Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/vpAnFn-Oxj4rhvxm48Cs-5puNi0.roa
File: vpAnFn-Oxj4rhvxm48Cs-5puNi0.roa (raw, json)
Hash identifier: H2IshPxhIeiwWrb+DjdRAJ4zavyGnhTqEugwthQ8xV8=
Subject key identifier: BE:90:27:16:7F:8E:C6:3E:2B:86:FC:66:E3:C0:AC:FB:9A:6E:36:2D
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0189013A7E8CA06CB240F63B93F17BE354D5
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/vpAnFn-Oxj4rhvxm48Cs-5puNi0.roa
Signing time: Wed 28 Jun 2023 08:59:17 +0000
ROA not before: Wed 28 Jun 2023 08:59:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57169
IP address blocks: 37.235.50.0/23 maxlen: 23
37.235.48.0/20 maxlen: 20
37.235.56.0/24 maxlen: 24
37.235.57.0/24 maxlen: 24
37.235.58.0/24 maxlen: 24
37.235.52.0/24 maxlen: 24
37.235.59.0/24 maxlen: 24
37.235.60.0/24 maxlen: 24
37.235.61.0/24 maxlen: 24
37.235.62.0/24 maxlen: 24
37.235.63.0/24 maxlen: 24
158.255.211.0/24 maxlen: 24
158.255.212.0/24 maxlen: 24
158.255.209.0/24 maxlen: 24
158.255.210.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.237.0/24 maxlen: 24
149.154.152.0/24 maxlen: 24
149.154.153.0/24 maxlen: 24
149.154.154.0/24 maxlen: 24
149.154.155.0/24 maxlen: 24
149.154.156.0/24 maxlen: 24
91.227.204.0/23 maxlen: 23
91.227.204.0/24 maxlen: 24
91.227.205.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
91.132.94.0/24 maxlen: 24
151.236.0.0/19 maxlen: 19
151.236.0.0/24 maxlen: 24
151.236.1.0/24 maxlen: 24
151.236.2.0/24 maxlen: 24
151.236.3.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.5.0/24 maxlen: 24
151.236.6.0/24 maxlen: 24
151.236.7.0/24 maxlen: 24
151.236.8.0/24 maxlen: 24
151.236.9.0/24 maxlen: 24
151.236.10.0/24 maxlen: 24
151.236.11.0/24 maxlen: 24
151.236.12.0/24 maxlen: 24
151.236.13.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.26.0/23 maxlen: 23
151.236.30.0/24 maxlen: 24
103.57.250.0/24 maxlen: 24
2a03:f80:359::/48 maxlen: 48
2a03:f80:56::/48 maxlen: 48
2a03:f80:ed16::/48 maxlen: 48
2a03:f80:ed31::/48 maxlen: 48
2a03:f87:ffff::/48 maxlen: 48
2a03:f80::/29 maxlen: 29
2a03:f80:57::/48 maxlen: 48
2a03:f80:ed17::/48 maxlen: 48
2a03:f80:354::/48 maxlen: 48
2a03:f80:3991::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
2a03:f80:ed15::/48 maxlen: 48
2a03:f80:ad15::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:01:3a:7e:8c:a0:6c:b2:40:f6:3b:93:f1:7b:e3:54:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jun 28 08:59:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be9027167f8ec63e2b86fc66e3c0acfb9a6e362d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a0:e7:f6:7c:c0:2e:78:47:63:a7:d8:19:fd:
75:c2:21:ca:8e:75:23:2c:f0:48:ce:51:d3:4c:1f:
71:71:eb:66:d6:dc:a3:67:33:de:ad:63:c2:11:89:
a5:a9:c2:cf:f0:58:52:6a:19:22:86:06:92:4a:36:
ba:7d:7e:2b:f0:5e:5f:2f:53:96:ce:b3:5a:60:61:
7e:05:3e:a3:4a:a7:34:bb:02:8b:c5:db:2e:21:bc:
31:77:74:c1:6f:3c:b8:c3:de:54:09:20:04:54:c1:
f4:e6:b4:72:0c:90:0f:08:42:20:d0:f3:77:be:28:
13:d1:5a:fe:74:52:19:e2:88:7b:48:61:25:a4:de:
e1:b6:1d:e1:13:82:a7:76:8b:43:6d:cc:35:69:a6:
c5:9e:05:05:15:89:25:8c:30:45:14:00:50:10:a9:
f0:aa:64:6e:36:b6:f7:fb:32:a8:96:98:fc:32:a2:
f6:27:3b:eb:ee:bd:b7:14:d2:fa:74:03:a8:fc:99:
e3:04:61:9f:7d:e5:df:fa:63:df:7c:69:bf:4d:59:
1e:6b:bf:9a:42:c4:9b:1e:34:77:a1:16:7a:85:90:
6a:eb:48:b6:45:0c:87:c7:73:ba:6a:36:81:2f:ec:
81:96:fd:de:ea:52:e1:9b:a2:69:f4:58:ef:9d:2b:
87:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:90:27:16:7F:8E:C6:3E:2B:86:FC:66:E3:C0:AC:FB:9A:6E:36:2D
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/vpAnFn-Oxj4rhvxm48Cs-5puNi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.48.0/20
83.243.120.0/24
89.31.123.0/24
91.132.94.0/24
91.227.204.0/23
103.57.250.0/24
149.154.152.0-149.154.156.255
151.236.0.0/19
158.255.209.0-158.255.212.255
185.26.236.0/23
IPv6:
2a03:f80::/29
Signature Algorithm: sha256WithRSAEncryption
30:a4:91:fa:46:21:5e:bb:7e:64:48:d6:7f:3a:a3:5e:50:f6:
8a:ab:d8:ac:16:11:5b:a4:90:59:ae:6b:7f:ad:92:bd:12:86:
7a:92:7c:b7:17:f9:ea:8c:6a:47:cb:8b:fa:a1:cd:72:13:28:
13:79:9a:88:15:c1:48:9d:f2:cb:64:e2:78:8b:59:ac:f2:04:
93:23:47:f5:e6:3f:9d:1f:9e:4f:30:de:69:be:00:fa:11:9c:
76:57:9f:ba:f4:8a:1f:87:b4:89:29:5d:a9:b2:54:29:da:bf:
45:b3:5c:08:04:68:ee:07:69:c5:d5:c1:b0:6d:01:cc:16:21:
ca:d9:52:4d:1e:e7:59:02:ed:f4:c9:96:0a:ec:46:b0:e9:ca:
02:48:8c:d2:1c:14:e0:50:c7:87:cf:86:89:6c:7e:68:11:90:
0a:51:32:dd:04:06:1a:31:fe:48:90:4b:42:7b:77:0a:97:91:
6c:36:7d:d1:9f:d6:36:b9:f8:b0:0a:ae:9f:29:15:e0:6b:ab:
6b:e4:03:9f:55:a8:61:11:a6:a1:67:22:4a:44:d5:7c:7a:a1:
94:b8:3a:1c:1d:f0:39:f7:90:3f:a6:42:ab:4c:d7:ee:03:a3:
db:a5:f8:aa:1d:5b:08:c8:99:d9:e9:bf:fd:23:e0:6d:0d:6c:
b4:05:40:31
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYkBOn6MoGyyQPY7k/F741TVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwNjI4MDg1OTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTkwMjcxNjdmOGVjNjNlMmI4NmZjNjZlM2MwYWNmYjlhNmUzNjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaDn9nzALnhHY6fYGf11wiHKjnUj
LPBIzlHTTB9xcetm1tyjZzPerWPCEYmlqcLP8FhSahkihgaSSja6fX4r8F5fL1OW
zrNaYGF+BT6jSqc0uwKLxdsuIbwxd3TBbzy4w95UCSAEVMH05rRyDJAPCEIg0PN3
vigT0Vr+dFIZ4oh7SGElpN7hth3hE4KndotDbcw1aabFngUFFYkljDBFFABQEKnw
qmRuNrb3+zKolpj8MqL2Jzvr7r23FNL6dAOo/JnjBGGffeXf+mPffGm/TVkea7+a
QsSbHjR3oRZ6hZBq60i2RQyHx3O6ajaBL+yBlv3e6lLhm6Jp9FjvnSuHmwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFL6QJxZ/jsY+K4b8ZuPArPuabjYtMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvdnBBbkZuLU94ajRyaHZ4bTQ4Q3MtNXB1TmkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMAwQEJeswAwQA
U/N4AwQAWR97AwQAW4ReAwQBW+PMAwQAZzn6MAwDBAOVmpgDBACVmpwDBAWX7AAw
DAMEAJ7/0QMEAJ7/1AMEAbka7DANBAIAAjAHAwUDKgMPgDANBgkqhkiG9w0BAQsF
AAOCAQEAMKSR+kYhXrt+ZEjWfzqjXlD2iqvYrBYRW6SQWa5rf62SvRKGepJ8txf5
6oxqR8uL+qHNchMoE3maiBXBSJ3yy2TieItZrPIEkyNH9eY/nR+eTzDeab4A+hGc
dlefuvSKH4e0iSldqbJUKdq/RbNcCARo7gdpxdXBsG0BzBYhytlSTR7nWQLt9MmW
CuxGsOnKAkiM0hwU4FDHh8+GiWx+aBGQClEy3QQGGjH+SJBLQnt3CpeRbDZ90Z/W
Nrn4sAqunykV4Gura+QDn1WoYRGmoWciSkTVfHqhlLg6HB3wOfeQP6ZCq0zX7gOj
26X4qh1bCMiZ2em//SPgbQ1stAVAMQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:28 2023 by rpki-client on console.sobornost.net