Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/xHGTBd4GUyBsVnsSUCl1ZArqd6Q.roa
File: xHGTBd4GUyBsVnsSUCl1ZArqd6Q.roa (raw, json)
Hash identifier: 5Y+OuCLa/oKvIqpwIG88iOSP7CMj1DpFWz9DyEttKLE=
Subject key identifier: C4:71:93:05:DE:06:53:20:6C:56:7B:12:50:29:75:64:0A:EA:77:A4
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018B9DD6B5EB12D83641912290A59A10AB45
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/xHGTBd4GUyBsVnsSUCl1ZArqd6Q.roa
Signing time: Sun 05 Nov 2023 04:56:16 +0000
ROA not before: Sun 05 Nov 2023 04:56:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31549
IP address blocks: 217.60.0.0/19 maxlen: 19
217.60.0.0/18 maxlen: 18
217.60.0.0/16 maxlen: 16
217.60.24.0/21 maxlen: 21
217.60.32.0/22 maxlen: 22
217.60.36.0/22 maxlen: 22
217.60.36.0/23 maxlen: 23
217.60.32.0/20 maxlen: 20
217.60.38.0/23 maxlen: 23
217.60.40.0/21 maxlen: 21
217.60.48.0/20 maxlen: 20
37.148.0.0/18 maxlen: 24
37.148.0.0/17 maxlen: 18
217.60.108.0/22 maxlen: 22
217.60.128.0/18 maxlen: 18
217.60.128.0/19 maxlen: 19
217.60.150.0/24 maxlen: 24
217.60.64.0/20 maxlen: 20
217.60.64.0/18 maxlen: 18
217.60.80.0/20 maxlen: 20
217.60.96.0/21 maxlen: 21
217.60.104.0/22 maxlen: 22
151.244.128.0/19 maxlen: 19
94.183.176.0/21 maxlen: 21
84.241.0.0/18 maxlen: 24
31.56.80.0/20 maxlen: 20
31.56.16.0/20 maxlen: 20
31.56.0.0/14 maxlen: 24
31.56.32.0/20 maxlen: 20
185.73.3.0/24 maxlen: 24
185.73.0.0/22 maxlen: 22
151.238.0.0/15 maxlen: 24
185.73.2.0/24 maxlen: 24
185.73.2.0/23 maxlen: 23
185.73.0.0/23 maxlen: 23
151.240.0.0/13 maxlen: 24
85.15.0.0/18 maxlen: 24
151.247.64.0/18 maxlen: 18
217.60.219.0/24 maxlen: 24
217.60.216.0/21 maxlen: 21
217.60.224.0/20 maxlen: 20
217.60.230.0/24 maxlen: 24
217.60.231.0/24 maxlen: 24
217.60.240.0/20 maxlen: 20
37.202.128.0/18 maxlen: 18
37.202.128.0/17 maxlen: 17
217.60.160.0/19 maxlen: 19
217.60.160.0/21 maxlen: 21
217.60.160.0/20 maxlen: 20
217.60.161.0/24 maxlen: 24
217.60.171.0/24 maxlen: 24
217.60.170.0/24 maxlen: 24
217.60.168.0/23 maxlen: 23
217.60.176.0/21 maxlen: 21
217.60.176.0/24 maxlen: 24
151.245.248.0/22 maxlen: 22
151.245.252.0/22 maxlen: 22
217.60.184.0/22 maxlen: 22
151.245.248.0/21 maxlen: 21
37.148.78.0/24 maxlen: 24
217.60.188.0/22 maxlen: 22
217.60.192.0/22 maxlen: 22
217.60.192.0/20 maxlen: 20
217.60.196.0/22 maxlen: 22
217.60.192.0/18 maxlen: 18
217.60.200.0/22 maxlen: 22
94.182.0.0/15 maxlen: 24
217.60.207.0/24 maxlen: 24
217.60.212.0/22 maxlen: 22
217.60.209.0/24 maxlen: 24
217.60.208.0/20 maxlen: 20
217.60.208.0/23 maxlen: 23
37.202.192.0/18 maxlen: 18
37.202.136.0/24 maxlen: 24
31.57.208.0/20 maxlen: 20
2a0e:0:1:3000::/52 maxlen: 52
2a0e:0:1:2000::/52 maxlen: 52
2a0e:0:1:1000::/52 maxlen: 52
2a0e:0:1::/52 maxlen: 52
2a0e::/26 maxlen: 26
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9d:d6:b5:eb:12:d8:36:41:91:22:90:a5:9a:10:ab:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Nov 5 04:56:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4719305de0653206c567b12502975640aea77a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:af:1c:12:87:61:d0:b4:a0:0a:e5:4a:4c:16:
c0:4f:70:0d:67:0e:7f:0d:a2:41:ff:2d:89:e3:23:
89:71:41:4e:65:cd:01:7e:47:32:75:5b:36:2f:94:
c5:1e:da:4b:1f:16:40:3e:c9:cc:8c:b1:e9:aa:31:
90:80:14:0e:26:c0:22:5e:50:d2:46:a0:85:19:79:
f0:0e:e9:c1:72:19:9f:b6:1d:72:a1:81:e8:2f:e9:
2f:c2:0a:1c:3b:ea:b1:cb:77:ad:89:92:b4:ca:14:
42:f9:76:de:d5:24:d5:e2:e5:e8:34:07:84:05:02:
ce:9a:4a:58:a6:4b:8c:37:a8:7c:19:54:4a:1e:ba:
c9:ef:50:5d:ee:7f:b4:88:ee:79:58:fd:50:95:1e:
4b:f7:ae:2e:6a:0e:aa:b2:57:9b:89:e2:48:31:41:
f6:82:42:c5:f4:be:ba:c3:3c:d7:ca:28:f8:aa:66:
4c:75:09:72:73:9f:cb:7b:67:f9:ed:a9:dc:2e:5f:
31:ce:7d:79:8d:cd:1d:6c:f4:1c:ef:48:95:39:f9:
a0:41:86:95:ac:25:26:5b:19:a2:8d:0e:52:e7:aa:
97:2d:bf:19:c3:32:f0:a9:be:8c:1f:09:36:c1:48:
db:7f:74:57:98:3d:a3:cf:72:97:18:b6:37:84:38:
90:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:71:93:05:DE:06:53:20:6C:56:7B:12:50:29:75:64:0A:EA:77:A4
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/xHGTBd4GUyBsVnsSUCl1ZArqd6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.0.0/14
37.148.0.0/17
37.202.128.0/17
84.241.0.0/18
85.15.0.0/18
94.182.0.0/15
151.238.0.0-151.247.255.255
185.73.0.0/22
217.60.0.0/16
IPv6:
2a0e::/26
Signature Algorithm: sha256WithRSAEncryption
96:8c:80:64:75:52:ed:35:72:76:6d:d2:d3:a8:58:3b:43:e4:
56:23:1e:76:2e:86:91:9a:84:bd:cb:f3:2b:21:59:fa:db:d1:
a3:81:14:38:6d:f1:78:47:67:6e:93:72:37:ab:9f:76:44:a8:
fc:57:32:17:61:54:39:82:b4:de:d7:fc:f3:3c:ef:c8:38:cd:
07:85:53:03:cd:f9:61:36:d8:b5:ab:af:cf:ae:d9:0b:a0:10:
6f:86:57:1e:52:93:5c:5d:9b:54:cb:b7:9b:bb:e0:cd:7f:15:
b4:01:85:31:c5:e5:b8:85:91:89:bc:45:30:63:ac:d9:36:43:
b5:88:ef:49:84:d4:3a:15:99:b5:be:1e:18:d4:11:4d:24:5a:
83:54:c8:a4:e5:f4:25:f0:5a:6f:82:f5:5b:5a:56:23:9c:83:
e2:bb:3a:02:c2:d6:51:1f:4b:ab:e1:06:d0:c3:ee:b4:ff:7f:
fc:98:49:a5:bb:5a:28:51:d0:2f:b0:8e:84:c9:92:dc:78:2b:
fb:1b:35:de:e3:2e:ac:41:54:fa:ac:5e:6b:1a:2c:76:44:81:
ad:12:d3:c0:23:3b:bf:39:20:58:26:1a:83:3b:bc:99:6e:e4:
9d:7c:ce:9b:4d:41:83:66:7a:ff:93:6c:2b:d0:db:02:a1:5e:
5f:f0:03:39
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYud1rXrEtg2QZEikKWaEKtFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjMxMTA1MDQ1NjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDcxOTMwNWRlMDY1MzIwNmM1NjdiMTI1MDI5NzU2NDBhZWE3N2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtK8cEodh0LSgCuVKTBbAT3ANZw5/
DaJB/y2J4yOJcUFOZc0BfkcydVs2L5TFHtpLHxZAPsnMjLHpqjGQgBQOJsAiXlDS
RqCFGXnwDunBchmfth1yoYHoL+kvwgocO+qxy3etiZK0yhRC+Xbe1STV4uXoNAeE
BQLOmkpYpkuMN6h8GVRKHrrJ71Bd7n+0iO55WP1QlR5L964uag6qslebieJIMUH2
gkLF9L66wzzXyij4qmZMdQlyc5/Le2f57ancLl8xzn15jc0dbPQc70iVOfmgQYaV
rCUmWxmijQ5S56qXLb8ZwzLwqb6MHwk2wUjbf3RXmD2jz3KXGLY3hDiQTwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMRxkwXeBlMgbFZ7ElApdWQK6nekMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEveEhHVEJkNEdVeUJzVm5zU1VDbDFaQXJxZDZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDA/BAIAATA5AwMCHzgDBAcl
lAADBAclyoADBAZU8QADBAZVDwADAwFetjAKAwMBl+4DAwOX8AMEArlJAAMDANk8
MA0EAgACMAcDBQYqDgAAMA0GCSqGSIb3DQEBCwUAA4IBAQCWjIBkdVLtNXJ2bdLT
qFg7Q+RWIx52LoaRmoS9y/MrIVn629GjgRQ4bfF4R2duk3I3q592RKj8VzIXYVQ5
grTe1/zzPO/IOM0HhVMDzflhNti1q6/PrtkLoBBvhlceUpNcXZtUy7ebu+DNfxW0
AYUxxeW4hZGJvEUwY6zZNkO1iO9JhNQ6FZm1vh4Y1BFNJFqDVMik5fQl8FpvgvVb
WlYjnIPiuzoCwtZRH0ur4QbQw+60/3/8mEmlu1ooUdAvsI6EyZLceCv7GzXe4y6s
QVT6rF5rGix2RIGtEtPAIzu/OSBYJhqDO7yZbuSdfM6bTUGDZnr/k2wr0NsCoV5f
8AM5
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:36 2023 by rpki-client on console.sobornost.net