Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/z3BN9TqpzumfBL7VkFaJX4p7lPc.roa
File: z3BN9TqpzumfBL7VkFaJX4p7lPc.roa (raw, json)
Hash identifier: cGAJ7DtrBH5sM2ZGVPBlNM73hkrub9rKUQN4aR7oZUE=
Subject key identifier: CF:70:4D:F5:3A:A9:CE:E9:9F:04:BE:D5:90:56:89:5F:8A:7B:94:F7
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018F3A06D394E762972FC5B9F2C9CDC107F1
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/z3BN9TqpzumfBL7VkFaJX4p7lPc.roa
Signing time: Thu 02 May 2024 15:57:56 +0000
ROA not before: Thu 02 May 2024 15:57:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201942
IP address blocks: 31.170.100.0/22 maxlen: 24
45.81.152.0/22 maxlen: 24
45.90.238.0/24 maxlen: 24
45.137.160.0/22 maxlen: 24
45.147.104.0/22 maxlen: 24
45.147.116.0/22 maxlen: 24
45.159.76.0/22 maxlen: 24
81.21.228.0/22 maxlen: 24
85.115.192.0/22 maxlen: 24
88.135.64.0/22 maxlen: 24
91.235.40.0/24 maxlen: 24
91.235.41.0/24 maxlen: 24
91.238.239.0/24 maxlen: 24
92.60.35.0/24 maxlen: 24
93.92.228.0/22 maxlen: 24
93.189.120.0/24 maxlen: 24
93.189.123.0/24 maxlen: 24
95.214.144.0/22 maxlen: 24
109.230.194.0/24 maxlen: 24
109.230.250.0/24 maxlen: 24
185.91.108.0/22 maxlen: 24
185.105.12.0/22 maxlen: 24
185.105.232.0/22 maxlen: 24
185.106.124.0/22 maxlen: 24
185.107.152.0/22 maxlen: 24
185.118.52.0/23 maxlen: 23
185.118.54.0/23 maxlen: 23
185.119.48.0/22 maxlen: 24
185.128.52.0/22 maxlen: 24
185.129.104.0/22 maxlen: 24
185.150.78.0/23 maxlen: 24
185.163.168.0/22 maxlen: 24
185.163.232.0/22 maxlen: 24
185.166.172.0/22 maxlen: 24
185.175.152.0/22 maxlen: 24
185.176.188.0/22 maxlen: 24
185.179.228.0/22 maxlen: 24
185.179.232.0/22 maxlen: 24
185.189.64.0/22 maxlen: 24
185.196.40.0/22 maxlen: 24
185.196.42.0/24 maxlen: 24
185.196.43.0/24 maxlen: 24
185.197.216.0/22 maxlen: 24
185.199.44.0/22 maxlen: 24
185.199.55.0/24 maxlen: 24
185.200.228.0/22 maxlen: 24
185.201.152.0/22 maxlen: 24
185.202.204.0/22 maxlen: 24
185.204.108.0/24 maxlen: 24
185.204.244.0/22 maxlen: 24
185.212.84.0/22 maxlen: 24
185.216.28.0/22 maxlen: 24
185.217.12.0/22 maxlen: 24
185.218.16.0/22 maxlen: 24
185.220.240.0/22 maxlen: 24
185.221.16.0/22 maxlen: 24
185.222.188.0/22 maxlen: 24
185.223.220.0/22 maxlen: 24
185.224.184.0/22 maxlen: 24
185.224.220.0/22 maxlen: 24
185.226.8.0/22 maxlen: 24
185.226.28.0/22 maxlen: 24
185.227.176.0/22 maxlen: 24
185.227.204.0/24 maxlen: 24
185.230.48.0/22 maxlen: 24
185.232.8.0/22 maxlen: 24
185.239.252.0/22 maxlen: 24
185.239.252.0/24 maxlen: 24
185.239.253.0/24 maxlen: 24
185.239.255.0/24 maxlen: 24
185.245.32.0/23 maxlen: 23
185.247.4.0/24 maxlen: 24
193.17.180.0/22 maxlen: 24
193.17.180.0/24 maxlen: 24
193.17.182.0/24 maxlen: 24
193.26.152.0/22 maxlen: 24
193.35.88.0/22 maxlen: 24
193.105.66.0/24 maxlen: 24
194.35.40.0/24 maxlen: 24
194.38.56.0/22 maxlen: 24
194.41.116.0/22 maxlen: 24
194.41.118.0/24 maxlen: 24
195.182.13.0/24 maxlen: 24
212.80.208.0/22 maxlen: 24
212.115.44.0/22 maxlen: 24
213.232.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Oct 2024 16:11:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3a:06:d3:94:e7:62:97:2f:c5:b9:f2:c9:cd:c1:07:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 2 15:57:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf704df53aa9cee99f04bed59056895f8a7b94f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4a:88:60:c4:c9:9c:93:d6:90:26:3a:2e:c4:
f7:ce:a2:55:cc:8f:a1:c1:34:31:32:3c:1a:8b:83:
4d:7b:a3:1f:07:6c:f1:56:55:6b:be:1b:48:93:a3:
54:1f:5c:bb:77:1b:4e:ff:71:1b:f2:c2:3e:05:85:
11:4c:1e:9c:3a:06:e2:03:6e:20:18:7f:e3:eb:17:
13:16:99:75:16:5a:ec:b1:03:ec:e5:0a:23:bb:14:
b1:17:71:06:91:da:ab:a3:35:3e:d4:b6:ab:74:5d:
86:4d:8b:e3:5e:60:80:01:ea:02:41:ad:8e:68:c8:
d2:39:75:a9:ea:78:80:6c:78:07:bb:73:1a:e1:a6:
c6:cb:b5:a0:5a:8c:0f:1d:0e:86:79:9a:01:94:a5:
e9:db:29:ff:1e:15:56:33:35:9b:dd:6c:47:97:75:
e5:78:97:7d:d5:32:ae:cc:d1:1f:df:25:d2:12:c9:
90:5c:47:be:ac:8f:dd:53:15:66:ad:50:ed:04:80:
0c:c0:d9:20:e4:d6:17:bf:f6:bb:e0:e5:74:54:99:
6a:46:4e:0f:b7:a4:fd:49:8b:64:7d:17:55:b5:de:
9c:2c:e3:7a:84:e5:e6:9a:90:03:0b:29:39:a2:d4:
40:c1:ff:52:23:76:e5:8a:47:f8:8c:87:c0:53:77:
58:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:70:4D:F5:3A:A9:CE:E9:9F:04:BE:D5:90:56:89:5F:8A:7B:94:F7
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/z3BN9TqpzumfBL7VkFaJX4p7lPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.100.0/22
45.81.152.0/22
45.90.238.0/24
45.137.160.0/22
45.147.104.0/22
45.147.116.0/22
45.159.76.0/22
81.21.228.0/22
85.115.192.0/22
88.135.64.0/22
91.235.40.0/23
91.238.239.0/24
92.60.35.0/24
93.92.228.0/22
93.189.120.0/24
93.189.123.0/24
95.214.144.0/22
109.230.194.0/24
109.230.250.0/24
185.91.108.0/22
185.105.12.0/22
185.105.232.0/22
185.106.124.0/22
185.107.152.0/22
185.118.52.0/22
185.119.48.0/22
185.128.52.0/22
185.129.104.0/22
185.150.78.0/23
185.163.168.0/22
185.163.232.0/22
185.166.172.0/22
185.175.152.0/22
185.176.188.0/22
185.179.228.0-185.179.235.255
185.189.64.0/22
185.196.40.0/22
185.197.216.0/22
185.199.44.0/22
185.199.55.0/24
185.200.228.0/22
185.201.152.0/22
185.202.204.0/22
185.204.108.0/24
185.204.244.0/22
185.212.84.0/22
185.216.28.0/22
185.217.12.0/22
185.218.16.0/22
185.220.240.0/22
185.221.16.0/22
185.222.188.0/22
185.223.220.0/22
185.224.184.0/22
185.224.220.0/22
185.226.8.0/22
185.226.28.0/22
185.227.176.0/22
185.227.204.0/24
185.230.48.0/22
185.232.8.0/22
185.239.252.0/22
185.245.32.0/23
185.247.4.0/24
193.17.180.0/22
193.26.152.0/22
193.35.88.0/22
193.105.66.0/24
194.35.40.0/24
194.38.56.0/22
194.41.116.0/22
195.182.13.0/24
212.80.208.0/22
212.115.44.0/22
213.232.232.0/24
Signature Algorithm: sha256WithRSAEncryption
07:d7:34:f7:6a:c4:cc:a1:05:1a:2d:1f:04:12:fb:f9:88:12:
6a:a4:0f:b4:75:6f:cb:43:33:4b:42:90:ea:7e:a6:93:90:8c:
43:42:92:11:aa:a4:7b:ad:ba:ad:6e:0a:cd:e0:4e:91:36:b4:
e5:63:4b:d7:eb:18:e0:f1:ad:41:b7:4c:39:f4:74:0a:59:1b:
85:92:39:1a:f6:d7:42:cc:6b:39:d2:ae:02:ee:71:e2:2b:87:
9b:fe:c6:85:a5:30:ab:e3:fb:6e:64:02:3a:ee:a7:ff:78:a4:
34:a9:ad:15:1d:c0:44:e2:cc:28:df:dd:96:0e:4e:35:a5:ae:
cc:14:9d:9f:9f:0a:1e:70:0e:24:af:98:ea:67:ab:0b:b7:4c:
fb:28:e6:46:27:70:14:36:18:51:f9:f6:6a:65:78:17:18:4a:
88:a0:f4:3d:8f:96:af:14:f0:9d:83:62:2e:53:d6:f5:3a:af:
5b:4b:a3:f8:db:48:50:ac:da:86:b9:b2:c6:f3:25:1f:12:1a:
ba:51:8f:48:1c:8a:7a:4c:0d:08:3d:41:0f:5b:53:10:fe:2d:
59:74:3b:29:dc:6f:4f:64:48:56:37:9b:29:2d:8c:0b:e9:a4:
a7:5d:3f:35:a2:59:00:cf:27:a5:30:21:d7:21:7a:89:d0:62:
83:77:86:7e
-----BEGIN CERTIFICATE-----
MIIGyzCCBbOgAwIBAgISAY86BtOU52KXL8W58snNwQfxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNTAyMTU1NzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjcwNGRmNTNhYTljZWU5OWYwNGJlZDU5MDU2ODk1ZjhhN2I5NGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEqIYMTJnJPWkCY6LsT3zqJVzI+h
wTQxMjwai4NNe6MfB2zxVlVrvhtIk6NUH1y7dxtO/3Eb8sI+BYURTB6cOgbiA24g
GH/j6xcTFpl1FlrssQPs5QojuxSxF3EGkdqrozU+1LardF2GTYvjXmCAAeoCQa2O
aMjSOXWp6niAbHgHu3Ma4abGy7WgWowPHQ6GeZoBlKXp2yn/HhVWMzWb3WxHl3Xl
eJd91TKuzNEf3yXSEsmQXEe+rI/dUxVmrVDtBIAMwNkg5NYXv/a74OV0VJlqRk4P
t6T9SYtkfRdVtd6cLON6hOXmmpADCyk5otRAwf9SI3blikf4jIfAU3dYAQIDAQAB
o4ID1zCCA9MwHQYDVR0OBBYEFM9wTfU6qc7pnwS+1ZBWiV+Ke5T3MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvejNCTjlUcXB6dW1mQkw3VmtGYUpYNHA3bFBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB6wYIKwYBBQUHAQcBAf8EggHaMIIB1jCCAdIEAgABMIIB
ygMEAh+qZAMEAi1RmAMEAC1a7gMEAi2JoAMEAi2TaAMEAi2TdAMEAi2fTAMEAlEV
5AMEAlVzwAMEAliHQAMEAVvrKAMEAFvu7wMEAFw8IwMEAl1c5AMEAF29eAMEAF29
ewMEAl/WkAMEAG3mwgMEAG3m+gMEArlbbAMEArlpDAMEArlp6AMEArlqfAMEArlr
mAMEArl2NAMEArl3MAMEArmANAMEArmBaAMEAbmWTgMEArmjqAMEArmj6AMEArmm
rAMEArmvmAMEArmwvDAMAwQCubPkAwQCubPoAwQCub1AAwQCucQoAwQCucXYAwQC
uccsAwQAucc3AwQCucjkAwQCucmYAwQCucrMAwQAucxsAwQCucz0AwQCudRUAwQC
udgcAwQCudkMAwQCudoQAwQCudzwAwQCud0QAwQCud68AwQCud/cAwQCueC4AwQC
ueDcAwQCueIIAwQCueIcAwQCueOwAwQAuePMAwQCueYwAwQCuegIAwQCue/8AwQB
ufUgAwQAufcEAwQCwRG0AwQCwRqYAwQCwSNYAwQAwWlCAwQAwiMoAwQCwiY4AwQC
wil0AwQAw7YNAwQC1FDQAwQC1HMsAwQA1ejoMA0GCSqGSIb3DQEBCwUAA4IBAQAH
1zT3asTMoQUaLR8EEvv5iBJqpA+0dW/LQzNLQpDqfqaTkIxDQpIRqqR7rbqtbgrN
4E6RNrTlY0vX6xjg8a1Bt0w59HQKWRuFkjka9tdCzGs50q4C7nHiK4eb/saFpTCr
4/tuZAI67qf/eKQ0qa0VHcBE4swo392WDk41pa7MFJ2fnwoecA4kr5jqZ6sLt0z7
KOZGJ3AUNhhR+fZqZXgXGEqIoPQ9j5avFPCdg2IuU9b1Oq9bS6P420hQrNqGubLG
8yUfEhq6UY9IHIp6TA0IPUEPW1MQ/i1ZdDsp3G9PZEhWN5spLYwL6aSnXT81olkA
zyelMCHXIXqJ0GKDd4Z+
-----END CERTIFICATE-----
Generated at Wed Oct 2 19:58:41 2024 by rpki-client on console-ams.rpki-client.org