Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/bd7a93-c9e4-42b6-a5c6-d35c54f14dbe/1/FhD4porHbAS3ccffJ4MolabR-zI.roa
File: FhD4porHbAS3ccffJ4MolabR-zI.roa (raw, json)
Hash identifier: ZshYIu0N4PdtHSTFUrzucN2XOHhCfmMLm1/d44C6uOA=
Subject key identifier: 16:10:F8:A6:8A:C7:6C:04:B7:71:C7:DF:27:83:28:95:A6:D1:FB:32
Certificate issuer: /CN=26bbed788e29f8406b2bdc8dddeeb7d4ec4b833e
Certificate serial: 01856FCB93A617C43E8A48741CB08698DD2D
Authority key identifier: 26:BB:ED:78:8E:29:F8:40:6B:2B:DC:8D:DD:EE:B7:D4:EC:4B:83:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JrvteI4p-EBrK9yN3e631OxLgz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/bd7a93-c9e4-42b6-a5c6-d35c54f14dbe/1/FhD4porHbAS3ccffJ4MolabR-zI.roa
Signing time: Mon 02 Jan 2023 00:04:50 +0000
ROA not before: Mon 02 Jan 2023 00:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43205
IP address blocks: 212.43.32.0/19 maxlen: 19
46.40.64.0/18 maxlen: 18
46.40.75.0/24 maxlen: 24
213.214.64.0/19 maxlen: 19
188.254.128.0/17 maxlen: 17
37.143.192.0/18 maxlen: 18
178.169.128.0/17 maxlen: 17
212.75.0.0/19 maxlen: 19
185.4.80.0/22 maxlen: 22
46.237.64.0/18 maxlen: 18
158.58.192.0/18 maxlen: 18
193.200.14.0/23 maxlen: 23
193.24.240.0/22 maxlen: 22
91.139.128.0/17 maxlen: 17
78.128.56.0/22 maxlen: 22
78.128.52.0/22 maxlen: 22
78.128.74.0/23 maxlen: 23
78.128.84.0/22 maxlen: 22
78.128.82.0/23 maxlen: 23
78.128.88.0/22 maxlen: 22
78.128.90.0/23 maxlen: 24
78.128.96.0/23 maxlen: 23
91.148.150.0/23 maxlen: 23
91.148.149.0/24 maxlen: 24
91.148.152.0/21 maxlen: 21
78.128.100.0/22 maxlen: 22
78.128.104.0/22 maxlen: 22
78.128.2.0/23 maxlen: 23
78.128.10.0/23 maxlen: 23
78.128.12.0/22 maxlen: 22
78.128.16.0/20 maxlen: 20
46.47.64.0/18 maxlen: 18
78.128.36.0/22 maxlen: 22
78.128.40.0/23 maxlen: 23
78.142.30.0/23 maxlen: 23
194.145.160.0/22 maxlen: 22
91.148.166.0/24 maxlen: 24
91.148.162.0/23 maxlen: 23
91.148.164.0/23 maxlen: 23
78.128.115.0/24 maxlen: 24
91.148.169.0/24 maxlen: 24
78.128.116.0/23 maxlen: 23
91.148.170.0/23 maxlen: 23
91.148.172.0/22 maxlen: 22
91.148.176.0/21 maxlen: 21
78.128.120.0/22 maxlen: 22
109.121.192.0/18 maxlen: 18
91.148.186.0/23 maxlen: 23
78.142.10.0/23 maxlen: 23
78.142.9.0/24 maxlen: 24
78.142.12.0/22 maxlen: 22
2a02:6800::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:93:a6:17:c4:3e:8a:48:74:1c:b0:86:98:dd:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26bbed788e29f8406b2bdc8dddeeb7d4ec4b833e
Validity
Not Before: Jan 2 00:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1610f8a68ac76c04b771c7df27832895a6d1fb32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:5e:91:73:b7:37:2d:6f:da:ac:26:f9:50:6c:
dd:64:dd:f5:a2:8a:a1:94:6d:b7:d8:b7:4f:7b:ec:
0b:01:2e:6f:c3:3c:51:52:4b:48:b8:f2:19:27:50:
92:14:46:1e:79:28:96:f8:e6:fc:30:11:5e:67:3c:
12:a6:e5:0e:bf:f8:92:c7:27:8e:8d:2c:f1:4a:c5:
f9:27:99:82:6e:d5:92:de:9b:e4:5e:b1:42:8c:c0:
0e:2e:9d:5b:04:02:65:8e:d1:1b:05:92:ba:3f:05:
7a:f9:b9:ff:03:06:59:b3:7a:f7:dd:7a:04:89:62:
7e:85:0e:4f:5c:21:27:9d:32:3e:ad:db:4b:5e:67:
54:17:a2:ad:50:9e:e5:1c:5b:a4:f6:68:07:86:c4:
a8:b0:1d:b5:e4:94:fb:f6:94:cf:5a:cd:cb:a3:8e:
3e:82:eb:9c:49:af:30:f6:a2:a2:78:08:f1:22:6e:
29:9e:f2:2b:a7:9f:3a:00:18:31:1c:06:29:3a:4d:
cf:83:6f:76:49:21:cd:8c:85:10:2f:a8:39:08:59:
fc:c7:58:b3:21:af:63:87:c0:c0:a6:c4:5b:0e:16:
d6:44:a3:d3:1b:a0:0b:a8:13:29:cb:3a:10:4e:b0:
53:50:ce:f1:59:0c:67:bf:45:3b:78:ae:0c:71:c6:
aa:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:10:F8:A6:8A:C7:6C:04:B7:71:C7:DF:27:83:28:95:A6:D1:FB:32
X509v3 Authority Key Identifier:
keyid:26:BB:ED:78:8E:29:F8:40:6B:2B:DC:8D:DD:EE:B7:D4:EC:4B:83:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JrvteI4p-EBrK9yN3e631OxLgz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/bd7a93-c9e4-42b6-a5c6-d35c54f14dbe/1/FhD4porHbAS3ccffJ4MolabR-zI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/bd7a93-c9e4-42b6-a5c6-d35c54f14dbe/1/JrvteI4p-EBrK9yN3e631OxLgz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.192.0/18
46.40.64.0/18
46.47.64.0/18
46.237.64.0/18
78.128.2.0/23
78.128.10.0-78.128.31.255
78.128.36.0-78.128.41.255
78.128.52.0-78.128.59.255
78.128.74.0/23
78.128.82.0-78.128.91.255
78.128.96.0/23
78.128.100.0-78.128.107.255
78.128.115.0-78.128.117.255
78.128.120.0/22
78.142.9.0-78.142.15.255
78.142.30.0/23
91.139.128.0/17
91.148.149.0-91.148.159.255
91.148.162.0-91.148.166.255
91.148.169.0-91.148.183.255
91.148.186.0/23
109.121.192.0/18
158.58.192.0/18
178.169.128.0/17
185.4.80.0/22
188.254.128.0/17
193.24.240.0/22
193.200.14.0/23
194.145.160.0/22
212.43.32.0/19
212.75.0.0/19
213.214.64.0/19
IPv6:
2a02:6800::/32
Signature Algorithm: sha256WithRSAEncryption
85:a0:a2:9e:48:4f:d1:ae:a7:db:13:1e:dc:dc:db:3d:63:e1:
be:0c:3f:9d:aa:f1:c5:3f:23:85:61:37:81:ff:ce:ed:e0:a7:
c9:3d:2a:b1:fd:cc:d3:fc:6d:09:4e:51:8c:8c:bb:10:35:70:
ba:13:b2:ba:fc:60:10:bb:e3:55:0f:27:60:b9:4f:45:c5:4b:
24:7f:45:c9:81:0b:da:8a:f1:4e:fc:79:3c:0c:d2:8e:95:dd:
ed:b3:33:b0:a3:ea:5b:b0:cc:11:c2:58:9d:17:f9:9a:e7:f7:
66:94:8e:18:f9:08:3a:6c:81:b1:ab:d8:d3:a0:4c:02:77:8d:
dd:a1:38:59:a7:c9:29:0d:a3:ed:62:82:bf:d5:9d:2f:2f:d8:
13:ab:d6:b8:f2:c3:60:7d:cc:4d:38:e7:75:0e:1f:cc:7a:8b:
17:73:cb:fc:3e:ce:9c:fd:a9:e3:ab:ce:bf:b5:d6:06:16:0a:
c1:70:4f:17:5e:d5:90:5a:fc:5c:44:3a:90:66:4b:f3:6a:01:
50:96:36:03:ae:38:44:8b:80:29:7a:a8:23:dd:a9:b7:bc:b1:
f2:d2:9b:19:36:b8:ee:71:2d:05:6d:d2:95:7b:a8:30:67:db:
45:9d:35:9d:37:88:b7:83:be:0c:72:27:fe:d5:77:4e:91:de:
76:d1:03:ee
-----BEGIN CERTIFICATE-----
MIIGIDCCBQigAwIBAgISAYVvy5OmF8Q+ikh0HLCGmN0tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YmJlZDc4OGUyOWY4NDA2YjJiZGM4ZGRkZWViN2Q0ZWM0
YjgzM2UwHhcNMjMwMTAyMDAwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjEwZjhhNjhhYzc2YzA0Yjc3MWM3ZGYyNzgzMjg5NWE2ZDFmYjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyl6Rc7c3LW/arCb5UGzdZN31ooqh
lG232LdPe+wLAS5vwzxRUktIuPIZJ1CSFEYeeSiW+Ob8MBFeZzwSpuUOv/iSxyeO
jSzxSsX5J5mCbtWS3pvkXrFCjMAOLp1bBAJljtEbBZK6PwV6+bn/AwZZs3r33XoE
iWJ+hQ5PXCEnnTI+rdtLXmdUF6KtUJ7lHFuk9mgHhsSosB215JT79pTPWs3Lo44+
guucSa8w9qKieAjxIm4pnvIrp586ABgxHAYpOk3Pg292SSHNjIUQL6g5CFn8x1iz
Ia9jh8DApsRbDhbWRKPTG6ALqBMpyzoQTrBTUM7xWQxnv0U7eK4MccaqKQIDAQAB
o4IDLDCCAygwHQYDVR0OBBYEFBYQ+KaKx2wEt3HH3yeDKJWm0fsyMB8GA1UdIwQY
MBaAFCa77XiOKfhAayvcjd3ut9TsS4M+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnJ2dGVJNHAtRUJySzl5TjNlNjMxT3hMZ3o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9iZDdhOTMtYzllNC00MmI2LWE1YzYt
ZDM1YzU0ZjE0ZGJlLzEvRmhENHBvckhiQVMzY2NmZko0TW9sYWJSLXpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9iZDdhOTMtYzllNC00MmI2LWE1YzYtZDM1YzU0ZjE0ZGJl
LzEvSnJ2dGVJNHAtRUJySzl5TjNlNjMxT3hMZ3o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQAYIKwYBBQUHAQcBAf8EggEvMIIBKzCCARgEAgABMIIB
EAMEBiWPwAMEBi4oQAMEBi4vQAMEBi7tQAMEAU6AAjAMAwQBToAKAwQFToAAMAwD
BAJOgCQDBAFOgCgwDAMEAk6ANAMEAk6AOAMEAU6ASjAMAwQBToBSAwQCToBYAwQB
ToBgMAwDBAJOgGQDBAJOgGgwDAMEAE6AcwMEAU6AdAMEAk6AeDAMAwQATo4JAwQE
To4AAwQBTo4eAwQHW4uAMAwDBABblJUDBAVblIAwDAMEAVuUogMEAFuUpjAMAwQA
W5SpAwQDW5SwAwQBW5S6AwQGbXnAAwQGnjrAAwQHsqmAAwQCuQRQAwQHvP6AAwQC
wRjwAwQBwcgOAwQCwpGgAwQF1CsgAwQF1EsAAwQF1dZAMA0EAgACMAcDBQAqAmgA
MA0GCSqGSIb3DQEBCwUAA4IBAQCFoKKeSE/RrqfbEx7c3Ns9Y+G+DD+dqvHFPyOF
YTeB/87t4KfJPSqx/czT/G0JTlGMjLsQNXC6E7K6/GAQu+NVDydguU9FxUskf0XJ
gQvaivFO/Hk8DNKOld3tszOwo+pbsMwRwlidF/ma5/dmlI4Y+Qg6bIGxq9jToEwC
d43doThZp8kpDaPtYoK/1Z0vL9gTq9a48sNgfcxNOOd1Dh/MeosXc8v8Ps6c/anj
q86/tdYGFgrBcE8XXtWQWvxcRDqQZkvzagFQljYDrjhEi4Apeqgj3am3vLHy0psZ
NrjucS0FbdKVe6gwZ9tFnTWdN4i3g74Mcif+1XdOkd520QPu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:51 2024 by rpki-client on console-ams.rpki-client.org