Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/BuNjtiZ0NOKaS2_kLg5tNiNirkw.roa
File: BuNjtiZ0NOKaS2_kLg5tNiNirkw.roa (raw, json)
Hash identifier: Qw0C12LGzPsDmjQCaVVHeAfabR5kryCLipm/KHqkdnY=
Subject key identifier: 06:E3:63:B6:26:74:34:E2:9A:4B:6F:E4:2E:0E:6D:36:23:62:AE:4C
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 018DECA367B943084380773638C1DD14B5DE
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/BuNjtiZ0NOKaS2_kLg5tNiNirkw.roa
Signing time: Tue 27 Feb 2024 22:15:48 +0000
ROA not before: Tue 27 Feb 2024 22:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 46.33.64.0/19 maxlen: 24
62.41.0.0/20 maxlen: 24
62.41.16.0/21 maxlen: 24
62.41.24.0/22 maxlen: 24
62.41.32.0/24 maxlen: 24
62.41.37.0/24 maxlen: 24
62.41.56.0/21 maxlen: 24
62.41.64.0/20 maxlen: 24
62.41.80.0/22 maxlen: 24
62.41.84.0/23 maxlen: 24
62.41.102.0/24 maxlen: 24
62.41.160.0/24 maxlen: 24
62.132.0.0/22 maxlen: 22
62.132.16.0/22 maxlen: 22
62.132.24.0/23 maxlen: 23
62.132.28.0/24 maxlen: 24
62.132.42.0/23 maxlen: 23
62.132.114.0/23 maxlen: 23
62.132.116.0/23 maxlen: 23
62.132.132.0/23 maxlen: 23
77.67.0.0/17 maxlen: 24
77.77.128.0/18 maxlen: 24
87.119.64.0/18 maxlen: 24
89.149.128.0/18 maxlen: 24
92.71.0.0/17 maxlen: 17
92.71.128.0/18 maxlen: 18
134.222.0.0/16 maxlen: 16
141.136.96.0/20 maxlen: 20
185.160.40.0/22 maxlen: 22
192.16.202.0/24 maxlen: 24
192.54.104.0/24 maxlen: 24
192.67.190.0/23 maxlen: 23
192.67.192.0/22 maxlen: 22
192.67.196.0/24 maxlen: 24
192.129.32.0/23 maxlen: 23
192.129.36.0/24 maxlen: 24
192.129.43.0/24 maxlen: 24
192.129.44.0/24 maxlen: 24
192.129.46.0/23 maxlen: 23
192.129.48.0/23 maxlen: 23
192.129.54.0/24 maxlen: 24
192.129.56.0/23 maxlen: 24
193.141.0.0/23 maxlen: 23
193.141.2.0/24 maxlen: 24
193.141.40.0/22 maxlen: 22
193.141.44.0/23 maxlen: 23
193.141.140.0/23 maxlen: 23
193.242.80.0/20 maxlen: 20
194.41.62.0/24 maxlen: 24
194.45.4.0/23 maxlen: 23
194.45.12.0/23 maxlen: 23
194.45.47.0/24 maxlen: 24
194.45.98.0/23 maxlen: 23
194.45.182.0/23 maxlen: 23
194.120.0.0/24 maxlen: 24
194.120.43.0/24 maxlen: 24
194.120.112.0/22 maxlen: 22
194.120.120.0/22 maxlen: 22
194.121.52.0/22 maxlen: 22
194.121.104.0/23 maxlen: 23
194.121.123.0/24 maxlen: 24
194.121.203.0/24 maxlen: 24
194.121.220.0/22 maxlen: 22
194.122.76.0/22 maxlen: 22
194.122.80.0/21 maxlen: 21
194.122.120.0/21 maxlen: 21
194.122.224.0/20 maxlen: 20
194.122.248.0/22 maxlen: 22
194.123.122.0/24 maxlen: 24
194.123.164.0/24 maxlen: 24
195.143.0.0/16 maxlen: 24
212.0.224.0/19 maxlen: 19
212.1.0.0/19 maxlen: 19
212.14.64.0/19 maxlen: 19
212.27.160.0/19 maxlen: 19
212.56.0.0/19 maxlen: 19
212.81.64.0/18 maxlen: 18
212.115.128.0/18 maxlen: 24
212.189.0.0/17 maxlen: 17
212.221.0.0/17 maxlen: 24
212.222.0.0/16 maxlen: 24
213.200.64.0/18 maxlen: 18
213.251.0.0/18 maxlen: 24
213.254.192.0/18 maxlen: 24
217.114.112.0/20 maxlen: 20
217.117.160.0/20 maxlen: 20
217.118.112.0/20 maxlen: 20
217.195.224.0/19 maxlen: 19
2001:668::/29 maxlen: 64
2001:680::/32 maxlen: 32
2001:680:12::/48 maxlen: 48
2001:680:16::/48 maxlen: 48
2001:680:19::/48 maxlen: 48
2001:680:20::/48 maxlen: 48
2a00:1750::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 09 Apr 2024 13:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ec:a3:67:b9:43:08:43:80:77:36:38:c1:dd:14:b5:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Feb 27 22:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06e363b6267434e29a4b6fe42e0e6d362362ae4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:3e:2b:f9:a5:db:c6:35:81:e3:57:b5:19:75:
f8:ce:ee:b0:73:25:56:38:49:02:fc:1c:fd:cf:b3:
5e:a2:a2:1d:5a:a5:62:74:ca:bd:7f:e6:72:95:1b:
57:89:cf:4f:fa:81:40:ab:68:65:a4:d9:ce:8e:db:
61:02:1d:45:8e:73:1b:ab:5b:05:0c:86:65:bc:18:
43:64:fe:85:83:7a:63:7d:54:cc:27:bd:ec:3a:33:
30:ee:82:94:07:18:8a:c7:ae:2d:da:5b:0c:87:66:
ad:1c:ea:30:db:7a:f8:c0:fc:f5:8d:17:97:08:a7:
5f:d4:a1:23:0a:05:47:42:bb:c4:d3:d9:82:64:e7:
74:c5:10:a1:22:9c:f0:4b:cf:9b:7e:72:1e:00:62:
a0:b1:71:2b:1c:46:8b:7f:8f:f1:2a:77:b4:2f:6e:
fa:d3:11:28:4b:2b:81:08:61:a5:d1:5f:63:4e:6d:
17:80:8d:12:4b:c0:80:5e:c7:ca:5f:73:8d:e3:31:
74:62:75:eb:57:e8:f3:a9:27:55:20:43:f0:bc:99:
3a:f7:a0:1d:a6:22:63:67:82:f4:1a:f2:76:2b:77:
7c:ec:8f:66:39:8b:e7:27:da:b1:1c:ea:ad:d0:97:
70:88:8a:45:75:a1:05:eb:cb:4b:11:4d:b5:66:c6:
4a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:E3:63:B6:26:74:34:E2:9A:4B:6F:E4:2E:0E:6D:36:23:62:AE:4C
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/BuNjtiZ0NOKaS2_kLg5tNiNirkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.33.64.0/19
62.41.0.0-62.41.27.255
62.41.32.0/24
62.41.37.0/24
62.41.56.0-62.41.85.255
62.41.102.0/24
62.41.160.0/24
62.132.0.0/22
62.132.16.0/22
62.132.24.0/23
62.132.28.0/24
62.132.42.0/23
62.132.114.0-62.132.117.255
62.132.132.0/23
77.67.0.0/17
77.77.128.0/18
87.119.64.0/18
89.149.128.0/18
92.71.0.0-92.71.191.255
134.222.0.0/16
141.136.96.0/20
185.160.40.0/22
192.16.202.0/24
192.54.104.0/24
192.67.190.0-192.67.196.255
192.129.32.0/23
192.129.36.0/24
192.129.43.0-192.129.44.255
192.129.46.0-192.129.49.255
192.129.54.0/24
192.129.56.0/23
193.141.0.0-193.141.2.255
193.141.40.0-193.141.45.255
193.141.140.0/23
193.242.80.0/20
194.41.62.0/24
194.45.4.0/23
194.45.12.0/23
194.45.47.0/24
194.45.98.0/23
194.45.182.0/23
194.120.0.0/24
194.120.43.0/24
194.120.112.0/22
194.120.120.0/22
194.121.52.0/22
194.121.104.0/23
194.121.123.0/24
194.121.203.0/24
194.121.220.0/22
194.122.76.0-194.122.87.255
194.122.120.0/21
194.122.224.0/20
194.122.248.0/22
194.123.122.0/24
194.123.164.0/24
195.143.0.0/16
212.0.224.0-212.1.31.255
212.14.64.0/19
212.27.160.0/19
212.56.0.0/19
212.81.64.0/18
212.115.128.0/18
212.189.0.0/17
212.221.0.0/17
212.222.0.0/16
213.200.64.0/18
213.251.0.0/18
213.254.192.0/18
217.114.112.0/20
217.117.160.0/20
217.118.112.0/20
217.195.224.0/19
IPv6:
2001:668::/29
2001:680::/32
2a00:1750::/32
Signature Algorithm: sha256WithRSAEncryption
64:76:70:9b:b1:bb:4e:be:07:43:8d:9b:8d:bf:a6:6c:9c:80:
1f:9c:bd:58:54:eb:8f:24:a3:a3:08:37:88:df:68:ee:c5:57:
65:7d:de:a2:c0:60:5c:98:e8:c4:74:b3:69:d3:d3:37:4d:22:
ed:77:d5:17:bf:ed:d2:c6:97:0b:28:7d:08:2a:1d:90:d0:bf:
f3:07:a0:81:46:a1:fa:bf:82:67:8a:1c:39:89:be:76:05:b8:
46:e0:68:b7:f1:ea:b2:d8:7f:a7:76:cb:ef:5f:dd:f8:b8:94:
ae:34:10:24:de:d5:d8:b9:75:3b:44:bd:0c:2c:26:3f:e0:57:
45:4a:c2:ea:da:cd:12:9e:5a:4c:41:98:80:32:68:66:86:73:
84:3b:2a:df:df:07:39:cb:4e:1b:32:a3:51:a0:3f:d8:cc:86:
9b:66:a5:8d:ad:ff:b2:1b:9d:da:cc:47:91:17:cf:28:3a:1b:
07:7b:f6:ef:50:5a:d5:f5:75:41:54:64:36:88:2e:8d:05:5b:
25:c0:65:09:84:9b:b6:2a:2e:64:ca:25:01:64:1a:71:37:31:
e3:ba:8e:fc:9a:4d:ef:64:0b:0a:1b:ee:36:ba:b5:d4:5c:f0:
17:9a:47:8f:1a:b9:c7:cb:bc:e2:20:23:18:05:78:d3:ff:5e:
9e:25:58:9d
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgISAY3so2e5QwhDgHc2OMHdFLXeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjQwMjI3MjIxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmUzNjNiNjI2NzQzNGUyOWE0YjZmZTQyZTBlNmQzNjIzNjJhZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlj4r+aXbxjWB41e1GXX4zu6wcyVW
OEkC/Bz9z7NeoqIdWqVidMq9f+ZylRtXic9P+oFAq2hlpNnOjtthAh1FjnMbq1sF
DIZlvBhDZP6Fg3pjfVTMJ73sOjMw7oKUBxiKx64t2lsMh2atHOow23r4wPz1jReX
CKdf1KEjCgVHQrvE09mCZOd0xRChIpzwS8+bfnIeAGKgsXErHEaLf4/xKne0L276
0xEoSyuBCGGl0V9jTm0XgI0SS8CAXsfKX3ON4zF0YnXrV+jzqSdVIEPwvJk696Ad
piJjZ4L0GvJ2K3d87I9mOYvnJ9qxHOqt0JdwiIpFdaEF68tLEU21ZsZKFwIDAQAB
o4IEMjCCBC4wHQYDVR0OBBYEFAbjY7YmdDTimktv5C4ObTYjYq5MMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvQnVOanRpWjBOT0thUzJfa0xnNXROaU5pcmt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICRgYIKwYBBQUHAQcBAf8EggI1MIICMTCCAhAEAgABMIIC
CAMEBS4hQDALAwMAPikDBAI+KRgDBAA+KSADBAA+KSUwDAMEAz4pOAMEAT4pVAME
AD4pZgMEAD4poAMEAj6EAAMEAj6EEAMEAT6EGAMEAD6EHAMEAT6EKjAMAwQBPoRy
AwQBPoR0AwQBPoSEAwQHTUMAAwQGTU2AAwQGV3dAAwQGWZWAMAsDAwBcRwMEBlxH
gAMDAIbeAwQEjYhgAwQCuaAoAwQAwBDKAwQAwDZoMAwDBAHAQ74DBADAQ8QDBAHA
gSADBADAgSQwDAMEAMCBKwMEAMCBLDAMAwQBwIEuAwQBwIEwAwQAwIE2AwQBwIE4
MAsDAwDBjQMEAMGNAjAMAwQDwY0oAwQBwY0sAwQBwY2MAwQEwfJQAwQAwik+AwQB
wi0EAwQBwi0MAwQAwi0vAwQBwi1iAwQBwi22AwQAwngAAwQAwngrAwQCwnhwAwQC
wnh4AwQCwnk0AwQBwnloAwQAwnl7AwQAwnnLAwQCwnncMAwDBALCekwDBAPCelAD
BAPCengDBATCeuADBALCevgDBADCe3oDBADCe6QDAwDDjzAMAwQF1ADgAwQF1AEA
AwQF1A5AAwQF1BugAwQF1DgAAwQG1FFAAwQG1HOAAwQH1L0AAwQH1N0AAwMA1N4D
BAbVyEADBAbV+wADBAbV/sADBATZcnADBATZdaADBATZdnADBAXZw+AwGwQCAAIw
FQMFAyABBmgDBQAgAQaAAwUAKgAXUDANBgkqhkiG9w0BAQsFAAOCAQEAZHZwm7G7
Tr4HQ42bjb+mbJyAH5y9WFTrjySjowg3iN9o7sVXZX3eosBgXJjoxHSzadPTN00i
7XfVF7/t0saXCyh9CCodkNC/8weggUah+r+CZ4ocOYm+dgW4RuBot/Hqsth/p3bL
71/d+LiUrjQQJN7V2Ll1O0S9DCwmP+BXRUrC6trNEp5aTEGYgDJoZoZzhDsq398H
OctOGzKjUaA/2MyGm2alja3/shud2sxHkRfPKDobB3v271Ba1fV1QVRkNogujQVb
JcBlCYSbtiouZMolAWQacTcx47qO/JpN72QLChvuNrq11FzwF5pHjxq5x8u84iAj
GAV40/9eniVYnQ==
-----END CERTIFICATE-----
Generated at Tue Apr 9 18:16:48 2024 by rpki-client on console-ams.rpki-client.org