Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/DFe3JPQxejom8C-LjMbsZpfH4zI.roa
File: DFe3JPQxejom8C-LjMbsZpfH4zI.roa (raw, json)
Hash identifier: F78LUFMIFJOLgCfoSRoUKn65OH6B+XtIkhb2Rrt0dl0=
Subject key identifier: 0C:57:B7:24:F4:31:7A:3A:26:F0:2F:8B:8C:C6:EC:66:97:C7:E3:32
Certificate issuer: /CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Certificate serial: 018D641F67E907FA794DC3DF1CF561E19E17
Authority key identifier: E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/DFe3JPQxejom8C-LjMbsZpfH4zI.roa
Signing time: Thu 01 Feb 2024 10:03:16 +0000
ROA not before: Thu 01 Feb 2024 10:03:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44252
IP address blocks: 37.153.174.0/24 maxlen: 24
89.39.144.0/24 maxlen: 24
89.39.145.0/24 maxlen: 24
89.46.127.0/24 maxlen: 24
89.47.40.0/24 maxlen: 24
89.47.41.0/24 maxlen: 24
92.60.224.0/24 maxlen: 24
92.60.225.0/24 maxlen: 24
92.60.226.0/24 maxlen: 24
92.60.227.0/24 maxlen: 24
92.60.228.0/24 maxlen: 24
92.60.229.0/24 maxlen: 24
92.60.230.0/24 maxlen: 24
92.60.231.0/24 maxlen: 24
92.60.232.0/24 maxlen: 24
92.60.233.0/24 maxlen: 24
92.60.235.0/24 maxlen: 24
92.60.237.0/24 maxlen: 24
92.60.238.0/24 maxlen: 24
92.60.239.0/24 maxlen: 24
93.113.250.0/24 maxlen: 24
94.228.227.0/24 maxlen: 24
94.228.229.0/24 maxlen: 24
94.228.230.0/24 maxlen: 24
94.228.231.0/24 maxlen: 24
94.228.233.0/24 maxlen: 24
94.228.234.0/24 maxlen: 24
94.228.237.0/24 maxlen: 24
94.228.238.0/24 maxlen: 24
176.67.192.0/24 maxlen: 24
176.67.193.0/24 maxlen: 24
176.67.194.0/24 maxlen: 24
176.67.196.0/24 maxlen: 24
176.67.198.0/24 maxlen: 24
176.67.200.0/23 maxlen: 24
176.67.202.0/23 maxlen: 24
176.67.204.0/24 maxlen: 24
176.67.205.0/24 maxlen: 24
176.67.206.0/23 maxlen: 23
176.67.208.0/24 maxlen: 24
176.67.210.0/24 maxlen: 24
176.67.211.0/24 maxlen: 24
176.67.212.0/24 maxlen: 24
176.67.214.0/24 maxlen: 24
176.67.217.0/24 maxlen: 24
176.67.218.0/24 maxlen: 24
176.67.219.0/24 maxlen: 24
176.67.220.0/24 maxlen: 24
176.67.221.0/24 maxlen: 24
176.67.223.0/24 maxlen: 24
178.17.19.0/24 maxlen: 24
178.17.22.0/24 maxlen: 24
178.17.23.0/24 maxlen: 24
178.17.24.0/24 maxlen: 24
178.17.26.0/24 maxlen: 24
178.17.27.0/24 maxlen: 24
178.17.28.0/24 maxlen: 24
178.17.30.0/24 maxlen: 24
185.27.128.0/24 maxlen: 24
185.27.131.0/24 maxlen: 24
185.36.255.0/24 maxlen: 24
188.215.30.0/24 maxlen: 24
188.240.200.0/24 maxlen: 24
188.240.201.0/24 maxlen: 24
213.196.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 12:38:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:1f:67:e9:07:fa:79:4d:c3:df:1c:f5:61:e1:9e:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Validity
Not Before: Feb 1 10:03:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c57b724f4317a3a26f02f8b8cc6ec6697c7e332
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:bc:08:13:3e:f6:0c:cc:f4:d6:18:75:94:81:
49:c7:f0:a4:e7:ea:76:da:db:7a:7f:e3:72:93:98:
47:2c:50:98:a2:23:80:cc:85:c1:a5:11:1f:0d:7d:
e6:18:0a:e6:c3:5d:2f:cb:39:26:86:b8:59:ad:3e:
df:ae:f4:bb:43:43:d1:b7:14:54:b6:91:b5:98:21:
56:3f:9c:0b:af:96:5c:19:5b:a5:fe:17:7a:a9:22:
9f:ea:64:de:61:af:7c:09:72:41:6f:94:09:43:a1:
f9:c8:e1:db:37:64:b4:82:73:c3:67:8c:cd:ad:b1:
67:82:3d:ec:28:3a:5e:7f:2a:8e:52:0a:73:3c:33:
03:bf:5a:79:62:3e:b5:7f:97:5a:8d:be:ac:50:de:
a8:7e:d4:b6:ea:cb:a9:b9:24:13:ec:ae:62:77:3d:
72:8d:9d:63:f7:f8:77:ca:cc:11:85:03:93:80:5f:
d1:85:de:58:16:d7:48:12:30:7b:f6:a3:b1:66:e9:
60:66:3a:aa:a7:9d:e3:26:6a:33:88:bb:36:15:1e:
53:ae:44:c8:86:88:17:a3:8b:d6:89:c2:df:f0:6f:
cf:19:20:11:92:2f:f4:38:a3:1b:77:e8:f9:12:cf:
70:fd:d2:68:92:af:e6:d8:15:5a:e7:fc:23:b2:f0:
66:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:57:B7:24:F4:31:7A:3A:26:F0:2F:8B:8C:C6:EC:66:97:C7:E3:32
X509v3 Authority Key Identifier:
keyid:E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/DFe3JPQxejom8C-LjMbsZpfH4zI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.174.0/24
89.39.144.0/23
89.46.127.0/24
89.47.40.0/23
92.60.224.0-92.60.233.255
92.60.235.0/24
92.60.237.0-92.60.239.255
93.113.250.0/24
94.228.227.0/24
94.228.229.0-94.228.231.255
94.228.233.0-94.228.234.255
94.228.237.0-94.228.238.255
176.67.192.0-176.67.194.255
176.67.196.0/24
176.67.198.0/24
176.67.200.0-176.67.208.255
176.67.210.0-176.67.212.255
176.67.214.0/24
176.67.217.0-176.67.221.255
176.67.223.0/24
178.17.19.0/24
178.17.22.0-178.17.24.255
178.17.26.0-178.17.28.255
178.17.30.0/24
185.27.128.0/24
185.27.131.0/24
185.36.255.0/24
188.215.30.0/24
188.240.200.0/23
213.196.97.0/24
Signature Algorithm: sha256WithRSAEncryption
76:c8:3a:dd:1d:ab:ce:24:73:ca:58:15:38:c9:b5:c2:1a:a3:
d7:a6:75:c4:3b:9b:3c:14:cc:d4:fa:eb:94:41:c5:52:de:4b:
30:c8:ae:d0:4f:55:4d:30:42:c4:1f:66:96:e1:c8:24:85:ea:
6f:16:13:01:6a:eb:6f:47:ff:b5:72:26:2f:d7:d3:4a:10:dc:
01:d1:5a:0f:8e:a4:46:7e:e0:16:63:12:13:8d:42:10:07:6e:
ee:3a:f3:44:a8:5e:03:52:a3:f4:fd:e2:37:03:0d:1a:34:30:
7e:f1:e0:43:0c:03:c0:1f:00:a0:20:c7:73:82:e6:73:e9:e0:
41:09:88:76:c5:e3:ad:e8:07:ff:09:8f:d3:ed:8b:cc:ea:49:
64:53:3c:d1:cc:0a:9c:80:5c:50:05:ae:5d:e6:88:be:6a:2f:
ee:a7:67:d6:c9:b5:f6:ff:85:bf:fe:26:83:82:fb:55:d9:33:
ac:b1:90:25:86:8a:43:10:99:9a:cc:ed:67:3c:7e:8b:f0:9c:
5c:70:ec:0f:f6:41:b6:1e:f3:c8:18:5a:6a:1f:ba:20:ca:15:
cb:fe:07:fa:a3:83:a8:b6:75:b7:bd:24:cc:a2:14:34:a8:ee:
d4:bc:c2:7a:19:20:d2:44:31:24:01:6f:99:b6:67:e7:1d:85:
e6:8a:8d:7a
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAY1kH2fpB/p5TcPfHPVh4Z4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YjEzMjBmYmMyNGQ2ZjQzNjZjYjY0ZmNmNWVkMmQ3YjFi
NmJkZjcwHhcNMjQwMjAxMTAwMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzU3YjcyNGY0MzE3YTNhMjZmMDJmOGI4Y2M2ZWM2Njk3YzdlMzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLwIEz72DMz01hh1lIFJx/Ck5+p2
2tt6f+Nyk5hHLFCYoiOAzIXBpREfDX3mGArmw10vyzkmhrhZrT7frvS7Q0PRtxRU
tpG1mCFWP5wLr5ZcGVul/hd6qSKf6mTeYa98CXJBb5QJQ6H5yOHbN2S0gnPDZ4zN
rbFngj3sKDpefyqOUgpzPDMDv1p5Yj61f5dajb6sUN6oftS26supuSQT7K5idz1y
jZ1j9/h3yswRhQOTgF/Rhd5YFtdIEjB79qOxZulgZjqqp53jJmoziLs2FR5TrkTI
hogXo4vWicLf8G/PGSARki/0OKMbd+j5Es9w/dJokq/m2BVa5/wjsvBmhQIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFAxXtyT0MXo6JvAvi4zG7GaXx+MyMB8GA1UdIwQY
MBaAFOmxMg+8JNb0Nmy2T89e0textr33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUt
ZDNlMjgwMGJkNjQwLzEvREZlM0pQUXhlam9tOEMtTGpNYnNacGZINHpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUtZDNlMjgwMGJkNjQw
LzEvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCCARQEAgABMIIB
DAMEACWZrgMEAVknkAMEAFkufwMEAVkvKDAMAwQFXDzgAwQBXDzoAwQAXDzrMAwD
BABcPO0DBARcPOADBABdcfoDBABe5OMwDAMEAF7k5QMEA17k4DAMAwQAXuTpAwQA
XuTqMAwDBABe5O0DBABe5O4wDAMEBrBDwAMEALBDwgMEALBDxAMEALBDxjAMAwQD
sEPIAwQAsEPQMAwDBAGwQ9IDBACwQ9QDBACwQ9YwDAMEALBD2QMEAbBD3AMEALBD
3wMEALIREzAMAwQBshEWAwQAshEYMAwDBAGyERoDBACyERwDBACyER4DBAC5G4AD
BAC5G4MDBAC5JP8DBAC81x4DBAG88MgDBADVxGEwDQYJKoZIhvcNAQELBQADggEB
AHbIOt0dq84kc8pYFTjJtcIao9emdcQ7mzwUzNT665RBxVLeSzDIrtBPVU0wQsQf
ZpbhyCSF6m8WEwFq629H/7VyJi/X00oQ3AHRWg+OpEZ+4BZjEhONQhAHbu4680So
XgNSo/T94jcDDRo0MH7x4EMMA8AfAKAgx3OC5nPp4EEJiHbF463oB/8Jj9Pti8zq
SWRTPNHMCpyAXFAFrl3miL5qL+6nZ9bJtfb/hb/+JoOC+1XZM6yxkCWGikMQmZrM
7Wc8fovwnFxw7A/2QbYe88gYWmofuiDKFcv+B/qjg6i2dbe9JMyiFDSo7tS8wnoZ
INJEMSQBb5m2Z+cdheaKjXo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:32 2024 by rpki-client on console-fra.rpki-client.org