Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/i3PwpabeDxXCWe8gM7QWOrbCqFU.roa
File: i3PwpabeDxXCWe8gM7QWOrbCqFU.roa (raw, json)
Hash identifier: sG6MrteKrCr01nieQMFoeBI9MkqMTTjA1llB4YQSSMI=
Subject key identifier: 8B:73:F0:A5:A6:DE:0F:15:C2:59:EF:20:33:B4:16:3A:B6:C2:A8:55
Certificate issuer: /CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Certificate serial: 0189683EC72E2FCD5B9A37DA7C52573B000D
Authority key identifier: F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/i3PwpabeDxXCWe8gM7QWOrbCqFU.roa
Signing time: Tue 18 Jul 2023 09:04:51 +0000
ROA not before: Tue 18 Jul 2023 09:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208677
IP address blocks: 178.170.242.0/24 maxlen: 24
87.242.84.0/22 maxlen: 22
87.242.88.0/21 maxlen: 21
87.242.116.0/22 maxlen: 22
87.242.120.0/21 maxlen: 21
188.72.108.0/23 maxlen: 23
37.230.192.0/21 maxlen: 21
188.72.106.0/23 maxlen: 23
188.72.118.0/24 maxlen: 24
188.72.117.0/24 maxlen: 24
37.230.224.0/24 maxlen: 24
37.230.233.0/24 maxlen: 24
94.139.252.0/22 maxlen: 22
178.170.192.0/22 maxlen: 22
178.170.191.0/24 maxlen: 24
45.9.24.0/22 maxlen: 22
178.170.196.0/23 maxlen: 23
45.89.224.0/22 maxlen: 22
46.243.172.0/24 maxlen: 24
37.18.8.0/23 maxlen: 23
37.18.10.0/24 maxlen: 24
37.18.22.0/24 maxlen: 24
46.243.141.0/24 maxlen: 24
46.243.142.0/23 maxlen: 23
37.230.139.0/24 maxlen: 24
37.18.102.0/24 maxlen: 24
37.18.100.0/23 maxlen: 23
37.18.112.0/23 maxlen: 23
37.18.108.0/22 maxlen: 22
37.18.107.0/24 maxlen: 24
37.18.115.0/24 maxlen: 24
37.18.114.0/24 maxlen: 24
37.18.116.0/22 maxlen: 22
37.18.120.0/23 maxlen: 23
37.230.179.0/24 maxlen: 24
37.18.122.0/24 maxlen: 24
188.72.96.0/24 maxlen: 24
37.230.186.0/24 maxlen: 24
37.230.184.0/23 maxlen: 23
37.230.180.0/23 maxlen: 23
46.243.206.0/24 maxlen: 24
46.243.205.0/24 maxlen: 24
46.243.201.0/24 maxlen: 24
46.243.226.0/23 maxlen: 23
46.243.244.0/23 maxlen: 23
37.18.72.0/23 maxlen: 23
89.232.160.0/21 maxlen: 21
89.232.168.0/22 maxlen: 22
89.232.176.0/22 maxlen: 22
141.101.201.0/24 maxlen: 24
141.101.152.0/24 maxlen: 24
141.101.151.0/24 maxlen: 24
195.128.152.0/24 maxlen: 24
2a0c:2b80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 06 Sep 2023 10:24:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:68:3e:c7:2e:2f:cd:5b:9a:37:da:7c:52:57:3b:00:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Validity
Not Before: Jul 18 09:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b73f0a5a6de0f15c259ef2033b4163ab6c2a855
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8d:de:93:e9:a8:c7:67:10:04:d2:78:7b:fc:
aa:43:11:53:76:e2:24:97:0c:29:54:49:2d:ed:c7:
e6:86:04:26:e1:c8:7e:b3:30:1f:8c:c5:be:95:80:
60:a5:3c:56:15:61:72:69:44:41:ff:4e:0d:41:cd:
2b:46:36:0e:f1:de:70:28:dd:52:aa:1e:fb:fd:4d:
88:1e:c5:8d:a3:56:1b:3c:f7:c3:fb:f4:ca:68:03:
17:ed:30:72:be:ab:b3:38:a8:bb:b0:e0:12:44:8b:
4e:a2:ae:bc:b0:a8:18:51:00:86:ce:dc:10:8a:b5:
bc:e5:47:04:3d:43:d9:9d:a4:a3:f1:2e:ff:77:a7:
24:fe:69:b3:62:85:28:d9:5d:a5:54:83:76:de:56:
77:29:ad:47:74:68:6c:c1:1b:52:72:29:c5:70:98:
86:6e:49:be:d7:57:41:52:02:fc:ff:b3:9f:57:ec:
de:c8:cb:3a:75:40:35:ea:0f:53:57:b8:b6:fb:44:
ef:55:64:19:65:d2:90:d4:66:4b:7c:a6:f5:97:c7:
93:9c:ca:5e:35:b2:75:cd:5e:e7:63:af:79:51:b9:
eb:9a:26:82:a6:40:73:2d:ec:d9:1c:ef:2e:67:26:
18:01:27:5a:b9:c7:b6:46:fc:d2:bf:ab:74:cc:20:
9a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:73:F0:A5:A6:DE:0F:15:C2:59:EF:20:33:B4:16:3A:B6:C2:A8:55
X509v3 Authority Key Identifier:
keyid:F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/i3PwpabeDxXCWe8gM7QWOrbCqFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.8.0-37.18.10.255
37.18.22.0/24
37.18.72.0/23
37.18.100.0-37.18.102.255
37.18.107.0-37.18.122.255
37.230.139.0/24
37.230.179.0-37.230.181.255
37.230.184.0-37.230.186.255
37.230.192.0/21
37.230.224.0/24
37.230.233.0/24
45.9.24.0/22
45.89.224.0/22
46.243.141.0-46.243.143.255
46.243.172.0/24
46.243.201.0/24
46.243.205.0-46.243.206.255
46.243.226.0/23
46.243.244.0/23
87.242.84.0-87.242.95.255
87.242.116.0-87.242.127.255
89.232.160.0-89.232.171.255
89.232.176.0/22
94.139.252.0/22
141.101.151.0-141.101.152.255
141.101.201.0/24
178.170.191.0-178.170.197.255
178.170.242.0/24
188.72.96.0/24
188.72.106.0-188.72.109.255
188.72.117.0-188.72.118.255
195.128.152.0/24
IPv6:
2a0c:2b80::/29
Signature Algorithm: sha256WithRSAEncryption
14:16:58:8a:bc:0e:2f:9b:9c:b6:55:1d:91:80:11:c6:70:a6:
26:96:1b:3c:6d:b8:d2:67:0f:02:6f:84:0d:d7:be:18:23:cc:
58:5d:d3:d2:1d:14:9d:d3:df:d2:84:40:fd:f0:aa:fc:ff:f0:
93:1a:f1:46:a1:e6:d0:38:28:11:a9:80:23:38:92:ba:82:8c:
2a:d3:51:1d:25:e7:25:f5:4f:69:3c:bd:43:07:4b:51:50:73:
9c:e2:02:8d:c9:b7:a6:8d:77:11:16:6e:47:6c:7e:26:3c:0f:
1a:5a:d5:f1:4d:e6:93:60:16:e4:49:fa:12:42:11:fa:53:ba:
af:d8:42:ec:46:7e:ea:68:a7:4a:1d:3c:7c:17:16:2c:f8:f7:
3e:46:d4:d2:a4:8c:34:3b:a6:5c:68:a5:56:b9:4d:41:04:f8:
79:7e:c9:8f:28:ed:0b:69:f1:f3:c3:1f:78:57:59:08:f4:af:
41:32:08:6f:25:b4:82:4f:46:10:c7:c6:b3:d6:5d:58:fd:4a:
20:ab:8e:93:54:7f:92:4f:3b:29:fc:06:8d:39:f0:af:ad:eb:
40:9e:87:01:1f:45:6a:54:17:3c:96:eb:7b:bb:0c:11:b4:97:
e4:c6:81:47:01:5c:f5:a9:1f:c9:63:66:1d:1b:92:61:37:18:
b3:fc:e2:74
-----BEGIN CERTIFICATE-----
MIIGQjCCBSqgAwIBAgISAYloPscuL81bmjfafFJXOwANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MTllMWYzZmU2OWI0ZWJkZmYwMmE5YTg1N2U3YzZjMmIy
NTMwMWEwHhcNMjMwNzE4MDkwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjczZjBhNWE2ZGUwZjE1YzI1OWVmMjAzM2I0MTYzYWI2YzJhODU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAho3ek+mox2cQBNJ4e/yqQxFTduIk
lwwpVEkt7cfmhgQm4ch+szAfjMW+lYBgpTxWFWFyaURB/04NQc0rRjYO8d5wKN1S
qh77/U2IHsWNo1YbPPfD+/TKaAMX7TByvquzOKi7sOASRItOoq68sKgYUQCGztwQ
irW85UcEPUPZnaSj8S7/d6ck/mmzYoUo2V2lVIN23lZ3Ka1HdGhswRtScinFcJiG
bkm+11dBUgL8/7OfV+zeyMs6dUA16g9TV7i2+0TvVWQZZdKQ1GZLfKb1l8eTnMpe
NbJ1zV7nY695UbnrmiaCpkBzLezZHO8uZyYYASdauce2RvzSv6t0zCCayQIDAQAB
o4IDTjCCA0owHQYDVR0OBBYEFItz8KWm3g8VwlnvIDO0Fjq2wqhVMB8GA1UdIwQY
MBaAFPkZ4fP+abTr3/AqmoV+fGwrJTAaMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Sbmg4XzVwdE92ZjhDcWFoWDU4YkNzbE1Cby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAz
LWRhZDA0MjBiODVkMy8xL2kzUHdwYWJlRHhYQ1dlOGdNN1FXT3JiQ3FGVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAzLWRhZDA0MjBiODVk
My8xLzEtUm5oOF81cHRPdmY4Q3FhaFg1OGJDc2xNQm8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggFgBggrBgEFBQcBBwEB/wSCAU8wggFLMIIBOAQCAAEw
ggEwMAwDBAMlEggDBAAlEgoDBAAlEhYDBAElEkgwDAMEAiUSZAMEACUSZjAMAwQA
JRJrAwQAJRJ6AwQAJeaLMAwDBAAl5rMDBAEl5rQwDAMEAyXmuAMEACXmugMEAyXm
wAMEACXm4AMEACXm6QMEAi0JGAMEAi1Z4DAMAwQALvONAwQELvOAAwQALvOsAwQA
LvPJMAwDBAAu880DBAAu884DBAEu8+IDBAEu8/QwDAMEAlfyVAMEBVfyQDAMAwQC
V/J0AwQHV/IAMAwDBAVZ6KADBAJZ6KgDBAJZ6LADBAJei/wwDAMEAI1llwMEAI1l
mAMEAI1lyTAMAwQAsqq/AwQBsqrEAwQAsqryAwQAvEhgMAwDBAG8SGoDBAG8SGww
DAMEALxIdQMEALxIdgMEAMOAmDANBAIAAjAHAwUDKgwrgDANBgkqhkiG9w0BAQsF
AAOCAQEAFBZYirwOL5uctlUdkYARxnCmJpYbPG240mcPAm+EDde+GCPMWF3T0h0U
ndPf0oRA/fCq/P/wkxrxRqHm0DgoEamAIziSuoKMKtNRHSXnJfVPaTy9QwdLUVBz
nOICjcm3po13ERZuR2x+JjwPGlrV8U3mk2AW5En6EkIR+lO6r9hC7EZ+6minSh08
fBcWLPj3PkbU0qSMNDumXGilVrlNQQT4eX7JjyjtC2nx88MfeFdZCPSvQTIIbyW0
gk9GEMfGs9ZdWP1KIKuOk1R/kk87KfwGjTnwr63rQJ6HAR9FalQXPJbre7sMEbSX
5MaBRwFc9akfyWNmHRuSYTcYs/zidA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:52 2024 by rpki-client on console-fra.rpki-client.org