Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/10anJysZn8tZkCUrBYKZc70ZSSQ.roa
File: 10anJysZn8tZkCUrBYKZc70ZSSQ.roa (raw, json)
Hash identifier: fQjX0pEtXvT0ltHHlnJN2U2pTxQODhN52qYRYxbBTD8=
Subject key identifier: D7:46:A7:27:2B:19:9F:CB:59:90:25:2B:05:82:99:73:BD:19:49:24
Certificate issuer: /CN=aebf394e2f1b251c88d988a87161084580786ef5
Certificate serial: 018DC756A1BFC6F54A0DF3D6862C6E4312AC
Authority key identifier: AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/10anJysZn8tZkCUrBYKZc70ZSSQ.roa
Signing time: Tue 20 Feb 2024 16:25:59 +0000
ROA not before: Tue 20 Feb 2024 16:25:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16347
IP address blocks: 5.182.252.0/22 maxlen: 24
37.18.160.0/20 maxlen: 24
37.58.128.0/17 maxlen: 24
45.142.172.0/22 maxlen: 24
45.145.124.0/22 maxlen: 24
46.20.160.0/20 maxlen: 24
62.102.224.0/19 maxlen: 24
79.98.96.0/21 maxlen: 24
81.22.216.0/21 maxlen: 24
91.103.232.0/21 maxlen: 24
91.217.94.0/23 maxlen: 24
92.61.72.0/21 maxlen: 24
94.127.8.0/21 maxlen: 24
103.77.32.0/22 maxlen: 24
103.229.36.0/23 maxlen: 24
103.232.172.0/22 maxlen: 24
109.69.192.0/21 maxlen: 24
109.237.240.0/20 maxlen: 24
128.127.128.0/20 maxlen: 24
146.247.88.0/21 maxlen: 24
149.255.136.0/21 maxlen: 24
149.255.136.0/22 maxlen: 24
178.249.160.0/21 maxlen: 24
185.15.128.0/22 maxlen: 24
185.42.132.0/22 maxlen: 24
185.65.224.0/22 maxlen: 24
185.67.88.0/22 maxlen: 24
185.79.148.0/22 maxlen: 24
185.95.120.0/22 maxlen: 24
185.149.8.0/22 maxlen: 24
185.172.16.0/22 maxlen: 24
185.196.248.0/22 maxlen: 24
185.204.140.0/22 maxlen: 24
185.208.248.0/22 maxlen: 24
188.66.56.0/22 maxlen: 24
193.27.194.0/23 maxlen: 24
193.108.197.0/24 maxlen: 24
194.177.32.0/19 maxlen: 24
195.214.240.0/21 maxlen: 24
212.51.160.0/19 maxlen: 24
213.108.64.0/21 maxlen: 24
213.151.166.0/24 maxlen: 24
213.151.168.0/23 maxlen: 24
213.151.171.0/24 maxlen: 24
213.151.172.0/23 maxlen: 24
213.151.174.0/24 maxlen: 24
213.151.175.0/24 maxlen: 24
2a01:6d8::/32 maxlen: 32
2a01:728::/29 maxlen: 48
2a03:4c00::/29 maxlen: 48
2a03:bf40::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 20 Feb 2024 20:22:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c7:56:a1:bf:c6:f5:4a:0d:f3:d6:86:2c:6e:43:12:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aebf394e2f1b251c88d988a87161084580786ef5
Validity
Not Before: Feb 20 16:25:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d746a7272b199fcb5990252b05829973bd194924
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fc:fd:e1:93:8a:4b:16:44:e9:98:83:a0:29:
80:4f:42:5c:69:ae:6a:f9:66:1b:24:aa:c1:49:f5:
37:73:ed:d9:2f:13:b0:1a:c6:0d:4e:d7:fa:c3:ae:
05:84:06:18:57:25:82:fe:9b:8f:c2:e1:e5:11:7b:
e2:a5:60:68:c9:9c:33:ac:5f:4c:61:d6:be:fe:ad:
b5:b5:58:25:aa:6f:01:54:25:0a:e2:03:a5:d9:99:
55:84:26:1c:94:c5:af:3e:75:4d:98:f7:db:e9:d6:
f9:8a:b3:e1:8c:0e:ec:a5:3a:28:a8:ae:43:06:5e:
80:60:ff:a5:f7:44:b6:16:b0:3c:75:82:f4:62:de:
50:d4:c1:c1:8e:f8:bf:d0:7f:38:60:d5:f8:59:cb:
25:6d:90:f7:7f:7d:71:17:e5:1d:db:d6:c5:eb:cd:
f5:f0:b0:e5:13:5b:b5:1f:5f:85:a3:c4:cd:0f:93:
ec:65:f4:eb:f9:c8:cc:c1:91:50:c2:e4:7d:00:21:
08:d1:3a:7c:99:13:71:46:c1:97:36:5d:ea:ab:fc:
ae:95:c6:e3:02:f0:a7:73:11:3c:71:8b:86:3c:c8:
f1:9f:b6:09:6f:22:26:95:9a:dd:ae:d8:ad:3b:21:
3e:b7:dd:71:15:64:c9:6b:b2:45:95:67:db:c3:13:
fa:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:46:A7:27:2B:19:9F:CB:59:90:25:2B:05:82:99:73:BD:19:49:24
X509v3 Authority Key Identifier:
keyid:AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/10anJysZn8tZkCUrBYKZc70ZSSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.252.0/22
37.18.160.0/20
37.58.128.0/17
45.142.172.0/22
45.145.124.0/22
46.20.160.0/20
62.102.224.0/19
79.98.96.0/21
81.22.216.0/21
91.103.232.0/21
91.217.94.0/23
92.61.72.0/21
94.127.8.0/21
103.77.32.0/22
103.229.36.0/23
103.232.172.0/22
109.69.192.0/21
109.237.240.0/20
128.127.128.0/20
146.247.88.0/21
149.255.136.0/21
178.249.160.0/21
185.15.128.0/22
185.42.132.0/22
185.65.224.0/22
185.67.88.0/22
185.79.148.0/22
185.95.120.0/22
185.149.8.0/22
185.172.16.0/22
185.196.248.0/22
185.204.140.0/22
185.208.248.0/22
188.66.56.0/22
193.27.194.0/23
193.108.197.0/24
194.177.32.0/19
195.214.240.0/21
212.51.160.0/19
213.108.64.0/21
213.151.166.0/24
213.151.168.0/23
213.151.171.0-213.151.175.255
IPv6:
2a01:6d8::/32
2a01:728::/29
2a03:4c00::/29
2a03:bf40::/32
Signature Algorithm: sha256WithRSAEncryption
25:8a:22:74:d6:83:52:cc:5e:23:1c:d1:24:5a:98:49:d2:0d:
cf:54:87:14:4d:63:fe:cc:ed:ee:a4:71:e3:dc:21:95:c2:b1:
de:50:f2:57:40:de:65:6c:ed:8f:e1:29:ab:18:1f:38:77:9b:
c1:1f:49:e5:57:3e:c5:0e:5f:49:dd:20:dc:5c:26:82:e5:0b:
80:db:aa:c5:7b:6a:4a:39:03:19:49:5e:d9:c1:b2:13:20:a2:
ed:33:81:3a:7d:19:56:9b:8a:f2:e0:a2:c6:ba:fb:89:3f:1c:
e5:c8:0c:c9:24:3a:05:e5:60:56:8c:d7:04:ea:9c:e8:23:1f:
a8:37:9e:52:9d:7d:18:5b:9b:74:ef:02:87:4a:c2:b6:a6:91:
d9:24:1e:06:de:47:83:39:cd:a0:21:da:5d:4c:ce:9d:bd:b4:
21:5c:c2:99:48:ef:49:a9:b3:87:7c:0a:c0:99:30:b5:08:c4:
d1:ef:31:b8:e2:64:89:76:5a:e1:c2:34:c0:97:0e:f1:ac:43:
dc:35:8c:d5:3f:16:aa:9f:8d:f1:fd:88:7f:a8:33:78:bb:b3:
73:e8:56:3e:a2:34:79:94:00:bb:77:6e:08:5d:83:81:90:97:
4b:89:5f:9f:2a:1d:47:16:94:7c:96:17:e9:57:7b:0d:02:ae:
3e:1e:77:43
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgISAY3HVqG/xvVKDfPWhixuQxKsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYmYzOTRlMmYxYjI1MWM4OGQ5ODhhODcxNjEwODQ1ODA3
ODZlZjUwHhcNMjQwMjIwMTYyNTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzQ2YTcyNzJiMTk5ZmNiNTk5MDI1MmIwNTgyOTk3M2JkMTk0OTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/z94ZOKSxZE6ZiDoCmAT0Jcaa5q
+WYbJKrBSfU3c+3ZLxOwGsYNTtf6w64FhAYYVyWC/puPwuHlEXvipWBoyZwzrF9M
Yda+/q21tVglqm8BVCUK4gOl2ZlVhCYclMWvPnVNmPfb6db5irPhjA7spTooqK5D
Bl6AYP+l90S2FrA8dYL0Yt5Q1MHBjvi/0H84YNX4WcslbZD3f31xF+Ud29bF6831
8LDlE1u1H1+Fo8TND5PsZfTr+cjMwZFQwuR9ACEI0Tp8mRNxRsGXNl3qq/yulcbj
AvCncxE8cYuGPMjxn7YJbyImlZrdrtitOyE+t91xFWTJa7JFlWfbwxP6zQIDAQAB
o4IDOzCCAzcwHQYDVR0OBBYEFNdGpycrGZ/LWZAlKwWCmXO9GUkkMB8GA1UdIwQY
MBaAFK6/OU4vGyUciNmIqHFhCEWAeG71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2It
NjFlN2Y0MGQ1ZGQ2LzEvMTBhbkp5c1puOHRaa0NVckJZS1pjNzBaU1NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2ItNjFlN2Y0MGQ1ZGQ2
LzEvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBTwYIKwYBBQUHAQcBAf8EggE+MIIBOjCCARIEAgABMIIB
CgMEAgW2/AMEBCUSoAMEByU6gAMEAi2OrAMEAi2RfAMEBC4UoAMEBT5m4AMEA09i
YAMEA1EW2AMEA1tn6AMEAVvZXgMEA1w9SAMEA15/CAMEAmdNIAMEAWflJAMEAmfo
rAMEA21FwAMEBG3t8AMEBIB/gAMEA5L3WAMEA5X/iAMEA7L5oAMEArkPgAMEArkq
hAMEArlB4AMEArlDWAMEArlPlAMEArlfeAMEArmVCAMEArmsEAMEArnE+AMEArnM
jAMEArnQ+AMEArxCOAMEAcEbwgMEAMFsxQMEBcKxIAMEA8PW8AMEBdQzoAMEA9Vs
QAMEANWXpgMEAdWXqDAMAwQA1ZerAwQE1ZegMCIEAgACMBwDBQAqAQbYAwUDKgEH
KAMFAyoDTAADBQAqA79AMA0GCSqGSIb3DQEBCwUAA4IBAQAliiJ01oNSzF4jHNEk
WphJ0g3PVIcUTWP+zO3upHHj3CGVwrHeUPJXQN5lbO2P4SmrGB84d5vBH0nlVz7F
Dl9J3SDcXCaC5QuA26rFe2pKOQMZSV7ZwbITIKLtM4E6fRlWm4ry4KLGuvuJPxzl
yAzJJDoF5WBWjNcE6pzoIx+oN55SnX0YW5t07wKHSsK2ppHZJB4G3keDOc2gIdpd
TM6dvbQhXMKZSO9JqbOHfArAmTC1CMTR7zG44mSJdlrhwjTAlw7xrEPcNYzVPxaq
n43x/Yh/qDN4u7Nz6FY+ojR5lAC7d24IXYOBkJdLiV+fKh1HFpR8lhfpV3sNAq4+
HndD
-----END CERTIFICATE-----
Generated at Tue Feb 20 23:45:56 2024 by rpki-client on console-ams.rpki-client.org