Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/_jbGpMysQZOK6BkQr9T-vXAnj-w.roa
File: _jbGpMysQZOK6BkQr9T-vXAnj-w.roa (raw, json)
Hash identifier: vxMGMPzxyY52fI2YKUwhF3a3d9D+k3i+QAKmilB7fcI=
Subject key identifier: FE:36:C6:A4:CC:AC:41:93:8A:E8:19:10:AF:D4:FE:BD:70:27:8F:EC
Certificate issuer: /CN=56a4987bf8c6b4cdd657bbc2d0a5e13e9b626cb9
Certificate serial: 018CC493373230240B78EE8E14E4FFF7CC54
Authority key identifier: 56:A4:98:7B:F8:C6:B4:CD:D6:57:BB:C2:D0:A5:E1:3E:9B:62:6C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VqSYe_jGtM3WV7vC0KXhPptibLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/_jbGpMysQZOK6BkQr9T-vXAnj-w.roa
Signing time: Mon 01 Jan 2024 10:30:31 +0000
ROA not before: Mon 01 Jan 2024 10:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25133
IP address blocks: 193.106.80.0/22 maxlen: 22
103.35.160.0/22 maxlen: 22
91.217.144.0/24 maxlen: 24
89.200.232.0/21 maxlen: 21
103.237.44.0/22 maxlen: 22
91.105.207.0/24 maxlen: 24
45.153.208.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 07 Mar 2024 03:58:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:37:32:30:24:0b:78:ee:8e:14:e4:ff:f7:cc:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56a4987bf8c6b4cdd657bbc2d0a5e13e9b626cb9
Validity
Not Before: Jan 1 10:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe36c6a4ccac41938ae81910afd4febd70278fec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:b3:d6:99:22:5e:36:4f:40:6a:2e:13:f3:20:
cd:97:a3:26:5f:d4:ec:2c:07:4c:f6:b7:fa:68:df:
01:10:5b:4a:2e:38:21:e8:8d:3f:fc:e2:0f:c4:e6:
93:aa:1a:6e:58:a3:e3:05:23:31:e3:8d:98:94:ab:
2c:8c:47:40:97:94:95:d6:e8:d8:5e:5f:68:6a:fc:
3b:7c:01:33:de:3d:4f:40:11:12:55:39:fd:26:01:
f2:3a:72:fa:58:2d:66:1c:eb:93:18:8d:3e:58:d5:
e9:ca:dc:c5:41:00:bc:67:3d:e3:e9:31:4f:3e:1d:
8b:a8:f8:96:bb:f6:e8:fe:ec:2b:6d:98:45:36:a8:
44:0f:9e:1c:5c:e8:8e:f4:81:96:99:5b:2a:5e:58:
e4:6d:e2:2d:58:a9:01:b5:d5:72:26:ec:0e:28:6a:
51:6d:ee:d3:42:a4:6f:06:1e:78:35:01:a0:1c:77:
d0:14:f9:8d:44:03:bf:36:00:2f:e1:e2:f0:e7:1d:
ba:08:11:53:92:c9:f0:d5:78:3f:b5:09:be:7b:4c:
d5:50:78:55:76:cf:95:7c:55:f3:15:52:d3:d1:39:
fc:cd:5f:42:4d:50:f1:75:57:77:8c:8d:4e:7a:03:
d5:09:a6:2a:97:74:be:7f:1e:ab:b7:5f:a5:28:16:
9d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:36:C6:A4:CC:AC:41:93:8A:E8:19:10:AF:D4:FE:BD:70:27:8F:EC
X509v3 Authority Key Identifier:
keyid:56:A4:98:7B:F8:C6:B4:CD:D6:57:BB:C2:D0:A5:E1:3E:9B:62:6C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VqSYe_jGtM3WV7vC0KXhPptibLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/_jbGpMysQZOK6BkQr9T-vXAnj-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/VqSYe_jGtM3WV7vC0KXhPptibLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.208.0/22
89.200.232.0/21
91.105.207.0/24
91.217.144.0/24
103.35.160.0/22
103.237.44.0/22
193.106.80.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:cc:92:7a:bb:f2:04:de:17:8b:f7:95:6f:53:fa:12:2c:d7:
c1:12:29:ba:a7:43:c2:9d:aa:9a:dd:5c:24:36:bc:09:4a:79:
49:64:6f:96:e5:d7:76:87:8e:42:43:46:93:c2:a3:69:86:11:
30:3d:e8:1c:22:92:e2:32:35:3e:b8:f6:c1:65:b2:9b:b2:35:
29:a2:17:e4:de:ae:80:09:af:88:23:39:1b:a0:95:77:c6:c9:
9b:4d:be:cb:a5:10:07:6e:12:63:32:59:db:94:4e:72:ee:0e:
d2:c0:19:70:ee:aa:56:4c:3f:10:e1:5b:56:98:c3:56:f9:ee:
9f:9d:d9:e9:46:e3:26:af:8a:4a:56:d8:08:9f:58:96:fb:3d:
9a:20:c2:f7:3b:6e:eb:38:22:03:30:ab:e2:f0:12:fc:6f:4e:
1c:2d:f1:f5:2c:cc:92:89:a6:f1:0a:84:2b:6b:c3:ba:f9:67:
8c:d3:05:58:90:0c:55:78:c7:a3:1e:2c:83:8d:35:d0:57:d2:
07:a0:73:02:f8:9e:cc:75:c0:e6:aa:77:f4:4b:9d:35:ba:3c:
1b:92:ce:6b:27:9a:01:d5:65:4f:0d:56:d6:ca:f5:72:1a:f8:
68:3b:b7:39:51:ef:4c:96:cf:5b:5c:b0:6a:ed:f9:c0:f4:82:
9d:3f:69:85
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzEkzcyMCQLeO6OFOT/98xUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YTQ5ODdiZjhjNmI0Y2RkNjU3YmJjMmQwYTVlMTNlOWI2
MjZjYjkwHhcNMjQwMTAxMTAzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTM2YzZhNGNjYWM0MTkzOGFlODE5MTBhZmQ0ZmViZDcwMjc4ZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5rPWmSJeNk9Aai4T8yDNl6MmX9Ts
LAdM9rf6aN8BEFtKLjgh6I0//OIPxOaTqhpuWKPjBSMx442YlKssjEdAl5SV1ujY
Xl9oavw7fAEz3j1PQBESVTn9JgHyOnL6WC1mHOuTGI0+WNXpytzFQQC8Zz3j6TFP
Ph2LqPiWu/bo/uwrbZhFNqhED54cXOiO9IGWmVsqXljkbeItWKkBtdVyJuwOKGpR
be7TQqRvBh54NQGgHHfQFPmNRAO/NgAv4eLw5x26CBFTksnw1Xg/tQm+e0zVUHhV
ds+VfFXzFVLT0Tn8zV9CTVDxdVd3jI1OegPVCaYql3S+fx6rt1+lKBadTwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFP42xqTMrEGTiugZEK/U/r1wJ4/sMB8GA1UdIwQY
MBaAFFakmHv4xrTN1le7wtCl4T6bYmy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnFTWWVfakd0TTNXVjd2QzBLWGhQcHRpYkxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84ODA5ZGQtNjY3YS00MDQ3LTgxMDQt
ZGU1ODY5OGI2NDcwLzEvX2piR3BNeXNRWk9LNkJrUXI5VC12WEFuai13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi84ODA5ZGQtNjY3YS00MDQ3LTgxMDQtZGU1ODY5OGI2NDcw
LzEvVnFTWWVfakd0TTNXVjd2QzBLWGhQcHRpYkxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLZnQAwQD
WcjoAwQAW2nPAwQAW9mQAwQCZyOgAwQCZ+0sAwQCwWpQMA0GCSqGSIb3DQEBCwUA
A4IBAQCozJJ6u/IE3heL95VvU/oSLNfBEim6p0PCnaqa3VwkNrwJSnlJZG+W5dd2
h45CQ0aTwqNphhEwPegcIpLiMjU+uPbBZbKbsjUpohfk3q6ACa+IIzkboJV3xsmb
Tb7LpRAHbhJjMlnblE5y7g7SwBlw7qpWTD8Q4VtWmMNW+e6fndnpRuMmr4pKVtgI
n1iW+z2aIML3O27rOCIDMKvi8BL8b04cLfH1LMySiabxCoQra8O6+WeM0wVYkAxV
eMejHiyDjTXQV9IHoHMC+J7MdcDmqnf0S501ujwbks5rJ5oB1WVPDVbWyvVyGvho
O7c5Ue9Mls9bXLBq7fnA9IKdP2mF
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:22 2024 by rpki-client on console-ams.rpki-client.org