Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/3jT803snDlz7GRiuChcgoIg-4T8.roa
File: 3jT803snDlz7GRiuChcgoIg-4T8.roa (raw, json)
Hash identifier: FE91fxlEzif1qt0kQlcKqwCiQ/+AKIv3tS/Kx0nyADM=
Subject key identifier: DE:34:FC:D3:7B:27:0E:5C:FB:19:18:AE:0A:17:20:A0:88:3E:E1:3F
Certificate issuer: /CN=01626ffd800eafa336bdf343141f03f7c393c364
Certificate serial: 0187A35F8F71AD6582B8CFD90B1CD9B963E4
Authority key identifier: 01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/3jT803snDlz7GRiuChcgoIg-4T8.roa
Signing time: Fri 21 Apr 2023 10:32:41 +0000
ROA not before: Fri 21 Apr 2023 10:32:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8315
IP address blocks: 162.248.196.0/22 maxlen: 24
185.113.196.0/22 maxlen: 24
94.198.24.0/21 maxlen: 24
185.113.224.0/22 maxlen: 24
5.100.224.0/21 maxlen: 24
213.171.128.0/19 maxlen: 24
213.171.144.0/20 maxlen: 24
79.99.184.0/21 maxlen: 24
185.113.52.0/22 maxlen: 24
89.18.160.0/22 maxlen: 24
89.18.168.0/21 maxlen: 24
162.251.32.0/21 maxlen: 24
89.18.180.0/22 maxlen: 24
185.12.132.0/22 maxlen: 24
178.251.192.0/21 maxlen: 24
176.62.192.0/21 maxlen: 24
213.214.96.0/19 maxlen: 24
83.98.192.0/21 maxlen: 24
194.105.128.0/23 maxlen: 24
83.98.200.0/22 maxlen: 24
83.98.208.0/20 maxlen: 24
213.247.32.0/19 maxlen: 24
91.216.113.0/24 maxlen: 24
83.98.140.0/24 maxlen: 24
193.34.150.0/23 maxlen: 24
91.216.141.0/24 maxlen: 24
185.38.156.0/22 maxlen: 24
85.92.128.0/20 maxlen: 24
85.92.144.0/22 maxlen: 24
91.200.51.0/24 maxlen: 24
91.200.48.0/23 maxlen: 24
85.158.160.0/21 maxlen: 24
134.0.88.0/21 maxlen: 24
89.30.171.0/24 maxlen: 24
213.189.0.0/21 maxlen: 24
185.77.120.0/22 maxlen: 24
194.165.34.0/24 maxlen: 24
217.195.112.0/20 maxlen: 24
185.74.77.0/24 maxlen: 24
185.74.76.0/24 maxlen: 24
89.30.128.0/18 maxlen: 24
83.98.128.0/18 maxlen: 24
89.30.192.0/19 maxlen: 24
213.189.16.0/20 maxlen: 24
85.222.192.0/21 maxlen: 24
89.30.208.0/20 maxlen: 24
89.30.224.0/21 maxlen: 24
185.30.236.0/22 maxlen: 24
2a00:1bd8::/32 maxlen: 48
2a02:2858::/29 maxlen: 48
2a02:20b0::/32 maxlen: 48
2a02:2858:500::/40 maxlen: 48
2a02:2858:400::/40 maxlen: 48
2a02:2858:300::/40 maxlen: 48
2a02:2858:200::/40 maxlen: 48
2001:16f8::/32 maxlen: 48
2a02:20b1::/32 maxlen: 48
2a03:5500::/31 maxlen: 48
2a01:40e0::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a3:5f:8f:71:ad:65:82:b8:cf:d9:0b:1c:d9:b9:63:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01626ffd800eafa336bdf343141f03f7c393c364
Validity
Not Before: Apr 21 10:32:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de34fcd37b270e5cfb1918ae0a1720a0883ee13f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e4:09:e4:ef:de:a9:94:92:9a:5d:bd:42:74:
71:86:9f:f5:b0:ad:f4:fc:32:d0:9c:b0:69:35:32:
e0:dd:60:3c:f1:0c:55:bf:eb:e1:9c:67:14:45:ed:
68:73:bc:65:a9:77:dc:73:2d:b4:0f:cc:ca:cf:12:
a1:67:bc:d2:fa:ea:76:fd:5c:69:9f:54:8c:6a:55:
0a:35:fa:15:3f:b5:02:dc:b1:b7:8c:6c:4e:44:f3:
d1:68:76:1a:92:a5:1a:9f:2b:3c:f2:76:67:bf:f1:
35:c6:8f:58:9e:b8:55:e1:3d:4c:bc:83:da:72:0b:
2f:2e:6a:16:8e:f9:f7:52:74:55:21:1c:e9:ff:7f:
55:97:53:cb:b0:46:e3:d3:1b:cf:a6:49:28:d1:35:
7d:07:fd:52:91:08:d0:73:88:8f:3c:4c:37:17:68:
de:84:f8:29:63:6c:8d:c6:f4:5b:79:1a:eb:8f:6d:
57:c7:a1:cb:8a:1c:dc:cd:06:1b:1f:ff:a6:6c:c8:
99:19:49:13:0a:32:3c:b8:79:86:68:c5:f6:34:f7:
14:58:5a:1b:b3:d6:25:27:65:08:3f:e9:f3:3c:69:
e1:b2:39:a7:75:15:ef:89:cc:28:db:22:8f:7c:df:
44:50:85:03:76:31:db:ea:98:8d:59:7c:85:d9:25:
39:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:34:FC:D3:7B:27:0E:5C:FB:19:18:AE:0A:17:20:A0:88:3E:E1:3F
X509v3 Authority Key Identifier:
keyid:01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/3jT803snDlz7GRiuChcgoIg-4T8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.224.0/21
79.99.184.0/21
83.98.128.0-83.98.203.255
83.98.208.0/20
85.92.128.0-85.92.147.255
85.158.160.0/21
85.222.192.0/21
89.18.160.0/22
89.18.168.0/21
89.18.180.0/22
89.30.128.0-89.30.231.255
91.200.48.0/23
91.200.51.0/24
91.216.113.0/24
91.216.141.0/24
94.198.24.0/21
134.0.88.0/21
162.248.196.0/22
162.251.32.0/21
176.62.192.0/21
178.251.192.0/21
185.12.132.0/22
185.30.236.0/22
185.38.156.0/22
185.74.76.0/23
185.77.120.0/22
185.113.52.0/22
185.113.196.0/22
185.113.224.0/22
193.34.150.0/23
194.105.128.0/23
194.165.34.0/24
213.171.128.0/19
213.189.0.0/21
213.189.16.0/20
213.214.96.0/19
213.247.32.0/19
217.195.112.0/20
IPv6:
2001:16f8::/32
2a00:1bd8::/32
2a01:40e0::/32
2a02:20b0::/31
2a02:2858::/29
2a03:5500::/31
Signature Algorithm: sha256WithRSAEncryption
6b:82:f1:8d:e1:41:b7:d3:c5:bc:5d:a0:4a:bf:fa:ea:95:7f:
9f:84:2e:95:63:90:a3:2b:83:f7:3c:2b:ff:57:fc:0c:4b:ef:
e5:f4:5a:04:06:ca:91:e1:32:f9:f3:e5:44:5c:3c:bb:d0:fd:
81:8a:a1:28:d3:b8:49:46:4c:a8:2a:f7:d4:07:0e:fb:cf:de:
c9:2d:77:db:7f:9e:1d:be:ee:d5:a4:48:5d:77:a2:99:4d:75:
a2:44:99:eb:0a:74:f2:30:a6:8d:08:5b:2b:a1:e0:73:e6:43:
63:96:2a:6d:3d:18:2c:b9:18:e5:50:32:35:e2:f0:9f:c8:fd:
ba:81:c4:fe:24:78:11:e5:f5:96:bf:3e:f5:e5:83:82:32:1d:
b5:d6:6d:82:fb:49:ef:ae:b6:62:79:2a:ba:9c:75:cc:7c:7e:
66:61:05:cc:93:c8:f4:3a:f9:26:31:33:36:01:ce:52:5c:23:
e9:76:f4:ad:db:47:1b:a0:ea:61:0e:40:de:88:55:3b:ac:fc:
1d:be:1e:ac:15:15:04:32:9e:1c:57:b0:f4:36:21:e2:5a:b3:
c7:6b:2b:6b:7d:97:5a:1d:c4:b3:22:59:d5:f8:4a:d6:08:5d:
67:1e:53:2c:95:08:9c:66:85:c9:e2:7f:58:83:58:ea:9a:47:
e8:57:7d:d8
-----BEGIN CERTIFICATE-----
MIIGLjCCBRagAwIBAgISAYejX49xrWWCuM/ZCxzZuWPkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNjI2ZmZkODAwZWFmYTMzNmJkZjM0MzE0MWYwM2Y3YzM5
M2MzNjQwHhcNMjMwNDIxMTAzMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTM0ZmNkMzdiMjcwZTVjZmIxOTE4YWUwYTE3MjBhMDg4M2VlMTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+QJ5O/eqZSSml29QnRxhp/1sK30
/DLQnLBpNTLg3WA88QxVv+vhnGcURe1oc7xlqXfccy20D8zKzxKhZ7zS+up2/Vxp
n1SMalUKNfoVP7UC3LG3jGxORPPRaHYakqUanys88nZnv/E1xo9YnrhV4T1MvIPa
cgsvLmoWjvn3UnRVIRzp/39Vl1PLsEbj0xvPpkko0TV9B/1SkQjQc4iPPEw3F2je
hPgpY2yNxvRbeRrrj21Xx6HLihzczQYbH/+mbMiZGUkTCjI8uHmGaMX2NPcUWFob
s9YlJ2UIP+nzPGnhsjmndRXvicwo2yKPfN9EUIUDdjHb6piNWXyF2SU5/QIDAQAB
o4IDOjCCAzYwHQYDVR0OBBYEFN40/NN7Jw5c+xkYrgoXIKCIPuE/MB8GA1UdIwQY
MBaAFAFib/2ADq+jNr3zQxQfA/fDk8NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODct
MWY0YmVhMjNlNGM3LzEvM2pUODAzc25EbHo3R1JpdUNoY2dvSWctNFQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODctMWY0YmVhMjNlNGM3
LzEvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBTgYIKwYBBQUHAQcBAf8EggE9MIIBOTCCAQMEAgABMIH8
AwQDBWTgAwQDT2O4MAwDBAdTYoADBAJTYsgDBARTYtAwDAMEB1VcgAMEAlVckAME
A1WeoAMEA1XewAMEAlkSoAMEA1kSqAMEAlkStDAMAwQHWR6AAwQDWR7gAwQBW8gw
AwQAW8gzAwQAW9hxAwQAW9iNAwQDXsYYAwQDhgBYAwQCovjEAwQDovsgAwQDsD7A
AwQDsvvAAwQCuQyEAwQCuR7sAwQCuSacAwQBuUpMAwQCuU14AwQCuXE0AwQCuXHE
AwQCuXHgAwQBwSKWAwQBwmmAAwQAwqUiAwQF1auAAwQD1b0AAwQE1b0QAwQF1dZg
AwQF1fcgAwQE2cNwMDAEAgACMCoDBQAgARb4AwUAKgAb2AMFACoBQOADBQEqAiCw
AwUDKgIoWAMFASoDVQAwDQYJKoZIhvcNAQELBQADggEBAGuC8Y3hQbfTxbxdoEq/
+uqVf5+ELpVjkKMrg/c8K/9X/AxL7+X0WgQGypHhMvnz5URcPLvQ/YGKoSjTuElG
TKgq99QHDvvP3sktd9t/nh2+7tWkSF13oplNdaJEmesKdPIwpo0IWyuh4HPmQ2OW
Km09GCy5GOVQMjXi8J/I/bqBxP4keBHl9Za/PvXlg4IyHbXWbYL7Se+utmJ5Krqc
dcx8fmZhBcyTyPQ6+SYxMzYBzlJcI+l29K3bRxug6mEOQN6IVTus/B2+HqwVFQQy
nhxXsPQ2IeJas8drK2t9l1odxLMiWdX4StYIXWceUyyVCJxmhcnif1iDWOqaR+hX
fdg=
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:17:07 2024 by rpki-client on console-ams.rpki-client.org