Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/jq-47XNewEiLmTyjO0AYXPAqReg.roa
File: jq-47XNewEiLmTyjO0AYXPAqReg.roa (raw, json)
Hash identifier: CchdG/K1vGRbFQ13LT5FdEWM/CjoItHht/Dc68wRy/Y=
Subject key identifier: 8E:AF:B8:ED:73:5E:C0:48:8B:99:3C:A3:3B:40:18:5C:F0:2A:45:E8
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 0187A31566220E069E8A6AD0DC4CA2AD0ADF
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/jq-47XNewEiLmTyjO0AYXPAqReg.roa
Signing time: Fri 21 Apr 2023 09:11:41 +0000
ROA not before: Fri 21 Apr 2023 09:11:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45012
IP address blocks: 193.22.255.0/24 maxlen: 24
185.80.92.0/24 maxlen: 24
185.80.93.0/24 maxlen: 24
185.80.94.0/23 maxlen: 23
185.137.168.0/22 maxlen: 24
91.220.49.0/24 maxlen: 24
128.127.65.0/24 maxlen: 24
128.127.66.0/24 maxlen: 24
194.145.226.0/24 maxlen: 24
91.203.108.0/22 maxlen: 24
178.250.170.0/24 maxlen: 24
178.250.174.0/24 maxlen: 24
93.90.178.0/24 maxlen: 24
93.90.180.0/23 maxlen: 24
37.218.252.0/24 maxlen: 24
37.218.248.0/22 maxlen: 22
91.203.212.0/22 maxlen: 24
37.218.254.0/24 maxlen: 24
195.82.152.0/23 maxlen: 24
178.20.96.0/21 maxlen: 24
188.64.46.0/23 maxlen: 24
5.44.108.0/22 maxlen: 24
192.162.87.0/24 maxlen: 24
185.207.230.0/24 maxlen: 24
185.207.228.0/22 maxlen: 24
185.207.228.0/24 maxlen: 24
31.47.240.0/20 maxlen: 24
195.5.120.0/23 maxlen: 24
81.88.16.0/24 maxlen: 24
89.22.100.0/22 maxlen: 24
81.88.28.0/22 maxlen: 24
89.22.106.0/24 maxlen: 24
89.22.108.0/24 maxlen: 24
89.22.110.0/23 maxlen: 24
89.22.112.0/22 maxlen: 24
89.22.116.0/22 maxlen: 24
89.22.122.0/23 maxlen: 24
89.22.124.0/22 maxlen: 24
5.44.100.0/23 maxlen: 24
5.44.102.0/23 maxlen: 24
5.44.104.0/22 maxlen: 24
2a00:fa40:2000::/36 maxlen: 64
2a00:fa40:4000::/36 maxlen: 36
2a00:fa40:3000::/36 maxlen: 36
2a02:a60:8000::/33 maxlen: 64
2a01:64c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 13 Jul 2023 12:23:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a3:15:66:22:0e:06:9e:8a:6a:d0:dc:4c:a2:ad:0a:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Apr 21 09:11:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8eafb8ed735ec0488b993ca33b40185cf02a45e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:92:ae:9f:55:69:de:f9:d2:70:05:be:90:4c:
ca:ba:70:f5:61:25:91:ae:6e:3c:f7:85:fa:48:f4:
61:6b:49:46:cb:e6:7b:4a:c6:82:7d:95:b2:eb:c7:
88:fb:5b:83:b8:53:a8:78:4d:9e:01:d6:fe:78:b7:
7d:15:0f:64:21:01:3c:6a:f2:29:a1:b9:4d:0a:70:
3f:f3:79:d8:17:dd:c6:b6:3d:04:f9:68:ed:e5:e9:
35:f2:be:1b:9f:e4:51:16:35:e1:9d:4d:43:6b:14:
91:e2:80:b3:2e:d2:22:cf:92:84:41:6f:fe:08:5b:
ae:15:b7:f1:7b:60:07:ca:b3:eb:64:0e:b9:21:69:
ef:ee:7b:e6:7f:0a:cb:be:6a:e5:2b:b4:ae:91:60:
85:bf:da:1d:10:4d:75:b6:bf:a7:79:44:ad:f1:ba:
2c:17:25:6d:33:d5:00:71:72:ff:54:3b:82:40:d9:
a7:a4:0f:19:be:cd:68:20:0c:69:8d:13:7c:d4:08:
7f:7b:63:73:f0:50:2b:ca:61:b5:15:93:c7:51:8e:
61:c6:32:b2:aa:52:cc:62:45:4d:76:2b:e6:5d:80:
d1:23:09:ac:40:44:15:87:a5:1a:16:95:db:8a:36:
bb:70:1d:f8:c3:59:f7:f7:5f:51:4d:a0:56:2e:ea:
4f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:AF:B8:ED:73:5E:C0:48:8B:99:3C:A3:3B:40:18:5C:F0:2A:45:E8
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/jq-47XNewEiLmTyjO0AYXPAqReg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.100.0-5.44.111.255
31.47.240.0/20
37.218.248.0-37.218.252.255
37.218.254.0/24
81.88.16.0/24
81.88.28.0/22
89.22.100.0/22
89.22.106.0/24
89.22.108.0/24
89.22.110.0-89.22.119.255
89.22.122.0-89.22.127.255
91.203.108.0/22
91.203.212.0/22
91.220.49.0/24
93.90.178.0/24
93.90.180.0/23
128.127.65.0-128.127.66.255
178.20.96.0/21
178.250.170.0/24
178.250.174.0/24
185.80.92.0/22
185.137.168.0/22
185.207.228.0/22
188.64.46.0/23
192.162.87.0/24
193.22.255.0/24
194.145.226.0/24
195.5.120.0/23
195.82.152.0/23
IPv6:
2a00:fa40:2000::-2a00:fa40:4fff:ffff:ffff:ffff:ffff:ffff
2a01:64c0::/32
2a02:a60:8000::/33
Signature Algorithm: sha256WithRSAEncryption
78:6a:7d:f5:54:c8:bb:b0:2e:bc:fb:16:4e:5d:8e:e3:95:aa:
eb:99:91:52:b9:56:d3:2b:58:38:5e:e9:d5:f8:cb:00:e6:5f:
8f:53:f7:4a:36:11:4f:6e:03:2e:22:85:21:9b:88:c6:08:af:
5f:58:36:10:0f:6b:b3:e3:7b:6b:69:fa:f3:e8:84:57:5f:6a:
96:ad:b9:c4:47:05:f8:55:4b:14:2c:be:8e:e5:13:f1:1e:fa:
7a:f9:35:0b:f6:ff:17:82:1f:86:c6:44:c5:02:dd:48:15:a4:
f6:ae:14:b7:aa:05:5a:ff:4c:5a:dd:ac:5a:bf:18:e9:69:68:
15:2e:09:ac:d9:02:da:45:c9:87:5e:8d:c8:df:ba:66:6c:15:
04:d1:04:cc:89:bc:5c:c5:7a:db:4e:52:9a:84:4f:06:64:b7:
1b:2b:29:ad:46:24:12:31:e0:9c:cb:b2:e0:0d:cf:48:c5:a0:
b6:12:62:83:59:4f:1a:f9:82:a8:dd:e8:5a:5c:23:ba:74:f5:
cd:68:13:51:7d:18:31:83:0c:a1:18:93:69:3a:86:ba:6c:ea:
aa:ef:bd:d6:f2:6a:6b:e5:5b:56:96:dc:0f:be:69:99:32:c2:
4e:29:44:01:15:bc:78:a2:8f:e5:ac:62:c1:99:50:09:89:60:
10:1b:d1:72
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISAYejFWYiDgaeimrQ3EyirQrfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjMwNDIxMDkxMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWFmYjhlZDczNWVjMDQ4OGI5OTNjYTMzYjQwMTg1Y2YwMmE0NWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZKun1Vp3vnScAW+kEzKunD1YSWR
rm4894X6SPRha0lGy+Z7SsaCfZWy68eI+1uDuFOoeE2eAdb+eLd9FQ9kIQE8avIp
oblNCnA/83nYF93Gtj0E+Wjt5ek18r4bn+RRFjXhnU1DaxSR4oCzLtIiz5KEQW/+
CFuuFbfxe2AHyrPrZA65IWnv7nvmfwrLvmrlK7SukWCFv9odEE11tr+neUSt8bos
FyVtM9UAcXL/VDuCQNmnpA8Zvs1oIAxpjRN81Ah/e2Nz8FArymG1FZPHUY5hxjKy
qlLMYkVNdivmXYDRIwmsQEQVh6UaFpXbija7cB34w1n3919RTaBWLupPHwIDAQAB
o4IDCjCCAwYwHQYDVR0OBBYEFI6vuO1zXsBIi5k8oztAGFzwKkXoMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvanEtNDdYTmV3RWlMbVR5ak8wQVlYUEFxUmVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHgYIKwYBBQUHAQcBAf8EggENMIIBCTCB3QQCAAEwgdYw
DAMEAgUsZAMEBAUsYAMEBB8v8DAMAwQDJdr4AwQAJdr8AwQAJdr+AwQAUVgQAwQC
UVgcAwQCWRZkAwQAWRZqAwQAWRZsMAwDBAFZFm4DBANZFnAwDAMEAVkWegMEB1kW
AAMEAlvLbAMEAlvL1AMEAFvcMQMEAF1asgMEAV1atDAMAwQAgH9BAwQAgH9CAwQD
shRgAwQAsvqqAwQAsvquAwQCuVBcAwQCuYmoAwQCuc/kAwQBvEAuAwQAwKJXAwQA
wRb/AwQAwpHiAwQBwwV4AwQBw1KYMCcEAgACMCEwEAMGBSoA+kAgAwYEKgD6QEAD
BQAqAWTAAwYHKgIKYIAwDQYJKoZIhvcNAQELBQADggEBAHhqffVUyLuwLrz7Fk5d
juOVquuZkVK5VtMrWDhe6dX4ywDmX49T90o2EU9uAy4ihSGbiMYIr19YNhAPa7Pj
e2tp+vPohFdfapatucRHBfhVSxQsvo7lE/Ee+nr5NQv2/xeCH4bGRMUC3UgVpPau
FLeqBVr/TFrdrFq/GOlpaBUuCazZAtpFyYdejcjfumZsFQTRBMyJvFzFettOUpqE
TwZktxsrKa1GJBIx4JzLsuANz0jFoLYSYoNZTxr5gqjd6FpcI7p09c1oE1F9GDGD
DKEYk2k6hrps6qrvvdbyamvlW1aW3A++aZkywk4pRAEVvHiij+WsYsGZUAmJYBAb
0XI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:44 2024 by rpki-client on console-ams.rpki-client.org