Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/rJF9V59ABNBQ7B4cMWhS4HZDSXU.roa
File: rJF9V59ABNBQ7B4cMWhS4HZDSXU.roa (raw, json)
Hash identifier: Y6H5UHXOmhud/rCk9OFMpKlhFONM9fYVLdj3aFIYfmU=
Subject key identifier: AC:91:7D:57:9F:40:04:D0:50:EC:1E:1C:31:68:52:E0:76:43:49:75
Certificate issuer: /CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Certificate serial: 0187B7DAC9AB2792815FF353D7A88F8A9343
Authority key identifier: 4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/rJF9V59ABNBQ7B4cMWhS4HZDSXU.roa
Signing time: Tue 25 Apr 2023 09:59:41 +0000
ROA not before: Tue 25 Apr 2023 09:59:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3949
IP address blocks: 213.198.30.0/23 maxlen: 24
213.198.28.0/24 maxlen: 24
213.130.52.124/30 maxlen: 30
213.198.51.0/24 maxlen: 24
213.198.54.0/23 maxlen: 24
213.198.70.0/24 maxlen: 24
213.198.65.0/24 maxlen: 24
212.119.31.64/26 maxlen: 26
213.198.74.0/23 maxlen: 24
213.198.78.0/23 maxlen: 24
213.198.73.128/25 maxlen: 25
213.198.97.128/28 maxlen: 28
212.119.30.180/30 maxlen: 30
213.198.4.0/22 maxlen: 24
213.198.2.0/23 maxlen: 24
213.198.0.0/23 maxlen: 24
213.198.8.0/22 maxlen: 24
213.198.24.0/23 maxlen: 24
213.198.97.40/29 maxlen: 29
213.198.84.0/23 maxlen: 24
213.198.26.0/29 maxlen: 29
213.198.83.0/25 maxlen: 25
213.198.82.0/25 maxlen: 25
213.198.90.0/23 maxlen: 24
213.198.88.0/24 maxlen: 24
213.198.86.0/24 maxlen: 24
213.198.98.0/23 maxlen: 24
213.198.96.0/24 maxlen: 24
213.198.93.0/24 maxlen: 24
212.119.31.0/27 maxlen: 27
212.119.30.0/27 maxlen: 27
213.130.52.216/30 maxlen: 30
213.198.1.32/27 maxlen: 27
213.198.97.120/29 maxlen: 29
213.130.50.232/29 maxlen: 29
213.198.26.16/29 maxlen: 29
213.198.94.96/27 maxlen: 27
213.130.42.0/23 maxlen: 24
213.130.51.0/24 maxlen: 24
213.130.58.0/24 maxlen: 24
213.130.56.0/23 maxlen: 24
213.130.60.0/24 maxlen: 24
213.198.97.32/29 maxlen: 29
213.130.53.240/29 maxlen: 29
213.130.52.112/29 maxlen: 29
213.198.26.8/29 maxlen: 29
213.198.97.96/28 maxlen: 28
213.130.44.240/28 maxlen: 28
213.130.39.0/27 maxlen: 27
213.198.95.64/26 maxlen: 26
213.130.52.224/29 maxlen: 29
213.130.52.120/30 maxlen: 30
213.130.52.96/28 maxlen: 28
213.198.1.0/27 maxlen: 27
212.119.29.188/30 maxlen: 30
213.198.97.0/27 maxlen: 27
213.130.53.0/26 maxlen: 26
2001:728:2801::/64 maxlen: 64
2001:728:2807::/48 maxlen: 48
2001:728:1000::/38 maxlen: 38
2001:728:c00::/38 maxlen: 64
2001:728:2808::/48 maxlen: 48
2001:728:4410:100::/56 maxlen: 56
2001:728:2806::/48 maxlen: 48
2001:728:2809::/48 maxlen: 48
2001:728:1010:300::/56 maxlen: 56
Validation: Failed, certificate revoked on Tue 25 Apr 2023 10:28:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b7:da:c9:ab:27:92:81:5f:f3:53:d7:a8:8f:8a:93:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Validity
Not Before: Apr 25 09:59:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac917d579f4004d050ec1e1c316852e076434975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:cb:5c:8f:61:d1:dc:04:61:d4:09:de:07:c0:
40:5c:54:1e:05:74:bf:16:58:d3:44:42:1a:66:fc:
76:9d:05:af:40:68:c5:6f:d2:1d:00:09:fd:36:8d:
99:8c:31:86:64:49:b5:ac:af:02:2f:e2:0d:cb:dc:
a7:d1:40:d3:0e:5e:00:38:2e:66:90:30:0a:cb:fd:
67:7b:8b:7d:9f:01:e8:99:6f:8d:57:e6:01:1f:10:
1e:10:48:d2:33:46:38:da:79:db:e3:e8:19:e3:a0:
e6:95:8d:8a:10:52:2f:4e:16:11:f4:a9:9d:8e:ed:
74:36:8a:a0:a7:df:65:68:4a:0b:f3:c7:be:48:e8:
13:8f:e1:98:3c:aa:14:58:09:fd:50:f6:e2:79:31:
08:71:d4:4d:3e:cd:a1:89:74:c3:e4:9d:78:7d:5e:
d6:07:42:e0:cc:d4:18:9f:d5:a0:73:13:c6:b2:1d:
b9:d2:a0:58:61:3e:27:be:91:ad:72:32:17:b5:29:
28:90:ae:c1:26:ae:c2:94:1f:0f:d7:d7:2d:b7:3a:
f7:7b:fa:d8:e7:47:69:0d:e0:37:c2:70:b3:3b:32:
55:c7:c4:bc:b7:d8:38:55:39:1b:ca:ef:7a:4c:f2:
9c:b6:01:05:2d:47:8e:93:39:02:fe:7a:10:44:20:
5a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:91:7D:57:9F:40:04:D0:50:EC:1E:1C:31:68:52:E0:76:43:49:75
X509v3 Authority Key Identifier:
keyid:4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/rJF9V59ABNBQ7B4cMWhS4HZDSXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.119.29.188/30
212.119.30.0/27
212.119.30.180/30
212.119.31.0/27
212.119.31.64/26
213.130.39.0/27
213.130.42.0/23
213.130.44.240/28
213.130.50.232/29
213.130.51.0/24
213.130.52.96/27
213.130.52.216/30
213.130.52.224/29
213.130.53.0/26
213.130.53.240/29
213.130.56.0-213.130.58.255
213.130.60.0/24
213.198.0.0-213.198.11.255
213.198.24.0-213.198.26.23
213.198.28.0/24
213.198.30.0/23
213.198.51.0/24
213.198.54.0/23
213.198.65.0/24
213.198.70.0/24
213.198.73.128-213.198.75.255
213.198.78.0/23
213.198.82.0/25
213.198.83.0/25
213.198.84.0-213.198.86.255
213.198.88.0/24
213.198.90.0/23
213.198.93.0/24
213.198.94.96/27
213.198.95.64/26
213.198.96.0-213.198.97.47
213.198.97.96/28
213.198.97.120-213.198.97.143
213.198.98.0/23
IPv6:
2001:728:c00::-2001:728:13ff:ffff:ffff:ffff:ffff:ffff
2001:728:2801::/64
2001:728:2806::-2001:728:2809:ffff:ffff:ffff:ffff:ffff
2001:728:4410:100::/56
Signature Algorithm: sha256WithRSAEncryption
5d:41:6b:44:db:c9:a9:a6:f4:59:1a:00:f9:a3:5a:1b:2f:59:
56:e3:90:d0:19:01:43:47:46:4a:44:3c:20:af:b4:29:aa:18:
68:f8:3e:d9:f2:9b:1b:01:b0:00:e5:d4:00:02:c7:66:38:ca:
25:e1:f9:c6:de:a3:28:ab:11:d4:25:cf:b3:99:18:e3:a0:db:
c4:ba:ef:89:b6:bc:6a:77:93:11:99:e3:97:0d:25:b5:53:94:
fb:80:b1:76:2a:eb:cd:2b:ab:ac:97:58:51:42:76:13:ec:59:
33:80:08:0e:d8:ba:e7:ad:2a:76:66:2c:57:97:43:17:a6:fd:
55:c4:bc:bb:d8:51:40:6a:f7:25:b2:e4:5a:46:69:b4:bf:dc:
7a:5c:b2:76:25:90:0d:92:1d:b3:9e:be:0b:1e:5e:0e:7c:22:
b8:23:8a:96:87:7d:92:ea:42:9c:d1:4e:40:fd:39:da:cb:0e:
a9:cf:8a:72:fe:92:c1:2e:6b:aa:de:e7:d2:c7:f5:c1:c0:b2:
0f:fa:49:2f:a0:58:84:e0:a7:e0:60:90:83:0c:e2:8d:68:0c:
a6:f6:61:14:60:01:8b:08:e0:ac:f9:07:06:43:3a:b2:6b:6b:
dd:b2:53:78:5d:46:98:ea:45:80:59:f2:01:a2:42:88:78:31:
df:74:b9:7d
-----BEGIN CERTIFICATE-----
MIIGfDCCBWSgAwIBAgISAYe32smrJ5KBX/NT16iPipNDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWEyOTIxZmJlYjhhNDQ4ZTdhZTFlYzVhMTFiOGFiODk4
ZDIyZmQwHhcNMjMwNDI1MDk1OTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzkxN2Q1NzlmNDAwNGQwNTBlYzFlMWMzMTY4NTJlMDc2NDM0OTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMtcj2HR3ARh1AneB8BAXFQeBXS/
FljTREIaZvx2nQWvQGjFb9IdAAn9No2ZjDGGZEm1rK8CL+INy9yn0UDTDl4AOC5m
kDAKy/1ne4t9nwHomW+NV+YBHxAeEEjSM0Y42nnb4+gZ46DmlY2KEFIvThYR9Kmd
ju10Noqgp99laEoL88e+SOgTj+GYPKoUWAn9UPbieTEIcdRNPs2hiXTD5J14fV7W
B0LgzNQYn9WgcxPGsh250qBYYT4nvpGtcjIXtSkokK7BJq7ClB8P19cttzr3e/rY
50dpDeA3wnCzOzJVx8S8t9g4VTkbyu96TPKctgEFLUeOkzkC/noQRCBamwIDAQAB
o4IDiDCCA4QwHQYDVR0OBBYEFKyRfVefQATQUOweHDFoUuB2Q0l1MB8GA1UdIwQY
MBaAFE1aKSH764pEjnrh7FoRuKuJjSL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUt
NzgwYTI1Y2QwZGQ5LzEvckpGOVY1OUFCTkJRN0I0Y01XaFM0SFpEU1hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUtNzgwYTI1Y2QwZGQ5
LzEvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBnAYIKwYBBQUHAQcBAf8EggGLMIIBhzCCAUAEAgABMIIB
OAMFAtR3HbwDBQXUdx4AAwUC1HcetAMFBdR3HwADBQbUdx9AAwUF1YInAAMEAdWC
KgMFBNWCLPADBQPVgjLoAwQA1YIzAwUF1YI0YAMFAtWCNNgDBQPVgjTgAwUG1YI1
AAMFA9WCNfAwDAMEA9WCOAMEANWCOgMEANWCPDALAwMB1cYDBALVxggwDQMEA9XG
GAMFA9XGGhADBADVxhwDBAHVxh4DBADVxjMDBAHVxjYDBADVxkEDBADVxkYwDQMF
B9XGSYADBALVxkgDBAHVxk4DBQfVxlIAAwUH1cZTADAMAwQC1cZUAwQA1cZWAwQA
1cZYAwQB1cZaAwQA1cZdAwUF1cZeYAMFBtXGX0AwDQMEBdXGYAMFBNXGYSADBQTV
xmFgMA4DBQPVxmF4AwUE1cZhgAMEAdXGYjBBBAIAAjA7MBADBgIgAQcoDAMGAiAB
BygQAwkAIAEHKCgBAAAwEgMHASABBygoBgMHASABBygoCAMIACABByhEEAEwDQYJ
KoZIhvcNAQELBQADggEBAF1Ba0Tbyamm9FkaAPmjWhsvWVbjkNAZAUNHRkpEPCCv
tCmqGGj4PtnymxsBsADl1AACx2Y4yiXh+cbeoyirEdQlz7OZGOOg28S674m2vGp3
kxGZ45cNJbVTlPuAsXYq680rq6yXWFFCdhPsWTOACA7YuuetKnZmLFeXQxem/VXE
vLvYUUBq9yWy5FpGabS/3HpcsnYlkA2SHbOevgseXg58IrgjipaHfZLqQpzRTkD9
OdrLDqnPinL+ksEua6re59LH9cHAsg/6SS+gWITgp+BgkIMM4o1oDKb2YRRgAYsI
4Kz5BwZDOrJra92yU3hdRpjqRYBZ8gGiQoh4Md90uX0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:40 2024 by rpki-client on console-fra.rpki-client.org