Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ucnITlPSkwfYJm4b8c_AGDtz43Y.roa
File: ucnITlPSkwfYJm4b8c_AGDtz43Y.roa (raw, json)
Hash identifier: 8Ppdq6RwZh4UxPbeWIiNS6/TJGPncuBrZwSWyiGPOVw=
Subject key identifier: B9:C9:C8:4E:53:D2:93:07:D8:26:6E:1B:F1:CF:C0:18:3B:73:E3:76
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018BDD6BF5E48E46F536A3F8730DAB4F8F5E
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ucnITlPSkwfYJm4b8c_AGDtz43Y.roa
Signing time: Fri 17 Nov 2023 13:15:21 +0000
ROA not before: Fri 17 Nov 2023 13:15:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7393
IP address blocks: 146.19.151.0/24 maxlen: 24
37.140.222.0/24 maxlen: 24
188.241.248.0/24 maxlen: 24
193.221.210.0/24 maxlen: 24
94.154.126.0/24 maxlen: 24
146.19.110.0/24 maxlen: 24
146.19.132.0/24 maxlen: 24
185.161.123.0/24 maxlen: 24
194.26.200.0/24 maxlen: 24
62.3.57.0/24 maxlen: 24
185.151.145.0/24 maxlen: 24
185.184.216.0/24 maxlen: 24
62.3.5.0/24 maxlen: 24
79.110.228.0/24 maxlen: 24
79.110.230.0/24 maxlen: 24
62.106.91.0/24 maxlen: 24
45.86.37.0/24 maxlen: 24
188.244.126.0/24 maxlen: 24
193.163.192.0/24 maxlen: 24
193.163.195.0/24 maxlen: 24
194.150.76.0/24 maxlen: 24
193.163.193.0/24 maxlen: 24
91.247.172.0/24 maxlen: 24
37.72.136.0/24 maxlen: 24
213.109.149.0/24 maxlen: 24
213.109.156.0/24 maxlen: 24
213.109.159.0/24 maxlen: 24
176.126.119.0/24 maxlen: 24
62.106.74.0/24 maxlen: 24
193.201.14.0/24 maxlen: 24
193.201.12.0/24 maxlen: 24
146.19.40.0/24 maxlen: 24
188.241.159.0/24 maxlen: 24
62.204.60.0/24 maxlen: 24
62.197.128.0/24 maxlen: 24
5.180.178.0/24 maxlen: 24
146.19.30.0/24 maxlen: 24
146.19.36.0/24 maxlen: 24
212.24.123.0/24 maxlen: 24
46.253.135.0/24 maxlen: 24
62.122.191.0/24 maxlen: 24
89.38.136.0/24 maxlen: 24
78.142.243.0/24 maxlen: 24
212.52.10.0/24 maxlen: 24
212.52.11.0/24 maxlen: 24
212.52.9.0/24 maxlen: 24
193.38.154.0/24 maxlen: 24
212.18.102.0/24 maxlen: 24
212.18.106.0/24 maxlen: 24
217.119.135.0/24 maxlen: 24
185.234.15.0/24 maxlen: 24
213.173.37.0/24 maxlen: 24
91.209.12.0/24 maxlen: 24
176.118.35.0/24 maxlen: 24
91.246.32.0/24 maxlen: 24
91.246.37.0/24 maxlen: 24
193.3.180.0/24 maxlen: 24
91.246.63.0/24 maxlen: 24
193.3.181.0/24 maxlen: 24
91.242.233.0/24 maxlen: 24
193.3.187.0/24 maxlen: 24
176.97.198.0/24 maxlen: 24
176.97.195.0/24 maxlen: 24
185.235.225.0/24 maxlen: 24
176.97.200.0/24 maxlen: 24
185.235.228.0/24 maxlen: 24
176.97.211.0/24 maxlen: 24
185.252.213.0/24 maxlen: 24
62.233.32.0/24 maxlen: 24
62.233.38.0/24 maxlen: 24
91.242.252.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dd:6b:f5:e4:8e:46:f5:36:a3:f8:73:0d:ab:4f:8f:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 17 13:15:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9c9c84e53d29307d8266e1bf1cfc0183b73e376
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b3:f0:6f:54:60:66:d9:a7:44:88:ad:85:c6:
ec:20:3b:bd:c0:cb:f4:72:30:38:bc:6f:f3:89:a4:
6a:f5:b7:9e:e6:11:e9:6a:78:30:63:d6:ce:e8:fa:
2e:dd:e8:c7:b6:38:62:76:ab:6b:97:d7:a1:5b:e0:
2d:7f:71:d9:28:f1:b9:8b:8a:aa:4a:53:e4:7d:0e:
20:65:a7:f9:42:a7:25:da:bd:e1:2b:27:0b:5b:c4:
4d:f7:ff:da:73:e8:69:26:a8:4f:90:9c:77:56:7c:
26:c5:84:0a:e5:a2:1b:86:a6:34:4a:15:0b:00:18:
74:2a:18:b9:b1:a4:2b:9c:aa:2e:cd:e1:8c:92:58:
df:65:e5:e8:d4:3c:e8:2a:c8:06:ba:f0:d9:48:47:
d9:b1:bc:2b:64:15:7f:78:a5:20:9d:bc:7a:7b:d0:
d2:6f:70:d2:32:fb:47:b1:09:ed:7d:5e:45:c1:a9:
67:b4:f0:b8:5f:1b:eb:1d:2b:a2:83:2d:ac:3d:5a:
7e:b0:2e:8b:d2:60:3c:63:db:b0:6d:87:ac:e9:34:
96:70:12:ec:f0:bc:4f:2e:62:35:11:a7:9f:75:df:
18:b6:60:5a:93:80:ec:a6:60:5a:8e:bc:63:d6:6c:
c6:9a:47:01:93:d0:39:a8:5c:b5:ca:a1:6d:22:12:
bf:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:C9:C8:4E:53:D2:93:07:D8:26:6E:1B:F1:CF:C0:18:3B:73:E3:76
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ucnITlPSkwfYJm4b8c_AGDtz43Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.178.0/24
37.72.136.0/24
37.140.222.0/24
45.86.37.0/24
46.253.135.0/24
62.3.5.0/24
62.3.57.0/24
62.106.74.0/24
62.106.91.0/24
62.122.191.0/24
62.197.128.0/24
62.204.60.0/24
62.233.32.0/24
62.233.38.0/24
78.142.243.0/24
79.110.228.0/24
79.110.230.0/24
89.38.136.0/24
91.209.12.0/24
91.242.233.0/24
91.242.252.0/24
91.246.32.0/24
91.246.37.0/24
91.246.63.0/24
91.247.172.0/24
94.154.126.0/24
146.19.30.0/24
146.19.36.0/24
146.19.40.0/24
146.19.110.0/24
146.19.132.0/24
146.19.151.0/24
176.97.195.0/24
176.97.198.0/24
176.97.200.0/24
176.97.211.0/24
176.118.35.0/24
176.126.119.0/24
185.151.145.0/24
185.161.123.0/24
185.184.216.0/24
185.234.15.0/24
185.235.225.0/24
185.235.228.0/24
185.252.213.0/24
188.241.159.0/24
188.241.248.0/24
188.244.126.0/24
193.3.180.0/23
193.3.187.0/24
193.38.154.0/24
193.163.192.0/23
193.163.195.0/24
193.201.12.0/24
193.201.14.0/24
193.221.210.0/24
194.26.200.0/24
194.150.76.0/24
212.18.102.0/24
212.18.106.0/24
212.24.123.0/24
212.52.9.0-212.52.11.255
213.109.149.0/24
213.109.156.0/24
213.109.159.0/24
213.173.37.0/24
217.119.135.0/24
Signature Algorithm: sha256WithRSAEncryption
32:af:e3:ff:31:a6:1e:e7:bd:b5:21:d6:37:97:59:84:d6:1d:
cf:87:11:fb:45:18:6a:d7:59:03:6c:22:08:50:6a:c8:0e:65:
aa:15:e3:58:46:8e:a4:18:84:bd:8a:73:24:f4:d8:94:e5:f5:
f6:cd:22:25:87:f4:0c:6f:aa:64:01:fb:06:3c:42:17:7f:88:
55:24:ee:a1:f3:4c:4a:38:9d:61:b7:a3:f8:d7:84:3e:d0:01:
10:0c:61:be:a4:cf:84:dc:08:6b:3e:ea:8d:0c:fe:ff:6b:59:
a0:8d:89:49:39:cc:23:3d:5c:17:55:dc:f4:ae:2e:88:92:0d:
c9:3f:d3:86:95:40:16:ea:bd:ea:51:6e:5e:81:50:5f:4c:4d:
48:8d:e2:fd:4e:f8:17:c9:90:23:57:06:e8:f0:d2:ed:e4:a7:
07:c6:04:9e:22:91:82:4c:fc:eb:32:6c:2d:0a:b5:b3:64:fd:
b4:73:c2:a9:83:25:e8:ce:32:ed:58:76:e5:bb:60:c3:9d:56:
24:38:f0:86:01:5e:7a:2d:6f:6f:47:ec:4c:16:08:25:5c:e5:
cf:4b:d9:32:92:70:e7:47:05:41:56:6e:2a:a8:1f:36:0e:65:
60:3d:c3:f7:f8:0e:33:58:26:1a:be:87:c6:3c:85:de:d7:3a:
98:34:b1:93
-----BEGIN CERTIFICATE-----
MIIGmzCCBYOgAwIBAgISAYvda/Xkjkb1NqP4cw2rT49eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTE3MTMxNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWM5Yzg0ZTUzZDI5MzA3ZDgyNjZlMWJmMWNmYzAxODNiNzNlMzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbPwb1RgZtmnRIithcbsIDu9wMv0
cjA4vG/ziaRq9bee5hHpangwY9bO6Pou3ejHtjhidqtrl9ehW+Atf3HZKPG5i4qq
SlPkfQ4gZaf5Qqcl2r3hKycLW8RN9//ac+hpJqhPkJx3VnwmxYQK5aIbhqY0ShUL
ABh0Khi5saQrnKouzeGMkljfZeXo1DzoKsgGuvDZSEfZsbwrZBV/eKUgnbx6e9DS
b3DSMvtHsQntfV5FwalntPC4XxvrHSuigy2sPVp+sC6L0mA8Y9uwbYes6TSWcBLs
8LxPLmI1Eaefdd8YtmBak4DspmBajrxj1mzGmkcBk9A5qFy1yqFtIhK/hQIDAQAB
o4IDpzCCA6MwHQYDVR0OBBYEFLnJyE5T0pMH2CZuG/HPwBg7c+N2MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdWNuSVRsUFNrd2ZZSm00YjhjX0FHRHR6NDNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBuwYIKwYBBQUHAQcBAf8EggGqMIIBpjCCAaIEAgABMIIB
mgMEAAW0sgMEACVIiAMEACWM3gMEAC1WJQMEAC79hwMEAD4DBQMEAD4DOQMEAD5q
SgMEAD5qWwMEAD56vwMEAD7FgAMEAD7MPAMEAD7pIAMEAD7pJgMEAE6O8wMEAE9u
5AMEAE9u5gMEAFkmiAMEAFvRDAMEAFvy6QMEAFvy/AMEAFv2IAMEAFv2JQMEAFv2
PwMEAFv3rAMEAF6afgMEAJITHgMEAJITJAMEAJITKAMEAJITbgMEAJIThAMEAJIT
lwMEALBhwwMEALBhxgMEALBhyAMEALBh0wMEALB2IwMEALB+dwMEALmXkQMEALmh
ewMEALm42AMEALnqDwMEALnr4QMEALnr5AMEALn81QMEALzxnwMEALzx+AMEALz0
fgMEAcEDtAMEAMEDuwMEAMEmmgMEAcGjwAMEAMGjwwMEAMHJDAMEAMHJDgMEAMHd
0gMEAMIayAMEAMKWTAMEANQSZgMEANQSagMEANQYezAMAwQA1DQJAwQC1DQIAwQA
1W2VAwQA1W2cAwQA1W2fAwQA1a0lAwQA2XeHMA0GCSqGSIb3DQEBCwUAA4IBAQAy
r+P/MaYe5721IdY3l1mE1h3PhxH7RRhq11kDbCIIUGrIDmWqFeNYRo6kGIS9inMk
9NiU5fX2zSIlh/QMb6pkAfsGPEIXf4hVJO6h80xKOJ1ht6P414Q+0AEQDGG+pM+E
3AhrPuqNDP7/a1mgjYlJOcwjPVwXVdz0ri6Ikg3JP9OGlUAW6r3qUW5egVBfTE1I
jeL9TvgXyZAjVwbo8NLt5KcHxgSeIpGCTPzrMmwtCrWzZP20c8KpgyXozjLtWHbl
u2DDnVYkOPCGAV56LW9vR+xMFgglXOXPS9kyknDnRwVBVm4qqB82DmVgPcP3+A4z
WCYavofGPIXe1zqYNLGT
-----END CERTIFICATE-----
Generated at Mon Nov 20 10:07:46 2023 by rpki-client on console-ams.rpki-client.org