Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/af_-Uad6FifHj89x7TI3DQrnA6g.roa
File: af_-Uad6FifHj89x7TI3DQrnA6g.roa (raw, json)
Hash identifier: CYG8znEYFXcxv3w2ckUoGwrFSA0d0bi5xpF5Hzh1ZAE=
Subject key identifier: 69:FF:FE:51:A7:7A:16:27:C7:8F:CF:71:ED:32:37:0D:0A:E7:03:A8
Certificate issuer: /CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Certificate serial: 018626403D95BB065CADEA984C4C080557B8
Authority key identifier: F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/af_-Uad6FifHj89x7TI3DQrnA6g.roa
Signing time: Mon 06 Feb 2023 10:23:09 +0000
ROA not before: Mon 06 Feb 2023 10:23:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208677
IP address blocks: 178.170.242.0/24 maxlen: 24
87.242.88.0/21 maxlen: 21
87.242.120.0/21 maxlen: 21
188.72.108.0/23 maxlen: 23
37.230.192.0/21 maxlen: 21
188.72.106.0/23 maxlen: 23
188.72.117.0/24 maxlen: 24
37.230.224.0/24 maxlen: 24
37.230.233.0/24 maxlen: 24
94.139.252.0/22 maxlen: 22
178.170.192.0/22 maxlen: 22
178.170.191.0/24 maxlen: 24
45.9.24.0/22 maxlen: 22
178.170.196.0/23 maxlen: 23
45.89.224.0/22 maxlen: 22
46.243.172.0/24 maxlen: 24
37.18.8.0/23 maxlen: 23
37.18.10.0/24 maxlen: 24
37.18.22.0/24 maxlen: 24
46.243.141.0/24 maxlen: 24
46.243.142.0/23 maxlen: 23
37.230.139.0/24 maxlen: 24
37.18.102.0/24 maxlen: 24
37.18.100.0/23 maxlen: 23
37.18.112.0/23 maxlen: 23
37.18.108.0/22 maxlen: 22
37.18.107.0/24 maxlen: 24
37.18.115.0/24 maxlen: 24
37.18.114.0/24 maxlen: 24
37.18.116.0/22 maxlen: 22
37.18.120.0/23 maxlen: 23
37.230.179.0/24 maxlen: 24
37.18.122.0/24 maxlen: 24
188.72.96.0/24 maxlen: 24
37.230.186.0/24 maxlen: 24
37.230.184.0/23 maxlen: 23
37.230.180.0/23 maxlen: 23
46.243.206.0/24 maxlen: 24
46.243.205.0/24 maxlen: 24
46.243.201.0/24 maxlen: 24
46.243.226.0/23 maxlen: 23
46.243.244.0/23 maxlen: 23
37.18.72.0/23 maxlen: 23
89.232.160.0/21 maxlen: 21
89.232.176.0/22 maxlen: 22
141.101.201.0/24 maxlen: 24
141.101.152.0/24 maxlen: 24
141.101.151.0/24 maxlen: 24
2a0c:2b80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 20 Feb 2023 11:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:26:40:3d:95:bb:06:5c:ad:ea:98:4c:4c:08:05:57:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Validity
Not Before: Feb 6 10:23:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69fffe51a77a1627c78fcf71ed32370d0ae703a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:95:35:7e:00:70:f7:88:62:7f:76:5d:89:b3:
5e:3b:3d:e5:aa:38:12:09:3e:bf:13:4b:fd:54:2d:
cc:f1:8e:9f:56:90:dd:b3:c8:8c:ef:5d:ea:55:fa:
ac:83:e1:6c:7f:1f:44:aa:4c:ed:85:59:7f:d3:b1:
21:a3:e5:68:9a:3e:89:7a:3b:06:a7:34:22:71:bc:
c5:f5:4a:c4:ab:1f:26:7c:0c:bf:9c:26:ee:78:a9:
e9:63:ac:21:bd:93:0d:27:8d:03:01:94:13:d5:5d:
d2:7e:57:13:e1:74:c3:9e:3d:46:61:9d:a9:ed:95:
3f:b8:e0:8a:a5:d4:0b:37:25:7a:f7:d2:71:12:14:
be:4a:57:c9:26:01:5d:95:b3:2b:18:a9:a2:d5:da:
aa:d1:8b:1e:35:51:3b:c7:d8:3c:0f:76:b7:d4:24:
5f:ab:65:af:cc:d4:99:d1:07:ae:dc:15:5d:30:5d:
67:ec:c6:98:c3:d7:f3:51:cd:e8:4a:21:c9:b2:95:
49:4e:d1:9a:27:5d:bf:fd:d0:03:2b:40:4a:ab:f1:
27:26:9a:1b:2d:3a:e6:a8:fa:ee:4a:68:47:7b:0a:
75:40:cc:ce:ac:3c:c3:f3:5f:82:1e:37:95:4e:e8:
eb:be:4a:88:59:12:32:92:07:52:68:5f:76:10:c4:
f5:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:FF:FE:51:A7:7A:16:27:C7:8F:CF:71:ED:32:37:0D:0A:E7:03:A8
X509v3 Authority Key Identifier:
keyid:F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/af_-Uad6FifHj89x7TI3DQrnA6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.8.0-37.18.10.255
37.18.22.0/24
37.18.72.0/23
37.18.100.0-37.18.102.255
37.18.107.0-37.18.122.255
37.230.139.0/24
37.230.179.0-37.230.181.255
37.230.184.0-37.230.186.255
37.230.192.0/21
37.230.224.0/24
37.230.233.0/24
45.9.24.0/22
45.89.224.0/22
46.243.141.0-46.243.143.255
46.243.172.0/24
46.243.201.0/24
46.243.205.0-46.243.206.255
46.243.226.0/23
46.243.244.0/23
87.242.88.0/21
87.242.120.0/21
89.232.160.0/21
89.232.176.0/22
94.139.252.0/22
141.101.151.0-141.101.152.255
141.101.201.0/24
178.170.191.0-178.170.197.255
178.170.242.0/24
188.72.96.0/24
188.72.106.0-188.72.109.255
188.72.117.0/24
IPv6:
2a0c:2b80::/29
Signature Algorithm: sha256WithRSAEncryption
09:3d:2a:af:14:16:d0:3a:6a:cf:ef:cc:6b:ea:97:67:0e:da:
fd:1c:a9:06:74:e3:01:4f:64:f2:d8:94:78:28:be:a1:94:84:
5c:8e:f2:5a:2b:de:91:f1:3c:12:d0:09:4c:37:0d:f1:0e:75:
b8:78:23:fb:fa:fe:1f:25:ed:ee:9d:70:26:52:2e:79:ee:6b:
0c:e7:d7:68:02:42:3d:67:6d:67:aa:35:0e:d5:18:9e:f2:b5:
bc:2b:be:7c:75:1f:1f:74:1b:b8:36:81:12:10:e2:d7:91:6d:
d8:02:85:75:95:9a:8a:78:92:49:2f:2c:30:a7:0e:e3:39:17:
25:86:cd:6a:e0:2d:4a:de:c1:3c:2a:ec:ff:00:ed:84:a7:d2:
fe:de:cb:52:9d:e4:e2:ba:64:60:cc:25:f0:93:96:35:19:be:
86:61:0f:79:93:4f:71:3f:63:aa:bd:de:ce:97:46:41:f8:c1:
f5:31:6e:8c:5b:7e:bb:f6:41:b8:97:24:47:b3:e4:d3:d8:05:
c3:ef:4d:87:6f:97:81:91:d3:d0:c5:dd:6f:6f:d2:3d:4a:91:
2f:93:76:29:6f:6d:b5:07:1d:04:85:22:fe:b4:90:e7:e8:85:
9f:97:81:f5:d6:57:80:59:67:9f:2a:b9:bf:0a:ba:6b:41:7a:
99:36:86:c9
-----BEGIN CERTIFICATE-----
MIIGHDCCBQSgAwIBAgISAYYmQD2VuwZcreqYTEwIBVe4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MTllMWYzZmU2OWI0ZWJkZmYwMmE5YTg1N2U3YzZjMmIy
NTMwMWEwHhcNMjMwMjA2MTAyMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWZmZmU1MWE3N2ExNjI3Yzc4ZmNmNzFlZDMyMzcwZDBhZTcwM2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpU1fgBw94hif3ZdibNeOz3lqjgS
CT6/E0v9VC3M8Y6fVpDds8iM713qVfqsg+Fsfx9EqkzthVl/07Eho+Vomj6JejsG
pzQicbzF9UrEqx8mfAy/nCbueKnpY6whvZMNJ40DAZQT1V3SflcT4XTDnj1GYZ2p
7ZU/uOCKpdQLNyV699JxEhS+SlfJJgFdlbMrGKmi1dqq0YseNVE7x9g8D3a31CRf
q2WvzNSZ0Qeu3BVdMF1n7MaYw9fzUc3oSiHJspVJTtGaJ12//dADK0BKq/EnJpob
LTrmqPruSmhHewp1QMzOrDzD81+CHjeVTujrvkqIWRIykgdSaF92EMT1hQIDAQAB
o4IDKDCCAyQwHQYDVR0OBBYEFGn//lGnehYnx4/Pce0yNw0K5wOoMB8GA1UdIwQY
MBaAFPkZ4fP+abTr3/AqmoV+fGwrJTAaMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Sbmg4XzVwdE92ZjhDcWFoWDU4YkNzbE1Cby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAz
LWRhZDA0MjBiODVkMy8xL2FmXy1VYWQ2RmlmSGo4OXg3VEkzRFFybkE2Zy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAzLWRhZDA0MjBiODVk
My8xLzEtUm5oOF81cHRPdmY4Q3FhaFg1OGJDc2xNQm8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggE6BggrBgEFBQcBBwEB/wSCASkwggElMIIBEgQCAAEw
ggEKMAwDBAMlEggDBAAlEgoDBAAlEhYDBAElEkgwDAMEAiUSZAMEACUSZjAMAwQA
JRJrAwQAJRJ6AwQAJeaLMAwDBAAl5rMDBAEl5rQwDAMEAyXmuAMEACXmugMEAyXm
wAMEACXm4AMEACXm6QMEAi0JGAMEAi1Z4DAMAwQALvONAwQELvOAAwQALvOsAwQA
LvPJMAwDBAAu880DBAAu884DBAEu8+IDBAEu8/QDBANX8lgDBANX8ngDBANZ6KAD
BAJZ6LADBAJei/wwDAMEAI1llwMEAI1lmAMEAI1lyTAMAwQAsqq/AwQBsqrEAwQA
sqryAwQAvEhgMAwDBAG8SGoDBAG8SGwDBAC8SHUwDQQCAAIwBwMFAyoMK4AwDQYJ
KoZIhvcNAQELBQADggEBAAk9Kq8UFtA6as/vzGvql2cO2v0cqQZ04wFPZPLYlHgo
vqGUhFyO8lor3pHxPBLQCUw3DfEOdbh4I/v6/h8l7e6dcCZSLnnuawzn12gCQj1n
bWeqNQ7VGJ7ytbwrvnx1Hx90G7g2gRIQ4teRbdgChXWVmop4kkkvLDCnDuM5FyWG
zWrgLUrewTwq7P8A7YSn0v7ey1Kd5OK6ZGDMJfCTljUZvoZhD3mTT3E/Y6q93s6X
RkH4wfUxboxbfrv2QbiXJEez5NPYBcPvTYdvl4GR09DF3W9v0j1KkS+TdilvbbUH
HQSFIv60kOfohZ+XgfXWV4BZZ58qub8KumtBepk2hsk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:55 2024 by rpki-client on console-ams.rpki-client.org