Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/gaKNsQwzEEkxNReAQGqSXgjtyWc.roa
File: gaKNsQwzEEkxNReAQGqSXgjtyWc.roa (raw, json)
Hash identifier: i9WuhHL6O9ebrmKJuCzxCvQaSVWIej2hFoNwZOGlEDQ=
Subject key identifier: 81:A2:8D:B1:0C:33:10:49:31:35:17:80:40:6A:92:5E:08:ED:C9:67
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018E2D6DFC9ED9F510DD8E7B574E5103D857
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/gaKNsQwzEEkxNReAQGqSXgjtyWc.roa
Signing time: Mon 11 Mar 2024 12:12:46 +0000
ROA not before: Mon 11 Mar 2024 12:12:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 2.59.48.0/24 maxlen: 24
31.222.240.0/24 maxlen: 24
37.221.80.0/24 maxlen: 24
45.11.22.0/24 maxlen: 24
45.14.221.0/24 maxlen: 24
45.89.68.0/24 maxlen: 24
45.89.71.0/24 maxlen: 24
91.188.220.0/24 maxlen: 24
94.158.188.0/24 maxlen: 24
176.56.35.0/24 maxlen: 24
176.124.34.0/24 maxlen: 24
185.212.112.0/24 maxlen: 24
185.234.8.0/24 maxlen: 24
188.95.71.0/24 maxlen: 24
193.3.18.0/24 maxlen: 24
193.201.114.0/24 maxlen: 24
194.32.240.0/24 maxlen: 24
195.18.26.0/24 maxlen: 24
195.69.148.0/24 maxlen: 24
195.69.150.0/24 maxlen: 24
195.225.96.0/24 maxlen: 24
212.18.100.0/24 maxlen: 24
212.52.4.0/24 maxlen: 24
213.109.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 15:52:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2d:6d:fc:9e:d9:f5:10:dd:8e:7b:57:4e:51:03:d8:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Mar 11 12:12:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81a28db10c33104931351780406a925e08edc967
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:9d:b8:d0:cc:bb:62:54:f7:9e:d9:7d:ef:79:
7e:7c:29:29:2f:70:ac:c5:08:0b:e7:c0:68:d9:60:
78:c6:4d:24:ac:2c:26:c9:20:c4:06:5a:44:26:4c:
4e:57:36:ca:eb:e6:be:2c:6c:ee:d6:99:61:55:72:
9c:e0:93:39:8f:1c:94:b3:fa:e0:5d:42:ad:45:81:
8b:91:57:8b:23:8a:ce:85:18:9c:bb:5e:cb:88:a7:
80:94:51:bf:d0:37:a1:36:4a:5a:a8:f8:8f:eb:90:
ed:db:6d:8a:d6:2c:a9:5d:2a:ce:df:fa:47:e8:9c:
11:64:a9:b8:0a:48:30:aa:58:aa:d0:f9:7f:61:a2:
49:67:d3:e4:46:f7:2f:6b:72:ed:b4:c8:4b:84:eb:
2c:d5:56:57:25:c6:48:1a:63:02:79:11:4e:72:7b:
8b:e4:47:fb:76:b5:92:3a:ff:3f:e2:11:90:7a:11:
c1:c8:20:13:0d:78:48:28:84:d6:ae:c8:e2:24:ed:
e3:3b:36:7c:3d:e0:7c:56:f6:bc:9c:13:b1:73:29:
6c:61:e6:6d:49:a4:09:24:ca:52:24:5c:57:c1:99:
3e:ab:27:da:bd:0b:31:69:b8:f4:43:0d:57:4c:e9:
f7:fd:17:15:c1:28:c8:08:54:44:3a:ea:a8:c1:f7:
8f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A2:8D:B1:0C:33:10:49:31:35:17:80:40:6A:92:5E:08:ED:C9:67
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/gaKNsQwzEEkxNReAQGqSXgjtyWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.48.0/24
31.222.240.0/24
37.221.80.0/24
45.11.22.0/24
45.14.221.0/24
45.89.68.0/24
45.89.71.0/24
91.188.220.0/24
94.158.188.0/24
176.56.35.0/24
176.124.34.0/24
185.212.112.0/24
185.234.8.0/24
188.95.71.0/24
193.3.18.0/24
193.201.114.0/24
194.32.240.0/24
195.18.26.0/24
195.69.148.0/24
195.69.150.0/24
195.225.96.0/24
212.18.100.0/24
212.52.4.0/24
213.109.206.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:0b:4b:ab:69:83:24:9b:1b:25:5f:71:31:f9:60:ed:61:4e:
d7:a5:7e:31:e9:4d:7c:a2:95:ea:47:ed:05:a0:d7:7d:ad:f3:
d3:cc:20:7e:90:ce:51:bf:09:84:8a:43:fb:21:0f:a6:fa:84:
4f:bf:f9:37:1a:08:e5:6b:00:63:72:14:2b:45:bd:ed:5f:29:
32:10:60:34:62:af:1c:7f:79:dd:6e:f5:60:0d:e0:aa:35:09:
ef:24:b9:e0:c8:48:c6:25:c6:e6:d2:e0:c5:84:d6:6a:59:2c:
fb:3d:19:be:b6:d4:e4:19:a9:12:bc:65:4c:4d:e2:51:7f:2b:
cd:54:d7:d8:5d:a1:63:a9:db:f0:2b:76:13:fb:69:32:28:a6:
ca:f2:1b:8f:ed:9c:33:80:7d:3c:b0:2b:00:92:31:71:fa:48:
e8:d2:9c:25:dd:0e:3b:a9:a8:df:6b:6e:23:77:99:c1:af:36:
c3:66:c1:70:1e:de:f6:a4:10:f3:d0:3e:af:33:b1:b3:1b:77:
92:7a:f1:b0:40:fe:e6:6c:d3:a1:72:b4:de:6b:24:cf:87:1f:
62:e4:11:4b:3c:ba:b9:3a:10:89:61:e0:e3:1b:b8:d8:9f:0f:
a8:72:b4:a8:39:a1:55:8f:c1:ff:f2:e5:ea:75:2a:7e:10:f7:
a1:fe:39:42
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAY4tbfye2fUQ3Y57V05RA9hXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMzExMTIxMjQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWEyOGRiMTBjMzMxMDQ5MzEzNTE3ODA0MDZhOTI1ZTA4ZWRjOTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAop240My7YlT3ntl973l+fCkpL3Cs
xQgL58Bo2WB4xk0krCwmySDEBlpEJkxOVzbK6+a+LGzu1plhVXKc4JM5jxyUs/rg
XUKtRYGLkVeLI4rOhRicu17LiKeAlFG/0DehNkpaqPiP65Dt222K1iypXSrO3/pH
6JwRZKm4Ckgwqliq0Pl/YaJJZ9PkRvcva3LttMhLhOss1VZXJcZIGmMCeRFOcnuL
5Ef7drWSOv8/4hGQehHByCATDXhIKITWrsjiJO3jOzZ8PeB8Vva8nBOxcylsYeZt
SaQJJMpSJFxXwZk+qyfavQsxabj0Qw1XTOn3/RcVwSjICFREOuqowfeP+wIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFIGijbEMMxBJMTUXgEBqkl4I7clnMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvZ2FLTnNRd3pFRWt4TlJlQVFHcVNYZ2p0eVdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAAC
OzADBAAf3vADBAAl3VADBAAtCxYDBAAtDt0DBAAtWUQDBAAtWUcDBABbvNwDBABe
nrwDBACwOCMDBACwfCIDBAC51HADBAC56ggDBAC8X0cDBADBAxIDBADByXIDBADC
IPADBADDEhoDBADDRZQDBADDRZYDBADD4WADBADUEmQDBADUNAQDBADVbc4wDQYJ
KoZIhvcNAQELBQADggEBABwLS6tpgySbGyVfcTH5YO1hTtelfjHpTXyilepH7QWg
132t89PMIH6QzlG/CYSKQ/shD6b6hE+/+TcaCOVrAGNyFCtFve1fKTIQYDRirxx/
ed1u9WAN4Ko1Ce8kueDISMYlxubS4MWE1mpZLPs9Gb621OQZqRK8ZUxN4lF/K81U
19hdoWOp2/ArdhP7aTIopsryG4/tnDOAfTywKwCSMXH6SOjSnCXdDjupqN9rbiN3
mcGvNsNmwXAe3vakEPPQPq8zsbMbd5J68bBA/uZs06FytN5rJM+HH2LkEUs8urk6
EIlh4OMbuNifD6hytKg5oVWPwf/y5ep1Kn4Q96H+OUI=
-----END CERTIFICATE-----
Generated at Mon Mar 11 20:50:32 2024 by rpki-client on console-ams.rpki-client.org