Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/vaWV-YrXg0KLNmw2rxKy1K05UQM.roa
File: vaWV-YrXg0KLNmw2rxKy1K05UQM.roa (raw, json)
Hash identifier: 3EaXL9cTOu+LL0QF/LSbwwqxC5jTgMQ48sG8wheu82o=
Subject key identifier: BD:A5:95:F9:8A:D7:83:42:8B:36:6C:36:AF:12:B2:D4:AD:39:51:03
Certificate issuer: /CN=5324defbaade93e998e13a942029dd593b8b2ea3
Certificate serial: 018A791AC6E4EB56D88A7045F204849D3CBB
Authority key identifier: 53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/vaWV-YrXg0KLNmw2rxKy1K05UQM.roa
Signing time: Sat 09 Sep 2023 08:41:52 +0000
ROA not before: Sat 09 Sep 2023 08:41:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59447
IP address blocks: 198.55.29.0/24 maxlen: 24
198.55.28.0/24 maxlen: 24
198.55.31.0/24 maxlen: 24
198.55.30.0/24 maxlen: 24
185.4.225.0/24 maxlen: 24
23.252.67.0/24 maxlen: 24
23.252.68.0/24 maxlen: 24
23.252.71.0/24 maxlen: 24
23.252.76.0/24 maxlen: 24
23.252.79.0/24 maxlen: 24
185.161.110.0/24 maxlen: 24
162.218.177.0/24 maxlen: 24
162.218.176.0/24 maxlen: 24
162.218.179.0/24 maxlen: 24
162.218.178.0/24 maxlen: 24
167.160.1.0/24 maxlen: 24
167.160.0.0/24 maxlen: 24
167.160.3.0/24 maxlen: 24
162.222.90.0/24 maxlen: 24
162.222.89.0/24 maxlen: 24
167.160.17.0/24 maxlen: 24
167.160.13.0/24 maxlen: 24
167.160.21.0/24 maxlen: 24
167.160.28.0/24 maxlen: 24
167.160.30.0/24 maxlen: 24
167.160.29.0/24 maxlen: 24
107.150.163.0/24 maxlen: 24
107.150.162.0/24 maxlen: 24
107.150.164.0/24 maxlen: 24
107.150.166.0/24 maxlen: 24
107.150.167.0/24 maxlen: 24
107.150.168.0/24 maxlen: 24
107.150.169.0/24 maxlen: 24
107.150.172.0/24 maxlen: 24
107.150.171.0/24 maxlen: 24
107.150.173.0/24 maxlen: 24
107.150.175.0/24 maxlen: 24
2a07:5140::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:79:1a:c6:e4:eb:56:d8:8a:70:45:f2:04:84:9d:3c:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5324defbaade93e998e13a942029dd593b8b2ea3
Validity
Not Before: Sep 9 08:41:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bda595f98ad783428b366c36af12b2d4ad395103
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a9:2e:01:1d:67:ec:57:ca:7a:2c:38:45:ab:
c1:b4:4e:08:29:ad:94:34:82:a5:48:41:5b:98:98:
26:5b:29:a2:66:59:29:fc:51:4d:4e:8a:04:47:20:
63:82:ba:c5:97:28:70:db:10:fd:ca:1a:69:b8:76:
1c:e1:2d:26:32:cb:99:d7:54:a2:f8:ed:2c:44:cd:
a0:c3:7b:51:72:d4:93:43:8d:0e:60:35:0f:47:75:
53:93:24:b8:83:28:c8:78:de:a7:6e:4e:58:c7:66:
9f:aa:46:31:a5:92:89:ab:15:18:11:5b:1b:1d:ed:
ba:88:50:5a:98:53:09:36:87:df:e8:d3:ef:c9:af:
51:e6:1c:44:53:be:cd:c4:c1:62:24:a8:93:20:08:
54:1d:58:72:ee:97:6f:15:92:18:c6:47:82:67:a9:
f0:e9:84:79:cd:19:a0:64:9a:02:78:b2:53:e7:28:
69:b2:6d:b5:16:87:fe:67:fa:5f:6e:40:36:4b:41:
02:ea:7d:f7:a3:68:0d:3a:2b:c2:da:a2:b5:5d:d8:
24:e4:61:8f:d8:6b:d4:b9:d0:ce:a1:cb:42:ea:f4:
57:85:25:ca:61:ee:d9:ab:ad:c0:19:87:e5:88:bd:
9f:cd:f3:bf:6a:b2:4e:11:56:ea:39:74:7e:17:74:
11:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:A5:95:F9:8A:D7:83:42:8B:36:6C:36:AF:12:B2:D4:AD:39:51:03
X509v3 Authority Key Identifier:
keyid:53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/vaWV-YrXg0KLNmw2rxKy1K05UQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UyTe-6rek-mY4TqUICndWTuLLqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.252.67.0-23.252.68.255
23.252.71.0/24
23.252.76.0/24
23.252.79.0/24
107.150.162.0-107.150.164.255
107.150.166.0-107.150.169.255
107.150.171.0-107.150.173.255
107.150.175.0/24
162.218.176.0/22
162.222.89.0-162.222.90.255
167.160.0.0/23
167.160.3.0/24
167.160.13.0/24
167.160.17.0/24
167.160.21.0/24
167.160.28.0-167.160.30.255
185.4.225.0/24
185.161.110.0/24
198.55.28.0/22
IPv6:
2a07:5140::/29
Signature Algorithm: sha256WithRSAEncryption
a6:39:ae:a9:a2:38:81:db:6e:40:89:86:8d:f7:9d:15:0a:1b:
75:37:63:c9:81:db:b7:f7:8a:fd:91:6f:f4:27:c5:1d:38:f3:
60:84:8e:33:52:75:ab:0b:d6:0a:de:86:b9:cd:69:42:c5:b6:
0f:af:05:ff:d6:00:51:93:2f:6d:a3:4c:5d:8d:7b:92:35:94:
9f:25:03:ad:a7:27:ed:d0:77:a8:0d:54:25:b0:e6:e3:67:02:
d3:a7:68:6a:5c:94:d7:f2:f2:8a:a5:76:4f:12:b4:4a:a2:4d:
43:e0:1b:5c:4f:a4:e7:b0:6f:b6:c2:d3:b7:a1:dc:1f:be:59:
05:fe:d6:35:5c:d9:e6:04:22:12:e4:3d:58:fd:79:38:6b:74:
fc:75:75:71:c9:a9:18:e8:a5:30:58:48:dc:34:30:6b:3c:8a:
08:31:07:86:fb:a3:7b:87:f9:0b:09:cf:c9:3d:4b:d2:b0:d5:
42:9b:3f:26:dd:60:0d:41:81:f9:68:ad:87:8a:1c:06:4a:13:
61:21:04:2a:5d:80:cc:4a:76:bb:93:db:c0:39:99:03:16:c8:
a4:0c:48:06:b2:a7:d2:e4:5c:08:8d:44:b4:7b:e2:90:f9:b6:
b7:54:40:07:84:cd:db:65:6c:d9:8d:6f:1b:a2:cc:c6:38:ca:
cb:82:22:ac
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYp5Gsbk61bYinBF8gSEnTy7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMjRkZWZiYWFkZTkzZTk5OGUxM2E5NDIwMjlkZDU5M2I4
YjJlYTMwHhcNMjMwOTA5MDg0MTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGE1OTVmOThhZDc4MzQyOGIzNjZjMzZhZjEyYjJkNGFkMzk1MTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6kuAR1n7FfKeiw4RavBtE4IKa2U
NIKlSEFbmJgmWymiZlkp/FFNTooERyBjgrrFlyhw2xD9yhppuHYc4S0mMsuZ11Si
+O0sRM2gw3tRctSTQ40OYDUPR3VTkyS4gyjIeN6nbk5Yx2afqkYxpZKJqxUYEVsb
He26iFBamFMJNoff6NPvya9R5hxEU77NxMFiJKiTIAhUHVhy7pdvFZIYxkeCZ6nw
6YR5zRmgZJoCeLJT5yhpsm21Fof+Z/pfbkA2S0EC6n33o2gNOivC2qK1Xdgk5GGP
2GvUudDOoctC6vRXhSXKYe7Zq63AGYfliL2fzfO/arJOEVbqOXR+F3QRDQIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFL2llfmK14NCizZsNq8SstStOVEDMB8GA1UdIwQY
MBaAFFMk3vuq3pPpmOE6lCAp3Vk7iy6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2Qt
MzNiNzQ1OTk3NWUwLzEvdmFXVi1ZclhnMEtMTm13MnJ4S3kxSzA1VVFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2QtMzNiNzQ1OTk3NWUw
LzEvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBqQQCAAEwgaIwDAME
ABf8QwMEABf8RAMEABf8RwMEABf8TAMEABf8TzAMAwQBa5aiAwQAa5akMAwDBAFr
lqYDBAFrlqgwDAMEAGuWqwMEAWuWrAMEAGuWrwMEAqLasDAMAwQAot5ZAwQAot5a
AwQBp6AAAwQAp6ADAwQAp6ANAwQAp6ARAwQAp6AVMAwDBAKnoBwDBACnoB4DBAC5
BOEDBAC5oW4DBALGNxwwDQQCAAIwBwMFAyoHUUAwDQYJKoZIhvcNAQELBQADggEB
AKY5rqmiOIHbbkCJho33nRUKG3U3Y8mB27f3iv2Rb/QnxR0482CEjjNSdasL1gre
hrnNaULFtg+vBf/WAFGTL22jTF2Ne5I1lJ8lA62nJ+3Qd6gNVCWw5uNnAtOnaGpc
lNfy8oqldk8StEqiTUPgG1xPpOewb7bC07eh3B++WQX+1jVc2eYEIhLkPVj9eThr
dPx1dXHJqRjopTBYSNw0MGs8iggxB4b7o3uH+QsJz8k9S9Kw1UKbPybdYA1Bgflo
rYeKHAZKE2EhBCpdgMxKdruT28A5mQMWyKQMSAayp9LkXAiNRLR74pD5trdUQAeE
zdtlbNmNbxuizMY4ysuCIqw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:19 2024 by rpki-client on console-fra.rpki-client.org