Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/GBlaSBma_DUNfWqAOv-RGUgkGos.roa
File: GBlaSBma_DUNfWqAOv-RGUgkGos.roa (raw, json)
Hash identifier: MTavEqIMSmIn4C10UhIirx1LNjrKx75T9eJiB2uWaiM=
Subject key identifier: 18:19:5A:48:19:9A:FC:35:0D:7D:6A:80:3A:FF:91:19:48:24:1A:8B
Certificate issuer: /CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Certificate serial: 01866E9227973F2B63AD28EC62916071A30E
Authority key identifier: F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/GBlaSBma_DUNfWqAOv-RGUgkGos.roa
Signing time: Mon 20 Feb 2023 11:25:17 +0000
ROA not before: Mon 20 Feb 2023 11:25:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208677
IP address blocks: 178.170.242.0/24 maxlen: 24
87.242.88.0/21 maxlen: 21
87.242.120.0/21 maxlen: 21
188.72.108.0/23 maxlen: 23
37.230.192.0/21 maxlen: 21
188.72.106.0/23 maxlen: 23
188.72.118.0/24 maxlen: 24
188.72.117.0/24 maxlen: 24
37.230.224.0/24 maxlen: 24
37.230.233.0/24 maxlen: 24
94.139.252.0/22 maxlen: 22
178.170.192.0/22 maxlen: 22
178.170.191.0/24 maxlen: 24
45.9.24.0/22 maxlen: 22
178.170.196.0/23 maxlen: 23
45.89.224.0/22 maxlen: 22
46.243.172.0/24 maxlen: 24
37.18.8.0/23 maxlen: 23
37.18.10.0/24 maxlen: 24
37.18.22.0/24 maxlen: 24
46.243.141.0/24 maxlen: 24
46.243.142.0/23 maxlen: 23
37.230.139.0/24 maxlen: 24
37.18.102.0/24 maxlen: 24
37.18.100.0/23 maxlen: 23
37.18.112.0/23 maxlen: 23
37.18.108.0/22 maxlen: 22
37.18.107.0/24 maxlen: 24
37.18.115.0/24 maxlen: 24
37.18.114.0/24 maxlen: 24
37.18.116.0/22 maxlen: 22
37.18.120.0/23 maxlen: 23
37.230.179.0/24 maxlen: 24
37.18.122.0/24 maxlen: 24
188.72.96.0/24 maxlen: 24
37.230.186.0/24 maxlen: 24
37.230.184.0/23 maxlen: 23
37.230.180.0/23 maxlen: 23
46.243.206.0/24 maxlen: 24
46.243.205.0/24 maxlen: 24
46.243.201.0/24 maxlen: 24
46.243.226.0/23 maxlen: 23
46.243.244.0/23 maxlen: 23
37.18.72.0/23 maxlen: 23
89.232.160.0/21 maxlen: 21
89.232.176.0/22 maxlen: 22
141.101.201.0/24 maxlen: 24
141.101.152.0/24 maxlen: 24
141.101.151.0/24 maxlen: 24
2a0c:2b80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 10 May 2023 08:04:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6e:92:27:97:3f:2b:63:ad:28:ec:62:91:60:71:a3:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Validity
Not Before: Feb 20 11:25:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=18195a48199afc350d7d6a803aff911948241a8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:34:01:49:9b:b8:f7:ca:23:58:36:8f:de:d0:
99:8b:a3:d7:db:3a:1c:16:6f:47:19:ab:da:68:48:
d1:f7:c6:d1:29:76:71:bf:ae:83:66:d0:58:f7:8a:
5f:f1:2e:f5:e0:d5:0e:1c:68:a3:23:7a:ff:91:84:
93:3a:ac:7f:9b:0d:3f:94:d3:7e:84:a2:44:56:e4:
ef:16:11:17:d3:e6:17:44:b1:95:a4:88:3b:5d:a0:
7b:7f:15:1d:f0:17:d6:4a:c2:31:95:3c:71:f8:e1:
11:72:93:00:8d:d2:a4:bc:49:85:3a:3b:fd:7b:51:
e8:e9:0c:b6:52:91:cb:b3:00:fe:d8:73:0e:79:96:
df:7f:a1:31:9e:9e:08:df:b4:2e:e0:3e:6b:fa:23:
f4:72:22:eb:94:b7:27:13:10:a2:33:58:25:5a:9e:
49:bb:07:0d:ba:03:2d:ac:64:e0:11:93:79:6a:9a:
95:07:7a:e7:56:9e:ca:ec:ee:ec:ac:2d:b6:bc:b8:
e4:f6:c0:d0:07:6d:13:2c:78:4e:ba:e9:48:f3:b6:
9c:25:d3:40:db:95:f7:26:4a:51:77:6b:0d:f3:a9:
d4:08:4b:35:a0:29:33:dd:bd:ce:9a:50:f4:f2:74:
78:5d:f6:cc:7e:10:c1:27:da:3b:7d:b8:c8:3d:a9:
d3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:19:5A:48:19:9A:FC:35:0D:7D:6A:80:3A:FF:91:19:48:24:1A:8B
X509v3 Authority Key Identifier:
keyid:F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/GBlaSBma_DUNfWqAOv-RGUgkGos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.8.0-37.18.10.255
37.18.22.0/24
37.18.72.0/23
37.18.100.0-37.18.102.255
37.18.107.0-37.18.122.255
37.230.139.0/24
37.230.179.0-37.230.181.255
37.230.184.0-37.230.186.255
37.230.192.0/21
37.230.224.0/24
37.230.233.0/24
45.9.24.0/22
45.89.224.0/22
46.243.141.0-46.243.143.255
46.243.172.0/24
46.243.201.0/24
46.243.205.0-46.243.206.255
46.243.226.0/23
46.243.244.0/23
87.242.88.0/21
87.242.120.0/21
89.232.160.0/21
89.232.176.0/22
94.139.252.0/22
141.101.151.0-141.101.152.255
141.101.201.0/24
178.170.191.0-178.170.197.255
178.170.242.0/24
188.72.96.0/24
188.72.106.0-188.72.109.255
188.72.117.0-188.72.118.255
IPv6:
2a0c:2b80::/29
Signature Algorithm: sha256WithRSAEncryption
9d:83:e5:b4:7f:71:1e:13:68:92:37:d9:70:c2:59:8c:be:a6:
17:03:16:de:bf:0a:26:10:67:e4:b9:31:c2:de:a5:58:c5:c6:
1d:d9:c9:62:62:33:be:6d:b0:52:4f:5a:27:b8:9e:93:04:81:
93:a9:83:5c:a0:24:e7:bd:f3:ab:40:58:40:27:41:2f:4d:c5:
3a:bc:54:24:48:b2:cf:12:5f:21:d9:3c:8a:9b:42:7b:e6:e0:
a3:80:33:cb:3d:e4:fc:3b:47:a0:31:18:ce:29:aa:04:85:54:
51:7c:bb:93:1c:4f:cc:c7:29:61:43:2f:0c:be:5a:b8:7f:f6:
b9:27:83:46:f4:32:e7:05:a1:e7:06:44:b7:a2:28:8a:c9:fc:
af:7e:b0:74:63:c2:e4:ca:e2:20:94:d4:3f:76:48:93:c7:30:
6e:bc:95:bc:a4:10:a6:0b:93:a0:79:dd:9a:e3:a1:ae:4c:6c:
aa:7e:b1:e7:aa:ed:9e:36:c9:a4:ea:74:c1:fb:f3:c9:3d:eb:
4d:36:70:4a:0e:5f:92:33:a3:d6:ed:39:01:0c:a7:15:3d:81:
a0:e0:89:8e:9a:33:21:d7:69:3b:c5:60:9e:b8:3d:8a:4f:af:
05:1a:82:2e:66:c7:98:c0:30:3e:67:f8:83:0d:4a:9c:35:c2:
e1:49:5e:4b
-----BEGIN CERTIFICATE-----
MIIGJDCCBQygAwIBAgISAYZukieXPytjrSjsYpFgcaMOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MTllMWYzZmU2OWI0ZWJkZmYwMmE5YTg1N2U3YzZjMmIy
NTMwMWEwHhcNMjMwMjIwMTEyNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODE5NWE0ODE5OWFmYzM1MGQ3ZDZhODAzYWZmOTExOTQ4MjQxYThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjQBSZu498ojWDaP3tCZi6PX2zoc
Fm9HGavaaEjR98bRKXZxv66DZtBY94pf8S714NUOHGijI3r/kYSTOqx/mw0/lNN+
hKJEVuTvFhEX0+YXRLGVpIg7XaB7fxUd8BfWSsIxlTxx+OERcpMAjdKkvEmFOjv9
e1Ho6Qy2UpHLswD+2HMOeZbff6Exnp4I37Qu4D5r+iP0ciLrlLcnExCiM1glWp5J
uwcNugMtrGTgEZN5apqVB3rnVp7K7O7srC22vLjk9sDQB20TLHhOuulI87acJdNA
25X3JkpRd2sN86nUCEs1oCkz3b3OmlD08nR4XfbMfhDBJ9o7fbjIPanTQQIDAQAB
o4IDMDCCAywwHQYDVR0OBBYEFBgZWkgZmvw1DX1qgDr/kRlIJBqLMB8GA1UdIwQY
MBaAFPkZ4fP+abTr3/AqmoV+fGwrJTAaMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Sbmg4XzVwdE92ZjhDcWFoWDU4YkNzbE1Cby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAz
LWRhZDA0MjBiODVkMy8xL0dCbGFTQm1hX0RVTmZXcUFPdi1SR1Vna0dvcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAzLWRhZDA0MjBiODVk
My8xLzEtUm5oOF81cHRPdmY4Q3FhaFg1OGJDc2xNQm8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggFCBggrBgEFBQcBBwEB/wSCATEwggEtMIIBGgQCAAEw
ggESMAwDBAMlEggDBAAlEgoDBAAlEhYDBAElEkgwDAMEAiUSZAMEACUSZjAMAwQA
JRJrAwQAJRJ6AwQAJeaLMAwDBAAl5rMDBAEl5rQwDAMEAyXmuAMEACXmugMEAyXm
wAMEACXm4AMEACXm6QMEAi0JGAMEAi1Z4DAMAwQALvONAwQELvOAAwQALvOsAwQA
LvPJMAwDBAAu880DBAAu884DBAEu8+IDBAEu8/QDBANX8lgDBANX8ngDBANZ6KAD
BAJZ6LADBAJei/wwDAMEAI1llwMEAI1lmAMEAI1lyTAMAwQAsqq/AwQBsqrEAwQA
sqryAwQAvEhgMAwDBAG8SGoDBAG8SGwwDAMEALxIdQMEALxIdjANBAIAAjAHAwUD
KgwrgDANBgkqhkiG9w0BAQsFAAOCAQEAnYPltH9xHhNokjfZcMJZjL6mFwMW3r8K
JhBn5Lkxwt6lWMXGHdnJYmIzvm2wUk9aJ7iekwSBk6mDXKAk573zq0BYQCdBL03F
OrxUJEiyzxJfIdk8iptCe+bgo4Azyz3k/DtHoDEYzimqBIVUUXy7kxxPzMcpYUMv
DL5auH/2uSeDRvQy5wWh5wZEt6Ioisn8r36wdGPC5MriIJTUP3ZIk8cwbryVvKQQ
pguToHndmuOhrkxsqn6x56rtnjbJpOp0wfvzyT3rTTZwSg5fkjOj1u05AQynFT2B
oOCJjpozIddpO8Vgnrg9ik+vBRqCLmbHmMAwPmf4gw1KnDXC4UleSw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:55 2024 by rpki-client on console-ams.rpki-client.org