Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/AlmGthw3SudRDTP75nAtqKSDQvo.roa
File: AlmGthw3SudRDTP75nAtqKSDQvo.roa (raw, json)
Hash identifier: olgcUSl6jVsa5JxJXdPbugldicmwpnXqtEebVtC4Rwg=
Subject key identifier: 02:59:86:B6:1C:37:4A:E7:51:0D:33:FB:E6:70:2D:A8:A4:83:42:FA
Certificate issuer: /CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Certificate serial: 018CC64B10614A07B695BB42D52892D879B0
Authority key identifier: A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/AlmGthw3SudRDTP75nAtqKSDQvo.roa
Signing time: Mon 01 Jan 2024 18:30:57 +0000
ROA not before: Mon 01 Jan 2024 18:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210079
IP address blocks: 217.144.96.0/24 maxlen: 24
217.144.98.0/24 maxlen: 24
217.144.97.0/24 maxlen: 24
217.144.99.0/24 maxlen: 24
217.144.103.0/24 maxlen: 24
217.144.101.0/24 maxlen: 24
217.144.100.0/24 maxlen: 24
185.221.152.0/22 maxlen: 22
185.221.155.0/24 maxlen: 24
185.221.154.0/24 maxlen: 24
185.22.232.0/23 maxlen: 23
185.22.234.0/23 maxlen: 23
91.218.230.0/23 maxlen: 23
91.218.228.0/23 maxlen: 23
95.181.224.0/24 maxlen: 24
95.181.226.0/24 maxlen: 24
95.181.225.0/24 maxlen: 24
5.35.100.0/24 maxlen: 24
5.35.102.0/24 maxlen: 24
5.35.101.0/24 maxlen: 24
185.11.246.0/23 maxlen: 23
91.201.40.0/22 maxlen: 22
212.8.247.0/24 maxlen: 24
185.12.92.0/22 maxlen: 22
95.183.8.0/23 maxlen: 23
95.183.11.0/24 maxlen: 24
95.183.10.0/24 maxlen: 24
95.183.15.0/24 maxlen: 24
95.183.14.0/24 maxlen: 24
95.183.13.0/24 maxlen: 24
95.183.12.0/24 maxlen: 24
37.143.10.0/23 maxlen: 23
37.143.8.0/23 maxlen: 23
37.143.14.0/23 maxlen: 23
37.143.12.0/23 maxlen: 23
46.254.16.0/23 maxlen: 23
46.254.23.0/24 maxlen: 24
46.254.22.0/24 maxlen: 24
46.254.20.0/23 maxlen: 23
46.254.18.0/23 maxlen: 23
95.181.228.0/24 maxlen: 24
95.181.227.0/24 maxlen: 24
95.181.231.0/24 maxlen: 24
95.181.230.0/24 maxlen: 24
95.181.229.0/24 maxlen: 24
185.87.192.0/24 maxlen: 24
185.87.195.0/24 maxlen: 24
185.87.194.0/24 maxlen: 24
185.87.193.0/24 maxlen: 24
185.87.199.0/24 maxlen: 24
185.87.198.0/24 maxlen: 24
185.87.197.0/24 maxlen: 24
185.87.196.0/24 maxlen: 24
178.57.218.0/23 maxlen: 23
178.57.216.0/23 maxlen: 23
178.57.222.0/23 maxlen: 23
178.57.220.0/23 maxlen: 23
2a03:c980:b916::/48 maxlen: 48
2a03:c980:5fb5::/48 maxlen: 48
2a03:c980:d990::/48 maxlen: 48
2a03:80c0::/48 maxlen: 48
2a03:c980:b957::/48 maxlen: 48
2a03:c980:e5::/48 maxlen: 48
2a03:c980:db::/48 maxlen: 48
2a03:c980:b239::/48 maxlen: 48
2a03:80c0:1::/48 maxlen: 48
2a03:c980:beef::/48 maxlen: 48
2a03:c980:dead::/48 maxlen: 48
2a03:c980:5fb7::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 26 Feb 2024 11:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:10:61:4a:07:b6:95:bb:42:d5:28:92:d8:79:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Validity
Not Before: Jan 1 18:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=025986b61c374ae7510d33fbe6702da8a48342fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:cb:76:75:76:1e:68:d7:5c:9f:c9:ee:95:7c:
eb:0e:01:6a:02:fe:96:52:82:c3:c6:c5:a4:c4:e7:
50:3c:01:fe:91:80:9a:d7:1a:ce:36:b4:2f:52:ae:
07:52:45:47:82:02:8c:38:24:d5:a8:73:89:e3:4e:
0a:0a:2a:28:b6:db:ca:76:ef:3b:18:31:13:e6:44:
b1:51:80:f7:8f:a6:f5:fc:65:19:d7:5c:40:55:04:
94:3d:db:2a:f5:59:b6:57:59:c5:b4:03:01:36:ff:
f5:01:b4:50:b4:3f:73:72:8a:8a:9b:a4:a0:52:f4:
59:50:18:ec:36:19:71:11:4b:42:10:5a:dc:a2:2b:
f7:1a:7c:88:3f:84:64:8b:11:e1:c9:e8:68:51:ed:
2a:38:57:74:13:7b:bb:18:d5:cb:90:60:31:8b:9b:
47:0b:49:01:70:6f:28:bc:c4:34:ce:48:ff:14:19:
bb:97:c0:c5:62:91:d7:10:ef:5b:b8:96:12:a2:01:
57:73:e4:5c:e5:4f:79:74:d0:9d:88:6b:ef:17:41:
04:cc:98:64:32:da:2f:cf:40:eb:3c:bc:f8:2a:82:
81:4a:7b:5b:ac:c1:76:f0:4d:85:2b:25:84:38:31:
32:e7:4f:4f:7f:3d:30:cc:8b:9e:ee:36:0f:d7:97:
47:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:59:86:B6:1C:37:4A:E7:51:0D:33:FB:E6:70:2D:A8:A4:83:42:FA
X509v3 Authority Key Identifier:
keyid:A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/AlmGthw3SudRDTP75nAtqKSDQvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.100.0-5.35.102.255
37.143.8.0/21
46.254.16.0/21
91.201.40.0/22
91.218.228.0/22
95.181.224.0/21
95.183.8.0/21
178.57.216.0/21
185.11.246.0/23
185.12.92.0/22
185.22.232.0/22
185.87.192.0/21
185.221.152.0/22
212.8.247.0/24
217.144.96.0-217.144.101.255
217.144.103.0/24
IPv6:
2a03:80c0::/47
2a03:c980:db::/48
2a03:c980:e5::/48
2a03:c980:5fb5::/48
2a03:c980:5fb7::/48
2a03:c980:b239::/48
2a03:c980:b916::/48
2a03:c980:b957::/48
2a03:c980:beef::/48
2a03:c980:d990::/48
2a03:c980:dead::/48
Signature Algorithm: sha256WithRSAEncryption
72:4b:dd:29:f6:b6:17:03:11:7d:23:f1:ed:2c:bd:01:d9:cf:
76:fd:3d:b6:4e:58:1a:63:4e:d4:a4:b8:ef:68:39:72:29:af:
d0:29:16:c0:74:2f:5e:c6:18:e7:0b:13:d7:92:fd:d8:b7:69:
f7:f7:d8:4e:0f:8e:3f:f0:60:9a:d2:57:c0:e7:1c:ce:64:1e:
6c:4a:8b:50:05:25:cb:63:39:63:4c:e0:d4:d9:85:b8:37:d4:
42:19:bd:89:d3:54:b6:7b:94:1f:e8:aa:ce:81:0e:ea:a5:5b:
68:23:ab:b2:41:2f:99:b8:b8:e3:cf:94:a9:15:56:b0:7b:f0:
91:38:35:c0:c4:53:86:e2:0b:59:e5:2d:c2:db:4e:17:06:cf:
9e:38:4c:03:f2:b0:b6:17:11:f6:4a:49:12:12:ff:f9:24:09:
38:7b:f8:00:ed:c3:fa:d9:93:d7:48:08:cb:48:22:ae:dc:4c:
f3:c6:e5:d4:28:ff:73:32:e3:58:69:b8:38:86:3c:98:9e:8c:
55:93:8f:03:62:76:3a:38:bc:68:c5:51:b6:69:36:eb:08:21:
da:27:a0:25:bf:1a:78:0d:fe:ce:73:ab:a0:46:2d:99:e9:14:
86:de:99:54:c3:4f:44:2a:93:54:52:65:76:c1:28:6b:f2:ff:
8d:64:30:3a
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgISAYzGSxBhSge2lbtC1SiS2HmwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NTJkMGQyNjY1NTczODU4MzZhYWI3YWUzZmRjZWQ0Y2E3
NGFkODkwHhcNMjQwMTAxMTgzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjU5ODZiNjFjMzc0YWU3NTEwZDMzZmJlNjcwMmRhOGE0ODM0MmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnst2dXYeaNdcn8nulXzrDgFqAv6W
UoLDxsWkxOdQPAH+kYCa1xrONrQvUq4HUkVHggKMOCTVqHOJ404KCioottvKdu87
GDET5kSxUYD3j6b1/GUZ11xAVQSUPdsq9Vm2V1nFtAMBNv/1AbRQtD9zcoqKm6Sg
UvRZUBjsNhlxEUtCEFrcoiv3GnyIP4RkixHhyehoUe0qOFd0E3u7GNXLkGAxi5tH
C0kBcG8ovMQ0zkj/FBm7l8DFYpHXEO9buJYSogFXc+Rc5U95dNCdiGvvF0EEzJhk
Mtovz0DrPLz4KoKBSntbrMF28E2FKyWEODEy509Pfz0wzIue7jYP15dHLQIDAQAB
o4IC4TCCAt0wHQYDVR0OBBYEFAJZhrYcN0rnUQ0z++ZwLaikg0L6MB8GA1UdIwQY
MBaAFKlS0NJmVXOFg2qreuP9ztTKdK2JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAt
NGMyMWE1MDVmMzQ2LzEvQWxtR3RodzNTdWRSRFRQNzVuQXRxS1NEUXZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAtNGMyMWE1MDVmMzQ2
LzEvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH2BggrBgEFBQcBBwEB/wSB5jCB4zB2BAIAATBwMAwDBAIF
I2QDBAAFI2YDBAMljwgDBAMu/hADBAJbySgDBAJb2uQDBANfteADBANftwgDBAOy
OdgDBAG5C/YDBAK5DFwDBAK5FugDBAO5V8ADBAK53ZgDBADUCPcwDAMEBdmQYAME
AdmQZAMEANmQZzBpBAIAAjBjAwcBKgOAwAAAAwcAKgPJgADbAwcAKgPJgADlAwcA
KgPJgF+1AwcAKgPJgF+3AwcAKgPJgLI5AwcAKgPJgLkWAwcAKgPJgLlXAwcAKgPJ
gL7vAwcAKgPJgNmQAwcAKgPJgN6tMA0GCSqGSIb3DQEBCwUAA4IBAQByS90p9rYX
AxF9I/HtLL0B2c92/T22TlgaY07UpLjvaDlyKa/QKRbAdC9exhjnCxPXkv3Yt2n3
99hOD44/8GCa0lfA5xzOZB5sSotQBSXLYzljTODU2YW4N9RCGb2J01S2e5Qf6KrO
gQ7qpVtoI6uyQS+ZuLjjz5SpFVawe/CRODXAxFOG4gtZ5S3C204XBs+eOEwD8rC2
FxH2SkkSEv/5JAk4e/gA7cP62ZPXSAjLSCKu3EzzxuXUKP9zMuNYabg4hjyYnoxV
k48DYnY6OLxoxVG2aTbrCCHaJ6Alvxp4Df7Oc6ugRi2Z6RSG3plUw09EKpNUUmV2
wShr8v+NZDA6
-----END CERTIFICATE-----
Generated at Mon Feb 26 14:29:25 2024 by rpki-client on console-fra.rpki-client.org