Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/00nfCCtd2Kq9YeR4TTW22sQqeBE.roa
File: 00nfCCtd2Kq9YeR4TTW22sQqeBE.roa (raw, json)
Hash identifier: Vw6Rtmw/pb9GoS1XekjCfwNnNRXhkq8iF84ap5eZcwY=
Subject key identifier: D3:49:DF:08:2B:5D:D8:AA:BD:61:E4:78:4D:35:B6:DA:C4:2A:78:11
Certificate issuer: /CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Certificate serial: 01906DFB379C92A99AD01A2C68E1E0B0C3A1
Authority key identifier: F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/00nfCCtd2Kq9YeR4TTW22sQqeBE.roa
Signing time: Mon 01 Jul 2024 11:08:18 +0000
ROA not before: Mon 01 Jul 2024 11:08:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208677
IP address blocks: 37.18.8.0/23 maxlen: 23
37.18.10.0/24 maxlen: 24
37.18.22.0/24 maxlen: 24
37.18.72.0/23 maxlen: 23
37.18.100.0/23 maxlen: 23
37.18.102.0/24 maxlen: 24
37.18.107.0/24 maxlen: 24
37.18.108.0/22 maxlen: 22
37.18.112.0/23 maxlen: 23
37.18.114.0/24 maxlen: 24
37.18.115.0/24 maxlen: 24
37.18.116.0/22 maxlen: 22
37.18.120.0/23 maxlen: 23
37.18.122.0/24 maxlen: 24
37.230.139.0/24 maxlen: 24
37.230.179.0/24 maxlen: 24
37.230.180.0/23 maxlen: 23
37.230.180.0/24 maxlen: 24
37.230.184.0/23 maxlen: 23
37.230.186.0/24 maxlen: 24
37.230.192.0/21 maxlen: 21
37.230.224.0/24 maxlen: 24
37.230.233.0/24 maxlen: 24
45.9.24.0/22 maxlen: 22
45.89.224.0/22 maxlen: 22
45.151.30.0/23 maxlen: 23
45.155.204.0/23 maxlen: 23
46.16.36.0/24 maxlen: 24
46.243.141.0/24 maxlen: 24
46.243.142.0/23 maxlen: 23
46.243.172.0/24 maxlen: 24
46.243.201.0/24 maxlen: 24
46.243.205.0/24 maxlen: 24
46.243.206.0/24 maxlen: 24
46.243.226.0/23 maxlen: 23
46.243.244.0/23 maxlen: 23
46.253.132.0/24 maxlen: 24
62.233.43.0/24 maxlen: 24
85.208.85.0/24 maxlen: 24
85.208.86.0/23 maxlen: 23
87.242.84.0/22 maxlen: 22
87.242.88.0/21 maxlen: 21
87.242.100.0/22 maxlen: 22
87.242.116.0/22 maxlen: 22
87.242.120.0/21 maxlen: 21
88.218.65.0/24 maxlen: 24
88.218.66.0/23 maxlen: 23
89.232.160.0/21 maxlen: 21
89.232.168.0/22 maxlen: 22
89.232.176.0/22 maxlen: 22
91.224.86.0/23 maxlen: 23
94.139.252.0/22 maxlen: 22
95.174.88.0/21 maxlen: 21
141.101.151.0/24 maxlen: 24
141.101.152.0/24 maxlen: 24
141.101.201.0/24 maxlen: 24
176.109.96.0/20 maxlen: 20
176.123.160.0/21 maxlen: 21
178.170.191.0/24 maxlen: 24
178.170.192.0/22 maxlen: 22
178.170.196.0/23 maxlen: 23
178.170.242.0/24 maxlen: 24
185.50.200.0/22 maxlen: 22
185.234.11.0/24 maxlen: 24
185.241.57.0/24 maxlen: 24
188.72.96.0/24 maxlen: 24
188.72.106.0/23 maxlen: 23
188.72.108.0/23 maxlen: 23
188.72.117.0/24 maxlen: 24
188.72.118.0/24 maxlen: 24
192.144.12.0/22 maxlen: 22
193.42.116.0/23 maxlen: 23
193.105.4.0/24 maxlen: 24
194.5.92.0/23 maxlen: 23
194.26.228.0/24 maxlen: 24
194.50.72.0/24 maxlen: 24
194.113.34.0/23 maxlen: 23
195.128.152.0/24 maxlen: 24
213.171.24.0/21 maxlen: 21
2a0c:2b80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 17 Jul 2024 13:41:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6d:fb:37:9c:92:a9:9a:d0:1a:2c:68:e1:e0:b0:c3:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Validity
Not Before: Jul 1 11:08:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d349df082b5dd8aabd61e4784d35b6dac42a7811
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5c:11:17:4e:a8:b6:fe:71:92:5c:e3:f5:9e:
71:1d:fe:55:31:5d:b1:88:4c:09:c6:ed:f8:f6:73:
49:60:ef:bd:78:39:52:8c:3b:0b:45:88:40:a6:d5:
09:21:e1:26:e0:41:f4:aa:22:89:f6:36:8d:91:43:
9a:e8:c2:25:86:a3:88:83:52:9c:f5:20:0d:d2:c2:
80:85:a7:44:a1:4b:16:1b:28:de:37:4c:d2:95:af:
c4:b3:06:9b:d1:8d:d6:84:84:06:68:05:c9:ba:1a:
c1:b2:58:4e:7e:c0:c0:22:bc:32:4f:f9:ed:f8:fd:
4a:ba:1e:0a:08:e2:bb:22:cf:73:a1:8d:cf:6d:2e:
91:91:c4:a8:11:88:c6:a4:73:28:a0:55:94:71:c8:
f8:59:ed:52:82:da:c7:f4:a3:38:aa:28:7b:02:eb:
10:25:0a:87:61:ec:e8:49:9a:9e:4e:4b:f7:7c:8b:
4d:db:0c:2d:a7:56:38:a1:b8:6b:fa:a2:c6:5c:ed:
8a:40:44:e2:a0:ae:98:d5:f4:5f:93:07:32:2e:b1:
92:45:1f:33:cc:77:cd:5f:9e:5c:eb:7d:05:10:15:
40:2b:8b:e8:86:8d:2b:e4:16:ee:4f:5d:c5:e2:2d:
85:2d:73:86:17:50:eb:5a:a1:9c:96:07:07:46:83:
00:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:49:DF:08:2B:5D:D8:AA:BD:61:E4:78:4D:35:B6:DA:C4:2A:78:11
X509v3 Authority Key Identifier:
keyid:F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/00nfCCtd2Kq9YeR4TTW22sQqeBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.8.0-37.18.10.255
37.18.22.0/24
37.18.72.0/23
37.18.100.0-37.18.102.255
37.18.107.0-37.18.122.255
37.230.139.0/24
37.230.179.0-37.230.181.255
37.230.184.0-37.230.186.255
37.230.192.0/21
37.230.224.0/24
37.230.233.0/24
45.9.24.0/22
45.89.224.0/22
45.151.30.0/23
45.155.204.0/23
46.16.36.0/24
46.243.141.0-46.243.143.255
46.243.172.0/24
46.243.201.0/24
46.243.205.0-46.243.206.255
46.243.226.0/23
46.243.244.0/23
46.253.132.0/24
62.233.43.0/24
85.208.85.0-85.208.87.255
87.242.84.0-87.242.95.255
87.242.100.0/22
87.242.116.0-87.242.127.255
88.218.65.0-88.218.67.255
89.232.160.0-89.232.171.255
89.232.176.0/22
91.224.86.0/23
94.139.252.0/22
95.174.88.0/21
141.101.151.0-141.101.152.255
141.101.201.0/24
176.109.96.0/20
176.123.160.0/21
178.170.191.0-178.170.197.255
178.170.242.0/24
185.50.200.0/22
185.234.11.0/24
185.241.57.0/24
188.72.96.0/24
188.72.106.0-188.72.109.255
188.72.117.0-188.72.118.255
192.144.12.0/22
193.42.116.0/23
193.105.4.0/24
194.5.92.0/23
194.26.228.0/24
194.50.72.0/24
194.113.34.0/23
195.128.152.0/24
213.171.24.0/21
IPv6:
2a0c:2b80::/29
Signature Algorithm: sha256WithRSAEncryption
5d:fb:54:42:97:3b:17:5c:47:db:70:21:c0:67:c6:88:f4:ff:
00:68:69:aa:a8:63:36:73:e7:5b:44:63:02:10:9a:22:c3:64:
06:e6:1d:ab:13:86:41:f9:be:c3:0a:4e:ab:c9:8c:f5:79:0f:
9f:c1:30:36:ba:78:0b:f2:3d:dd:41:7d:23:f5:65:4c:22:a5:
1d:51:e1:c2:24:65:12:74:3e:ac:84:e4:75:f0:23:19:dd:1f:
5d:ec:cb:ee:cf:30:4e:c6:dc:82:6e:31:cd:e8:0c:16:4d:e9:
a3:a9:41:a6:ae:f2:22:c1:c7:e8:c0:7c:27:90:6b:98:6f:59:
27:d1:ab:b7:62:6c:55:19:9c:c5:42:93:0a:01:65:fb:02:b7:
7d:24:84:97:db:94:93:11:fb:67:f3:0d:e3:2e:fe:11:e1:09:
e5:0d:c2:c5:41:cb:9e:df:cc:3c:97:71:8b:0f:8b:e8:14:5b:
fe:74:1e:b2:32:47:6b:bf:b1:8f:06:82:d7:64:f3:fc:c3:6f:
cd:68:3c:6e:4a:12:8d:6c:0a:f9:42:26:2b:3d:ce:5d:cb:65:
d8:1d:4b:ff:8a:4e:0a:c5:27:7a:79:0a:0c:2c:6d:9f:1f:6f:
fa:cb:0d:8e:2d:df:b4:77:ac:86:a9:61:f6:f6:ba:cd:be:a2:
4a:c0:44:7c
-----BEGIN CERTIFICATE-----
MIIG3DCCBcSgAwIBAgISAZBt+zeckqma0BosaOHgsMOhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MTllMWYzZmU2OWI0ZWJkZmYwMmE5YTg1N2U3YzZjMmIy
NTMwMWEwHhcNMjQwNzAxMTEwODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzQ5ZGYwODJiNWRkOGFhYmQ2MWU0Nzg0ZDM1YjZkYWM0MmE3ODExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVwRF06otv5xklzj9Z5xHf5VMV2x
iEwJxu349nNJYO+9eDlSjDsLRYhAptUJIeEm4EH0qiKJ9jaNkUOa6MIlhqOIg1Kc
9SAN0sKAhadEoUsWGyjeN0zSla/Eswab0Y3WhIQGaAXJuhrBslhOfsDAIrwyT/nt
+P1Kuh4KCOK7Is9zoY3PbS6RkcSoEYjGpHMooFWUccj4We1SgtrH9KM4qih7AusQ
JQqHYezoSZqeTkv3fItN2wwtp1Y4obhr+qLGXO2KQETioK6Y1fRfkwcyLrGSRR8z
zHfNX55c630FEBVAK4voho0r5BbuT13F4i2FLXOGF1DrWqGclgcHRoMARQIDAQAB
o4ID6DCCA+QwHQYDVR0OBBYEFNNJ3wgrXdiqvWHkeE01ttrEKngRMB8GA1UdIwQY
MBaAFPkZ4fP+abTr3/AqmoV+fGwrJTAaMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Sbmg4XzVwdE92ZjhDcWFoWDU4YkNzbE1Cby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAz
LWRhZDA0MjBiODVkMy8xLzAwbmZDQ3RkMktxOVllUjRUVFcyMnNRcWVCRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAzLWRhZDA0MjBiODVk
My8xLzEtUm5oOF81cHRPdmY4Q3FhaFg1OGJDc2xNQm8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggH6BggrBgEFBQcBBwEB/wSCAekwggHlMIIB0gQCAAEw
ggHKMAwDBAMlEggDBAAlEgoDBAAlEhYDBAElEkgwDAMEAiUSZAMEACUSZjAMAwQA
JRJrAwQAJRJ6AwQAJeaLMAwDBAAl5rMDBAEl5rQwDAMEAyXmuAMEACXmugMEAyXm
wAMEACXm4AMEACXm6QMEAi0JGAMEAi1Z4AMEAS2XHgMEAS2bzAMEAC4QJDAMAwQA
LvONAwQELvOAAwQALvOsAwQALvPJMAwDBAAu880DBAAu884DBAEu8+IDBAEu8/QD
BAAu/YQDBAA+6SswDAMEAFXQVQMEA1XQUDAMAwQCV/JUAwQFV/JAAwQCV/JkMAwD
BAJX8nQDBAdX8gAwDAMEAFjaQQMEAljaQDAMAwQFWeigAwQCWeioAwQCWeiwAwQB
W+BWAwQCXov8AwQDX65YMAwDBACNZZcDBACNZZgDBACNZckDBASwbWADBAOwe6Aw
DAMEALKqvwMEAbKqxAMEALKq8gMEArkyyAMEALnqCwMEALnxOQMEALxIYDAMAwQB
vEhqAwQBvEhsMAwDBAC8SHUDBAC8SHYDBALAkAwDBAHBKnQDBADBaQQDBAHCBVwD
BADCGuQDBADCMkgDBAHCcSIDBADDgJgDBAPVqxgwDQQCAAIwBwMFAyoMK4AwDQYJ
KoZIhvcNAQELBQADggEBAF37VEKXOxdcR9twIcBnxoj0/wBoaaqoYzZz51tEYwIQ
miLDZAbmHasThkH5vsMKTqvJjPV5D5/BMDa6eAvyPd1BfSP1ZUwipR1R4cIkZRJ0
PqyE5HXwIxndH13sy+7PME7G3IJuMc3oDBZN6aOpQaau8iLBx+jAfCeQa5hvWSfR
q7dibFUZnMVCkwoBZfsCt30khJfblJMR+2fzDeMu/hHhCeUNwsVBy57fzDyXcYsP
i+gUW/50HrIyR2u/sY8Ggtdk8/zDb81oPG5KEo1sCvlCJis9zl3LZdgdS/+KTgrF
J3p5CgwsbZ8fb/rLDY4t37R3rIapYfb2us2+okrARHw=
-----END CERTIFICATE-----
Generated at Wed Jul 17 17:08:46 2024 by rpki-client on console-ams.rpki-client.org