Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/J9Vaodz75qvY5mo72TWDosegPGE.roa
File: J9Vaodz75qvY5mo72TWDosegPGE.roa (raw, json)
Hash identifier: tzXEX+UZcOokqDDcW0V7uUEPOxM7u5nyzO6TTildmEg=
Subject key identifier: 27:D5:5A:A1:DC:FB:E6:AB:D8:E6:6A:3B:D9:35:83:A2:C7:A0:3C:61
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DD1E8C4F52AF9693A55CC46C7EC31ECBD
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/J9Vaodz75qvY5mo72TWDosegPGE.roa
Signing time: Thu 22 Feb 2024 17:41:49 +0000
ROA not before: Thu 22 Feb 2024 17:41:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 2.56.112.0/24 maxlen: 24
2.56.113.0/24 maxlen: 24
5.183.128.0/24 maxlen: 24
31.222.248.0/24 maxlen: 24
91.242.238.0/24 maxlen: 24
94.158.191.0/24 maxlen: 24
130.193.79.0/24 maxlen: 24
130.255.169.0/24 maxlen: 24
146.19.137.0/24 maxlen: 24
176.56.38.0/24 maxlen: 24
185.218.1.0/24 maxlen: 24
193.3.22.0/24 maxlen: 24
193.239.209.0/24 maxlen: 24
194.32.243.0/24 maxlen: 24
195.96.157.0/24 maxlen: 24
217.119.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 18:35:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d1:e8:c4:f5:2a:f9:69:3a:55:cc:46:c7:ec:31:ec:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 22 17:41:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27d55aa1dcfbe6abd8e66a3bd93583a2c7a03c61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:69:64:29:4f:04:5f:5e:92:0c:21:65:5c:d5:
c5:0f:b9:fc:7f:a3:37:5e:d1:04:d6:fd:65:2c:c9:
6c:60:eb:2a:09:e1:3e:5e:54:00:ad:ff:09:6f:80:
68:94:1e:8c:e3:35:5d:97:79:18:1e:71:30:eb:f5:
22:2c:3e:47:08:94:aa:ed:9e:e9:47:40:63:d3:97:
e4:ec:8c:38:dc:e8:c3:5a:b3:42:6e:07:16:45:8d:
d3:c9:70:07:13:99:23:0f:31:af:db:70:7d:c2:35:
fd:37:39:e8:ae:7e:8a:32:f4:e8:d0:d5:d2:7c:56:
38:77:a8:5b:f7:06:4e:ce:47:1d:2a:10:86:7d:d8:
7b:5b:c6:ad:eb:ea:15:b1:bd:b6:b4:50:c6:3a:7f:
5f:37:68:31:99:34:93:ca:d2:e0:06:ce:fe:57:bb:
4d:fb:41:34:e6:d8:4e:7e:6d:2d:b6:6c:d9:56:77:
a4:8a:13:63:8a:92:85:8e:6e:93:b1:c0:04:a0:02:
38:14:a0:46:ed:b2:d9:9c:3a:69:c9:bd:79:c3:24:
f6:c3:d0:f3:ed:73:fa:60:07:f5:3a:21:85:e9:ec:
9d:ca:bb:d7:9b:10:1a:94:f4:e8:b6:5d:b0:eb:a0:
df:92:da:6b:f1:fc:d7:d3:71:0b:31:30:82:af:95:
0c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:D5:5A:A1:DC:FB:E6:AB:D8:E6:6A:3B:D9:35:83:A2:C7:A0:3C:61
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/J9Vaodz75qvY5mo72TWDosegPGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.112.0/23
5.183.128.0/24
31.222.248.0/24
91.242.238.0/24
94.158.191.0/24
130.193.79.0/24
130.255.169.0/24
146.19.137.0/24
176.56.38.0/24
185.218.1.0/24
193.3.22.0/24
193.239.209.0/24
194.32.243.0/24
195.96.157.0/24
217.119.130.0/24
Signature Algorithm: sha256WithRSAEncryption
10:eb:9a:93:8f:d1:f0:0d:96:92:0c:fc:ee:91:9c:c4:2c:be:
09:fe:df:94:0b:3a:ba:68:82:d3:0a:c3:9d:e8:61:22:5c:a9:
c7:8c:ae:2c:5b:b7:38:e7:17:4b:20:f0:eb:67:3d:f1:d3:64:
53:58:43:ee:de:23:30:06:1e:d3:ec:8a:02:22:b6:26:25:b0:
ac:4f:19:57:3f:77:a1:8c:0b:a9:c9:ce:ae:b7:d7:de:1c:83:
54:ec:c8:93:5b:9c:71:57:ca:f2:06:3f:dd:13:d3:16:14:84:
22:e5:78:b6:42:4d:55:cc:58:00:50:58:c9:94:92:7a:b1:d4:
60:10:d3:e7:ec:54:55:95:24:24:cf:58:e2:9d:57:4a:da:5a:
58:79:3a:6a:1b:98:f5:22:f7:b4:fc:2f:66:b8:18:fe:df:92:
8d:89:f0:d8:1b:fc:52:fe:77:62:4c:82:16:e0:68:cd:08:25:
14:30:73:e5:9f:8d:12:4c:c0:7b:4b:07:c0:78:b6:3b:ca:a0:
fe:87:2b:9c:03:db:5a:e0:d6:c7:ba:28:f0:99:80:fd:67:03:
3b:97:d8:b0:80:90:65:2d:06:f2:c0:25:ff:eb:92:5d:50:a0:
db:da:5b:58:ec:29:2b:7b:c1:f5:42:87:5e:ef:b7:ea:30:f4:
3b:86:62:b8
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAY3R6MT1KvlpOlXMRsfsMey9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjIyMTc0MTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2Q1NWFhMWRjZmJlNmFiZDhlNjZhM2JkOTM1ODNhMmM3YTAzYzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWlkKU8EX16SDCFlXNXFD7n8f6M3
XtEE1v1lLMlsYOsqCeE+XlQArf8Jb4BolB6M4zVdl3kYHnEw6/UiLD5HCJSq7Z7p
R0Bj05fk7Iw43OjDWrNCbgcWRY3TyXAHE5kjDzGv23B9wjX9Nznorn6KMvTo0NXS
fFY4d6hb9wZOzkcdKhCGfdh7W8at6+oVsb22tFDGOn9fN2gxmTSTytLgBs7+V7tN
+0E05thOfm0ttmzZVnekihNjipKFjm6TscAEoAI4FKBG7bLZnDppyb15wyT2w9Dz
7XP6YAf1OiGF6eydyrvXmxAalPTotl2w66Dfktpr8fzX03ELMTCCr5UMUQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFCfVWqHc++ar2OZqO9k1g6LHoDxhMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvSjlWYW9kejc1cXZZNW1vNzJUV0Rvc2VnUEdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQBAjhwAwQA
BbeAAwQAH974AwQAW/LuAwQAXp6/AwQAgsFPAwQAgv+pAwQAkhOJAwQAsDgmAwQA
udoBAwQAwQMWAwQAwe/RAwQAwiDzAwQAw2CdAwQA2XeCMA0GCSqGSIb3DQEBCwUA
A4IBAQAQ65qTj9HwDZaSDPzukZzELL4J/t+UCzq6aILTCsOd6GEiXKnHjK4sW7c4
5xdLIPDrZz3x02RTWEPu3iMwBh7T7IoCIrYmJbCsTxlXP3ehjAupyc6ut9feHINU
7MiTW5xxV8ryBj/dE9MWFIQi5Xi2Qk1VzFgAUFjJlJJ6sdRgENPn7FRVlSQkz1ji
nVdK2lpYeTpqG5j1Ive0/C9muBj+35KNifDYG/xS/ndiTIIW4GjNCCUUMHPln40S
TMB7SwfAeLY7yqD+hyucA9ta4NbHuijwmYD9ZwM7l9iwgJBlLQbywCX/65JdUKDb
2ltY7Ckre8H1Qode77fqMPQ7hmK4
-----END CERTIFICATE-----
Generated at Tue Feb 27 22:11:16 2024 by rpki-client on console-ams.rpki-client.org