Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/w3Aafdv8kTE9pQzQ4BEgkWuM63Y.roa
File: w3Aafdv8kTE9pQzQ4BEgkWuM63Y.roa (raw, json)
Hash identifier: YgOKxpZ/HCV1CH8rNNg5axgZqrc5YD5cUZVw876XRxw=
Subject key identifier: C3:70:1A:7D:DB:FC:91:31:3D:A5:0C:D0:E0:11:20:91:6B:8C:EB:76
Certificate issuer: /CN=1f46f57735a4e63dbef848ee0d9d199e215f8304
Certificate serial: 018C5CDCB29C0B0D3474726E1BA102B4EA75
Authority key identifier: 1F:46:F5:77:35:A4:E6:3D:BE:F8:48:EE:0D:9D:19:9E:21:5F:83:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/w3Aafdv8kTE9pQzQ4BEgkWuM63Y.roa
Signing time: Tue 12 Dec 2023 07:10:16 +0000
ROA not before: Tue 12 Dec 2023 07:10:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24940
IP address blocks: 142.132.128.0/17 maxlen: 24
168.119.0.0/16 maxlen: 24
162.55.0.0/16 maxlen: 24
49.13.0.0/16 maxlen: 24
65.109.0.0/16 maxlen: 24
167.235.0.0/16 maxlen: 24
116.203.0.0/16 maxlen: 24
88.198.0.0/16 maxlen: 24
5.161.0.0/16 maxlen: 24
116.202.0.0/16 maxlen: 24
159.69.0.0/16 maxlen: 24
188.40.0.0/16 maxlen: 24
88.99.0.0/16 maxlen: 24
5.75.128.0/17 maxlen: 24
91.107.128.0/17 maxlen: 24
95.217.0.0/16 maxlen: 24
128.140.0.0/17 maxlen: 24
49.12.0.0/16 maxlen: 24
65.108.0.0/16 maxlen: 24
213.133.96.0/19 maxlen: 24
94.130.0.0/16 maxlen: 24
37.27.0.0/16 maxlen: 24
85.10.192.0/18 maxlen: 24
46.4.0.0/16 maxlen: 24
178.63.0.0/16 maxlen: 24
157.90.0.0/16 maxlen: 24
135.181.0.0/16 maxlen: 24
188.245.0.0/16 maxlen: 24
188.34.128.0/17 maxlen: 24
65.21.0.0/16 maxlen: 24
23.88.0.0/17 maxlen: 24
185.12.64.0/22 maxlen: 24
95.216.0.0/16 maxlen: 24
78.46.0.0/15 maxlen: 24
167.233.0.0/16 maxlen: 24
213.239.192.0/18 maxlen: 24
195.201.0.0/16 maxlen: 24
5.9.0.0/16 maxlen: 24
176.9.0.0/16 maxlen: 24
2a01:4f8::/32 maxlen: 48
2a01:4ff:ff01::/48 maxlen: 48
2a01:4f9::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5c:dc:b2:9c:0b:0d:34:74:72:6e:1b:a1:02:b4:ea:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f46f57735a4e63dbef848ee0d9d199e215f8304
Validity
Not Before: Dec 12 07:10:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3701a7ddbfc91313da50cd0e01120916b8ceb76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:03:8d:0c:61:7a:f2:6f:e1:b3:eb:e5:7b:46:
26:89:e3:1a:da:ae:63:9a:34:f1:dc:d3:c2:a0:1d:
c0:5e:86:06:3d:26:7a:a2:7c:3c:24:31:b2:d8:eb:
fe:8e:55:b2:36:72:ac:68:2b:97:e3:6b:ef:66:59:
30:78:b5:43:5d:ca:32:dc:a0:56:ae:6c:38:e6:45:
79:ca:a8:bb:f5:2f:40:bd:ca:a2:81:1a:f5:5d:1f:
ed:70:09:25:89:ef:c8:62:8d:f2:2d:d2:a7:30:8e:
5c:e1:32:ae:63:58:93:35:3d:35:18:51:17:47:37:
b6:87:65:08:a4:c8:bf:6e:21:a5:3a:f0:49:87:fb:
56:05:fd:08:c0:5f:70:6c:b6:8f:30:f8:2f:e1:90:
31:52:84:33:d4:c2:fa:be:9f:5e:bf:e5:67:58:ae:
ee:e2:06:cf:ab:d3:f7:c2:66:3d:9b:d2:cc:c4:3e:
15:3b:d9:c1:cd:22:aa:0c:0f:f5:5f:85:18:66:2f:
ec:ab:c3:dd:25:e8:bc:b0:92:15:58:1e:82:40:26:
e3:51:e9:14:bd:98:ea:5e:ef:13:d2:80:fc:f5:fd:
3c:8f:a5:1f:6a:c7:f0:fe:7e:55:02:1b:76:ba:46:
72:b8:89:bc:df:b5:24:f1:51:f9:fc:e0:cc:5a:4a:
0b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:70:1A:7D:DB:FC:91:31:3D:A5:0C:D0:E0:11:20:91:6B:8C:EB:76
X509v3 Authority Key Identifier:
keyid:1F:46:F5:77:35:A4:E6:3D:BE:F8:48:EE:0D:9D:19:9E:21:5F:83:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/w3Aafdv8kTE9pQzQ4BEgkWuM63Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.9.0.0/16
5.75.128.0/17
5.161.0.0/16
23.88.0.0/17
37.27.0.0/16
46.4.0.0/16
49.12.0.0/15
65.21.0.0/16
65.108.0.0/15
78.46.0.0/15
85.10.192.0/18
88.99.0.0/16
88.198.0.0/16
91.107.128.0/17
94.130.0.0/16
95.216.0.0/15
116.202.0.0/15
128.140.0.0/17
135.181.0.0/16
142.132.128.0/17
157.90.0.0/16
159.69.0.0/16
162.55.0.0/16
167.233.0.0/16
167.235.0.0/16
168.119.0.0/16
176.9.0.0/16
178.63.0.0/16
185.12.64.0/22
188.34.128.0/17
188.40.0.0/16
188.245.0.0/16
195.201.0.0/16
213.133.96.0/19
213.239.192.0/18
IPv6:
2a01:4f8::/31
2a01:4ff:ff01::/48
Signature Algorithm: sha256WithRSAEncryption
78:24:96:c9:6e:41:23:df:78:c0:12:91:a7:6d:53:b7:9e:52:
87:c6:f4:c6:a1:9b:b1:68:8e:79:a7:6f:82:08:fd:fd:87:b2:
3a:74:51:1e:6e:bf:35:a0:09:c6:fd:ae:75:97:cc:2d:67:79:
fe:36:8c:5f:03:17:fc:b2:f8:3d:11:f9:e7:89:ba:f3:10:49:
a4:2f:66:67:6e:d2:18:71:f9:51:6b:62:06:dc:3a:79:61:03:
71:20:b4:d3:b7:99:42:dd:de:c0:95:b3:10:96:5d:8d:18:1a:
2e:42:d3:70:75:66:70:a5:b7:bf:30:f8:d9:6c:5b:44:17:2d:
34:cd:db:55:ac:89:00:a3:1e:45:af:f6:3d:c3:1a:78:3c:b6:
f7:c7:66:64:3b:ee:51:c3:9f:c0:ef:ed:f0:8f:e3:54:19:fc:
0f:35:b1:2d:a8:0a:40:e7:d6:e2:3f:78:2b:69:e9:50:1b:a8:
db:d3:90:a9:02:0a:c4:42:48:23:ff:a9:86:4d:a3:51:9b:08:
6c:69:9d:01:05:09:e0:e5:92:be:0e:0d:b8:1a:9b:0a:29:58:
70:ad:2c:83:0d:5a:58:4d:89:f2:79:32:29:f7:b7:3e:ac:c2:
ab:8e:83:3c:8d:77:d3:0c:93:ef:e3:e3:49:4b:e7:bc:6d:c3:
01:a0:30:72
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgISAYxc3LKcCw00dHJuG6ECtOp1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDZmNTc3MzVhNGU2M2RiZWY4NDhlZTBkOWQxOTllMjE1
ZjgzMDQwHhcNMjMxMjEyMDcxMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzcwMWE3ZGRiZmM5MTMxM2RhNTBjZDBlMDExMjA5MTZiOGNlYjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggONDGF68m/hs+vle0YmieMa2q5j
mjTx3NPCoB3AXoYGPSZ6onw8JDGy2Ov+jlWyNnKsaCuX42vvZlkweLVDXcoy3KBW
rmw45kV5yqi79S9AvcqigRr1XR/tcAklie/IYo3yLdKnMI5c4TKuY1iTNT01GFEX
Rze2h2UIpMi/biGlOvBJh/tWBf0IwF9wbLaPMPgv4ZAxUoQz1ML6vp9ev+VnWK7u
4gbPq9P3wmY9m9LMxD4VO9nBzSKqDA/1X4UYZi/sq8PdJei8sJIVWB6CQCbjUekU
vZjqXu8T0oD89f08j6Ufasfw/n5VAht2ukZyuIm837Uk8VH5/ODMWkoLxQIDAQAB
o4IC2TCCAtUwHQYDVR0OBBYEFMNwGn3b/JExPaUM0OARIJFrjOt2MB8GA1UdIwQY
MBaAFB9G9Xc1pOY9vvhI7g2dGZ4hX4MEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBiMWR6V2s1ajItLUVqdURaMFpuaUZmZ3dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8xMDcyNjYtYWI1MS00NjJiLTlmYzIt
YTdjOTg5OGVlY2JjLzEvdzNBYWZkdjhrVEU5cFF6UTRCRWdrV3VNNjNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8xMDcyNjYtYWI1MS00NjJiLTlmYzItYTdjOTg5OGVlY2Jj
LzEvSDBiMWR6V2s1ajItLUVqdURaMFpuaUZmZ3dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHuBggrBgEFBQcBBwEB/wSB3jCB2zCBwAQCAAEwgbkDAwAF
CQMEBwVLgAMDAAWhAwQHF1gAAwMAJRsDAwAuBAMDATEMAwMAQRUDAwFBbAMDAU4u
AwQGVQrAAwMAWGMDAwBYxgMEB1trgAMDAF6CAwMBX9gDAwF0ygMEB4CMAAMDAIe1
AwQHjoSAAwMAnVoDAwCfRQMDAKI3AwMAp+kDAwCn6wMDAKh3AwMAsAkDAwCyPwME
ArkMQAMEB7wigAMDALwoAwMAvPUDAwDDyQMEBdWFYAMEBtXvwDAWBAIAAjAQAwUB
KgEE+AMHACoBBP//ATANBgkqhkiG9w0BAQsFAAOCAQEAeCSWyW5BI994wBKRp21T
t55Sh8b0xqGbsWiOeadvggj9/YeyOnRRHm6/NaAJxv2udZfMLWd5/jaMXwMX/LL4
PRH554m68xBJpC9mZ27SGHH5UWtiBtw6eWEDcSC007eZQt3ewJWzEJZdjRgaLkLT
cHVmcKW3vzD42WxbRBctNM3bVayJAKMeRa/2PcMaeDy298dmZDvuUcOfwO/t8I/j
VBn8DzWxLagKQOfW4j94K2npUBuo29OQqQIKxEJII/+phk2jUZsIbGmdAQUJ4OWS
vg4NuBqbCilYcK0sgw1aWE2J8nkyKfe3PqzCq46DPI130wyT7+PjSUvnvG3DAaAw
cg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:56 2024 by rpki-client on console-fra.rpki-client.org