Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/Jmw7WXkJ5J3o6C_a5u_1lV5Gsmk.roa
File: Jmw7WXkJ5J3o6C_a5u_1lV5Gsmk.roa (raw, json)
Hash identifier: jjc7y9z65pwjr9NdcimuLZ7KBmMDJqmswGKZahE4j2c=
Subject key identifier: 26:6C:3B:59:79:09:E4:9D:E8:E8:2F:DA:E6:EF:F5:95:5E:46:B2:69
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 018F57E1A5AA27183BC33143E2B18740E6C0
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/Jmw7WXkJ5J3o6C_a5u_1lV5Gsmk.roa
Signing time: Wed 08 May 2024 11:05:56 +0000
ROA not before: Wed 08 May 2024 11:05:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 2.96.0.0/13 maxlen: 24
62.3.192.0/18 maxlen: 24
62.24.128.0/17 maxlen: 24
62.241.160.0/19 maxlen: 24
78.144.0.0/13 maxlen: 24
79.77.0.0/16 maxlen: 24
79.78.0.0/15 maxlen: 24
80.40.0.0/13 maxlen: 24
81.1.64.0/18 maxlen: 24
81.6.192.0/18 maxlen: 24
81.86.0.0/16 maxlen: 24
81.170.0.0/17 maxlen: 24
81.178.0.0/15 maxlen: 24
82.133.0.0/17 maxlen: 24
83.67.0.0/16 maxlen: 24
84.12.0.0/16 maxlen: 24
84.43.0.0/17 maxlen: 24
87.242.128.0/17 maxlen: 24
89.168.128.0/17 maxlen: 24
89.240.0.0/14 maxlen: 24
91.146.112.0/21 maxlen: 24
92.5.0.0/16 maxlen: 24
92.6.0.0/15 maxlen: 24
92.8.0.0/13 maxlen: 24
92.16.0.0/12 maxlen: 24
145.255.240.0/21 maxlen: 24
185.24.12.0/22 maxlen: 24
185.112.212.0/22 maxlen: 24
185.173.116.0/22 maxlen: 24
185.173.120.0/22 maxlen: 24
185.175.48.0/22 maxlen: 24
185.175.144.0/22 maxlen: 24
193.218.99.0/24 maxlen: 24
194.106.32.0/19 maxlen: 24
194.247.224.0/19 maxlen: 24
195.112.0.0/18 maxlen: 24
195.137.0.0/17 maxlen: 24
195.149.0.0/18 maxlen: 24
212.1.128.0/19 maxlen: 24
212.67.96.0/19 maxlen: 24
212.74.96.0/19 maxlen: 24
212.139.0.0/16 maxlen: 24
212.159.128.0/18 maxlen: 24
213.78.0.0/16 maxlen: 24
213.208.64.0/18 maxlen: 24
217.8.0.0/19 maxlen: 24
217.68.128.0/20 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Sep 2024 10:17:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:57:e1:a5:aa:27:18:3b:c3:31:43:e2:b1:87:40:e6:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: May 8 11:05:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=266c3b597909e49de8e82fdae6eff5955e46b269
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ff:1b:b5:19:e1:44:0d:8c:f9:7e:0d:cb:60:
4e:f5:2e:43:19:52:ec:91:b1:2a:c4:bd:4b:be:29:
67:c8:fd:ad:f0:d6:26:59:21:93:bb:8f:cb:ac:5b:
e5:97:8e:75:c1:44:74:3e:b9:0b:eb:ff:b8:4a:5a:
e0:6b:cb:76:1b:4d:14:7d:3a:05:1e:54:e7:89:28:
1d:76:d4:ca:c6:48:d4:ee:96:38:71:be:4a:dd:dc:
ef:6a:43:31:c9:ed:c5:a2:c3:ae:2d:34:4c:ca:11:
ff:07:83:a1:8b:ae:66:16:d2:63:20:35:e4:f6:98:
24:16:75:bd:e9:90:e5:cc:3f:87:c4:a4:59:47:a1:
40:a0:70:f5:26:e7:ba:17:a1:69:e3:4f:7e:7a:94:
6d:e2:a3:34:ab:58:f9:fc:82:6b:a6:2a:78:2c:93:
35:0d:b7:5c:f1:9b:87:8f:78:10:0b:37:4f:13:83:
d9:c4:1c:50:b0:93:0f:8b:2e:f4:27:76:10:93:b7:
53:02:33:5d:4c:84:99:2a:ae:ac:51:b3:bf:73:b1:
45:c2:ef:98:e1:2d:50:98:cc:af:24:cc:2d:11:b8:
d8:c3:3c:31:82:2c:de:2b:9d:1e:72:76:1d:f1:aa:
83:20:84:d0:9e:f0:df:5c:9c:53:a4:57:89:41:1e:
55:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:6C:3B:59:79:09:E4:9D:E8:E8:2F:DA:E6:EF:F5:95:5E:46:B2:69
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/Jmw7WXkJ5J3o6C_a5u_1lV5Gsmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.96.0.0/13
62.3.192.0/18
62.24.128.0/17
62.241.160.0/19
78.144.0.0/13
79.77.0.0-79.79.255.255
80.40.0.0/13
81.1.64.0/18
81.6.192.0/18
81.86.0.0/16
81.170.0.0/17
81.178.0.0/15
82.133.0.0/17
83.67.0.0/16
84.12.0.0/16
84.43.0.0/17
87.242.128.0/17
89.168.128.0/17
89.240.0.0/14
91.146.112.0/21
92.5.0.0-92.31.255.255
145.255.240.0/21
185.24.12.0/22
185.112.212.0/22
185.173.116.0-185.173.123.255
185.175.48.0/22
185.175.144.0/22
193.218.99.0/24
194.106.32.0/19
194.247.224.0/19
195.112.0.0/18
195.137.0.0/17
195.149.0.0/18
212.1.128.0/19
212.67.96.0/19
212.74.96.0/19
212.139.0.0/16
212.159.128.0/18
213.78.0.0/16
213.208.64.0/18
217.8.0.0/19
217.68.128.0/20
Signature Algorithm: sha256WithRSAEncryption
3e:b1:fe:0a:61:a1:d1:bb:ce:cc:25:3e:85:21:f4:1f:d6:22:
c8:7f:f7:c2:17:3d:c7:d9:82:d8:83:d5:ed:a2:3f:f4:6e:26:
fa:0e:82:98:79:dd:ef:ff:19:84:27:4e:e1:48:94:bb:08:26:
f9:7f:58:85:14:b4:a3:62:3b:df:26:2e:6d:e1:c3:bf:66:e7:
9b:79:e7:10:72:2a:63:6d:08:da:f2:1b:13:37:af:2d:fb:05:
2b:2b:01:d3:9e:57:06:2b:97:37:f8:bb:c4:b5:71:66:aa:aa:
11:b5:29:f3:f1:40:5b:50:c8:ed:30:80:8d:68:81:de:08:3a:
40:62:00:4b:ac:ba:23:5f:95:04:88:03:ad:f3:33:f4:f0:85:
57:79:29:f9:a5:50:ce:61:e3:fe:74:f1:18:3e:da:6a:c8:da:
bb:88:7d:03:16:fc:df:69:b3:b5:52:cb:93:77:d5:07:ca:b3:
a3:bb:9d:57:86:c0:74:36:0d:4f:d5:64:8e:d0:89:4f:c9:f4:
4d:5b:e9:7e:b5:e7:bb:c0:e2:4e:ce:a3:a5:a3:a0:73:f9:46:
3e:f3:45:b1:90:81:ac:65:f0:d5:cd:31:85:4d:51:24:91:ff:
41:a1:c4:51:2a:28:59:af:0d:ad:81:18:ed:cc:ca:91:7c:c2:
3b:45:40:ab
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgISAY9X4aWqJxg7wzFD4rGHQObAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjQwNTA4MTEwNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjZjM2I1OTc5MDllNDlkZThlODJmZGFlNmVmZjU5NTVlNDZiMjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwP8btRnhRA2M+X4Ny2BO9S5DGVLs
kbEqxL1LvilnyP2t8NYmWSGTu4/LrFvll451wUR0PrkL6/+4Slrga8t2G00UfToF
HlTniSgddtTKxkjU7pY4cb5K3dzvakMxye3FosOuLTRMyhH/B4Ohi65mFtJjIDXk
9pgkFnW96ZDlzD+HxKRZR6FAoHD1Jue6F6Fp409+epRt4qM0q1j5/IJrpip4LJM1
Dbdc8ZuHj3gQCzdPE4PZxBxQsJMPiy70J3YQk7dTAjNdTISZKq6sUbO/c7FFwu+Y
4S1QmMyvJMwtEbjYwzwxgizeK50ecnYd8aqDIITQnvDfXJxTpFeJQR5VKQIDAQAB
o4IDEzCCAw8wHQYDVR0OBBYEFCZsO1l5CeSd6Ogv2ubv9ZVeRrJpMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvSm13N1dYa0o1SjNvNkNfYTV1XzFsVjVHc21rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJwYIKwYBBQUHAQcBAf8EggEWMIIBEjCCAQ4EAgABMIIB
BgMDAwJgAwQGPgPAAwQHPhiAAwQFPvGgAwMDTpAwCgMDAE9NAwMET0ADAwNQKAME
BlEBQAMEBlEGwAMDAFFWAwQHUaoAAwMBUbIDBAdShQADAwBTQwMDAFQMAwQHVCsA
AwQHV/KAAwQHWaiAAwMCWfADBANbknAwCgMDAFwFAwMFXAADBAOR//ADBAK5GAwD
BAK5cNQwDAMEArmtdAMEArmteAMEArmvMAMEArmvkAMEAMHaYwMEBcJqIAMEBcL3
4AMEBsNwAAMEB8OJAAMEBsOVAAMEBdQBgAMEBdRDYAMEBdRKYAMDANSLAwQG1J+A
AwMA1U4DBAbV0EADBAXZCAADBATZRIAwDQYJKoZIhvcNAQELBQADggEBAD6x/gph
odG7zswlPoUh9B/WIsh/98IXPcfZgtiD1e2iP/RuJvoOgph53e//GYQnTuFIlLsI
Jvl/WIUUtKNiO98mLm3hw79m55t55xByKmNtCNryGxM3ry37BSsrAdOeVwYrlzf4
u8S1cWaqqhG1KfPxQFtQyO0wgI1ogd4IOkBiAEusuiNflQSIA63zM/TwhVd5Kfml
UM5h4/508Rg+2mrI2ruIfQMW/N9ps7VSy5N31QfKs6O7nVeGwHQ2DU/VZI7QiU/J
9E1b6X6157vA4k7Oo6WjoHP5Rj7zRbGQgaxl8NXNMYVNUSSR/0GhxFEqKFmvDa2B
GO3MypF8wjtFQKs=
-----END CERTIFICATE-----
Generated at Fri Sep 27 13:21:08 2024 by rpki-client on console-fra.rpki-client.org