Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/D86eVHlpHStPDHczkGTM1t9QMvw.roa
File: D86eVHlpHStPDHczkGTM1t9QMvw.roa (raw, json)
Hash identifier: HGiAZ9xHvW3MvkXs34JN/TqnTz0lJed8+aP7mlKkJrQ=
Subject key identifier: 0F:CE:9E:54:79:69:1D:2B:4F:0C:77:33:90:64:CC:D6:DF:50:32:FC
Certificate issuer: /CN=7dc4acedcb86cddfed7f6de8cadfca00469bbc8e
Certificate serial: 018CC5DC4AD40698ABE33234DA0D0BE036D1
Authority key identifier: 7D:C4:AC:ED:CB:86:CD:DF:ED:7F:6D:E8:CA:DF:CA:00:46:9B:BC:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/D86eVHlpHStPDHczkGTM1t9QMvw.roa
Signing time: Mon 01 Jan 2024 16:29:57 +0000
ROA not before: Mon 01 Jan 2024 16:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2116
IP address blocks: 85.252.0.0/16 maxlen: 16
194.29.200.0/22 maxlen: 22
37.191.128.0/17 maxlen: 17
213.160.224.0/20 maxlen: 20
213.160.240.0/21 maxlen: 21
31.185.24.0/21 maxlen: 21
81.175.0.0/20 maxlen: 20
178.74.0.0/18 maxlen: 18
81.175.24.0/21 maxlen: 21
81.175.20.0/22 maxlen: 22
213.151.128.0/19 maxlen: 19
81.175.32.0/19 maxlen: 19
217.77.32.0/20 maxlen: 20
195.204.0.0/16 maxlen: 16
85.221.0.0/17 maxlen: 17
217.8.128.0/19 maxlen: 19
77.234.48.0/21 maxlen: 21
86.62.128.0/18 maxlen: 18
62.63.0.0/18 maxlen: 18
89.191.0.0/19 maxlen: 19
81.191.0.0/16 maxlen: 16
193.90.0.0/16 maxlen: 16
80.241.80.0/20 maxlen: 20
194.19.0.0/17 maxlen: 17
212.62.224.0/19 maxlen: 19
64.28.0.0/19 maxlen: 19
85.196.64.0/18 maxlen: 18
193.75.0.0/17 maxlen: 17
195.139.0.0/16 maxlen: 16
213.172.192.0/19 maxlen: 19
78.24.144.0/21 maxlen: 21
109.199.192.0/19 maxlen: 19
195.1.0.0/16 maxlen: 16
213.52.0.0/17 maxlen: 17
185.129.156.0/22 maxlen: 22
185.35.80.0/22 maxlen: 22
193.69.0.0/16 maxlen: 16
195.18.128.0/17 maxlen: 17
185.8.16.0/22 maxlen: 22
85.112.128.0/19 maxlen: 19
82.196.192.0/19 maxlen: 19
217.118.32.0/19 maxlen: 19
79.135.0.0/19 maxlen: 19
193.71.0.0/16 maxlen: 16
91.135.32.0/20 maxlen: 20
217.144.224.0/19 maxlen: 19
77.40.128.0/17 maxlen: 17
185.67.116.0/22 maxlen: 22
213.239.64.0/18 maxlen: 18
87.118.0.0/18 maxlen: 18
84.20.96.0/19 maxlen: 19
77.88.64.0/18 maxlen: 18
195.159.0.0/16 maxlen: 16
62.101.192.0/18 maxlen: 18
80.64.192.0/20 maxlen: 20
88.84.160.0/19 maxlen: 19
194.54.96.0/19 maxlen: 19
81.0.128.0/18 maxlen: 18
212.71.64.0/19 maxlen: 19
195.0.128.0/17 maxlen: 17
217.14.0.0/20 maxlen: 20
193.91.128.0/17 maxlen: 17
213.158.224.0/19 maxlen: 19
2a00:c440::/29 maxlen: 29
2001:840::/29 maxlen: 29
2a03:c000::/29 maxlen: 29
2a01:520::/29 maxlen: 29
2a02:270::/29 maxlen: 29
2001:4dd8::/29 maxlen: 29
2001:8c0::/29 maxlen: 29
2a04:6340::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 06 Jan 2024 18:15:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:4a:d4:06:98:ab:e3:32:34:da:0d:0b:e0:36:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dc4acedcb86cddfed7f6de8cadfca00469bbc8e
Validity
Not Before: Jan 1 16:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fce9e5479691d2b4f0c77339064ccd6df5032fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d8:f2:1e:32:59:48:0c:29:b5:75:77:75:22:
31:57:e4:39:b7:25:83:62:54:b6:cc:d7:a9:5b:65:
6b:1e:85:b6:1e:b5:c1:3f:45:eb:d7:6a:90:39:eb:
49:db:2e:c9:62:48:30:8e:10:90:98:3f:5b:02:fd:
7b:30:e7:55:27:4b:81:72:b7:27:bf:14:80:8d:d7:
9a:e7:4f:9d:51:61:e3:22:6d:33:a4:6b:b3:aa:2b:
72:65:36:b2:6d:5d:84:c6:04:60:01:92:1e:e7:19:
6f:9d:9c:a3:91:05:67:fb:6c:2f:06:8a:08:d5:e9:
d4:97:24:ea:d1:39:1b:80:29:fd:9a:87:21:e6:a7:
e7:5c:23:76:94:1c:03:39:fb:54:e8:28:e7:f5:ec:
de:b1:17:59:10:df:8d:56:22:0c:42:a6:bc:fe:a7:
d0:20:9a:88:e1:c5:aa:b6:3f:d0:a5:2d:ae:07:ee:
f8:35:a6:61:8d:90:e3:58:a2:69:21:ff:f3:26:60:
42:6f:25:a7:be:f3:73:1d:ae:2a:a4:27:fc:05:ba:
51:9b:00:53:e5:cc:bb:3a:f2:50:06:ea:77:bf:28:
d1:c4:b8:13:48:d6:dd:4c:1a:56:c1:ee:b0:46:c3:
d9:95:4a:5b:4b:af:10:cc:73:2d:2e:b6:b5:19:27:
9c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:CE:9E:54:79:69:1D:2B:4F:0C:77:33:90:64:CC:D6:DF:50:32:FC
X509v3 Authority Key Identifier:
keyid:7D:C4:AC:ED:CB:86:CD:DF:ED:7F:6D:E8:CA:DF:CA:00:46:9B:BC:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/D86eVHlpHStPDHczkGTM1t9QMvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/fcSs7cuGzd_tf23oyt_KAEabvI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.24.0/21
37.191.128.0/17
62.63.0.0/18
62.101.192.0/18
64.28.0.0/19
77.40.128.0/17
77.88.64.0/18
77.234.48.0/21
78.24.144.0/21
79.135.0.0/19
80.64.192.0/20
80.241.80.0/20
81.0.128.0/18
81.175.0.0/20
81.175.20.0-81.175.63.255
81.191.0.0/16
82.196.192.0/19
84.20.96.0/19
85.112.128.0/19
85.196.64.0/18
85.221.0.0/17
85.252.0.0/16
86.62.128.0/18
87.118.0.0/18
88.84.160.0/19
89.191.0.0/19
91.135.32.0/20
109.199.192.0/19
178.74.0.0/18
185.8.16.0/22
185.35.80.0/22
185.67.116.0/22
185.129.156.0/22
193.69.0.0/16
193.71.0.0/16
193.75.0.0/17
193.90.0.0/16
193.91.128.0/17
194.19.0.0/17
194.29.200.0/22
194.54.96.0/19
195.0.128.0-195.1.255.255
195.18.128.0/17
195.139.0.0/16
195.159.0.0/16
195.204.0.0/16
212.62.224.0/19
212.71.64.0/19
213.52.0.0/17
213.151.128.0/19
213.158.224.0/19
213.160.224.0-213.160.247.255
213.172.192.0/19
213.239.64.0/18
217.8.128.0/19
217.14.0.0/20
217.77.32.0/20
217.118.32.0/19
217.144.224.0/19
IPv6:
2001:840::/29
2001:8c0::/29
2001:4dd8::/29
2a00:c440::/29
2a01:520::/29
2a02:270::/29
2a03:c000::/29
2a04:6340::/29
Signature Algorithm: sha256WithRSAEncryption
4f:49:a3:c1:00:f9:c0:59:f7:11:06:8c:71:63:22:e2:f5:fa:
0b:6a:37:73:bd:9f:cf:79:c7:50:02:21:dd:93:2d:b7:4e:52:
83:3d:ac:e8:63:6d:db:92:40:9c:8a:98:8e:e2:f2:00:7a:93:
a8:47:7c:96:b5:23:5c:12:28:77:1e:61:c5:c1:3f:c1:0d:94:
9b:31:49:d5:ef:a9:bf:c2:6f:3f:f5:d9:92:f4:c9:58:f1:03:
40:a9:7a:2a:42:e3:35:6d:8d:36:10:97:59:05:df:e6:c9:f7:
50:db:84:f7:74:e4:ef:d6:7c:63:14:19:1f:d8:23:f9:6d:38:
8f:16:0a:b2:ec:55:97:23:b9:59:eb:a7:06:a1:36:8f:08:1d:
ad:2d:21:3e:23:cf:2c:2a:87:4a:01:b0:04:e0:c1:af:73:9d:
60:b3:b2:e5:7b:d5:2a:34:8f:6f:4d:f8:e6:b3:e3:83:ca:a9:
f1:7f:d9:35:ca:3c:90:9b:e1:11:36:c7:2f:06:c6:41:b5:e6:
a3:92:28:93:d6:75:f9:78:66:29:4e:4a:eb:41:b5:7c:61:dd:
ed:87:03:33:0d:f2:91:2a:46:22:9a:3b:0c:72:89:be:41:0b:
37:ec:1b:ef:16:1a:f0:54:43:f9:15:03:6a:76:2d:d9:ee:bd:
56:fb:38:3b
-----BEGIN CERTIFICATE-----
MIIGsjCCBZqgAwIBAgISAYzF3ErUBpir4zI02g0L4DbRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYzRhY2VkY2I4NmNkZGZlZDdmNmRlOGNhZGZjYTAwNDY5
YmJjOGUwHhcNMjQwMTAxMTYyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmNlOWU1NDc5NjkxZDJiNGYwYzc3MzM5MDY0Y2NkNmRmNTAzMmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutjyHjJZSAwptXV3dSIxV+Q5tyWD
YlS2zNepW2VrHoW2HrXBP0Xr12qQOetJ2y7JYkgwjhCQmD9bAv17MOdVJ0uBcrcn
vxSAjdea50+dUWHjIm0zpGuzqityZTaybV2ExgRgAZIe5xlvnZyjkQVn+2wvBooI
1enUlyTq0TkbgCn9moch5qfnXCN2lBwDOftU6Cjn9ezesRdZEN+NViIMQqa8/qfQ
IJqI4cWqtj/QpS2uB+74NaZhjZDjWKJpIf/zJmBCbyWnvvNzHa4qpCf8BbpRmwBT
5cy7OvJQBup3vyjRxLgTSNbdTBpWwe6wRsPZlUpbS68QzHMtLra1GSecDwIDAQAB
o4IDvjCCA7owHQYDVR0OBBYEFA/OnlR5aR0rTwx3M5BkzNbfUDL8MB8GA1UdIwQY
MBaAFH3ErO3Lhs3f7X9t6MrfygBGm7yOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmNTczdjdUd6ZF90ZjIzb3l0X0tBRWFidkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zZDJhMTQtNmI3OS00Njg5LTk1Nzkt
Mzk0ODAyODVhOTQ4LzEvRDg2ZVZIbHBIU3RQREhjemtHVE0xdDlRTXZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8zZDJhMTQtNmI3OS00Njg5LTk1NzktMzk0ODAyODVhOTQ4
LzEvZmNTczdjdUd6ZF90ZjIzb3l0X0tBRWFidkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB0gYIKwYBBQUHAQcBAf8EggHBMIIBvTCCAXkEAgABMIIB
cQMEAx+5GAMEByW/gAMEBj4/AAMEBj5lwAMEBUAcAAMEB00ogAMEBk1YQAMEA03q
MAMEA04YkAMEBU+HAAMEBFBAwAMEBFDxUAMEBlEAgAMEBFGvADAMAwQCUa8UAwQG
Ua8AAwMAUb8DBAVSxMADBAVUFGADBAVVcIADBAZVxEADBAdV3QADAwBV/AMEBlY+
gAMEBld2AAMEBVhUoAMEBVm/AAMEBFuHIAMEBW3HwAMEBrJKAAMEArkIEAMEArkj
UAMEArlDdAMEArmBnAMDAMFFAwMAwUcDBAfBSwADAwDBWgMEB8FbgAMEB8ITAAME
AsIdyAMEBcI2YDALAwQHwwCAAwMBwwADBAfDEoADAwDDiwMDAMOfAwMAw8wDBAXU
PuADBAXUR0ADBAfVNAADBAXVl4ADBAXVnuAwDAMEBdWg4AMEA9Wg8AMEBdWswAME
BtXvQAMEBdkIgAMEBNkOAAMEBNlNIAMEBdl2IAMEBdmQ4DA+BAIAAjA4AwUDIAEI
QAMFAyABCMADBQMgAU3YAwUDKgDEQAMFAyoBBSADBQMqAgJwAwUDKgPAAAMFAyoE
Y0AwDQYJKoZIhvcNAQELBQADggEBAE9Jo8EA+cBZ9xEGjHFjIuL1+gtqN3O9n895
x1ACId2TLbdOUoM9rOhjbduSQJyKmI7i8gB6k6hHfJa1I1wSKHceYcXBP8ENlJsx
SdXvqb/Cbz/12ZL0yVjxA0CpeipC4zVtjTYQl1kF3+bJ91DbhPd05O/WfGMUGR/Y
I/ltOI8WCrLsVZcjuVnrpwahNo8IHa0tIT4jzywqh0oBsATgwa9znWCzsuV71So0
j29N+Oaz44PKqfF/2TXKPJCb4RE2xy8GxkG15qOSKJPWdfl4ZilOSutBtXxh3e2H
AzMN8pEqRiKaOwxyib5BCzfsG+8WGvBUQ/kVA2p2LdnuvVb7ODs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:07 2024 by rpki-client on console-fra.rpki-client.org