Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/hQJamXKpHrVthi2zHw_tzCrvG5U.roa
File: hQJamXKpHrVthi2zHw_tzCrvG5U.roa (raw, json)
Hash identifier: rqoJsXghhN+AKTP8yoEWLjm4poJM6Np8lt2U2OX79jI=
Subject key identifier: 85:02:5A:99:72:A9:1E:B5:6D:86:2D:B3:1F:0F:ED:CC:2A:EF:1B:95
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018E386D3A3B0A783EA4D24F61B413A3D35E
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/hQJamXKpHrVthi2zHw_tzCrvG5U.roa
Signing time: Wed 13 Mar 2024 15:27:46 +0000
ROA not before: Wed 13 Mar 2024 15:27:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 2.59.48.0/24 maxlen: 24
31.222.240.0/24 maxlen: 24
31.222.250.0/24 maxlen: 24
37.221.80.0/24 maxlen: 24
45.11.22.0/24 maxlen: 24
45.14.221.0/24 maxlen: 24
45.89.68.0/24 maxlen: 24
45.89.71.0/24 maxlen: 24
91.188.220.0/24 maxlen: 24
94.158.188.0/24 maxlen: 24
176.56.35.0/24 maxlen: 24
176.124.34.0/24 maxlen: 24
185.212.112.0/24 maxlen: 24
185.234.8.0/24 maxlen: 24
188.95.71.0/24 maxlen: 24
193.3.18.0/24 maxlen: 24
193.201.114.0/24 maxlen: 24
194.32.240.0/24 maxlen: 24
195.18.26.0/24 maxlen: 24
195.69.148.0/24 maxlen: 24
195.69.150.0/24 maxlen: 24
195.96.150.0/24 maxlen: 24
195.225.96.0/24 maxlen: 24
212.18.100.0/24 maxlen: 24
212.18.122.0/24 maxlen: 24
212.52.4.0/24 maxlen: 24
213.109.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 May 2024 14:36:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:38:6d:3a:3b:0a:78:3e:a4:d2:4f:61:b4:13:a3:d3:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Mar 13 15:27:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85025a9972a91eb56d862db31f0fedcc2aef1b95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e9:ec:7a:7f:90:0e:79:7f:11:74:a9:01:dd:
c9:65:15:bc:8b:85:77:10:ea:3f:fb:ce:b3:3d:d6:
af:41:df:0e:eb:e0:e0:0d:53:08:b2:ae:f4:73:16:
12:96:e3:f8:61:53:65:59:87:af:56:47:fb:25:1e:
3c:59:0b:b2:c4:9f:94:25:47:d6:4a:a0:62:e0:aa:
59:a7:d1:42:ac:bb:74:16:32:50:9b:ab:c1:da:1f:
4a:87:da:61:a7:5e:fa:e9:35:28:a7:3b:af:e8:f3:
1a:6c:cd:86:25:3a:4e:7c:88:d6:a6:0b:2c:dc:74:
95:00:77:f7:52:db:07:ce:61:15:59:bc:d6:00:8a:
39:82:06:3a:d4:ff:b3:52:36:06:af:b1:70:81:e0:
4e:53:36:52:6d:15:ca:dd:ae:4f:8c:71:32:47:28:
ec:16:12:c2:ec:52:bc:7c:31:a1:2a:ac:4b:8d:30:
a2:a8:7b:a9:5b:de:23:02:37:95:a4:72:69:b3:b8:
0a:5e:20:7f:cb:1c:9e:f7:25:97:0a:86:ac:85:b4:
e6:19:96:6a:37:41:04:5d:2a:72:b6:52:18:d7:c5:
e9:0f:8a:7d:9b:a5:cf:f4:0b:78:79:e2:f5:d4:c6:
02:b1:df:26:39:7a:15:05:16:05:08:4e:7a:57:cf:
eb:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:02:5A:99:72:A9:1E:B5:6D:86:2D:B3:1F:0F:ED:CC:2A:EF:1B:95
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/hQJamXKpHrVthi2zHw_tzCrvG5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.48.0/24
31.222.240.0/24
31.222.250.0/24
37.221.80.0/24
45.11.22.0/24
45.14.221.0/24
45.89.68.0/24
45.89.71.0/24
91.188.220.0/24
94.158.188.0/24
176.56.35.0/24
176.124.34.0/24
185.212.112.0/24
185.234.8.0/24
188.95.71.0/24
193.3.18.0/24
193.201.114.0/24
194.32.240.0/24
195.18.26.0/24
195.69.148.0/24
195.69.150.0/24
195.96.150.0/24
195.225.96.0/24
212.18.100.0/24
212.18.122.0/24
212.52.4.0/24
213.109.206.0/24
Signature Algorithm: sha256WithRSAEncryption
01:c2:d9:cc:7e:5d:c7:b8:68:96:89:b8:dc:4b:d6:d9:6b:2e:
4a:ad:4b:00:b9:af:62:87:32:2c:cb:59:54:a2:44:88:d2:89:
b2:22:da:a4:9d:f9:04:17:02:4b:37:07:be:b3:71:0e:a2:5b:
61:8b:89:03:94:46:67:30:12:78:ca:2f:96:cb:bb:dc:ef:81:
72:a3:13:a3:a3:3f:5e:5a:9f:73:4c:29:8e:fa:2c:78:d6:8e:
2d:d5:bf:f5:72:a5:56:78:16:ab:04:e9:6f:0f:f1:8e:86:fc:
94:9a:55:f0:ae:5a:a0:b7:84:23:26:20:e4:be:8b:e5:51:ed:
12:b5:44:11:70:a6:ba:d7:2f:4b:f5:11:db:f0:2c:05:2d:6b:
3b:9c:b2:97:4a:4f:75:2f:6e:b0:27:f4:3b:04:ea:ac:ba:3a:
8e:42:06:b7:fa:39:9d:0e:9a:bb:5d:b5:36:36:3a:be:c0:9c:
2c:6a:5a:f5:8c:e1:16:5b:41:e5:94:a0:91:d8:7b:77:2f:20:
96:ab:a9:b5:59:a3:d9:be:e5:3d:7f:3f:0b:a2:23:a7:db:20:
c2:47:7f:36:c5:25:f9:d0:5f:ee:1f:06:67:2d:4f:d9:f9:d6:
c6:ef:05:44:23:06:43:2d:f7:e5:59:c1:4a:b4:11:c7:fc:ee:
a5:01:13:e5
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAY44bTo7Cng+pNJPYbQTo9NeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMzEzMTUyNzQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTAyNWE5OTcyYTkxZWI1NmQ4NjJkYjMxZjBmZWRjYzJhZWYxYjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+nsen+QDnl/EXSpAd3JZRW8i4V3
EOo/+86zPdavQd8O6+DgDVMIsq70cxYSluP4YVNlWYevVkf7JR48WQuyxJ+UJUfW
SqBi4KpZp9FCrLt0FjJQm6vB2h9Kh9php1766TUopzuv6PMabM2GJTpOfIjWpgss
3HSVAHf3UtsHzmEVWbzWAIo5ggY61P+zUjYGr7FwgeBOUzZSbRXK3a5PjHEyRyjs
FhLC7FK8fDGhKqxLjTCiqHupW94jAjeVpHJps7gKXiB/yxye9yWXCoashbTmGZZq
N0EEXSpytlIY18XpD4p9m6XP9At4eeL11MYCsd8mOXoVBRYFCE56V8/rzwIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFIUCWplyqR61bYYtsx8P7cwq7xuVMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvaFFKYW1YS3BIclZ0aGkyekh3X3R6Q3J2RzVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIDBAAC
OzADBAAf3vADBAAf3voDBAAl3VADBAAtCxYDBAAtDt0DBAAtWUQDBAAtWUcDBABb
vNwDBABenrwDBACwOCMDBACwfCIDBAC51HADBAC56ggDBAC8X0cDBADBAxIDBADB
yXIDBADCIPADBADDEhoDBADDRZQDBADDRZYDBADDYJYDBADD4WADBADUEmQDBADU
EnoDBADUNAQDBADVbc4wDQYJKoZIhvcNAQELBQADggEBAAHC2cx+Xce4aJaJuNxL
1tlrLkqtSwC5r2KHMizLWVSiRIjSibIi2qSd+QQXAks3B76zcQ6iW2GLiQOURmcw
EnjKL5bLu9zvgXKjE6OjP15an3NMKY76LHjWji3Vv/VypVZ4FqsE6W8P8Y6G/JSa
VfCuWqC3hCMmIOS+i+VR7RK1RBFwprrXL0v1EdvwLAUtazucspdKT3UvbrAn9DsE
6qy6Oo5CBrf6OZ0OmrtdtTY2Or7AnCxqWvWM4RZbQeWUoJHYe3cvIJarqbVZo9m+
5T1/PwuiI6fbIMJHfzbFJfnQX+4fBmctT9n51sbvBUQjBkMt9+VZwUq0Ecf87qUB
E+U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:23 2024 by rpki-client on console-fra.rpki-client.org