Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/_ER_8y4dXPJizS26JE1WloLifTY.roa
File: _ER_8y4dXPJizS26JE1WloLifTY.roa (raw, json)
Hash identifier: LDBXeRINB4ctDhhfrcGsblG+oQngVy2Ur77ATu2mO0E=
Subject key identifier: FC:44:7F:F3:2E:1D:5C:F2:62:CD:2D:BA:24:4D:56:96:82:E2:7D:36
Certificate issuer: /CN=0526b03c717184c3680817e55e2455f85d73a413
Certificate serial: 018CC3B7156DF95608A6148E670217192FF7
Authority key identifier: 05:26:B0:3C:71:71:84:C3:68:08:17:E5:5E:24:55:F8:5D:73:A4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/_ER_8y4dXPJizS26JE1WloLifTY.roa
Signing time: Mon 01 Jan 2024 06:30:04 +0000
ROA not before: Mon 01 Jan 2024 06:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49453
IP address blocks: 134.19.177.0/24 maxlen: 24
134.19.176.0/24 maxlen: 24
134.19.179.0/24 maxlen: 24
134.19.178.0/24 maxlen: 24
134.19.186.0/24 maxlen: 24
134.19.185.0/24 maxlen: 24
134.19.184.0/24 maxlen: 24
134.19.183.0/24 maxlen: 24
134.19.182.0/24 maxlen: 24
134.19.181.0/24 maxlen: 24
134.19.180.0/24 maxlen: 24
134.19.190.0/23 maxlen: 23
134.19.189.0/24 maxlen: 24
134.19.188.0/24 maxlen: 24
134.19.187.0/24 maxlen: 24
37.123.210.0/24 maxlen: 24
45.133.250.0/24 maxlen: 24
213.152.166.0/24 maxlen: 24
213.152.165.0/24 maxlen: 24
213.152.164.0/24 maxlen: 24
213.152.163.0/24 maxlen: 24
213.152.162.0/24 maxlen: 24
213.152.161.0/24 maxlen: 24
213.152.160.0/24 maxlen: 24
213.152.172.0/24 maxlen: 24
213.152.171.0/24 maxlen: 24
213.152.170.0/24 maxlen: 24
213.152.169.0/24 maxlen: 24
213.152.168.0/24 maxlen: 24
213.152.167.0/24 maxlen: 24
213.152.177.0/24 maxlen: 24
213.152.176.0/24 maxlen: 24
213.152.174.0/24 maxlen: 24
213.152.173.0/24 maxlen: 24
213.152.186.0/24 maxlen: 24
213.152.185.0/24 maxlen: 24
213.152.184.0/24 maxlen: 24
213.152.183.0/24 maxlen: 24
213.152.181.0/24 maxlen: 24
213.152.180.0/24 maxlen: 24
213.152.188.0/22 maxlen: 22
213.152.189.0/24 maxlen: 24
213.152.188.0/24 maxlen: 24
213.152.187.0/24 maxlen: 24
188.95.51.0/24 maxlen: 24
188.95.49.0/24 maxlen: 24
188.95.53.0/24 maxlen: 24
188.95.52.0/24 maxlen: 24
185.23.212.0/22 maxlen: 22
109.202.98.0/24 maxlen: 24
185.23.214.0/24 maxlen: 24
109.202.104.0/24 maxlen: 24
109.202.103.0/24 maxlen: 24
109.202.102.0/24 maxlen: 24
109.202.101.0/24 maxlen: 24
109.202.100.0/24 maxlen: 24
109.202.99.0/24 maxlen: 24
109.202.111.0/24 maxlen: 24
109.202.110.0/24 maxlen: 24
109.202.109.0/24 maxlen: 24
109.202.108.0/24 maxlen: 24
109.202.107.0/24 maxlen: 24
109.202.106.0/24 maxlen: 24
109.232.225.0/24 maxlen: 24
109.232.224.0/24 maxlen: 24
109.232.231.0/24 maxlen: 24
109.232.230.0/24 maxlen: 24
109.232.229.0/24 maxlen: 24
109.232.228.0/24 maxlen: 24
109.232.227.0/24 maxlen: 24
2a00:1678:1337::/48 maxlen: 48
2a00:1678:2470::/48 maxlen: 48
2a00:1678:b00b::/48 maxlen: 48
2a00:1678:da7a::/48 maxlen: 48
2a00:1678:baba::/48 maxlen: 48
2a00:1678:3cc0::/48 maxlen: 48
2a00:1678:dea1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 23 Apr 2024 14:47:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:15:6d:f9:56:08:a6:14:8e:67:02:17:19:2f:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0526b03c717184c3680817e55e2455f85d73a413
Validity
Not Before: Jan 1 06:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc447ff32e1d5cf262cd2dba244d569682e27d36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:80:f9:41:bc:43:2d:25:43:a9:6d:cd:89:89:
33:a6:77:27:c1:09:a3:9b:8a:89:89:a4:d0:5b:3f:
d1:41:bc:8f:e4:ee:ba:ab:94:54:82:68:91:17:16:
86:43:37:47:19:62:d3:05:cd:1e:6c:42:21:52:d0:
96:15:cc:b9:59:c9:b5:7c:cc:64:9d:29:75:80:5d:
40:0b:49:71:02:13:60:ab:90:55:a7:fa:91:dd:d0:
05:e1:69:ca:7f:3d:ed:29:14:8b:17:22:39:ba:c7:
b0:5d:55:d9:8f:04:4d:43:e3:1d:2c:95:c5:1e:61:
b6:79:c3:b7:1c:0d:b9:2e:ca:79:0e:b5:cb:d6:a5:
10:5b:31:1f:86:3d:87:78:02:7f:b9:6c:2c:09:5d:
8d:19:cd:fd:ce:2a:6d:00:ba:b7:08:ce:e7:47:ea:
b2:c6:cd:be:2c:7f:70:1b:70:1c:91:65:da:0a:fe:
ae:e7:fe:92:eb:63:8c:c9:07:0b:20:3c:a0:4e:7b:
1e:47:f0:f3:98:e8:4f:97:51:40:46:f1:50:73:6a:
9a:15:ea:d8:bf:e6:26:89:18:70:dd:33:1d:5a:a5:
a2:eb:cc:17:ad:73:a1:d1:b6:1d:86:8b:09:fa:19:
15:a8:c9:e8:63:f8:90:78:69:90:78:33:4a:13:bd:
7e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:44:7F:F3:2E:1D:5C:F2:62:CD:2D:BA:24:4D:56:96:82:E2:7D:36
X509v3 Authority Key Identifier:
keyid:05:26:B0:3C:71:71:84:C3:68:08:17:E5:5E:24:55:F8:5D:73:A4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/_ER_8y4dXPJizS26JE1WloLifTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/BSawPHFxhMNoCBflXiRV-F1zpBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.123.210.0/24
45.133.250.0/24
109.202.98.0-109.202.104.255
109.202.106.0-109.202.111.255
109.232.224.0/23
109.232.227.0-109.232.231.255
134.19.176.0/20
185.23.212.0/22
188.95.49.0/24
188.95.51.0-188.95.53.255
213.152.160.0-213.152.174.255
213.152.176.0/23
213.152.180.0/23
213.152.183.0-213.152.191.255
IPv6:
2a00:1678:1337::/48
2a00:1678:2470::/48
2a00:1678:3cc0::/48
2a00:1678:b00b::/48
2a00:1678:baba::/48
2a00:1678:da7a::/48
2a00:1678:dea1::/48
Signature Algorithm: sha256WithRSAEncryption
8a:4a:6a:4d:f3:b4:3e:24:bc:bc:12:56:66:7a:60:d5:cc:1d:
52:6a:4d:94:9d:f6:56:9e:a5:89:e8:32:c6:77:33:22:bf:20:
ac:43:08:a0:a6:10:15:64:7c:b9:f1:bf:cd:8b:d5:30:18:22:
09:d4:37:c4:99:bf:ad:44:64:1b:00:7a:11:fe:bf:4a:3f:e0:
55:27:93:1c:de:6a:53:d6:16:c6:d5:dd:33:98:08:1c:a2:0d:
a7:12:cc:0c:1f:bf:4e:40:f7:52:bb:c6:04:da:34:b7:91:c0:
f4:de:80:07:0b:b5:a8:1b:19:e4:ff:e6:1f:58:33:ef:fa:d2:
be:ef:37:e5:c4:dc:bf:29:49:ce:df:bc:6c:16:32:8b:69:48:
99:47:4b:c6:31:38:d5:82:a2:7e:31:74:8d:e1:02:0a:e5:81:
4e:c0:18:b2:ac:f0:11:6d:dd:1a:2c:02:33:c5:4a:fb:78:6a:
15:35:11:41:8d:5d:98:62:b7:98:e2:5c:fa:71:5f:d8:18:d6:
86:9e:10:2e:70:ad:c8:6e:84:87:b0:c4:da:d1:f6:c8:38:82:
1d:e0:dd:a6:9f:70:32:27:19:88:27:58:ca:24:c4:11:20:b0:
29:b8:9d:9e:9b:37:4b:20:56:ab:b4:66:dc:7f:af:d4:f3:9c:
eb:7f:6b:56
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAYzDtxVt+VYIphSOZwIXGS/3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MjZiMDNjNzE3MTg0YzM2ODA4MTdlNTVlMjQ1NWY4NWQ3
M2E0MTMwHhcNMjQwMTAxMDYzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzQ0N2ZmMzJlMWQ1Y2YyNjJjZDJkYmEyNDRkNTY5NjgyZTI3ZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooD5QbxDLSVDqW3NiYkzpncnwQmj
m4qJiaTQWz/RQbyP5O66q5RUgmiRFxaGQzdHGWLTBc0ebEIhUtCWFcy5Wcm1fMxk
nSl1gF1AC0lxAhNgq5BVp/qR3dAF4WnKfz3tKRSLFyI5usewXVXZjwRNQ+MdLJXF
HmG2ecO3HA25Lsp5DrXL1qUQWzEfhj2HeAJ/uWwsCV2NGc39ziptALq3CM7nR+qy
xs2+LH9wG3AckWXaCv6u5/6S62OMyQcLIDygTnseR/DzmOhPl1FARvFQc2qaFerY
v+YmiRhw3TMdWqWi68wXrXOh0bYdhosJ+hkVqMnoY/iQeGmQeDNKE71+oQIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFPxEf/MuHVzyYs0tuiRNVpaC4n02MB8GA1UdIwQY
MBaAFAUmsDxxcYTDaAgX5V4kVfhdc6QTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlNhd1BIRnhoTU5vQ0JmbFhpUlYtRjF6cEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9hMzM4M2EtMDRlYi00M2Y4LWE5NTMt
M2JmMDRhMmE5M2Q4LzEvX0VSXzh5NGRYUEppelMyNkpFMVdsb0xpZlRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9hMzM4M2EtMDRlYi00M2Y4LWE5NTMtM2JmMDRhMmE5M2Q4
LzEvQlNhd1BIRnhoTU5vQ0JmbFhpUlYtRjF6cEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TCBiwQCAAEwgYQDBAAl
e9IDBAAthfowDAMEAW3KYgMEAG3KaDAMAwQBbcpqAwQEbcpgAwQBbejgMAwDBABt
6OMDBANt6OADBASGE7ADBAK5F9QDBAC8XzEwDAMEALxfMwMEAbxfNDAMAwQF1Zig
AwQA1ZiuAwQB1ZiwAwQB1Zi0MAwDBADVmLcDBAbVmIAwRQQCAAIwPwMHACoAFngT
NwMHACoAFngkcAMHACoAFng8wAMHACoAFniwCwMHACoAFni6ugMHACoAFnjaegMH
ACoAFnjeoTANBgkqhkiG9w0BAQsFAAOCAQEAikpqTfO0PiS8vBJWZnpg1cwdUmpN
lJ32Vp6liegyxnczIr8grEMIoKYQFWR8ufG/zYvVMBgiCdQ3xJm/rURkGwB6Ef6/
Sj/gVSeTHN5qU9YWxtXdM5gIHKINpxLMDB+/TkD3UrvGBNo0t5HA9N6ABwu1qBsZ
5P/mH1gz7/rSvu835cTcvylJzt+8bBYyi2lImUdLxjE41YKifjF0jeECCuWBTsAY
sqzwEW3dGiwCM8VK+3hqFTURQY1dmGK3mOJc+nFf2BjWhp4QLnCtyG6Eh7DE2tH2
yDiCHeDdpp9wMicZiCdYyiTEESCwKbidnps3SyBWq7Rm3H+v1POc639rVg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:55 2024 by rpki-client on console-fra.rpki-client.org