Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/CJjVGJuE56HqwA6LONqSB3imPKQ.roa
File: CJjVGJuE56HqwA6LONqSB3imPKQ.roa (raw, json)
Hash identifier: I71lyC7cR7b8W6pR2edZFvAiOwWkimihyEkvl/DyGAU=
Subject key identifier: 08:98:D5:18:9B:84:E7:A1:EA:C0:0E:8B:38:DA:92:07:78:A6:3C:A4
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018A26CA32E6B9A34927DAA69EB6FB0286A5
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/CJjVGJuE56HqwA6LONqSB3imPKQ.roa
Signing time: Thu 24 Aug 2023 09:05:00 +0000
ROA not before: Thu 24 Aug 2023 09:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210906
IP address blocks: 159.148.26.0/24 maxlen: 24
85.254.138.0/23 maxlen: 23
85.254.137.0/24 maxlen: 24
85.254.134.0/24 maxlen: 24
85.254.140.0/24 maxlen: 24
85.254.174.0/23 maxlen: 23
85.254.178.0/23 maxlen: 23
85.254.180.0/23 maxlen: 23
85.254.84.0/23 maxlen: 23
85.254.103.0/24 maxlen: 24
85.254.104.0/22 maxlen: 22
85.254.112.0/22 maxlen: 22
85.254.108.0/22 maxlen: 22
85.254.116.0/22 maxlen: 22
85.254.124.0/23 maxlen: 23
85.254.122.0/23 maxlen: 23
85.254.128.0/22 maxlen: 22
85.254.126.0/24 maxlen: 24
217.69.125.0/24 maxlen: 24
217.69.121.0/24 maxlen: 24
217.69.127.0/24 maxlen: 24
217.69.126.0/24 maxlen: 24
85.254.29.0/24 maxlen: 24
85.254.30.0/24 maxlen: 24
85.254.42.0/23 maxlen: 23
85.254.40.0/24 maxlen: 24
85.254.51.0/24 maxlen: 24
85.254.59.0/24 maxlen: 24
85.254.62.0/23 maxlen: 23
85.254.64.0/23 maxlen: 23
85.254.76.0/22 maxlen: 22
85.254.4.0/24 maxlen: 24
85.254.2.0/24 maxlen: 24
85.254.8.0/21 maxlen: 21
85.254.7.0/24 maxlen: 24
159.148.109.0/24 maxlen: 24
159.148.126.0/24 maxlen: 24
159.148.130.0/24 maxlen: 24
159.148.128.0/24 maxlen: 24
159.148.138.0/24 maxlen: 24
159.148.150.0/24 maxlen: 24
159.148.157.0/24 maxlen: 24
159.148.158.0/24 maxlen: 24
159.148.54.0/24 maxlen: 24
159.148.62.0/24 maxlen: 24
159.148.66.0/24 maxlen: 24
159.148.216.0/24 maxlen: 24
159.148.218.0/24 maxlen: 24
159.148.236.0/24 maxlen: 24
159.148.239.0/24 maxlen: 24
159.148.234.0/24 maxlen: 24
159.148.246.0/23 maxlen: 23
159.148.241.0/24 maxlen: 24
159.148.248.0/24 maxlen: 24
185.27.93.0/24 maxlen: 24
185.27.94.0/24 maxlen: 24
185.27.92.0/24 maxlen: 24
185.27.95.0/24 maxlen: 24
159.148.163.0/24 maxlen: 24
159.148.169.0/24 maxlen: 24
159.148.166.0/23 maxlen: 23
159.148.179.0/24 maxlen: 24
159.148.177.0/24 maxlen: 24
159.148.180.0/24 maxlen: 24
159.148.204.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:26:ca:32:e6:b9:a3:49:27:da:a6:9e:b6:fb:02:86:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Aug 24 09:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0898d5189b84e7a1eac00e8b38da920778a63ca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:27:15:22:aa:5d:22:a2:f7:5a:40:2a:f7:9a:
a2:69:dc:51:99:dc:b8:cd:30:37:f8:5f:14:e1:ce:
8f:c8:bf:87:62:e1:dc:ea:6e:af:dc:cb:9c:8b:43:
1f:f7:7c:54:99:7b:68:e4:80:4e:e3:04:cf:6b:4b:
40:5e:1f:e4:8e:d8:63:07:b3:cf:b4:2c:0a:3c:96:
14:96:13:31:c8:7e:f6:55:5d:34:78:72:5c:2b:e1:
ac:05:73:79:42:ff:4b:5b:f4:14:45:46:c7:6c:42:
25:9c:a7:b9:09:15:b5:b2:58:46:a9:17:c6:ca:89:
95:4c:1f:ea:11:23:e5:73:3f:5b:80:21:54:ec:87:
9c:24:52:3a:f6:d7:e7:f7:80:3d:31:2b:16:fc:4f:
37:3c:fe:4c:6a:7c:c6:07:58:69:fb:56:b9:eb:e4:
b2:e5:d2:34:3a:7c:c7:9e:02:10:66:1d:7b:6d:70:
5c:dd:21:9e:e6:3d:c8:bf:4f:c5:59:f0:cd:a4:9e:
82:27:cf:8a:42:ec:96:86:82:50:dc:c8:a7:cb:95:
a1:f7:f7:b4:12:da:f2:0e:7d:8f:a5:57:26:ea:4c:
85:c4:d3:f3:de:cf:3d:cc:65:45:bb:39:b8:33:6d:
79:ef:f1:7a:3b:66:f8:35:d1:84:f2:bf:32:33:89:
ad:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:98:D5:18:9B:84:E7:A1:EA:C0:0E:8B:38:DA:92:07:78:A6:3C:A4
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/CJjVGJuE56HqwA6LONqSB3imPKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.2.0/24
85.254.4.0/24
85.254.7.0-85.254.15.255
85.254.29.0-85.254.30.255
85.254.40.0/24
85.254.42.0/23
85.254.51.0/24
85.254.59.0/24
85.254.62.0-85.254.65.255
85.254.76.0/22
85.254.84.0/23
85.254.103.0-85.254.119.255
85.254.122.0-85.254.126.255
85.254.128.0/22
85.254.134.0/24
85.254.137.0-85.254.140.255
85.254.174.0/23
85.254.178.0-85.254.181.255
159.148.26.0/24
159.148.54.0/24
159.148.62.0/24
159.148.66.0/24
159.148.109.0/24
159.148.126.0/24
159.148.128.0/24
159.148.130.0/24
159.148.138.0/24
159.148.150.0/24
159.148.157.0-159.148.158.255
159.148.163.0/24
159.148.166.0/23
159.148.169.0/24
159.148.177.0/24
159.148.179.0-159.148.180.255
159.148.204.0/24
159.148.216.0/24
159.148.218.0/24
159.148.234.0/24
159.148.236.0/24
159.148.239.0/24
159.148.241.0/24
159.148.246.0-159.148.248.255
185.27.92.0/22
217.69.121.0/24
217.69.125.0-217.69.127.255
Signature Algorithm: sha256WithRSAEncryption
87:28:63:22:5f:c4:75:1c:55:47:d3:3d:00:a8:75:d8:40:63:
41:1b:74:ed:07:ea:4d:41:f0:8a:a3:8c:0b:61:27:e2:69:ff:
2b:74:20:a8:05:e8:a4:e8:87:17:18:27:38:71:3a:82:30:b3:
74:07:72:06:c8:53:c8:da:55:48:6f:a9:6d:72:55:2b:3b:ed:
86:a7:45:51:d1:66:df:02:81:66:fd:60:1b:67:f9:1c:c0:31:
a4:fc:6f:2b:00:88:e1:57:10:bb:17:fb:a6:f0:00:57:e0:97:
4f:0b:34:db:ed:e6:30:3a:c4:47:e8:82:77:6e:c9:46:ac:7c:
de:07:53:53:e5:cb:1c:8d:7a:c7:f0:93:59:7c:79:bc:58:50:
14:cf:3a:b6:e9:e8:8b:06:7e:0b:46:20:df:da:88:0e:7b:11:
63:f7:55:94:f6:94:cb:7e:98:c2:d2:3e:9a:c1:2d:35:47:38:
f4:09:e3:90:7d:f7:3b:1d:ea:f0:c1:ed:36:d1:b4:03:8e:ca:
f5:d0:93:9c:d2:96:69:b2:96:72:c4:51:cc:a1:12:53:75:79:
5d:ed:89:f4:43:8a:51:51:bb:de:55:c6:b7:76:08:c6:75:1c:
fb:e1:e4:ee:ec:54:26:07:8d:ba:28:e6:9d:f0:7e:e3:10:a8:
fe:2f:db:23
-----BEGIN CERTIFICATE-----
MIIGZzCCBU+gAwIBAgISAYomyjLmuaNJJ9qmnrb7AoalMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwODI0MDkwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODk4ZDUxODliODRlN2ExZWFjMDBlOGIzOGRhOTIwNzc4YTYzY2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqycVIqpdIqL3WkAq95qiadxRmdy4
zTA3+F8U4c6PyL+HYuHc6m6v3Muci0Mf93xUmXto5IBO4wTPa0tAXh/kjthjB7PP
tCwKPJYUlhMxyH72VV00eHJcK+GsBXN5Qv9LW/QURUbHbEIlnKe5CRW1slhGqRfG
yomVTB/qESPlcz9bgCFU7IecJFI69tfn94A9MSsW/E83PP5ManzGB1hp+1a56+Sy
5dI0OnzHngIQZh17bXBc3SGe5j3Iv0/FWfDNpJ6CJ8+KQuyWhoJQ3Miny5Wh9/e0
EtryDn2PpVcm6kyFxNPz3s89zGVFuzm4M2157/F6O2b4NdGE8r8yM4mt/QIDAQAB
o4IDczCCA28wHQYDVR0OBBYEFAiY1RibhOeh6sAOizjakgd4pjykMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvQ0pqVkdKdUU1Nkhxd0E2TE9OcVNCM2ltUEtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhwYIKwYBBQUHAQcBAf8EggF2MIIBcjCCAW4EAgABMIIB
ZgMEAFX+AgMEAFX+BDAMAwQAVf4HAwQEVf4AMAwDBABV/h0DBABV/h4DBABV/igD
BAFV/ioDBABV/jMDBABV/jswDAMEAVX+PgMEAVX+QAMEAlX+TAMEAVX+VDAMAwQA
Vf5nAwQDVf5wMAwDBAFV/noDBABV/n4DBAJV/oADBABV/oYwDAMEAFX+iQMEAFX+
jAMEAVX+rjAMAwQBVf6yAwQBVf60AwQAn5QaAwQAn5Q2AwQAn5Q+AwQAn5RCAwQA
n5RtAwQAn5R+AwQAn5SAAwQAn5SCAwQAn5SKAwQAn5SWMAwDBACflJ0DBACflJ4D
BACflKMDBAGflKYDBACflKkDBACflLEwDAMEAJ+UswMEAJ+UtAMEAJ+UzAMEAJ+U
2AMEAJ+U2gMEAJ+U6gMEAJ+U7AMEAJ+U7wMEAJ+U8TAMAwQBn5T2AwQAn5T4AwQC
uRtcAwQA2UV5MAwDBADZRX0DBAfZRQAwDQYJKoZIhvcNAQELBQADggEBAIcoYyJf
xHUcVUfTPQCoddhAY0EbdO0H6k1B8IqjjAthJ+Jp/yt0IKgF6KTohxcYJzhxOoIw
s3QHcgbIU8jaVUhvqW1yVSs77YanRVHRZt8CgWb9YBtn+RzAMaT8bysAiOFXELsX
+6bwAFfgl08LNNvt5jA6xEfognduyUasfN4HU1PlyxyNesfwk1l8ebxYUBTPOrbp
6IsGfgtGIN/aiA57EWP3VZT2lMt+mMLSPprBLTVHOPQJ45B99zsd6vDB7TbRtAOO
yvXQk5zSlmmylnLEUcyhElN1eV3tifRDilFRu95Vxrd2CMZ1HPvh5O7sVCYHjboo
5p3wfuMQqP4v2yM=
-----END CERTIFICATE-----
Generated at Wed Aug 30 09:52:25 2023 by rpki-client on console-ams.rpki-client.org