Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/1-JukX1w13q4oxJeek8vUklvcyeI.roa
File: 1-JukX1w13q4oxJeek8vUklvcyeI.roa (raw, json)
Hash identifier: wUhjxxQ0HrUwBqewA4Ruwbxz6oGAd3fcTgED650TVH4=
Subject key identifier: F8:9B:A4:5F:5C:35:DE:AE:28:C4:97:9E:93:CB:D4:92:5B:DC:C9:E2
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 018CC94E5BF1260825678BB3000F487809DB
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/1-JukX1w13q4oxJeek8vUklvcyeI.roa
Signing time: Tue 02 Jan 2024 08:33:24 +0000
ROA not before: Tue 02 Jan 2024 08:33:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24961
IP address blocks: 185.219.208.0/22 maxlen: 24
78.31.64.0/21 maxlen: 24
93.186.192.0/20 maxlen: 24
83.136.80.0/21 maxlen: 24
46.20.32.0/20 maxlen: 24
85.114.128.0/19 maxlen: 24
5.104.104.0/21 maxlen: 24
85.14.192.0/18 maxlen: 24
62.141.32.0/20 maxlen: 24
37.157.248.0/21 maxlen: 24
46.228.192.0/20 maxlen: 24
194.107.129.0/24 maxlen: 24
81.30.144.0/20 maxlen: 24
80.82.208.0/20 maxlen: 24
91.212.159.0/24 maxlen: 24
91.212.153.0/24 maxlen: 24
89.163.128.0/17 maxlen: 24
146.0.32.0/20 maxlen: 24
91.194.84.0/24 maxlen: 24
213.202.192.0/18 maxlen: 24
5.199.128.0/20 maxlen: 24
185.15.244.0/22 maxlen: 24
217.79.176.0/20 maxlen: 24
193.111.198.0/23 maxlen: 24
2001:4ba4::/32 maxlen: 32
2a01:480::/32 maxlen: 32
2001:4ba1::/32 maxlen: 32
2001:4ba0::/32 maxlen: 32
2001:4ba3::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 23 Jan 2024 06:41:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:5b:f1:26:08:25:67:8b:b3:00:0f:48:78:09:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Jan 2 08:33:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f89ba45f5c35deae28c4979e93cbd4925bdcc9e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:cb:1d:75:b6:2e:97:3c:b4:17:e1:c4:ef:31:
17:fe:3a:43:0b:07:3a:86:50:9d:48:f7:79:de:1c:
10:fa:1e:ad:fc:83:fa:ee:64:ba:1a:6b:1b:fa:34:
a3:55:30:c4:f3:cf:bb:8f:87:9a:2d:83:cc:63:0e:
37:d8:8c:29:78:c4:48:ff:0b:38:78:20:46:aa:79:
aa:97:c1:b5:00:56:86:0e:52:d3:26:5c:b3:bc:03:
15:9f:c6:bf:2c:6d:e8:bb:a1:7e:6d:af:f2:a7:c4:
bb:d4:0c:9b:89:d0:e6:aa:2e:20:d8:18:29:6c:24:
ce:ad:f3:a4:78:b9:db:9d:22:8c:8c:6a:13:35:6e:
fc:3e:9c:8e:81:0b:59:d8:d9:c8:46:da:f0:c1:fe:
2b:77:2c:94:93:a6:92:fa:76:aa:8c:80:d7:2c:07:
30:63:ee:26:1c:ee:f2:cf:ac:78:32:0c:4c:dd:f4:
4d:4e:51:94:ca:28:87:e5:23:d7:59:35:64:40:df:
43:ef:16:7b:00:cb:86:f7:9b:d5:73:11:9f:bc:4f:
ad:17:00:da:5b:7d:21:60:14:99:49:1b:5c:f3:08:
96:76:03:4b:25:47:ae:e3:9b:6c:07:9c:0c:61:0d:
b6:01:0d:c9:67:68:41:55:42:02:2b:95:f4:40:5d:
82:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:9B:A4:5F:5C:35:DE:AE:28:C4:97:9E:93:CB:D4:92:5B:DC:C9:E2
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/1-JukX1w13q4oxJeek8vUklvcyeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.104.0/21
5.199.128.0/20
37.157.248.0/21
46.20.32.0/20
46.228.192.0/20
62.141.32.0/20
78.31.64.0/21
80.82.208.0/20
81.30.144.0/20
83.136.80.0/21
85.14.192.0/18
85.114.128.0/19
89.163.128.0/17
91.194.84.0/24
91.212.153.0/24
91.212.159.0/24
93.186.192.0/20
146.0.32.0/20
185.15.244.0/22
185.219.208.0/22
193.111.198.0/23
194.107.129.0/24
213.202.192.0/18
217.79.176.0/20
IPv6:
2001:4ba0::/31
2001:4ba3::-2001:4ba4:ffff:ffff:ffff:ffff:ffff:ffff
2a01:480::/32
Signature Algorithm: sha256WithRSAEncryption
2c:23:f9:32:a3:e9:0b:45:97:e9:5d:d8:6e:74:7f:b8:57:0c:
38:87:b5:8e:08:23:34:fb:8f:ba:da:ee:38:6d:92:19:81:a7:
61:df:33:1e:2b:78:a4:d3:4f:ac:0b:14:f1:f5:86:a4:67:bc:
cf:7a:81:c4:28:54:ff:5f:7a:03:22:3a:fd:03:66:0e:0a:f6:
b1:26:aa:0a:6b:d0:4d:3b:2d:a5:5e:19:fa:12:74:9e:e0:b6:
af:c6:6f:e9:20:e3:9a:a7:fd:86:fa:3f:98:01:78:99:c4:6f:
14:cb:7a:ca:41:c4:9b:89:50:79:59:aa:f9:1b:2a:85:f2:52:
1f:cf:5b:ed:4e:48:e9:f3:13:15:28:1c:fb:0b:85:dc:da:ed:
ae:e3:d0:e8:93:2a:f8:49:27:cc:a9:e8:e7:4e:c2:be:d8:ac:
6d:2a:5a:a7:b9:c0:b0:c6:ec:f2:e9:7f:10:88:74:4d:0e:17:
32:83:23:71:6e:4e:9b:d4:ba:87:df:e7:86:62:62:4d:50:a8:
98:4f:93:a0:d8:15:18:0b:f2:82:47:f0:04:4f:de:58:56:96:
7e:84:a0:08:b5:42:10:90:2a:5f:59:aa:82:94:ec:06:8c:61:
eb:48:29:85:8f:95:fc:63:70:a7:b4:d8:d6:b6:c6:85:4e:78:
eb:05:82:52
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYzJTlvxJgglZ4uzAA9IeAnbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjQwMTAyMDgzMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODliYTQ1ZjVjMzVkZWFlMjhjNDk3OWU5M2NiZDQ5MjViZGNjOWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMsddbYulzy0F+HE7zEX/jpDCwc6
hlCdSPd53hwQ+h6t/IP67mS6Gmsb+jSjVTDE88+7j4eaLYPMYw432IwpeMRI/ws4
eCBGqnmql8G1AFaGDlLTJlyzvAMVn8a/LG3ou6F+ba/yp8S71AybidDmqi4g2Bgp
bCTOrfOkeLnbnSKMjGoTNW78PpyOgQtZ2NnIRtrwwf4rdyyUk6aS+naqjIDXLAcw
Y+4mHO7yz6x4MgxM3fRNTlGUyiiH5SPXWTVkQN9D7xZ7AMuG95vVcxGfvE+tFwDa
W30hYBSZSRtc8wiWdgNLJUeu45tsB5wMYQ22AQ3JZ2hBVUICK5X0QF2CHQIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFPibpF9cNd6uKMSXnpPL1JJb3MniMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvMS1KdWtYMXcxM3E0b3hKZWVrOHZVa2x2Y3llSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGMvMjZjM2UxLTY0ODYtNGUwOS05OWE0LWE2ODczYjM3NGUy
Ni8xLzdHdENBaGlHMk83YnJwRFo1cXNkNVRQRkRTQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB0wYIKwYBBQUHAQcBAf8EgcMwgcAwgZcEAgABMIGQAwQD
BWhoAwQEBceAAwQDJZ34AwQELhQgAwQELuTAAwQEPo0gAwQDTh9AAwQEUFLQAwQE
UR6QAwQDU4hQAwQGVQ7AAwQFVXKAAwQHWaOAAwQAW8JUAwQAW9SZAwQAW9SfAwQE
XbrAAwQEkgAgAwQCuQ/0AwQCudvQAwQBwW/GAwQAwmuBAwQG1crAAwQE2U+wMCQE
AgACMB4DBQEgAUugMA4DBQAgAUujAwUAIAFLpAMFACoBBIAwDQYJKoZIhvcNAQEL
BQADggEBACwj+TKj6QtFl+ld2G50f7hXDDiHtY4IIzT7j7ra7jhtkhmBp2HfMx4r
eKTTT6wLFPH1hqRnvM96gcQoVP9fegMiOv0DZg4K9rEmqgpr0E07LaVeGfoSdJ7g
tq/Gb+kg45qn/Yb6P5gBeJnEbxTLespBxJuJUHlZqvkbKoXyUh/PW+1OSOnzExUo
HPsLhdza7a7j0OiTKvhJJ8yp6OdOwr7YrG0qWqe5wLDG7PLpfxCIdE0OFzKDI3Fu
TpvUuoff54ZiYk1QqJhPk6DYFRgL8oJH8ARP3lhWln6EoAi1QhCQKl9ZqoKU7AaM
YetIKYWPlfxjcKe02Na2xoVOeOsFglI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:25 2024 by rpki-client on console-fra.rpki-client.org