvdENaNGxMVVVHaGVxQVFHVjlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB3wYIKwYBBQUHAQcBAf8EggHOMIIByjCCAcYEAgABMIIB
vgMEAAW0sgMEACVIiAMEACWM3gMEAC1WJQMEAC79hwMEAD4DBQMEAD4DOQMEAD5q
SgMEAD5qWwMEAD56vwMEAD7FgAMEAD7MPAMEAD7pIAMEAD7pJgMEAE6O8wMEAE9u
5AMEAE9u5gMEAFkmiAMEAFvRDAMEAFvy6QMEAFvy/AMEAFv2IAMEAFv2JQMEAFv2
PwMEAFv3rAMEAF6afgMEAG3NugMEAJITHgMEAJITJAMEAJITKAMEAJITbgMEAJIT
hAMEAJITlwMEAJITtgMEAJITuAMEAJIT3QMEAJIT6AMEALBhwwMEALBhxgMEALBh
yAMEALBh0wMEALB2IwMEALB+dwMEALmXkQMEALmhewMEALm42AMEALnqDwMEALnr
4QMEALnr5AMEALn81QMEALzxnwMEALzx+AMEALz0fgMEAcEDtAMEAMEDuwMEAMEJ
GQMEAMEmmgMEAcGjwAMEAMGjwwMEAMHJDAMEAMHJDgMEAMHd0gMEAMIayAMEAMKW
TAMEANQSZgMEANQSagMEANQYezAMAwQA1DQJAwQC1DQIAwQA1W2VAwQA1W2cAwQA
1W2fAwQA1a0lAwQA2XeHMA0GCSqGSIb3DQEBCwUAA4IBAQBOp+dQBTs6crj+wU3I
RqQpo+iLqWHZbZ+7j1Am95T78l8ygnvpoSIH82wItNwznadPZzwRgiCS49UrB21s
Qjho2KEjlJPWpM+Pa2Gm79JxTKe2AtOax6d0FiFTZ+aPGVtNmtEf/+G86OGgxgYN
K6NqiOeLCkDqx9rfCPHz5NkygaoYJVMkyg4pVrMR6COwDQnoBfLV69P6Ls7fRCfD
fvzvC5RHdXbC1hgx8+fKMTq4FDYaigBPeAfoUfqIl9jKyjqiFm3Q+m0Drv8KUw6Y
4d01YQX3VkL1GO0Plt88j3ErGNyZYup9Dlw3eEfP45QqBhmRMm/aG+swwOWVB5zU
AK+W
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:13 2024 by rpki-client on console-ams.rpki-client.org