Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/jhr0sGmV5-uX81xZIDBc9b2nihk.roa
File: jhr0sGmV5-uX81xZIDBc9b2nihk.roa (raw, json)
Hash identifier: GZeN88tcbsg9vHM/O0+RblMuBYfyVEB2UX8ISlP8FfE=
Subject key identifier: 8E:1A:F4:B0:69:95:E7:EB:97:F3:5C:59:20:30:5C:F5:BD:A7:8A:19
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018FC36403B538EEFFEBE67B79F7CC056B1E
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/jhr0sGmV5-uX81xZIDBc9b2nihk.roa
Signing time: Wed 29 May 2024 08:07:42 +0000
ROA not before: Wed 29 May 2024 08:07:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 2.56.109.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a07:9200::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a10:dfc0::/29 maxlen: 29
2a11:580::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 01 Jun 2024 05:38:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c3:64:03:b5:38:ee:ff:eb:e6:7b:79:f7:cc:05:6b:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: May 29 08:07:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e1af4b06995e7eb97f35c5920305cf5bda78a19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:7d:9f:63:9e:81:19:3f:8e:6b:63:3c:04:ba:
30:5c:c3:87:d7:8c:e7:1a:47:59:7a:4c:b1:a7:37:
37:66:3d:b6:05:9d:cb:96:43:6f:a2:e6:1a:94:c2:
be:32:4c:6d:0e:16:53:5a:05:dd:89:fb:07:8b:cd:
25:7d:33:80:8e:94:44:b4:30:c3:82:d6:8a:73:44:
20:3b:b8:d9:df:1b:d8:c0:ea:5c:45:6a:a4:f3:ac:
30:77:bd:f2:41:dd:7c:cc:80:0b:f5:e2:6b:71:1b:
26:e6:9a:09:26:0f:51:41:5f:b6:c3:c0:ca:2a:0a:
9c:56:0e:09:e2:3a:e5:b4:0f:e8:5a:44:b9:2c:5e:
5d:80:c3:88:6f:14:1b:b2:1d:47:f0:f4:1a:09:78:
fb:a4:1f:c4:d8:2c:db:e1:61:4a:92:7d:49:8b:99:
58:d7:02:3c:06:f8:bf:07:f5:71:e2:6b:e4:6c:ad:
4b:b0:a9:c8:bc:0e:77:9a:1e:1e:aa:bc:3c:5f:7e:
1b:35:9a:50:92:1e:24:78:b6:f3:7b:1b:c0:e6:e3:
2e:b7:78:c0:da:d0:84:a7:81:2c:a1:71:f6:98:2d:
84:31:4f:00:8a:4e:c3:70:ec:b9:83:c9:ec:d1:80:
2c:20:6d:bf:cb:9c:33:21:0c:e1:70:b7:23:a4:5e:
a4:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:1A:F4:B0:69:95:E7:EB:97:F3:5C:59:20:30:5C:F5:BD:A7:8A:19
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/jhr0sGmV5-uX81xZIDBc9b2nihk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.81.115.0/24
45.88.136.0/24
45.88.138.0/24
45.94.171.0/24
45.132.180.0/22
45.144.212.0/24
45.151.3.0/24
77.83.37.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.93.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
04:a3:c0:d5:48:bb:0a:3d:d4:26:81:fb:92:a0:94:15:02:f7:
5f:7c:82:9d:f1:54:27:ac:8b:5d:e5:0d:80:3d:96:b2:17:22:
98:3f:bb:ff:da:9f:b8:ea:6f:40:2d:be:6f:21:99:e3:ff:b6:
c3:b2:8b:57:15:a7:7d:76:99:2f:01:e1:93:bb:eb:67:74:a9:
e1:e0:e5:2f:f9:36:0f:6a:bd:18:1c:fc:e2:8e:d9:90:ce:9f:
df:25:86:f2:e7:aa:4e:f2:fb:56:81:0b:56:92:40:6d:cc:fe:
26:c3:3f:73:e4:02:aa:40:af:44:00:24:6a:8d:5a:18:84:19:
9e:d5:0e:27:5f:83:69:4d:d5:1d:bc:31:70:bf:f4:6d:60:98:
db:4a:ce:d1:df:b7:f2:1e:99:37:83:ad:38:82:86:62:75:fb:
b5:6e:ec:1d:8f:6f:4d:38:22:c2:e1:2b:d9:63:4b:73:f5:20:
df:2b:7c:c0:2c:9e:f8:6a:47:b9:f9:0f:2f:52:42:35:11:a6:
ba:83:53:61:57:cd:f4:87:43:6d:a3:ad:fe:06:ce:6e:4f:8a:
79:4d:ac:84:5d:be:71:52:90:32:a8:14:3e:a4:b7:2d:e3:c5:
88:75:30:b9:b0:39:c7:96:19:a3:72:79:5c:b6:50:62:98:dd:
a7:4a:5e:aa
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAY/DZAO1OO7/6+Z7effMBWseMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNTI5MDgwNzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTFhZjRiMDY5OTVlN2ViOTdmMzVjNTkyMDMwNWNmNWJkYTc4YTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgH2fY56BGT+Oa2M8BLowXMOH14zn
GkdZekyxpzc3Zj22BZ3LlkNvouYalMK+MkxtDhZTWgXdifsHi80lfTOAjpREtDDD
gtaKc0QgO7jZ3xvYwOpcRWqk86wwd73yQd18zIAL9eJrcRsm5poJJg9RQV+2w8DK
KgqcVg4J4jrltA/oWkS5LF5dgMOIbxQbsh1H8PQaCXj7pB/E2Czb4WFKkn1Ji5lY
1wI8Bvi/B/Vx4mvkbK1LsKnIvA53mh4eqrw8X34bNZpQkh4keLbzexvA5uMut3jA
2tCEp4EsoXH2mC2EMU8Aik7DcOy5g8ns0YAsIG2/y5wzIQzhcLcjpF6kWQIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFI4a9LBplefrl/NcWSAwXPW9p4oZMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvamhyMHNHbVY1LXVYODF4WklEQmM5YjJuaWhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBjQQCAAEwgYYDBAAC
OG0DBAAFtVQDBAAFtVcDBAAtCR0DBAAtUXMDBAAtWIgDBAAtWIoDBAAtXqsDBAIt
hLQDBAAtkNQDBAAtlwMDBABNUyUDBAG5K/gDBAC5K/sDBAG5yD4DBALBHvADBADB
OSsDBADC8mADBAHC8mIwDAMEAMOxXQMEAMOxXgMEAsPTvDApBAIAAjAjAwUAKgFx
IAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQELBQADggEB
AASjwNVIuwo91CaB+5KglBUC9198gp3xVCesi13lDYA9lrIXIpg/u//an7jqb0At
vm8hmeP/tsOyi1cVp312mS8B4ZO762d0qeHg5S/5Ng9qvRgc/OKO2ZDOn98lhvLn
qk7y+1aBC1aSQG3M/ibDP3PkAqpAr0QAJGqNWhiEGZ7VDidfg2lN1R28MXC/9G1g
mNtKztHft/IemTeDrTiChmJ1+7Vu7B2Pb004IsLhK9ljS3P1IN8rfMAsnvhqR7n5
Dy9SQjURprqDU2FXzfSHQ22jrf4Gzm5PinlNrIRdvnFSkDKoFD6kty3jxYh1MLmw
OceWGaNyeVy2UGKY3adKXqo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org