Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/afbMXnIcmjEJ5w00feuNykaWewE.roa
File: afbMXnIcmjEJ5w00feuNykaWewE.roa (raw, json)
Hash identifier: F/8M8Xhg3hfN44wBJvpwBXgWVHAVA3bEROIwjXq0+KE=
Subject key identifier: 69:F6:CC:5E:72:1C:9A:31:09:E7:0D:34:7D:EB:8D:CA:46:96:7B:01
Certificate issuer: /CN=1f46f57735a4e63dbef848ee0d9d199e215f8304
Certificate serial: 01907D23387E270550F20EDCA528751CB6CC
Authority key identifier: 1F:46:F5:77:35:A4:E6:3D:BE:F8:48:EE:0D:9D:19:9E:21:5F:83:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/afbMXnIcmjEJ5w00feuNykaWewE.roa
Signing time: Thu 04 Jul 2024 09:46:18 +0000
ROA not before: Thu 04 Jul 2024 09:46:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24940
IP address blocks: 5.9.0.0/16 maxlen: 24
5.75.128.0/17 maxlen: 24
5.161.0.0/16 maxlen: 24
23.88.0.0/17 maxlen: 24
37.27.0.0/16 maxlen: 24
46.4.0.0/16 maxlen: 24
49.12.0.0/16 maxlen: 24
49.13.0.0/16 maxlen: 24
65.21.0.0/16 maxlen: 24
65.108.0.0/16 maxlen: 24
65.109.0.0/16 maxlen: 24
78.46.0.0/15 maxlen: 24
85.10.192.0/18 maxlen: 24
88.99.0.0/16 maxlen: 24
88.198.0.0/16 maxlen: 24
91.107.128.0/17 maxlen: 24
94.130.0.0/16 maxlen: 24
95.216.0.0/16 maxlen: 24
95.217.0.0/16 maxlen: 24
116.202.0.0/16 maxlen: 24
116.203.0.0/16 maxlen: 24
128.140.0.0/17 maxlen: 24
135.181.0.0/16 maxlen: 24
142.132.128.0/17 maxlen: 24
157.90.0.0/16 maxlen: 24
157.180.0.0/17 maxlen: 24
159.69.0.0/16 maxlen: 24
162.55.0.0/16 maxlen: 24
167.233.0.0/16 maxlen: 24
167.235.0.0/16 maxlen: 24
168.119.0.0/16 maxlen: 24
176.9.0.0/16 maxlen: 24
178.63.0.0/16 maxlen: 24
185.12.64.0/22 maxlen: 24
188.34.128.0/17 maxlen: 24
188.40.0.0/16 maxlen: 24
188.245.0.0/16 maxlen: 24
195.201.0.0/16 maxlen: 24
213.133.96.0/19 maxlen: 24
213.239.192.0/18 maxlen: 24
2a01:4f8::/32 maxlen: 48
2a01:4f9::/32 maxlen: 48
2a01:4ff:ff01::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 24 Sep 2024 08:20:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7d:23:38:7e:27:05:50:f2:0e:dc:a5:28:75:1c:b6:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f46f57735a4e63dbef848ee0d9d199e215f8304
Validity
Not Before: Jul 4 09:46:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69f6cc5e721c9a3109e70d347deb8dca46967b01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:5f:d5:78:98:45:a2:f2:48:5a:19:2b:b6:d2:
82:6f:c4:09:2e:3a:2f:90:96:f1:43:be:9b:99:29:
5f:00:e7:54:bb:10:c9:1f:d9:ae:38:b3:a0:b3:ee:
09:f8:96:4b:6d:53:b4:b3:e5:43:a6:c6:38:36:2b:
d8:15:c1:40:93:9b:07:3b:e7:2b:61:81:61:ee:66:
d1:3e:af:a4:f5:13:ba:98:1f:50:ca:98:68:d9:a1:
fb:5e:01:05:24:22:c4:46:82:d4:fd:73:27:77:72:
18:c4:b7:bc:0b:0f:6e:3e:18:e5:2c:8f:16:05:5d:
c5:d4:9c:b8:0a:b7:1d:21:3c:40:48:b9:e5:66:0e:
98:2d:f1:e2:fc:0f:1d:17:ac:03:e8:84:7a:e4:69:
16:16:e3:68:51:26:ae:33:bd:17:71:7b:c7:d9:08:
61:7e:57:9a:87:de:2d:1f:72:ff:e9:1e:4a:b2:93:
ed:fd:7b:51:31:97:ca:a1:db:b7:6b:1f:9a:dc:fd:
7c:72:28:87:e0:0a:62:49:90:41:72:cd:82:7d:4d:
89:aa:79:9d:53:29:ff:70:76:c9:f8:99:af:df:a9:
17:2b:09:a9:cf:17:df:ff:75:15:6c:65:03:e7:94:
b5:60:de:82:38:7d:c7:5d:90:a5:c3:af:8d:5e:cf:
12:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:F6:CC:5E:72:1C:9A:31:09:E7:0D:34:7D:EB:8D:CA:46:96:7B:01
X509v3 Authority Key Identifier:
keyid:1F:46:F5:77:35:A4:E6:3D:BE:F8:48:EE:0D:9D:19:9E:21:5F:83:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/afbMXnIcmjEJ5w00feuNykaWewE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.9.0.0/16
5.75.128.0/17
5.161.0.0/16
23.88.0.0/17
37.27.0.0/16
46.4.0.0/16
49.12.0.0/15
65.21.0.0/16
65.108.0.0/15
78.46.0.0/15
85.10.192.0/18
88.99.0.0/16
88.198.0.0/16
91.107.128.0/17
94.130.0.0/16
95.216.0.0/15
116.202.0.0/15
128.140.0.0/17
135.181.0.0/16
142.132.128.0/17
157.90.0.0/16
157.180.0.0/17
159.69.0.0/16
162.55.0.0/16
167.233.0.0/16
167.235.0.0/16
168.119.0.0/16
176.9.0.0/16
178.63.0.0/16
185.12.64.0/22
188.34.128.0/17
188.40.0.0/16
188.245.0.0/16
195.201.0.0/16
213.133.96.0/19
213.239.192.0/18
IPv6:
2a01:4f8::/31
2a01:4ff:ff01::/48
Signature Algorithm: sha256WithRSAEncryption
8d:1c:4e:4b:09:95:e3:13:39:93:f2:cd:e2:c3:ed:24:81:fd:
80:06:51:0f:77:04:99:3f:c1:c6:6e:dd:3d:d5:63:cd:ac:58:
30:a0:45:2a:56:8c:88:ac:ac:63:c7:0e:d3:c9:f0:9f:ea:cd:
30:07:8d:f1:41:84:1f:90:9f:19:1f:68:70:6b:2a:a5:34:2a:
aa:cd:75:b9:ea:2a:c7:dd:2e:05:fc:01:a6:37:79:ac:81:89:
c7:53:23:90:14:ae:89:47:96:76:68:4a:be:e0:d7:e3:99:54:
f4:8c:09:7f:9b:f4:d6:c5:07:73:c4:7a:c7:d2:17:f9:d6:28:
c0:19:b6:d3:73:ca:ac:0e:39:64:7c:80:ad:2c:5b:4b:8c:22:
a6:0b:a9:88:c0:ae:d0:f8:52:83:85:37:b9:c7:b9:c1:49:eb:
8e:ab:64:38:c3:4c:8d:91:0b:16:88:60:18:43:2c:5f:8f:bf:
45:09:f5:25:15:d6:0b:d7:b7:2b:ce:f6:20:dd:3a:79:ee:f4:
58:e3:f3:02:11:2f:69:fe:63:60:09:fd:4d:64:45:c2:17:6c:
b7:72:e2:fd:28:5b:19:ec:3f:3c:cd:45:6f:cc:da:1f:e4:69:
a8:19:31:a6:12:01:14:62:90:b3:37:8d:be:56:3c:7d:6b:a0:
89:d4:ce:13
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgISAZB9Izh+JwVQ8g7cpSh1HLbMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDZmNTc3MzVhNGU2M2RiZWY4NDhlZTBkOWQxOTllMjE1
ZjgzMDQwHhcNMjQwNzA0MDk0NjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWY2Y2M1ZTcyMWM5YTMxMDllNzBkMzQ3ZGViOGRjYTQ2OTY3YjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApV/VeJhFovJIWhkrttKCb8QJLjov
kJbxQ76bmSlfAOdUuxDJH9muOLOgs+4J+JZLbVO0s+VDpsY4NivYFcFAk5sHO+cr
YYFh7mbRPq+k9RO6mB9Qypho2aH7XgEFJCLERoLU/XMnd3IYxLe8Cw9uPhjlLI8W
BV3F1Jy4CrcdITxASLnlZg6YLfHi/A8dF6wD6IR65GkWFuNoUSauM70XcXvH2Qhh
fleah94tH3L/6R5KspPt/XtRMZfKodu3ax+a3P18ciiH4ApiSZBBcs2CfU2Jqnmd
Uyn/cHbJ+Jmv36kXKwmpzxff/3UVbGUD55S1YN6COH3HXZClw6+NXs8SrwIDAQAB
o4IC3zCCAtswHQYDVR0OBBYEFGn2zF5yHJoxCecNNH3rjcpGlnsBMB8GA1UdIwQY
MBaAFB9G9Xc1pOY9vvhI7g2dGZ4hX4MEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBiMWR6V2s1ajItLUVqdURaMFpuaUZmZ3dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8xMDcyNjYtYWI1MS00NjJiLTlmYzIt
YTdjOTg5OGVlY2JjLzEvYWZiTVhuSWNtakVKNXcwMGZldU55a2FXZXdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8xMDcyNjYtYWI1MS00NjJiLTlmYzItYTdjOTg5OGVlY2Jj
LzEvSDBiMWR6V2s1ajItLUVqdURaMFpuaUZmZ3dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH0BggrBgEFBQcBBwEB/wSB5DCB4TCBxgQCAAEwgb8DAwAF
CQMEBwVLgAMDAAWhAwQHF1gAAwMAJRsDAwAuBAMDATEMAwMAQRUDAwFBbAMDAU4u
AwQGVQrAAwMAWGMDAwBYxgMEB1trgAMDAF6CAwMBX9gDAwF0ygMEB4CMAAMDAIe1
AwQHjoSAAwMAnVoDBAedtAADAwCfRQMDAKI3AwMAp+kDAwCn6wMDAKh3AwMAsAkD
AwCyPwMEArkMQAMEB7wigAMDALwoAwMAvPUDAwDDyQMEBdWFYAMEBtXvwDAWBAIA
AjAQAwUBKgEE+AMHACoBBP//ATANBgkqhkiG9w0BAQsFAAOCAQEAjRxOSwmV4xM5
k/LN4sPtJIH9gAZRD3cEmT/Bxm7dPdVjzaxYMKBFKlaMiKysY8cO08nwn+rNMAeN
8UGEH5CfGR9ocGsqpTQqqs11ueoqx90uBfwBpjd5rIGJx1MjkBSuiUeWdmhKvuDX
45lU9IwJf5v01sUHc8R6x9IX+dYowBm203PKrA45ZHyArSxbS4wipgupiMCu0PhS
g4U3uce5wUnrjqtkOMNMjZELFohgGEMsX4+/RQn1JRXWC9e3K872IN06ee70WOPz
AhEvaf5jYAn9TWRFwhdst3Li/ShbGew/PM1Fb8zaH+RpqBkxphIBFGKQszeNvlY8
fWugidTOEw==
-----END CERTIFICATE-----
Generated at Tue Sep 24 10:41:53 2024 by rpki-client on console-fra.rpki-client.org