Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/98L9lI3BIwKDEArAoRzs0rhxpZw.roa
File: 98L9lI3BIwKDEArAoRzs0rhxpZw.roa (raw, json)
Hash identifier: t1HVIIzU9mgOJ19ZzQao6DSOfUaeiPhVUAUsz95kxKs=
Subject key identifier: F7:C2:FD:94:8D:C1:23:02:83:10:0A:C0:A1:1C:EC:D2:B8:71:A5:9C
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018E08D483B87478885FD4A7A9C41C56C162
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/98L9lI3BIwKDEArAoRzs0rhxpZw.roa
Signing time: Mon 04 Mar 2024 09:38:48 +0000
ROA not before: Mon 04 Mar 2024 09:38:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 2.59.49.0/24 maxlen: 24
31.216.60.0/24 maxlen: 24
37.221.82.0/23 maxlen: 23
45.10.64.0/22 maxlen: 22
45.10.80.0/22 maxlen: 22
45.11.196.0/24 maxlen: 24
45.15.238.0/24 maxlen: 24
45.93.80.0/24 maxlen: 24
45.132.36.0/24 maxlen: 24
45.132.37.0/24 maxlen: 24
45.132.38.0/24 maxlen: 24
45.132.128.0/24 maxlen: 24
45.132.129.0/24 maxlen: 24
45.138.213.0/24 maxlen: 24
45.138.214.0/24 maxlen: 24
45.139.52.0/24 maxlen: 24
45.139.53.0/24 maxlen: 24
45.139.55.0/24 maxlen: 24
45.140.64.0/24 maxlen: 24
45.140.72.0/22 maxlen: 22
45.146.24.0/24 maxlen: 24
45.146.25.0/24 maxlen: 24
45.146.27.0/24 maxlen: 24
45.147.12.0/24 maxlen: 24
45.147.13.0/24 maxlen: 24
45.147.14.0/24 maxlen: 24
45.147.15.0/24 maxlen: 24
45.149.129.0/24 maxlen: 24
45.152.116.0/24 maxlen: 24
45.152.117.0/24 maxlen: 24
45.159.84.0/24 maxlen: 24
45.159.87.0/24 maxlen: 24
62.233.34.0/24 maxlen: 24
62.233.48.0/24 maxlen: 24
84.246.81.0/24 maxlen: 24
89.107.12.0/24 maxlen: 24
91.199.189.0/24 maxlen: 24
91.206.68.0/24 maxlen: 24
91.236.121.0/24 maxlen: 24
93.190.120.0/24 maxlen: 24
94.124.77.0/24 maxlen: 24
176.116.12.0/24 maxlen: 24
176.222.56.0/24 maxlen: 24
176.222.57.0/24 maxlen: 24
176.222.59.0/24 maxlen: 24
185.188.41.0/24 maxlen: 24
193.5.28.0/24 maxlen: 24
193.31.4.0/24 maxlen: 24
193.31.5.0/24 maxlen: 24
193.58.170.0/24 maxlen: 24
193.107.22.0/24 maxlen: 24
194.104.228.0/24 maxlen: 24
195.216.132.0/22 maxlen: 22
195.225.99.0/24 maxlen: 24
213.166.64.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 05 Mar 2024 14:13:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:08:d4:83:b8:74:78:88:5f:d4:a7:a9:c4:1c:56:c1:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Mar 4 09:38:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7c2fd948dc1230283100ac0a11cecd2b871a59c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:24:91:ff:47:e2:b0:a6:5f:5d:5b:4f:90:32:
c0:87:3b:dc:8b:b5:b0:f5:62:62:e8:84:01:17:e9:
4d:f8:3f:56:14:b2:6c:75:38:d1:29:95:3e:c7:4e:
f3:7a:60:a5:52:eb:1f:a3:54:96:7a:1a:59:12:1c:
f4:96:e4:52:f6:86:64:79:51:03:ef:1d:84:03:d9:
0f:cb:6a:e8:52:0f:17:69:d9:d3:95:8e:5c:bf:cb:
37:08:18:e9:80:2d:e2:69:b0:62:bd:2b:d1:4b:d5:
82:3a:27:89:e8:09:87:0f:1f:2a:1f:04:23:f6:53:
8f:5d:5b:49:7a:a5:88:2c:aa:a8:c5:97:2c:f8:3e:
70:b3:61:cd:2b:ef:36:a5:7b:01:1d:7a:94:f4:96:
f9:c3:67:d4:50:ba:81:c6:8a:30:d3:24:22:e9:0b:
25:74:32:38:d0:ab:3f:78:b3:01:81:0f:49:23:fa:
14:56:e1:ae:e8:d2:c1:8d:94:ff:66:1d:ad:fb:ae:
06:57:1a:67:60:1e:d6:1d:ca:bf:76:e4:ff:96:ca:
77:74:bf:f1:e9:b5:30:e8:29:e3:7a:9d:1f:09:6d:
0d:04:da:a3:7f:80:c5:e1:8c:11:0c:14:2d:9a:b5:
52:e2:0a:fa:be:ca:5f:37:06:55:1b:f5:68:8a:40:
47:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:C2:FD:94:8D:C1:23:02:83:10:0A:C0:A1:1C:EC:D2:B8:71:A5:9C
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/98L9lI3BIwKDEArAoRzs0rhxpZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.49.0/24
31.216.60.0/24
37.221.82.0/23
45.10.64.0/22
45.10.80.0/22
45.11.196.0/24
45.15.238.0/24
45.93.80.0/24
45.132.36.0-45.132.38.255
45.132.128.0/23
45.138.213.0-45.138.214.255
45.139.52.0/23
45.139.55.0/24
45.140.64.0/24
45.140.72.0/22
45.146.24.0/23
45.146.27.0/24
45.147.12.0/22
45.149.129.0/24
45.152.116.0/23
45.159.84.0/24
45.159.87.0/24
62.233.34.0/24
62.233.48.0/24
84.246.81.0/24
89.107.12.0/24
91.199.189.0/24
91.206.68.0/24
91.236.121.0/24
93.190.120.0/24
94.124.77.0/24
176.116.12.0/24
176.222.56.0/23
176.222.59.0/24
185.188.41.0/24
193.5.28.0/24
193.31.4.0/23
193.58.170.0/24
193.107.22.0/24
194.104.228.0/24
195.216.132.0/22
195.225.99.0/24
213.166.64.0/22
Signature Algorithm: sha256WithRSAEncryption
72:62:a4:b9:d6:5c:24:78:b5:44:5c:82:f8:1a:01:f6:de:49:
bd:6b:eb:32:06:0f:e6:90:bd:d2:7c:d4:20:87:df:b9:11:19:
eb:73:6f:cc:31:6d:63:94:13:f7:14:c8:69:a4:15:27:40:1c:
f4:e9:fc:f4:4f:43:44:b5:31:ef:ea:a5:59:6f:4e:e1:ce:a9:
f8:ec:61:a5:a3:ed:f9:ae:73:b9:3f:01:c8:7f:bc:96:51:4d:
d5:1e:1c:b6:86:0c:d2:1d:19:38:a2:b6:79:83:a2:eb:d8:1c:
65:99:62:5a:26:61:f8:73:5d:c4:81:49:a1:b7:fd:07:71:4a:
96:54:dc:fd:64:9f:dd:9b:b2:d1:28:86:ee:ec:ce:5d:e9:38:
b8:f1:77:f2:dc:0c:8f:9d:bf:4d:2b:2c:b2:90:b7:c8:60:6a:
92:be:ed:dc:66:d6:5a:25:17:12:44:cf:61:ea:04:b6:1a:af:
9d:f2:13:20:31:a6:ed:e3:2a:01:15:a4:5d:06:81:7c:1b:1d:
cb:57:eb:be:48:72:2b:9f:34:e6:7a:14:24:e3:90:17:ce:87:
48:8e:99:8a:6c:a7:09:c3:a8:97:ac:b5:ca:60:68:39:f1:e4:
4d:b6:45:19:54:cb:0f:75:08:3a:79:d1:b2:69:94:3e:6d:27:
fd:42:be:aa
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgISAY4I1IO4dHiIX9SnqcQcVsFiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMzA0MDkzODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2MyZmQ5NDhkYzEyMzAyODMxMDBhYzBhMTFjZWNkMmI4NzFhNTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviSR/0fisKZfXVtPkDLAhzvci7Ww
9WJi6IQBF+lN+D9WFLJsdTjRKZU+x07zemClUusfo1SWehpZEhz0luRS9oZkeVED
7x2EA9kPy2roUg8XadnTlY5cv8s3CBjpgC3iabBivSvRS9WCOieJ6AmHDx8qHwQj
9lOPXVtJeqWILKqoxZcs+D5ws2HNK+82pXsBHXqU9Jb5w2fUULqBxoow0yQi6Qsl
dDI40Ks/eLMBgQ9JI/oUVuGu6NLBjZT/Zh2t+64GVxpnYB7WHcq/duT/lsp3dL/x
6bUw6Cnjep0fCW0NBNqjf4DF4YwRDBQtmrVS4gr6vspfNwZVG/VoikBH8QIDAQAB
o4IDHzCCAxswHQYDVR0OBBYEFPfC/ZSNwSMCgxAKwKEc7NK4caWcMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvOThMOWxJM0JJd0tERUFyQW9SenMwcmh4cFp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMwYIKwYBBQUHAQcBAf8EggEiMIIBHjCCARoEAgABMIIB
EgMEAAI7MQMEAB/YPAMEASXdUgMEAi0KQAMEAi0KUAMEAC0LxAMEAC0P7gMEAC1d
UDAMAwQCLYQkAwQALYQmAwQBLYSAMAwDBAAtitUDBAAtitYDBAEtizQDBAAtizcD
BAAtjEADBAItjEgDBAEtkhgDBAAtkhsDBAItkwwDBAAtlYEDBAEtmHQDBAAtn1QD
BAAtn1cDBAA+6SIDBAA+6TADBABU9lEDBABZawwDBABbx70DBABbzkQDBABb7HkD
BABdvngDBABefE0DBACwdAwDBAGw3jgDBACw3jsDBAC5vCkDBADBBRwDBAHBHwQD
BADBOqoDBADBaxYDBADCaOQDBALD2IQDBADD4WMDBALVpkAwDQYJKoZIhvcNAQEL
BQADggEBAHJipLnWXCR4tURcgvgaAfbeSb1r6zIGD+aQvdJ81CCH37kRGetzb8wx
bWOUE/cUyGmkFSdAHPTp/PRPQ0S1Me/qpVlvTuHOqfjsYaWj7fmuc7k/Ach/vJZR
TdUeHLaGDNIdGTiitnmDouvYHGWZYlomYfhzXcSBSaG3/QdxSpZU3P1kn92bstEo
hu7szl3pOLjxd/LcDI+dv00rLLKQt8hgapK+7dxm1lolFxJEz2HqBLYar53yEyAx
pu3jKgEVpF0GgXwbHctX675IciufNOZ6FCTjkBfOh0iOmYpspwnDqJestcpgaDnx
5E22RRlUyw91CDp50bJplD5tJ/1Cvqo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:48 2024 by rpki-client on console-ams.rpki-client.org