Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/887VdFabJGla5jTgqZP7-PoM-jE.roa
File: 887VdFabJGla5jTgqZP7-PoM-jE.roa (raw, json)
Hash identifier: duMd6gNCwWt6R9jRJkyqOBNXGVA38wptQzFiEZlS9Ks=
Subject key identifier: F3:CE:D5:74:56:9B:24:69:5A:E6:34:E0:A9:93:FB:F8:FA:0C:FA:31
Certificate issuer: /CN=0526b03c717184c3680817e55e2455f85d73a413
Certificate serial: 01856C9CC32D3B3B939676244B7C57D96F0F
Authority key identifier: 05:26:B0:3C:71:71:84:C3:68:08:17:E5:5E:24:55:F8:5D:73:A4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/887VdFabJGla5jTgqZP7-PoM-jE.roa
Signing time: Sun 01 Jan 2023 09:14:50 +0000
ROA not before: Sun 01 Jan 2023 09:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49453
IP address blocks: 134.19.177.0/24 maxlen: 24
134.19.176.0/24 maxlen: 24
134.19.179.0/24 maxlen: 24
134.19.178.0/24 maxlen: 24
134.19.186.0/24 maxlen: 24
134.19.185.0/24 maxlen: 24
134.19.184.0/24 maxlen: 24
134.19.183.0/24 maxlen: 24
134.19.182.0/24 maxlen: 24
134.19.181.0/24 maxlen: 24
134.19.180.0/24 maxlen: 24
134.19.190.0/23 maxlen: 23
134.19.189.0/24 maxlen: 24
134.19.188.0/24 maxlen: 24
134.19.187.0/24 maxlen: 24
37.123.210.0/24 maxlen: 24
45.133.250.0/24 maxlen: 24
213.152.166.0/24 maxlen: 24
213.152.165.0/24 maxlen: 24
213.152.164.0/24 maxlen: 24
213.152.163.0/24 maxlen: 24
213.152.162.0/24 maxlen: 24
213.152.161.0/24 maxlen: 24
213.152.160.0/24 maxlen: 24
213.152.172.0/24 maxlen: 24
213.152.171.0/24 maxlen: 24
213.152.170.0/24 maxlen: 24
213.152.169.0/24 maxlen: 24
213.152.168.0/24 maxlen: 24
213.152.167.0/24 maxlen: 24
213.152.177.0/24 maxlen: 24
213.152.176.0/24 maxlen: 24
213.152.174.0/24 maxlen: 24
213.152.173.0/24 maxlen: 24
213.152.186.0/24 maxlen: 24
213.152.185.0/24 maxlen: 24
213.152.184.0/24 maxlen: 24
213.152.183.0/24 maxlen: 24
213.152.181.0/24 maxlen: 24
213.152.180.0/24 maxlen: 24
213.152.188.0/22 maxlen: 22
213.152.189.0/24 maxlen: 24
213.152.188.0/24 maxlen: 24
213.152.187.0/24 maxlen: 24
188.95.51.0/24 maxlen: 24
188.95.49.0/24 maxlen: 24
188.95.53.0/24 maxlen: 24
188.95.52.0/24 maxlen: 24
185.23.212.0/22 maxlen: 22
109.202.98.0/24 maxlen: 24
185.23.214.0/24 maxlen: 24
109.202.104.0/24 maxlen: 24
109.202.103.0/24 maxlen: 24
109.202.102.0/24 maxlen: 24
109.202.101.0/24 maxlen: 24
109.202.100.0/24 maxlen: 24
109.202.99.0/24 maxlen: 24
109.202.111.0/24 maxlen: 24
109.202.110.0/24 maxlen: 24
109.202.109.0/24 maxlen: 24
109.202.108.0/24 maxlen: 24
109.202.107.0/24 maxlen: 24
109.202.106.0/24 maxlen: 24
109.232.225.0/24 maxlen: 24
109.232.224.0/24 maxlen: 24
109.232.231.0/24 maxlen: 24
109.232.230.0/24 maxlen: 24
109.232.229.0/24 maxlen: 24
109.232.228.0/24 maxlen: 24
109.232.227.0/24 maxlen: 24
2a00:1678:1337::/48 maxlen: 48
2a00:1678:2470::/48 maxlen: 48
2a00:1678:b00b::/48 maxlen: 48
2a00:1678:baba::/48 maxlen: 48
2a00:1678:da7a::/48 maxlen: 48
2a00:1678:3cc0::/48 maxlen: 48
2a00:1678:dea1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:c3:2d:3b:3b:93:96:76:24:4b:7c:57:d9:6f:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0526b03c717184c3680817e55e2455f85d73a413
Validity
Not Before: Jan 1 09:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3ced574569b24695ae634e0a993fbf8fa0cfa31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:2b:b9:96:05:27:81:eb:7d:7b:5d:80:ef:c6:
dd:38:d8:45:cd:b9:4e:76:b3:60:9e:df:8b:ae:18:
65:1a:d0:ee:95:94:5c:fb:f6:10:f4:27:8f:5f:c2:
da:44:ae:73:88:0c:c4:c2:60:01:d1:e5:5c:a2:86:
94:47:1b:6d:97:74:06:5b:2d:d0:7d:29:e8:ae:2b:
4d:79:6b:41:a5:78:6b:6d:6e:ad:8e:94:f6:9d:54:
51:e0:3a:7c:38:80:e8:bf:a9:0c:d6:2d:29:6f:a2:
80:29:1f:9b:30:60:5a:3e:8c:b3:84:55:95:01:b1:
c6:a7:8f:fe:65:0e:72:60:c3:56:b1:9a:36:0e:8b:
ef:75:54:42:8d:e6:8a:a7:84:cf:8b:51:a6:5a:87:
92:b0:b2:de:3b:21:6b:ec:61:32:9d:f7:96:84:d6:
cf:48:7f:e4:8b:bf:57:0b:b3:64:2d:4c:b0:55:d2:
4c:d1:ce:ca:08:1f:f2:fa:bf:24:aa:57:a4:97:b8:
ca:98:60:87:12:f6:26:ec:f1:60:23:c7:d3:30:1d:
07:8b:a3:07:64:a4:d3:0f:d3:fc:57:5a:70:4a:0d:
f8:5c:1f:10:0e:71:3b:b4:fd:4c:7e:ad:52:f3:4f:
f5:2c:8f:fb:97:47:7e:d9:bf:49:88:fc:53:6f:aa:
8a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:CE:D5:74:56:9B:24:69:5A:E6:34:E0:A9:93:FB:F8:FA:0C:FA:31
X509v3 Authority Key Identifier:
keyid:05:26:B0:3C:71:71:84:C3:68:08:17:E5:5E:24:55:F8:5D:73:A4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/887VdFabJGla5jTgqZP7-PoM-jE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/BSawPHFxhMNoCBflXiRV-F1zpBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.123.210.0/24
45.133.250.0/24
109.202.98.0-109.202.104.255
109.202.106.0-109.202.111.255
109.232.224.0/23
109.232.227.0-109.232.231.255
134.19.176.0/20
185.23.212.0/22
188.95.49.0/24
188.95.51.0-188.95.53.255
213.152.160.0-213.152.174.255
213.152.176.0/23
213.152.180.0/23
213.152.183.0-213.152.191.255
IPv6:
2a00:1678:1337::/48
2a00:1678:2470::/48
2a00:1678:3cc0::/48
2a00:1678:b00b::/48
2a00:1678:baba::/48
2a00:1678:da7a::/48
2a00:1678:dea1::/48
Signature Algorithm: sha256WithRSAEncryption
9e:68:e0:1e:1b:ba:f4:c2:99:74:4a:63:62:6b:d9:89:87:36:
0a:de:cf:3c:5b:4b:d3:17:f1:db:e4:88:7d:73:d7:df:14:25:
b9:01:3e:a1:74:53:db:3d:8e:b6:f6:d3:75:1c:82:e7:1e:a8:
ec:8f:b1:ef:bc:43:9b:6f:86:c0:96:7e:48:3f:c2:16:df:96:
2a:3d:26:ad:93:97:ef:d9:f3:3a:fe:bf:37:c0:5b:ef:3c:93:
9e:44:c8:39:3c:de:a1:d9:20:d3:91:fc:b5:e4:ce:aa:44:ee:
22:af:ad:95:11:0c:a1:72:54:8c:fd:46:17:42:6b:b5:cc:95:
56:70:25:3e:b1:b2:d2:2e:85:0a:87:61:d4:b8:20:c0:58:c8:
56:a8:e1:6f:cb:62:9a:1e:d4:b2:f9:9a:5a:ae:23:4d:92:ff:
3f:79:39:a1:4a:05:96:a9:23:59:3d:b6:ad:34:84:d8:3a:4f:
5a:57:08:c4:a4:64:73:c8:94:57:dd:63:a4:6f:95:0a:7b:69:
13:0a:dc:91:e0:3d:97:cb:8e:be:4e:be:52:60:7e:7d:5a:bd:
a7:68:19:8d:0e:8f:22:bd:22:63:75:5c:7f:19:16:8c:4a:6f:
39:e0:5a:69:69:55:23:59:4d:43:ca:b4:f0:eb:10:16:b1:53:
4b:56:cb:89
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAYVsnMMtOzuTlnYkS3xX2W8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MjZiMDNjNzE3MTg0YzM2ODA4MTdlNTVlMjQ1NWY4NWQ3
M2E0MTMwHhcNMjMwMTAxMDkxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2NlZDU3NDU2OWIyNDY5NWFlNjM0ZTBhOTkzZmJmOGZhMGNmYTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiu5lgUnget9e12A78bdONhFzblO
drNgnt+LrhhlGtDulZRc+/YQ9CePX8LaRK5ziAzEwmAB0eVcooaURxttl3QGWy3Q
fSnoritNeWtBpXhrbW6tjpT2nVRR4Dp8OIDov6kM1i0pb6KAKR+bMGBaPoyzhFWV
AbHGp4/+ZQ5yYMNWsZo2DovvdVRCjeaKp4TPi1GmWoeSsLLeOyFr7GEynfeWhNbP
SH/ki79XC7NkLUywVdJM0c7KCB/y+r8kqlekl7jKmGCHEvYm7PFgI8fTMB0Hi6MH
ZKTTD9P8V1pwSg34XB8QDnE7tP1Mfq1S80/1LI/7l0d+2b9JiPxTb6qKSQIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFPPO1XRWmyRpWuY04KmT+/j6DPoxMB8GA1UdIwQY
MBaAFAUmsDxxcYTDaAgX5V4kVfhdc6QTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlNhd1BIRnhoTU5vQ0JmbFhpUlYtRjF6cEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9hMzM4M2EtMDRlYi00M2Y4LWE5NTMt
M2JmMDRhMmE5M2Q4LzEvODg3VmRGYWJKR2xhNWpUZ3FaUDctUG9NLWpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9hMzM4M2EtMDRlYi00M2Y4LWE5NTMtM2JmMDRhMmE5M2Q4
LzEvQlNhd1BIRnhoTU5vQ0JmbFhpUlYtRjF6cEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TCBiwQCAAEwgYQDBAAl
e9IDBAAthfowDAMEAW3KYgMEAG3KaDAMAwQBbcpqAwQEbcpgAwQBbejgMAwDBABt
6OMDBANt6OADBASGE7ADBAK5F9QDBAC8XzEwDAMEALxfMwMEAbxfNDAMAwQF1Zig
AwQA1ZiuAwQB1ZiwAwQB1Zi0MAwDBADVmLcDBAbVmIAwRQQCAAIwPwMHACoAFngT
NwMHACoAFngkcAMHACoAFng8wAMHACoAFniwCwMHACoAFni6ugMHACoAFnjaegMH
ACoAFnjeoTANBgkqhkiG9w0BAQsFAAOCAQEAnmjgHhu69MKZdEpjYmvZiYc2Ct7P
PFtL0xfx2+SIfXPX3xQluQE+oXRT2z2OtvbTdRyC5x6o7I+x77xDm2+GwJZ+SD/C
Ft+WKj0mrZOX79nzOv6/N8Bb7zyTnkTIOTzeodkg05H8teTOqkTuIq+tlREMoXJU
jP1GF0JrtcyVVnAlPrGy0i6FCodh1LggwFjIVqjhb8timh7UsvmaWq4jTZL/P3k5
oUoFlqkjWT22rTSE2DpPWlcIxKRkc8iUV91jpG+VCntpEwrckeA9l8uOvk6+UmB+
fVq9p2gZjQ6PIr0iY3VcfxkWjEpvOeBaaWlVI1lNQ8q08OsQFrFTS1bLiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:46 2024 by rpki-client on console-ams.rpki-client.org