Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/tx0avVD3Z2jCzbTrpfCYbsZbiOA.roa
File: tx0avVD3Z2jCzbTrpfCYbsZbiOA.roa (raw, json)
Hash identifier: RvU8PmuaE79QykitU7JeY4uDAdUN5jR63xmBlJel1+4=
Subject key identifier: B7:1D:1A:BD:50:F7:67:68:C2:CD:B4:EB:A5:F0:98:6E:C6:5B:88:E0
Certificate issuer: /CN=85d0e763f935c171694f172056eb44209db2e2cd
Certificate serial: 018DF9D95D26DE1804C8B7B20F806A38CDEA
Authority key identifier: 85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/tx0avVD3Z2jCzbTrpfCYbsZbiOA.roa
Signing time: Fri 01 Mar 2024 11:49:48 +0000
ROA not before: Fri 01 Mar 2024 11:49:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15704
IP address blocks: 89.35.62.0/23 maxlen: 23
89.39.52.0/24 maxlen: 24
91.106.16.0/21 maxlen: 21
91.194.62.0/23 maxlen: 23
91.242.152.0/21 maxlen: 21
93.115.37.0/24 maxlen: 24
93.115.128.0/22 maxlen: 22
93.115.132.0/22 maxlen: 22
93.115.152.0/24 maxlen: 24
93.115.202.0/24 maxlen: 24
93.115.242.0/24 maxlen: 24
93.176.128.0/18 maxlen: 18
93.176.128.0/21 maxlen: 21
93.176.136.0/21 maxlen: 21
93.176.144.0/21 maxlen: 21
93.176.152.0/21 maxlen: 21
93.176.160.0/20 maxlen: 20
93.176.176.0/20 maxlen: 20
93.177.120.0/22 maxlen: 23
94.73.32.0/19 maxlen: 19
119.12.224.0/23 maxlen: 23
119.12.226.0/23 maxlen: 23
119.12.228.0/23 maxlen: 23
119.12.230.0/23 maxlen: 23
119.12.232.0/23 maxlen: 23
119.12.234.0/23 maxlen: 23
119.12.236.0/23 maxlen: 23
119.12.238.0/23 maxlen: 23
119.12.240.0/23 maxlen: 23
119.12.242.0/23 maxlen: 23
119.12.244.0/23 maxlen: 23
119.12.246.0/23 maxlen: 23
119.12.248.0/23 maxlen: 23
119.12.250.0/23 maxlen: 23
137.59.58.0/24 maxlen: 24
170.253.0.0/20 maxlen: 20
170.253.16.0/20 maxlen: 20
170.253.32.0/20 maxlen: 20
170.253.48.0/20 maxlen: 20
181.41.128.0/21 maxlen: 21
185.145.64.0/22 maxlen: 22
185.146.56.0/22 maxlen: 22
185.153.164.0/23 maxlen: 23
185.153.166.0/23 maxlen: 23
185.197.240.0/23 maxlen: 23
185.197.242.0/23 maxlen: 23
185.227.212.0/23 maxlen: 23
185.227.214.0/23 maxlen: 23
185.228.152.0/23 maxlen: 23
185.228.154.0/23 maxlen: 23
185.252.12.0/22 maxlen: 22
188.208.219.0/24 maxlen: 24
188.212.23.0/24 maxlen: 24
193.53.160.0/22 maxlen: 22
195.160.224.0/22 maxlen: 22
207.188.130.0/24 maxlen: 24
207.188.160.0/21 maxlen: 21
207.188.168.0/21 maxlen: 21
212.14.96.0/19 maxlen: 23
213.94.0.0/18 maxlen: 23
213.177.192.0/19 maxlen: 21
217.113.240.0/20 maxlen: 22
2a00:d100::/37 maxlen: 37
2a00:d100:800::/37 maxlen: 37
2a00:d100:1000::/37 maxlen: 37
2a00:d100:1800::/37 maxlen: 37
2a00:d100:2000::/37 maxlen: 37
2a00:d100:2800::/37 maxlen: 37
2a00:d100:3000::/37 maxlen: 37
2a00:d100:3800::/37 maxlen: 37
2a00:d100:4000::/37 maxlen: 37
2a00:d100:4800::/37 maxlen: 37
2a00:d100:5000::/37 maxlen: 37
2a00:d100:5800::/37 maxlen: 37
2a00:d100:6000::/37 maxlen: 37
2a00:d100:6800::/37 maxlen: 37
2a00:d101::/37 maxlen: 37
2a00:d101:800::/37 maxlen: 37
2a00:d101:1000::/37 maxlen: 37
2a00:d101:1800::/37 maxlen: 37
2a00:d101:2000::/37 maxlen: 37
2a00:d101:2800::/37 maxlen: 37
2a00:d101:3000::/37 maxlen: 37
2a00:d101:4000::/37 maxlen: 37
2a00:d101:4800::/37 maxlen: 37
2a00:d102::/37 maxlen: 37
2a00:d102:800::/37 maxlen: 37
2a00:d102:1000::/37 maxlen: 37
2a00:d102:1800::/37 maxlen: 37
2a00:d102:2000::/37 maxlen: 37
2a00:d102:2800::/37 maxlen: 37
2a00:d103::/37 maxlen: 37
2a00:d103:800::/37 maxlen: 37
2a00:d103:1000::/37 maxlen: 37
2a00:d103:1800::/37 maxlen: 37
2a00:d103:2000::/37 maxlen: 37
2a00:d103:2800::/37 maxlen: 37
2a01:8480::/32 maxlen: 32
2a01:8480:2004::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 15 Apr 2024 07:47:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:d9:5d:26:de:18:04:c8:b7:b2:0f:80:6a:38:cd:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85d0e763f935c171694f172056eb44209db2e2cd
Validity
Not Before: Mar 1 11:49:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b71d1abd50f76768c2cdb4eba5f0986ec65b88e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e9:ba:8c:84:83:63:c5:13:ff:7b:27:17:fe:
d2:81:13:4b:2a:ca:d7:52:09:0a:4c:25:2e:1f:a8:
7b:18:15:87:42:11:a0:ef:fa:c9:ad:9b:cb:33:bd:
73:98:3a:37:2d:7f:48:6c:fb:bf:b8:00:2e:a7:69:
d0:78:21:aa:74:e8:25:8a:f1:d3:a5:78:71:50:66:
2a:bf:8d:47:1f:5b:88:e5:f8:4b:a4:3a:c7:f3:f7:
dd:72:27:f5:85:85:59:0d:71:d2:a8:f3:e4:1d:ac:
27:2a:b8:a3:8c:84:e0:82:67:e3:6f:0e:39:03:65:
3e:39:95:e1:b0:db:50:38:59:67:e2:ae:7a:b2:98:
6f:06:55:69:31:ff:86:b8:d5:cb:42:9c:ce:5b:51:
1a:4e:97:b4:fc:fa:cf:c7:a1:65:84:d6:44:14:b2:
f2:da:9a:23:eb:15:3e:d5:dd:7c:ff:eb:43:6b:0f:
06:06:5e:90:e0:82:62:34:a0:b5:8b:42:34:ee:75:
7d:74:bf:bd:02:f9:83:9a:79:06:c4:c8:57:cf:63:
82:cd:2f:56:c4:0e:d2:b1:97:9b:d9:0f:b8:2a:f9:
e3:71:61:90:c9:d6:8d:59:ba:d8:be:83:45:47:59:
14:8e:6e:b8:ab:4e:ec:6b:11:6b:24:d2:ae:07:95:
38:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:1D:1A:BD:50:F7:67:68:C2:CD:B4:EB:A5:F0:98:6E:C6:5B:88:E0
X509v3 Authority Key Identifier:
keyid:85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/tx0avVD3Z2jCzbTrpfCYbsZbiOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.62.0/23
89.39.52.0/24
91.106.16.0/21
91.194.62.0/23
91.242.152.0/21
93.115.37.0/24
93.115.128.0/21
93.115.152.0/24
93.115.202.0/24
93.115.242.0/24
93.176.128.0/18
93.177.120.0/22
94.73.32.0/19
119.12.224.0-119.12.251.255
137.59.58.0/24
170.253.0.0/18
181.41.128.0/21
185.145.64.0/22
185.146.56.0/22
185.153.164.0/22
185.197.240.0/22
185.227.212.0/22
185.228.152.0/22
185.252.12.0/22
188.208.219.0/24
188.212.23.0/24
193.53.160.0/22
195.160.224.0/22
207.188.130.0/24
207.188.160.0/20
212.14.96.0/19
213.94.0.0/18
213.177.192.0/19
217.113.240.0/20
IPv6:
2a00:d100::-2a00:d100:6fff:ffff:ffff:ffff:ffff:ffff
2a00:d101::-2a00:d101:37ff:ffff:ffff:ffff:ffff:ffff
2a00:d101:4000::/36
2a00:d102::-2a00:d102:2fff:ffff:ffff:ffff:ffff:ffff
2a00:d103::-2a00:d103:2fff:ffff:ffff:ffff:ffff:ffff
2a01:8480::/32
Signature Algorithm: sha256WithRSAEncryption
2f:f7:70:0f:78:c1:5e:ce:18:ae:2a:85:ed:aa:f9:f3:5a:fb:
78:aa:ba:fb:f1:b4:fa:d5:d4:a8:db:3f:93:ce:f8:73:79:59:
1f:bf:23:93:d0:1c:1c:e3:9c:17:54:e3:45:9f:b6:c0:74:96:
e0:c8:74:a7:d6:9f:03:80:55:05:7d:d8:06:12:39:d7:05:be:
16:7f:36:f3:97:b3:3a:4d:30:3d:76:a7:15:79:92:7d:d8:14:
c4:ae:72:60:39:d2:da:64:1d:6a:5d:b5:af:a6:f0:06:d0:34:
4b:95:de:ac:a6:e4:4a:99:2e:dd:83:2f:f9:54:60:63:ba:9f:
b6:d7:99:15:ca:2f:2a:e1:71:34:74:a0:14:3e:cb:14:c1:de:
18:79:88:54:a7:81:b9:72:0a:e8:1a:f0:1c:09:77:6d:27:28:
94:0c:02:6b:b3:1b:54:86:c7:32:09:d3:5c:1f:fb:e8:ee:6e:
17:8d:67:a9:6b:0e:6c:bc:23:03:5a:e3:f4:00:58:cf:94:ce:
44:a5:e8:7b:32:aa:56:6f:ad:c8:2c:58:dd:8f:dd:ff:e4:87:
15:04:12:62:fc:2f:35:11:f1:b0:4a:63:d4:22:b7:e1:3c:57:
48:43:83:fe:7e:ea:c2:fb:d0:1a:99:3a:bf:97:cc:4e:46:cc:
29:6e:e3:2b
-----BEGIN CERTIFICATE-----
MIIGLTCCBRWgAwIBAgISAY352V0m3hgEyLeyD4BqOM3qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZDBlNzYzZjkzNWMxNzE2OTRmMTcyMDU2ZWI0NDIwOWRi
MmUyY2QwHhcNMjQwMzAxMTE0OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzFkMWFiZDUwZjc2NzY4YzJjZGI0ZWJhNWYwOTg2ZWM2NWI4OGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+m6jISDY8UT/3snF/7SgRNLKsrX
UgkKTCUuH6h7GBWHQhGg7/rJrZvLM71zmDo3LX9IbPu/uAAup2nQeCGqdOglivHT
pXhxUGYqv41HH1uI5fhLpDrH8/fdcif1hYVZDXHSqPPkHawnKrijjITggmfjbw45
A2U+OZXhsNtQOFln4q56sphvBlVpMf+GuNXLQpzOW1EaTpe0/PrPx6FlhNZEFLLy
2poj6xU+1d18/+tDaw8GBl6Q4IJiNKC1i0I07nV9dL+9AvmDmnkGxMhXz2OCzS9W
xA7SsZeb2Q+4KvnjcWGQydaNWbrYvoNFR1kUjm64q07saxFrJNKuB5U4zQIDAQAB
o4IDOTCCAzUwHQYDVR0OBBYEFLcdGr1Q92dows2066XwmG7GW4jgMB8GA1UdIwQY
MBaAFIXQ52P5NcFxaU8XIFbrRCCdsuLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2Qt
ZjEyODM1ZjAyNDdiLzEvdHgwYXZWRDNaMmpDemJUcnBmQ1lic1piaU9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2QtZjEyODM1ZjAyNDdi
LzEvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBTQYIKwYBBQUHAQcBAf8EggE8MIIBODCB2wQCAAEwgdQD
BAFZIz4DBABZJzQDBANbahADBAFbwj4DBANb8pgDBABdcyUDBANdc4ADBABdc5gD
BABdc8oDBABdc/IDBAZdsIADBAJdsXgDBAVeSSAwDAMEBXcM4AMEAncM+AMEAIk7
OgMEBqr9AAMEA7UpgAMEArmRQAMEArmSOAMEArmZpAMEArnF8AMEArnj1AMEArnk
mAMEArn8DAMEALzQ2wMEALzUFwMEAsE1oAMEAsOg4AMEAM+8ggMEBM+8oAMEBdQO
YAMEBtVeAAMEBdWxwAMEBNlx8DBYBAIAAjBSMA4DBAAqANEDBgQqANEAYDAPAwUA
KgDRAQMGAyoA0QEwAwYEKgDRAUAwDwMFASoA0QIDBgQqANECIDAPAwUAKgDRAwMG
BCoA0QMgAwUAKgGEgDANBgkqhkiG9w0BAQsFAAOCAQEAL/dwD3jBXs4YriqF7ar5
81r7eKq6+/G0+tXUqNs/k874c3lZH78jk9AcHOOcF1TjRZ+2wHSW4Mh0p9afA4BV
BX3YBhI51wW+Fn8285ezOk0wPXanFXmSfdgUxK5yYDnS2mQdal21r6bwBtA0S5Xe
rKbkSpku3YMv+VRgY7qftteZFcovKuFxNHSgFD7LFMHeGHmIVKeBuXIK6BrwHAl3
bScolAwCa7MbVIbHMgnTXB/76O5uF41nqWsObLwjA1rj9ABYz5TORKXoezKqVm+t
yCxY3Y/d/+SHFQQSYvwvNRHxsEpj1CK34TxXSEOD/n7qwvvQGpk6v5fMTkbMKW7j
Kw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:12 2024 by rpki-client on console-fra.rpki-client.org