Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/DJQ9fkzb1aOZ8QXiyfJ2hhZ1vJM.roa
File: DJQ9fkzb1aOZ8QXiyfJ2hhZ1vJM.roa (raw, json)
Hash identifier: wmczAA3IrM70b7K2aP/+GIxdbLWX/BYIn7O8yIQeskQ=
Subject key identifier: 0C:94:3D:7E:4C:DB:D5:A3:99:F1:05:E2:C9:F2:76:86:16:75:BC:93
Certificate issuer: /CN=80a9fff63a3477957ff75ccdc003dab68cf9d155
Certificate serial: 018B86046286F507C4D15F699070FE94D091
Authority key identifier: 80:A9:FF:F6:3A:34:77:95:7F:F7:5C:CD:C0:03:DA:B6:8C:F9:D1:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gKn_9jo0d5V_91zNwAPatoz50VU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/DJQ9fkzb1aOZ8QXiyfJ2hhZ1vJM.roa
Signing time: Tue 31 Oct 2023 13:55:16 +0000
ROA not before: Tue 31 Oct 2023 13:55:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16276
IP address blocks: 152.228.128.0/17 maxlen: 17
94.23.0.0/16 maxlen: 16
51.178.0.0/16 maxlen: 16
51.77.0.0/16 maxlen: 16
151.80.0.0/16 maxlen: 16
193.70.0.0/17 maxlen: 17
91.134.0.0/16 maxlen: 16
162.19.128.0/17 maxlen: 17
145.239.0.0/16 maxlen: 16
137.74.0.0/16 maxlen: 16
149.202.0.0/16 maxlen: 16
188.165.0.0/16 maxlen: 16
54.37.0.0/16 maxlen: 16
51.195.0.0/16 maxlen: 16
141.94.0.0/16 maxlen: 16
92.222.0.0/16 maxlen: 16
91.121.0.0/16 maxlen: 16
5.39.0.0/17 maxlen: 17
198.244.128.0/17 maxlen: 17
213.32.0.0/17 maxlen: 17
146.59.0.0/17 maxlen: 17
178.32.0.0/15 maxlen: 15
146.59.0.0/16 maxlen: 16
37.59.0.0/16 maxlen: 16
37.187.0.0/16 maxlen: 16
141.227.128.0/20 maxlen: 24
54.36.0.0/16 maxlen: 16
162.19.0.0/17 maxlen: 17
51.83.0.0/16 maxlen: 16
213.251.128.0/18 maxlen: 18
79.137.0.0/17 maxlen: 17
141.95.128.0/17 maxlen: 17
51.210.0.0/16 maxlen: 16
135.125.128.0/17 maxlen: 17
213.186.32.0/19 maxlen: 19
51.75.0.0/16 maxlen: 16
54.38.0.0/16 maxlen: 16
51.38.0.0/16 maxlen: 16
46.105.198.0/24 maxlen: 24
46.105.199.0/24 maxlen: 24
46.105.200.0/24 maxlen: 24
46.105.201.0/24 maxlen: 24
46.105.202.0/24 maxlen: 24
46.105.203.0/24 maxlen: 24
46.105.204.0/24 maxlen: 24
46.105.206.0/24 maxlen: 24
46.105.207.0/24 maxlen: 24
51.254.0.0/15 maxlen: 15
51.89.0.0/16 maxlen: 16
5.135.0.0/16 maxlen: 16
135.125.0.0/17 maxlen: 17
57.128.0.0/17 maxlen: 17
51.91.0.0/16 maxlen: 16
217.182.0.0/16 maxlen: 16
51.68.0.0/16 maxlen: 16
5.196.0.0/16 maxlen: 16
164.132.0.0/16 maxlen: 16
141.95.0.0/17 maxlen: 17
176.31.0.0/16 maxlen: 16
147.135.128.0/17 maxlen: 17
87.98.128.0/17 maxlen: 17
57.128.128.0/18 maxlen: 18
46.105.0.0/16 maxlen: 16
2001:41d0:ab00::/40 maxlen: 48
2001:41d0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:86:04:62:86:f5:07:c4:d1:5f:69:90:70:fe:94:d0:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80a9fff63a3477957ff75ccdc003dab68cf9d155
Validity
Not Before: Oct 31 13:55:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c943d7e4cdbd5a399f105e2c9f276861675bc93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:e9:73:1f:76:e2:8f:ce:2e:8a:0a:23:d1:f3:
86:da:19:e5:3c:8e:9f:d2:bf:50:36:03:1c:fa:95:
c7:f8:b8:f8:05:ef:22:f3:65:05:28:b2:ed:bd:9f:
5a:2e:7a:8e:1a:34:5a:04:ac:f8:aa:a6:f0:15:d3:
d7:73:eb:f3:85:69:6a:bb:a4:44:d9:07:bc:b0:e1:
16:5e:ab:01:54:06:93:65:e7:5e:dc:8c:64:ea:0f:
9c:e2:c8:10:fe:2f:77:ac:b0:d0:fe:36:7b:d6:ef:
63:cd:0f:7c:d2:68:5b:ef:69:28:31:af:df:da:ce:
14:0f:44:e0:21:65:85:4a:0f:02:74:40:80:84:4b:
1d:06:da:4f:45:8e:91:ab:81:67:9b:b9:1f:40:a1:
a4:dc:ff:5a:5f:df:cb:6d:79:c4:4b:20:27:d0:db:
bb:6f:c8:34:33:78:50:ec:dc:46:e2:a2:81:b6:14:
21:ff:3c:c1:ea:fc:21:a9:81:f6:89:f4:2b:7b:7e:
b4:dc:09:ad:b2:06:02:53:47:8e:f5:01:60:26:27:
18:05:7c:2a:f1:05:27:dd:9c:11:c7:eb:df:b0:53:
bf:f9:90:8f:14:48:8d:37:a5:de:11:5b:6e:21:80:
f2:0d:72:fe:ff:b6:d3:b8:65:ba:39:62:81:12:f4:
87:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:94:3D:7E:4C:DB:D5:A3:99:F1:05:E2:C9:F2:76:86:16:75:BC:93
X509v3 Authority Key Identifier:
keyid:80:A9:FF:F6:3A:34:77:95:7F:F7:5C:CD:C0:03:DA:B6:8C:F9:D1:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gKn_9jo0d5V_91zNwAPatoz50VU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/DJQ9fkzb1aOZ8QXiyfJ2hhZ1vJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/gKn_9jo0d5V_91zNwAPatoz50VU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.0.0/17
5.135.0.0/16
5.196.0.0/16
37.59.0.0/16
37.187.0.0/16
46.105.0.0/16
51.38.0.0/16
51.68.0.0/16
51.75.0.0/16
51.77.0.0/16
51.83.0.0/16
51.89.0.0/16
51.91.0.0/16
51.178.0.0/16
51.195.0.0/16
51.210.0.0/16
51.254.0.0/15
54.36.0.0-54.38.255.255
57.128.0.0-57.128.191.255
79.137.0.0/17
87.98.128.0/17
91.121.0.0/16
91.134.0.0/16
92.222.0.0/16
94.23.0.0/16
135.125.0.0/16
137.74.0.0/16
141.94.0.0/15
141.227.128.0/20
145.239.0.0/16
146.59.0.0/16
147.135.128.0/17
149.202.0.0/16
151.80.0.0/16
152.228.128.0/17
162.19.0.0/16
164.132.0.0/16
176.31.0.0/16
178.32.0.0/15
188.165.0.0/16
193.70.0.0/17
198.244.128.0/17
213.32.0.0/17
213.186.32.0/19
213.251.128.0/18
217.182.0.0/16
IPv6:
2001:41d0::/32
Signature Algorithm: sha256WithRSAEncryption
03:1b:62:6c:f1:fc:57:94:f3:d3:c6:04:6b:cf:25:78:02:e5:
24:79:e8:f2:a3:19:81:48:7d:51:34:8a:8d:db:d2:f0:d7:39:
72:7f:b9:3f:da:b0:32:e7:02:fb:bf:00:34:f6:6c:7a:f6:fb:
0c:3f:89:9d:cf:f4:00:7a:f3:2a:50:e9:23:e1:a2:cf:c4:0d:
1d:d6:14:01:27:11:c5:df:58:cc:33:be:19:8e:3d:e6:93:6c:
23:ce:ac:34:6e:ef:6b:d9:ea:a8:5f:2b:7b:5c:ba:c8:29:0b:
99:dc:0f:09:89:c5:63:84:44:6d:32:d0:f9:f5:62:78:6c:8e:
80:28:3d:65:bf:d0:f0:ce:a1:d5:96:96:73:45:1e:3b:f1:48:
40:0c:d6:33:ff:f4:8e:c6:7e:76:46:4e:12:30:6c:89:ef:ea:
bb:ae:c2:95:01:05:b4:01:ff:9b:30:76:bd:2e:62:33:88:41:
bf:a3:8a:c0:c6:6a:87:4c:00:55:52:0e:88:dd:33:d4:78:5e:
4c:a7:40:10:a1:e1:9c:a3:fb:15:cb:38:58:80:d6:61:f5:52:
c3:93:35:16:e5:03:12:7c:f9:03:43:60:1a:c2:27:00:d7:32:
cc:0f:25:55:8c:9e:cc:d4:da:cb:8d:7c:ab:98:8f:12:5b:c3:
15:b9:9e:91
-----BEGIN CERTIFICATE-----
MIIGEDCCBPigAwIBAgISAYuGBGKG9QfE0V9pkHD+lNCRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYTlmZmY2M2EzNDc3OTU3ZmY3NWNjZGMwMDNkYWI2OGNm
OWQxNTUwHhcNMjMxMDMxMTM1NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzk0M2Q3ZTRjZGJkNWEzOTlmMTA1ZTJjOWYyNzY4NjE2NzViYzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhulzH3bij84uigoj0fOG2hnlPI6f
0r9QNgMc+pXH+Lj4Be8i82UFKLLtvZ9aLnqOGjRaBKz4qqbwFdPXc+vzhWlqu6RE
2Qe8sOEWXqsBVAaTZede3Ixk6g+c4sgQ/i93rLDQ/jZ71u9jzQ980mhb72koMa/f
2s4UD0TgIWWFSg8CdECAhEsdBtpPRY6Rq4Fnm7kfQKGk3P9aX9/LbXnESyAn0Nu7
b8g0M3hQ7NxG4qKBthQh/zzB6vwhqYH2ifQre3603AmtsgYCU0eO9QFgJicYBXwq
8QUn3ZwRx+vfsFO/+ZCPFEiNN6XeEVtuIYDyDXL+/7bTuGW6OWKBEvSHCQIDAQAB
o4IDHDCCAxgwHQYDVR0OBBYEFAyUPX5M29WjmfEF4snydoYWdbyTMB8GA1UdIwQY
MBaAFICp//Y6NHeVf/dczcAD2raM+dFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0tuXzlqbzBkNVZfOTF6TndBUGF0b3o1MFZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9iMDg0YmYtYTQ1NC00M2NmLWFjOTIt
NDdkOThlNTg1NDVhLzEvREpROWZremIxYU9aOFFYaXlmSjJoaFoxdkpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9iMDg0YmYtYTQ1NC00M2NmLWFjOTItNDdkOThlNTg1NDVh
LzEvZ0tuXzlqbzBkNVZfOTF6TndBUGF0b3o1MFZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMAYIKwYBBQUHAQcBAf8EggEfMIIBGzCCAQgEAgABMIIB
AAMEBwUnAAMDAAWHAwMABcQDAwAlOwMDACW7AwMALmkDAwAzJgMDADNEAwMAM0sD
AwAzTQMDADNTAwMAM1kDAwAzWwMDADOyAwMAM8MDAwAz0gMDATP+MAoDAwI2JAMD
ADYmMAsDAwc5gAMEBjmAgAMEB0+JAAMEB1digAMDAFt5AwMAW4YDAwBc3gMDAF4X
AwMAh30DAwCJSgMDAY1eAwQEjeOAAwMAke8DAwCSOwMEB5OHgAMDAJXKAwMAl1AD
BAeY5IADAwCiEwMDAKSEAwMAsB8DAwGyIAMDALylAwQHwUYAAwQHxvSAAwQH1SAA
AwQF1bogAwQG1fuAAwMA2bYwDQQCAAIwBwMFACABQdAwDQYJKoZIhvcNAQELBQAD
ggEBAAMbYmzx/FeU89PGBGvPJXgC5SR56PKjGYFIfVE0io3b0vDXOXJ/uT/asDLn
Avu/ADT2bHr2+ww/iZ3P9AB68ypQ6SPhos/EDR3WFAEnEcXfWMwzvhmOPeaTbCPO
rDRu72vZ6qhfK3tcusgpC5ncDwmJxWOERG0y0Pn1YnhsjoAoPWW/0PDOodWWlnNF
HjvxSEAM1jP/9I7GfnZGThIwbInv6ruuwpUBBbQB/5swdr0uYjOIQb+jisDGaodM
AFVSDojdM9R4XkynQBCh4Zyj+xXLOFiA1mH1UsOTNRblAxJ8+QNDYBrCJwDXMswP
JVWMnszU2suNfKuYjxJbwxW5npE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:23 2024 by rpki-client on console-fra.rpki-client.org