Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/pJZ2bM2-L7d9IvHj5FG1ON4TZ7A.roa
File: pJZ2bM2-L7d9IvHj5FG1ON4TZ7A.roa (raw, json)
Hash identifier: rYjP//czA0VZhcV9l8yJkZ83cmCvXjbIJ140SugCV54=
Subject key identifier: A4:96:76:6C:CD:BE:2F:B7:7D:22:F1:E3:E4:51:B5:38:DE:13:67:B0
Certificate issuer: /CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Certificate serial: 0185729EE13220858B4944C581FBC597860F
Authority key identifier: EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/pJZ2bM2-L7d9IvHj5FG1ON4TZ7A.roa
Signing time: Mon 02 Jan 2023 13:14:52 +0000
ROA not before: Mon 02 Jan 2023 13:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12975
IP address blocks: 199.204.215.0/24 maxlen: 24
94.26.112.0/20 maxlen: 20
217.66.224.0/19 maxlen: 24
82.205.0.0/17 maxlen: 21
82.205.0.0/20 maxlen: 20
217.66.233.0/24 maxlen: 24
217.66.237.0/24 maxlen: 24
217.66.234.0/23 maxlen: 23
86.107.16.0/22 maxlen: 22
87.252.108.0/22 maxlen: 22
188.215.100.0/22 maxlen: 22
82.205.96.0/20 maxlen: 20
82.205.104.0/21 maxlen: 21
89.239.32.0/20 maxlen: 20
82.205.16.0/20 maxlen: 20
217.66.240.0/20 maxlen: 20
82.205.27.0/24 maxlen: 24
212.33.96.0/19 maxlen: 20
185.171.132.0/22 maxlen: 22
82.102.240.0/20 maxlen: 20
82.102.192.0/20 maxlen: 20
82.102.192.0/18 maxlen: 24
82.102.208.0/21 maxlen: 21
82.102.218.0/23 maxlen: 23
82.102.224.0/20 maxlen: 20
82.102.220.0/22 maxlen: 22
212.106.64.0/19 maxlen: 20
85.113.96.0/19 maxlen: 20
176.65.12.0/22 maxlen: 22
194.169.123.0/24 maxlen: 24
194.169.122.0/23 maxlen: 23
194.169.122.0/24 maxlen: 24
147.189.176.0/20 maxlen: 20
194.169.121.0/24 maxlen: 24
199.250.128.0/19 maxlen: 21
217.21.14.0/23 maxlen: 23
217.21.12.0/23 maxlen: 23
188.209.208.0/22 maxlen: 22
37.8.0.0/17 maxlen: 20
37.8.0.0/20 maxlen: 20
37.8.16.0/20 maxlen: 20
37.8.32.0/20 maxlen: 20
37.8.48.0/20 maxlen: 20
109.232.163.0/24 maxlen: 24
109.232.162.0/24 maxlen: 24
109.232.162.0/23 maxlen: 23
185.40.192.0/22 maxlen: 22
185.138.132.0/22 maxlen: 22
185.90.242.0/24 maxlen: 24
82.205.120.0/21 maxlen: 21
217.78.48.0/21 maxlen: 21
217.78.48.0/20 maxlen: 20
217.78.60.0/22 maxlen: 22
217.21.4.0/24 maxlen: 24
217.21.3.0/24 maxlen: 24
217.21.2.0/24 maxlen: 24
217.21.0.0/20 maxlen: 20
217.21.10.0/23 maxlen: 23
217.21.8.0/23 maxlen: 23
217.21.6.0/23 maxlen: 23
217.21.5.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:e1:32:20:85:8b:49:44:c5:81:fb:c5:97:86:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Validity
Not Before: Jan 2 13:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a496766ccdbe2fb77d22f1e3e451b538de1367b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:df:a1:c1:af:da:23:a0:e8:58:9e:c5:5c:aa:
37:7c:f2:c8:a3:a1:f1:6a:5d:9d:65:f3:fb:86:ad:
b5:e8:dc:e5:11:46:04:b3:ae:a0:22:04:91:6b:4d:
63:19:92:10:63:b4:46:df:7f:62:21:c8:a0:d4:32:
02:ec:9e:44:98:f8:a9:0a:43:15:66:a4:84:f9:16:
07:5a:77:b6:78:c3:89:c6:48:5b:5d:c4:f3:ec:15:
17:34:00:a9:bd:1b:b8:24:14:1a:89:d9:7a:14:3a:
13:08:8f:f1:0c:b3:e3:d6:c6:69:7e:c0:89:b1:4b:
d3:0e:f9:e2:59:5a:cc:08:2f:7c:eb:43:bf:ba:40:
d4:93:d4:50:d9:84:8b:a7:5d:c6:0f:8b:42:61:da:
e7:01:51:12:2d:fd:b4:94:fb:18:96:5e:7a:3a:86:
83:be:6c:13:96:3b:94:01:5b:3a:bd:9d:f0:8e:73:
76:1a:82:a4:d4:0f:35:63:d4:d8:0a:7f:81:95:2e:
1f:06:e5:d7:d1:2b:6a:59:2c:f7:55:cc:06:e8:b7:
85:b2:10:48:43:5b:40:8b:82:5c:81:b8:12:d3:3f:
0f:8a:16:05:89:35:4e:a3:45:d4:f2:51:eb:b2:2c:
83:43:16:33:b2:ec:17:28:fe:80:d9:f4:bd:1e:95:
0d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:96:76:6C:CD:BE:2F:B7:7D:22:F1:E3:E4:51:B5:38:DE:13:67:B0
X509v3 Authority Key Identifier:
keyid:EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/pJZ2bM2-L7d9IvHj5FG1ON4TZ7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/7DpjPvLAglGlhgNWLlaqbvqT7CU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.8.0.0/17
82.102.192.0/18
82.205.0.0/17
85.113.96.0/19
86.107.16.0/22
87.252.108.0/22
89.239.32.0/20
94.26.112.0/20
109.232.162.0/23
147.189.176.0/20
176.65.12.0/22
185.40.192.0/22
185.90.242.0/24
185.138.132.0/22
185.171.132.0/22
188.209.208.0/22
188.215.100.0/22
194.169.121.0-194.169.123.255
199.204.215.0/24
199.250.128.0/19
212.33.96.0/19
212.106.64.0/19
217.21.0.0/20
217.66.224.0/19
217.78.48.0/20
Signature Algorithm: sha256WithRSAEncryption
42:2d:b3:28:ff:b7:1b:fd:3e:38:a9:22:f9:57:d5:e8:81:51:
98:b1:13:5f:26:59:28:20:e7:c4:cd:a0:20:cb:cf:a8:9d:14:
84:73:d8:ac:eb:d5:0e:50:05:b2:03:02:80:74:34:b7:8e:9d:
99:9f:d2:90:52:7d:ee:66:fb:67:58:a2:bb:e4:aa:f9:ec:43:
8d:43:20:92:c5:ae:91:c3:cb:b4:ec:3f:29:3e:15:3a:03:5d:
df:b1:85:d6:25:28:e4:e9:9d:2a:07:89:99:bb:fc:79:8b:20:
f9:60:d6:9c:89:89:a7:cc:90:4b:b5:82:46:ef:5a:bc:76:d9:
c2:d7:3e:37:7c:40:59:82:c4:30:cc:34:fd:c4:a3:8d:c7:05:
e0:83:da:ab:ac:ea:d1:dc:fa:8a:7d:9a:82:7e:b7:4a:43:7f:
74:b4:ea:2d:e8:80:69:5d:0c:74:fd:6b:27:31:3e:37:51:90:
8e:c4:09:c7:d5:57:0f:ef:f2:5b:bd:ba:1a:4c:04:2d:7d:9d:
cf:5b:c4:7e:e9:4f:fc:99:da:3d:1c:bb:8f:33:07:cb:0c:89:
01:e3:48:63:cb:69:e0:99:a2:41:8a:70:29:2c:37:1c:01:49:
6e:b7:3a:f9:b3:7c:c8:dc:36:d9:8e:6c:4f:57:7f:72:fc:e7:
df:b0:02:b8
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYVynuEyIIWLSUTFgfvFl4YPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjM2E2MzNlZjJjMDgyNTFhNTg2MDM1NjJlNTZhYTZlZmE5
M2VjMjUwHhcNMjMwMTAyMTMxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDk2NzY2Y2NkYmUyZmI3N2QyMmYxZTNlNDUxYjUzOGRlMTM2N2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgN+hwa/aI6DoWJ7FXKo3fPLIo6Hx
al2dZfP7hq216NzlEUYEs66gIgSRa01jGZIQY7RG339iIcig1DIC7J5EmPipCkMV
ZqSE+RYHWne2eMOJxkhbXcTz7BUXNACpvRu4JBQaidl6FDoTCI/xDLPj1sZpfsCJ
sUvTDvniWVrMCC9860O/ukDUk9RQ2YSLp13GD4tCYdrnAVESLf20lPsYll56OoaD
vmwTljuUAVs6vZ3wjnN2GoKk1A81Y9TYCn+BlS4fBuXX0StqWSz3VcwG6LeFshBI
Q1tAi4JcgbgS0z8PihYFiTVOo0XU8lHrsiyDQxYzsuwXKP6A2fS9HpUNIQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFKSWdmzNvi+3fSLx4+RRtTjeE2ewMB8GA1UdIwQY
MBaAFOw6Yz7ywIJRpYYDVi5Wqm76k+wlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0RwalB2TEFnbEdsaGdOV0xsYXFidnFUN0NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jMWIxZjAtMjM0Zi00NWQ1LTg1OTUt
ZjdjMmMyYTkxYmMyLzEvcEpaMmJNMi1MN2Q5SXZIajVGRzFPTjRUWjdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jMWIxZjAtMjM0Zi00NWQ1LTg1OTUtZjdjMmMyYTkxYmMy
LzEvN0RwalB2TEFnbEdsaGdOV0xsYXFidnFUN0NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAcl
CAADBAZSZsADBAdSzQADBAVVcWADBAJWaxADBAJX/GwDBARZ7yADBAReGnADBAFt
6KIDBASTvbADBAKwQQwDBAK5KMADBAC5WvIDBAK5ioQDBAK5q4QDBAK80dADBAK8
12QwDAMEAMKpeQMEAsKpeAMEAMfM1wMEBcf6gAMEBdQhYAMEBdRqQAMEBNkVAAME
BdlC4AMEBNlOMDANBgkqhkiG9w0BAQsFAAOCAQEAQi2zKP+3G/0+OKki+VfV6IFR
mLETXyZZKCDnxM2gIMvPqJ0UhHPYrOvVDlAFsgMCgHQ0t46dmZ/SkFJ97mb7Z1ii
u+Sq+exDjUMgksWukcPLtOw/KT4VOgNd37GF1iUo5OmdKgeJmbv8eYsg+WDWnImJ
p8yQS7WCRu9avHbZwtc+N3xAWYLEMMw0/cSjjccF4IPaq6zq0dz6in2agn63SkN/
dLTqLeiAaV0MdP1rJzE+N1GQjsQJx9VXD+/yW726GkwELX2dz1vEfulP/JnaPRy7
jzMHywyJAeNIY8tp4JmiQYpwKSw3HAFJbrc6+bN8yNw22Y5sT1d/cvzn37ACuA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:33 2024 by rpki-client on console-fra.rpki-client.org