Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/djTGFje_pHo2KgvPKMbEQD1Ti2k.roa
File: djTGFje_pHo2KgvPKMbEQD1Ti2k.roa (raw, json)
Hash identifier: uNVdqu262ybJgbiwRzST1XPopqTKKWM1eGVZ4zd4M/g=
Subject key identifier: 76:34:C6:16:37:BF:A4:7A:36:2A:0B:CF:28:C6:C4:40:3D:53:8B:69
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 0193D9706D5882B2552A5FEAA6FD1C1A33B5
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/djTGFje_pHo2KgvPKMbEQD1Ti2k.roa
Signing time: Wed 18 Dec 2024 11:04:03 +0000
ROA not before: Wed 18 Dec 2024 11:04:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8849
IP address blocks: 5.42.206.0/24 maxlen: 24
5.44.249.0/24 maxlen: 24
31.222.226.0/24 maxlen: 24
62.122.187.0/24 maxlen: 24
88.210.36.0/23 maxlen: 24
89.36.162.0/24 maxlen: 24
89.36.163.0/24 maxlen: 24
89.40.226.0/24 maxlen: 24
91.192.81.0/24 maxlen: 24
95.174.68.0/24 maxlen: 24
95.174.69.0/24 maxlen: 24
95.174.70.0/24 maxlen: 24
95.174.71.0/24 maxlen: 24
103.97.91.0/24 maxlen: 24
103.111.112.0/22 maxlen: 22
103.253.36.0/24 maxlen: 24
109.122.207.0/24 maxlen: 24
146.19.196.0/24 maxlen: 24
158.255.76.0/24 maxlen: 24
176.97.192.0/24 maxlen: 24
185.140.210.0/24 maxlen: 24
185.140.211.0/24 maxlen: 24
185.147.53.0/24 maxlen: 24
185.224.249.0/24 maxlen: 24
185.230.245.0/24 maxlen: 24
193.35.224.0/24 maxlen: 24
2a06:f901:4000::/36 maxlen: 36
2a06:f901:8000::/36 maxlen: 36
2a06:f901:c000::/36 maxlen: 36
2a06:f902:4000::/36 maxlen: 36
2a06:f902:8000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d9:70:6d:58:82:b2:55:2a:5f:ea:a6:fd:1c:1a:33:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: Dec 18 11:04:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7634c61637bfa47a362a0bcf28c6c4403d538b69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:40:43:78:87:67:ea:b6:90:2f:e5:a0:81:54:
9a:11:7e:d3:62:fe:56:08:b4:41:a9:06:e7:09:fd:
c1:58:8a:85:7c:1b:86:74:86:d6:73:f3:61:26:09:
e8:73:05:b4:cf:18:eb:39:87:c7:c6:25:41:25:47:
f5:88:aa:6a:cd:e4:03:08:10:b6:17:17:fd:c8:78:
c5:6b:db:98:3f:e0:3b:c9:32:f3:c2:6b:06:ae:96:
f1:af:f5:fc:21:c5:e9:65:80:27:fd:2f:d1:22:86:
04:ea:d4:0a:d0:15:5b:27:be:09:34:d4:f9:b3:f2:
2c:88:1d:25:95:17:d5:43:59:98:55:72:e8:ac:87:
74:6b:62:c8:50:e0:67:18:a2:0e:be:83:60:46:ac:
19:55:e7:29:19:ab:72:f2:1e:9a:32:89:44:bc:13:
ba:b0:77:8b:48:8a:15:39:a6:b8:85:d1:5a:c2:f8:
01:4b:a6:1b:8e:49:2f:46:37:14:92:a0:84:bf:e9:
d9:e5:a3:3c:46:fa:ee:89:d0:23:28:5a:b1:8b:36:
58:3a:15:31:86:14:a5:f0:fc:91:64:e8:38:3b:84:
c0:c5:ba:bc:02:b5:9e:e1:93:9e:2f:df:ca:75:c1:
48:cc:c3:36:b4:5c:79:10:10:7a:0f:42:62:58:20:
a4:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:34:C6:16:37:BF:A4:7A:36:2A:0B:CF:28:C6:C4:40:3D:53:8B:69
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/djTGFje_pHo2KgvPKMbEQD1Ti2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.206.0/24
5.44.249.0/24
31.222.226.0/24
62.122.187.0/24
88.210.36.0/23
89.36.162.0/23
89.40.226.0/24
91.192.81.0/24
95.174.68.0/22
103.97.91.0/24
103.111.112.0/22
103.253.36.0/24
109.122.207.0/24
146.19.196.0/24
158.255.76.0/24
176.97.192.0/24
185.140.210.0/23
185.147.53.0/24
185.224.249.0/24
185.230.245.0/24
193.35.224.0/24
IPv6:
2a06:f901:4000::/36
2a06:f901:8000::/36
2a06:f901:c000::/36
2a06:f902:4000::/36
2a06:f902:8000::/36
Signature Algorithm: sha256WithRSAEncryption
08:54:72:91:d9:f6:fc:9a:57:42:cf:4a:4b:7a:77:dc:58:da:
80:fb:25:bc:f9:f7:7e:b1:01:6b:74:b1:d3:14:7b:e5:f6:66:
5f:e9:1e:09:8e:b9:fe:99:ff:09:26:b0:d0:ad:8a:2b:df:bf:
bd:b0:ab:6e:28:b9:37:bf:7b:1a:1e:e6:c9:01:2c:4c:26:71:
46:b5:de:6a:2c:e9:9a:11:1e:75:3e:9f:bc:e0:14:63:fa:14:
97:6b:0a:35:f5:bc:1e:f9:24:8d:20:91:78:26:82:b6:cb:fb:
26:5e:35:6c:81:61:7a:55:4b:16:c0:07:8c:40:fa:9c:ea:ea:
bd:82:84:d3:6a:f7:e0:db:ab:2d:d7:9a:9e:5f:44:67:f6:90:
c9:7b:d1:26:fa:67:91:8e:c6:bb:bf:7d:b8:b7:bc:26:bd:08:
91:4c:30:9f:dc:99:fc:e0:d7:35:b1:85:4f:44:4f:00:d7:fa:
ca:9d:9c:57:f9:38:d4:02:22:b5:09:40:ea:db:34:e1:8a:86:
d0:0b:41:6f:26:c3:2b:66:b0:3d:80:80:64:52:9c:3f:29:2f:
22:49:8e:9b:f6:af:9e:fe:f0:db:8e:cd:cd:a1:9a:8e:f8:e6:
4a:9a:09:bb:f8:0c:60:08:40:2b:42:5a:a9:b2:fc:1d:fe:fa:
1e:25:ba:80
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZPZcG1YgrJVKl/qpv0cGjO1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3
NDIxYTYwHhcNMjQxMjE4MTEwNDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjM0YzYxNjM3YmZhNDdhMzYyYTBiY2YyOGM2YzQ0MDNkNTM4YjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0BDeIdn6raQL+WggVSaEX7TYv5W
CLRBqQbnCf3BWIqFfBuGdIbWc/NhJgnocwW0zxjrOYfHxiVBJUf1iKpqzeQDCBC2
Fxf9yHjFa9uYP+A7yTLzwmsGrpbxr/X8IcXpZYAn/S/RIoYE6tQK0BVbJ74JNNT5
s/IsiB0llRfVQ1mYVXLorId0a2LIUOBnGKIOvoNgRqwZVecpGaty8h6aMolEvBO6
sHeLSIoVOaa4hdFawvgBS6YbjkkvRjcUkqCEv+nZ5aM8RvruidAjKFqxizZYOhUx
hhSl8PyRZOg4O4TAxbq8ArWe4ZOeL9/KdcFIzMM2tFx5EBB6D0JiWCCkXwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFHY0xhY3v6R6NioLzyjGxEA9U4tpMB8GA1UdIwQY
MBaAFA/r+/1vk3xa454+OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGIt
N2Q3MDM3NGQ3NmQyLzEvZGpUR0ZqZV9wSG8yS2d2UEtNYkVRRDFUaTJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQy
LzEvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHKBggrBgEFBQcBBwEB/wSBujCBtzCBhAQCAAEwfgMEAAUq
zgMEAAUs+QMEAB/e4gMEAD56uwMEAVjSJAMEAVkkogMEAFko4gMEAFvAUQMEAl+u
RAMEAGdhWwMEAmdvcAMEAGf9JAMEAG16zwMEAJITxAMEAJ7/TAMEALBhwAMEAbmM
0gMEALmTNQMEALng+QMEALnm9QMEAMEj4DAuBAIAAjAoAwYEKgb5AUADBgQqBvkB
gAMGBCoG+QHAAwYEKgb5AkADBgQqBvkCgDANBgkqhkiG9w0BAQsFAAOCAQEACFRy
kdn2/JpXQs9KS3p33FjagPslvPn3frEBa3Sx0xR75fZmX+keCY65/pn/CSaw0K2K
K9+/vbCrbii5N797Gh7myQEsTCZxRrXeaizpmhEedT6fvOAUY/oUl2sKNfW8Hvkk
jSCReCaCtsv7Jl41bIFhelVLFsAHjED6nOrqvYKE02r34NurLdeanl9EZ/aQyXvR
JvpnkY7Gu799uLe8Jr0IkUwwn9yZ/ODXNbGFT0RPANf6yp2cV/k41AIitQlA6ts0
4YqG0AtBbybDK2awPYCAZFKcPykvIkmOm/avnv7w247NzaGajvjmSpoJu/gMYAhA
K0JaqbL8Hf76HiW6gA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:18:05 2025 by rpki-client