Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/aRKJp4zW84CwJRl9ThYTYSLVnKQ.roa
File: aRKJp4zW84CwJRl9ThYTYSLVnKQ.roa (raw, json)
Hash identifier: N2HDS/Kr0bcJA3FLkaHYIrMiYsEDdTdNiA/Obi9D28g=
Subject key identifier: 69:12:89:A7:8C:D6:F3:80:B0:25:19:7D:4E:16:13:61:22:D5:9C:A4
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DEBD9CEDDE9BFD3C4C1F39B4DE509DAD1
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/aRKJp4zW84CwJRl9ThYTYSLVnKQ.roa
Signing time: Tue 27 Feb 2024 18:35:36 +0000
ROA not before: Tue 27 Feb 2024 18:35:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 2.56.112.0/24 maxlen: 24
2.56.113.0/24 maxlen: 24
5.183.128.0/24 maxlen: 24
31.222.248.0/24 maxlen: 24
62.233.49.0/24 maxlen: 24
91.242.238.0/24 maxlen: 24
94.158.191.0/24 maxlen: 24
130.193.79.0/24 maxlen: 24
130.255.169.0/24 maxlen: 24
146.19.137.0/24 maxlen: 24
176.56.38.0/24 maxlen: 24
185.218.1.0/24 maxlen: 24
185.232.47.0/24 maxlen: 24
193.3.22.0/24 maxlen: 24
193.239.209.0/24 maxlen: 24
194.32.243.0/24 maxlen: 24
195.96.157.0/24 maxlen: 24
217.119.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 08:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:eb:d9:ce:dd:e9:bf:d3:c4:c1:f3:9b:4d:e5:09:da:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 27 18:35:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=691289a78cd6f380b025197d4e16136122d59ca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a8:99:b6:c9:25:a6:9b:e6:0e:e8:5c:28:77:
ea:69:c1:c9:9c:f5:09:3f:8b:06:3e:18:3e:6d:a2:
08:f1:cc:03:62:e2:59:b1:33:b0:96:9b:95:cd:63:
e7:9d:55:d2:25:69:8a:1d:be:77:a5:0f:65:1d:cb:
85:c8:be:2a:be:d3:b4:df:db:c0:8c:4a:b9:f4:f0:
e4:be:e4:f3:f1:fc:68:83:74:f1:6e:cc:a5:f1:5c:
6f:11:57:ee:da:71:bb:99:71:87:a0:c8:6c:60:51:
48:95:29:ce:cd:fd:c7:02:76:d7:90:2e:fe:00:fe:
7c:22:0c:8b:3b:9f:c7:7c:2c:80:de:f0:54:71:16:
d8:ce:b1:ba:4f:d1:e9:40:48:f2:09:1c:f4:91:be:
74:b1:d2:75:e6:6d:59:f6:03:c0:82:ef:16:d4:e5:
ec:5f:1c:20:05:13:f4:f5:32:1a:0b:9b:dc:4a:e1:
27:5f:1f:b1:a9:de:9c:fd:40:75:8f:58:00:f8:f9:
cd:b8:e5:5e:bf:06:e5:3f:db:e2:c7:d3:ef:25:63:
10:a8:84:d1:50:a1:00:64:5d:35:d5:31:93:97:b9:
6f:b7:7f:db:98:37:a8:06:af:03:a4:a2:3b:ad:b5:
46:f2:59:56:6d:95:04:32:e5:8d:29:64:a0:0f:a9:
9f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:12:89:A7:8C:D6:F3:80:B0:25:19:7D:4E:16:13:61:22:D5:9C:A4
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/aRKJp4zW84CwJRl9ThYTYSLVnKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.112.0/23
5.183.128.0/24
31.222.248.0/24
62.233.49.0/24
91.242.238.0/24
94.158.191.0/24
130.193.79.0/24
130.255.169.0/24
146.19.137.0/24
176.56.38.0/24
185.218.1.0/24
185.232.47.0/24
193.3.22.0/24
193.239.209.0/24
194.32.243.0/24
195.96.157.0/24
217.119.130.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:55:77:c7:88:f9:88:f9:47:19:b3:86:92:3d:e9:be:f3:7c:
6b:85:db:65:9b:0a:40:10:f1:13:c5:a0:bf:28:9e:c1:5c:c2:
c4:78:e4:c1:c2:e9:7b:7d:c1:0c:9b:67:18:f7:33:8f:81:1a:
a3:27:8e:ec:cc:ae:10:f6:30:3e:aa:1c:ba:dc:31:f5:92:52:
0b:fa:66:e3:bf:5a:44:13:b8:77:f3:be:5a:e0:ac:b9:a6:5a:
41:9b:2a:b9:31:6e:a5:fc:ab:1b:2b:13:30:44:81:05:0a:f5:
3f:98:9a:4e:19:49:00:90:fb:5a:7d:f0:d2:c8:2f:68:da:88:
b2:b5:e3:6d:7c:31:33:40:e3:01:67:c9:72:75:6e:73:5b:74:
43:13:37:be:98:b5:d9:e7:36:91:73:c1:84:bb:a5:b9:b7:27:
6e:fc:8c:1d:64:65:09:f4:ca:64:93:93:a1:95:24:cb:11:2a:
fc:8f:90:05:21:5f:63:f9:08:ee:54:a5:e8:e8:56:e8:32:20:
d9:f0:6c:a8:4a:4f:e5:2a:53:2e:ba:16:06:31:69:80:65:e4:
9d:61:ec:3a:1e:6d:00:d2:4b:af:79:11:ff:1a:5c:2c:35:0b:
60:e1:21:5e:f3:57:37:a2:de:b1:ce:f1:6a:1d:90:13:70:2e:
53:cb:3d:fd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAY3r2c7d6b/TxMHzm03lCdrRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjI3MTgzNTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTEyODlhNzhjZDZmMzgwYjAyNTE5N2Q0ZTE2MTM2MTIyZDU5Y2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqiZtsklppvmDuhcKHfqacHJnPUJ
P4sGPhg+baII8cwDYuJZsTOwlpuVzWPnnVXSJWmKHb53pQ9lHcuFyL4qvtO039vA
jEq59PDkvuTz8fxog3Txbsyl8VxvEVfu2nG7mXGHoMhsYFFIlSnOzf3HAnbXkC7+
AP58IgyLO5/HfCyA3vBUcRbYzrG6T9HpQEjyCRz0kb50sdJ15m1Z9gPAgu8W1OXs
XxwgBRP09TIaC5vcSuEnXx+xqd6c/UB1j1gA+PnNuOVevwblP9vix9PvJWMQqITR
UKEAZF011TGTl7lvt3/bmDeoBq8DpKI7rbVG8llWbZUEMuWNKWSgD6mfzQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFGkSiaeM1vOAsCUZfU4WE2Ei1ZykMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvYVJLSnA0elc4NEN3SlJsOVRoWVRZU0xWbktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQBAjhwAwQA
BbeAAwQAH974AwQAPukxAwQAW/LuAwQAXp6/AwQAgsFPAwQAgv+pAwQAkhOJAwQA
sDgmAwQAudoBAwQAuegvAwQAwQMWAwQAwe/RAwQAwiDzAwQAw2CdAwQA2XeCMA0G
CSqGSIb3DQEBCwUAA4IBAQBMVXfHiPmI+UcZs4aSPem+83xrhdtlmwpAEPETxaC/
KJ7BXMLEeOTBwul7fcEMm2cY9zOPgRqjJ47szK4Q9jA+qhy63DH1klIL+mbjv1pE
E7h3875a4Ky5plpBmyq5MW6l/KsbKxMwRIEFCvU/mJpOGUkAkPtaffDSyC9o2oiy
teNtfDEzQOMBZ8lydW5zW3RDEze+mLXZ5zaRc8GEu6W5tydu/IwdZGUJ9Mpkk5Oh
lSTLESr8j5AFIV9j+QjuVKXo6FboMiDZ8GyoSk/lKlMuuhYGMWmAZeSdYew6Hm0A
0kuveRH/GlwsNQtg4SFe81c3ot6xzvFqHZATcC5Tyz39
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:48 2024 by rpki-client on console-ams.rpki-client.org