Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/i1FZO2iUXSXWXtGxIiJr6fecKAA.roa
File: i1FZO2iUXSXWXtGxIiJr6fecKAA.roa (raw, json)
Hash identifier: 3FSDK0iXSupbtcioB/n89wm8VabumGw29z6Gxxbptro=
Subject key identifier: 8B:51:59:3B:68:94:5D:25:D6:5E:D1:B1:22:22:6B:E9:F7:9C:28:00
Certificate issuer: /CN=df0198a7b3afdcdd7003562a0871878e238760ad
Certificate serial: 0187B38E514115EC2424C2927DA09BA35D98
Authority key identifier: DF:01:98:A7:B3:AF:DC:DD:70:03:56:2A:08:71:87:8E:23:87:60:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/i1FZO2iUXSXWXtGxIiJr6fecKAA.roa
Signing time: Mon 24 Apr 2023 13:57:41 +0000
ROA not before: Mon 24 Apr 2023 13:57:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21334
IP address blocks: 195.184.160.0/20 maxlen: 20
195.184.160.0/19 maxlen: 19
195.184.176.0/20 maxlen: 20
176.63.128.0/17 maxlen: 17
89.134.0.0/15 maxlen: 15
86.101.0.0/17 maxlen: 17
130.43.192.0/18 maxlen: 18
86.101.0.0/16 maxlen: 16
185.33.80.0/23 maxlen: 23
185.33.80.0/24 maxlen: 24
185.33.81.0/24 maxlen: 24
37.188.80.0/22 maxlen: 22
37.188.80.0/21 maxlen: 21
37.188.84.0/22 maxlen: 22
5.63.192.0/18 maxlen: 18
212.48.240.0/21 maxlen: 21
212.48.240.0/20 maxlen: 20
37.220.192.0/18 maxlen: 18
212.96.32.0/20 maxlen: 20
212.48.248.0/21 maxlen: 21
212.96.32.0/19 maxlen: 19
80.244.96.0/20 maxlen: 20
212.96.48.0/20 maxlen: 20
37.191.0.0/19 maxlen: 19
176.63.0.0/17 maxlen: 17
37.191.0.0/18 maxlen: 18
176.63.0.0/16 maxlen: 16
37.191.32.0/19 maxlen: 19
188.142.160.0/20 maxlen: 20
188.142.160.0/19 maxlen: 19
89.223.128.0/17 maxlen: 17
89.223.128.0/18 maxlen: 18
188.142.176.0/20 maxlen: 20
178.48.0.0/17 maxlen: 17
178.48.0.0/16 maxlen: 16
78.139.0.0/19 maxlen: 19
78.139.0.0/18 maxlen: 18
78.139.32.0/19 maxlen: 19
5.206.128.0/18 maxlen: 18
188.142.192.0/19 maxlen: 19
188.142.192.0/18 maxlen: 18
80.99.0.0/16 maxlen: 16
178.48.128.0/17 maxlen: 17
188.142.224.0/19 maxlen: 19
89.223.192.0/18 maxlen: 18
94.44.0.0/17 maxlen: 17
94.44.0.0/16 maxlen: 16
151.0.64.0/18 maxlen: 18
213.222.160.0/19 maxlen: 19
88.87.240.0/22 maxlen: 22
80.98.0.0/16 maxlen: 16
88.87.240.0/21 maxlen: 21
88.87.244.0/22 maxlen: 22
80.98.0.0/15 maxlen: 15
185.10.124.0/22 maxlen: 22
185.10.124.0/23 maxlen: 23
185.10.126.0/23 maxlen: 23
213.222.128.0/19 maxlen: 19
213.222.128.0/18 maxlen: 18
5.148.224.0/19 maxlen: 19
89.132.0.0/15 maxlen: 15
94.44.128.0/17 maxlen: 17
89.132.0.0/14 maxlen: 14
86.101.128.0/17 maxlen: 17
89.135.60.0/24 maxlen: 24
5.148.192.0/19 maxlen: 19
5.148.192.0/18 maxlen: 18
2a02:ab80::/29 maxlen: 29
2a02:ab80::/28 maxlen: 28
2a02:ab88::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 12 Dec 2023 15:29:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b3:8e:51:41:15:ec:24:24:c2:92:7d:a0:9b:a3:5d:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df0198a7b3afdcdd7003562a0871878e238760ad
Validity
Not Before: Apr 24 13:57:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b51593b68945d25d65ed1b122226be9f79c2800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2f:63:6a:67:5f:e7:1b:16:e4:b2:14:42:ce:
06:57:f3:66:db:ea:a4:35:16:76:cd:9d:5d:98:d4:
17:de:14:0d:c7:a1:41:17:e9:82:68:52:c6:8b:00:
82:b2:c4:f3:93:a1:9e:99:ff:71:a8:f5:5d:e7:ee:
dc:d2:f9:04:11:f1:f0:ca:fe:f0:04:0d:2c:2d:19:
91:e9:b5:77:54:52:77:9b:3e:c0:99:b6:ff:7e:f9:
e8:4b:40:aa:42:59:8d:3e:77:1d:82:7c:48:7f:a9:
9f:39:92:5c:5c:49:0e:6a:90:0b:31:77:e5:82:bc:
2b:de:6c:43:f9:17:b8:e2:e8:ac:b4:66:59:1b:d9:
36:5c:ac:be:9a:55:26:36:7e:02:46:9f:ca:12:b5:
19:29:0d:e8:40:b8:48:f3:13:bc:75:1f:62:f3:61:
72:26:d1:40:ce:95:35:f3:20:b1:3a:14:6d:5c:60:
d2:23:87:b6:d6:cf:66:53:0b:1a:ca:31:e2:1d:69:
0a:e3:33:b4:93:c2:91:3d:9b:2a:91:78:84:18:ab:
e7:46:b5:b5:84:c7:ea:5b:6d:00:b0:30:64:fb:78:
94:7c:8e:b4:da:9e:0e:1d:d4:64:a7:d9:a6:b7:e2:
2a:b6:3b:64:94:da:c3:54:07:ed:36:c6:7d:96:8c:
b9:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:51:59:3B:68:94:5D:25:D6:5E:D1:B1:22:22:6B:E9:F7:9C:28:00
X509v3 Authority Key Identifier:
keyid:DF:01:98:A7:B3:AF:DC:DD:70:03:56:2A:08:71:87:8E:23:87:60:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/i1FZO2iUXSXWXtGxIiJr6fecKAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.192.0/18
5.148.192.0/18
5.206.128.0/18
37.188.80.0/21
37.191.0.0/18
37.220.192.0/18
78.139.0.0/18
80.98.0.0/15
80.244.96.0/20
86.101.0.0/16
88.87.240.0/21
89.132.0.0/14
89.223.128.0/17
94.44.0.0/16
130.43.192.0/18
151.0.64.0/18
176.63.0.0/16
178.48.0.0/16
185.10.124.0/22
185.33.80.0/23
188.142.160.0-188.142.255.255
195.184.160.0/19
212.48.240.0/20
212.96.32.0/19
213.222.128.0/18
IPv6:
2a02:ab80::/28
Signature Algorithm: sha256WithRSAEncryption
46:eb:38:0f:40:0c:46:5f:de:a2:2e:4f:76:d6:42:4b:52:84:
28:38:a8:d7:b5:1f:74:9c:6a:f0:0f:78:08:da:bb:7c:26:25:
68:8e:47:c3:67:49:5f:c4:e9:ad:2b:6b:dd:27:af:e4:34:7d:
eb:89:e4:d6:7e:be:7e:fd:8c:0f:b3:09:c7:03:d5:b5:24:96:
38:30:4f:c4:26:77:93:b3:0c:c0:b6:d9:48:e2:0f:ff:d5:8e:
93:b9:42:ab:0c:df:29:cb:d5:56:72:e4:3a:8c:ec:07:47:74:
ef:8b:e2:e5:38:a3:43:43:86:d2:cc:9e:d3:3a:1b:d5:48:28:
6c:e6:bc:31:b4:61:cc:69:ee:be:f9:e1:a4:6b:21:9c:71:ba:
80:ec:75:8a:6a:2c:71:5e:51:6f:cd:53:51:6d:56:00:40:ef:
8d:c0:c6:9a:6a:87:c3:bd:e5:51:62:95:e5:f8:d5:38:9d:63:
49:74:2a:23:dc:5d:19:f4:eb:ca:3c:55:00:1b:9c:dc:fe:37:
78:00:1a:79:cb:1e:34:91:87:69:8f:7a:19:fd:65:4e:c0:e9:
49:a2:db:9b:f6:ef:6b:74:31:6b:e0:1a:f6:0a:9f:a9:70:07:
c8:1b:96:41:39:e5:49:65:60:24:54:e8:19:a6:f2:4d:7d:1b:
0e:20:3e:52
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYezjlFBFewkJMKSfaCbo12YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMDE5OGE3YjNhZmRjZGQ3MDAzNTYyYTA4NzE4NzhlMjM4
NzYwYWQwHhcNMjMwNDI0MTM1NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjUxNTkzYjY4OTQ1ZDI1ZDY1ZWQxYjEyMjIyNmJlOWY3OWMyODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlC9jamdf5xsW5LIUQs4GV/Nm2+qk
NRZ2zZ1dmNQX3hQNx6FBF+mCaFLGiwCCssTzk6Gemf9xqPVd5+7c0vkEEfHwyv7w
BA0sLRmR6bV3VFJ3mz7Ambb/fvnoS0CqQlmNPncdgnxIf6mfOZJcXEkOapALMXfl
grwr3mxD+Re44uistGZZG9k2XKy+mlUmNn4CRp/KErUZKQ3oQLhI8xO8dR9i82Fy
JtFAzpU18yCxOhRtXGDSI4e21s9mUwsayjHiHWkK4zO0k8KRPZsqkXiEGKvnRrW1
hMfqW20AsDBk+3iUfI602p4OHdRkp9mmt+IqtjtklNrDVAftNsZ9loy5wQIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFItRWTtolF0l1l7RsSIia+n3nCgAMB8GA1UdIwQY
MBaAFN8BmKezr9zdcANWKghxh44jh2CtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3dHWXA3T3YzTjF3QTFZcUNIR0hqaU9IWUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9kM2ZjYTYtZWNiNS00M2FhLThjOWQt
MGZjYzZjMzAxMWZjLzEvaTFGWk8yaVVYU1hXWHRHeElpSnI2ZmVjS0FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9kM2ZjYTYtZWNiNS00M2FhLThjOWQtMGZjYzZjMzAxMWZj
LzEvM3dHWXA3T3YzTjF3QTFZcUNIR0hqaU9IWUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBngQCAAEwgZcDBAYF
P8ADBAYFlMADBAYFzoADBAMlvFADBAYlvwADBAYl3MADBAZOiwADAwFQYgMEBFD0
YAMDAFZlAwQDWFfwAwMCWYQDBAdZ34ADAwBeLAMEBoIrwAMEBpcAQAMDALA/AwMA
sjADBAK5CnwDBAG5IVAwCwMEBbyOoAMDALyOAwQFw7igAwQE1DDwAwQF1GAgAwQG
1d6AMA0EAgACMAcDBQQqAquAMA0GCSqGSIb3DQEBCwUAA4IBAQBG6zgPQAxGX96i
Lk921kJLUoQoOKjXtR90nGrwD3gI2rt8JiVojkfDZ0lfxOmtK2vdJ6/kNH3rieTW
fr5+/YwPswnHA9W1JJY4ME/EJneTswzAttlI4g//1Y6TuUKrDN8py9VWcuQ6jOwH
R3Tvi+LlOKNDQ4bSzJ7TOhvVSChs5rwxtGHMae6++eGkayGccbqA7HWKaixxXlFv
zVNRbVYAQO+NwMaaaofDveVRYpXl+NU4nWNJdCoj3F0Z9OvKPFUAG5zc/jd4ABp5
yx40kYdpj3oZ/WVOwOlJotub9u9rdDFr4Br2Cp+pcAfIG5ZBOeVJZWAkVOgZpvJN
fRsOID5S
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:34 2024 by rpki-client on console-ams.rpki-client.org