Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/f3QVSUaffK1JXJuiIzmg3dId8Zc.roa
File: f3QVSUaffK1JXJuiIzmg3dId8Zc.roa (raw, json)
Hash identifier: bcVk9MCkYMnk+BQn7AuJ4rgsZQwY0HzClvPN440f9Ng=
Subject key identifier: 7F:74:15:49:46:9F:7C:AD:49:5C:9B:A2:23:39:A0:DD:D2:1D:F1:97
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 018697D68BFFE03880B9781ECD37A60408E2
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/f3QVSUaffK1JXJuiIzmg3dId8Zc.roa
Signing time: Tue 28 Feb 2023 11:44:25 +0000
ROA not before: Tue 28 Feb 2023 11:44:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5501
IP address blocks: 129.233.128.0/17 maxlen: 17
153.96.220.0/22 maxlen: 22
153.96.253.0/24 maxlen: 24
153.96.254.0/24 maxlen: 24
129.233.252.0/24 maxlen: 24
129.233.252.0/22 maxlen: 22
129.233.253.0/24 maxlen: 24
192.102.165.0/24 maxlen: 24
129.233.255.0/24 maxlen: 24
129.233.254.0/24 maxlen: 24
192.102.172.0/23 maxlen: 23
192.102.171.0/24 maxlen: 24
192.44.0.0/22 maxlen: 22
153.96.54.0/23 maxlen: 23
192.44.10.0/24 maxlen: 24
192.44.13.0/24 maxlen: 24
192.44.17.0/24 maxlen: 24
192.44.24.0/24 maxlen: 24
192.44.37.0/24 maxlen: 24
153.96.0.0/21 maxlen: 21
153.96.10.0/24 maxlen: 24
153.96.8.0/23 maxlen: 23
153.96.12.0/22 maxlen: 22
153.96.16.0/23 maxlen: 23
153.96.24.0/24 maxlen: 24
153.96.18.0/24 maxlen: 24
137.251.0.0/16 maxlen: 16
153.96.19.0/24 maxlen: 24
192.42.64.0/24 maxlen: 24
192.42.63.0/24 maxlen: 24
153.96.144.0/23 maxlen: 23
129.233.0.0/17 maxlen: 17
2a03:db80:4410::/48 maxlen: 48
2a03:db80:4424::/48 maxlen: 48
2a03:db80:4404::/48 maxlen: 48
2a03:db80:4c84::/48 maxlen: 48
2a03:db80:4484::/48 maxlen: 48
2a03:db80:4c80::/48 maxlen: 48
2a03:db80:4480::/48 maxlen: 48
2a03:db80:4420::/48 maxlen: 48
2a03:db80:4414::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:d6:8b:ff:e0:38:80:b9:78:1e:cd:37:a6:04:08:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Feb 28 11:44:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f741549469f7cad495c9ba22339a0ddd21df197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:33:24:eb:e6:0c:4c:69:fb:ef:83:e0:6d:d2:
e1:fb:99:45:4d:f2:2a:04:5b:6a:3e:36:66:e0:41:
0c:f9:9f:85:25:4a:0a:b0:4c:c2:73:e0:85:11:89:
47:b0:08:44:f3:0d:1f:e6:19:e6:00:42:75:4e:48:
67:4e:fb:d7:0b:0c:96:2b:09:66:a4:62:7b:91:4d:
1c:d4:2c:c9:ca:7d:ac:50:52:8e:d9:4d:33:f1:d3:
d1:bc:e3:5a:ec:ae:ed:85:38:7b:b3:b8:4b:e9:9a:
3d:e0:1b:59:7b:77:64:d8:34:ab:45:8d:79:cf:81:
ee:57:d0:a0:92:ba:17:bd:ab:fa:79:37:dd:c2:d8:
b5:81:74:b8:4b:a7:83:d1:2f:22:0a:de:d1:21:1c:
21:bb:5d:57:c5:f0:85:4a:8c:df:11:7d:ad:cb:93:
06:52:11:fb:2d:53:f0:a3:03:3f:fc:04:3c:01:c8:
43:40:0a:02:9e:db:7b:51:bf:7c:d0:17:2d:56:1e:
2d:c4:e2:b3:7d:46:2e:b8:6f:0b:a3:1b:52:3a:28:
4c:ac:20:69:12:f6:c7:d0:42:bd:87:4d:f1:7c:64:
82:e7:12:11:dd:63:cb:2a:2e:02:65:7f:5e:1f:4c:
65:70:56:d9:fa:6e:5d:e5:f8:a6:a9:e8:cc:0c:da:
9c:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:74:15:49:46:9F:7C:AD:49:5C:9B:A2:23:39:A0:DD:D2:1D:F1:97
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/f3QVSUaffK1JXJuiIzmg3dId8Zc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.233.0.0/16
137.251.0.0/16
153.96.0.0-153.96.10.255
153.96.12.0-153.96.19.255
153.96.24.0/24
153.96.54.0/23
153.96.144.0/23
153.96.220.0/22
153.96.253.0-153.96.254.255
192.42.63.0-192.42.64.255
192.44.0.0/22
192.44.10.0/24
192.44.13.0/24
192.44.17.0/24
192.44.24.0/24
192.44.37.0/24
192.102.165.0/24
192.102.171.0-192.102.173.255
IPv6:
2a03:db80:4404::/48
2a03:db80:4410::/48
2a03:db80:4414::/48
2a03:db80:4420::/48
2a03:db80:4424::/48
2a03:db80:4480::/48
2a03:db80:4484::/48
2a03:db80:4c80::/48
2a03:db80:4c84::/48
Signature Algorithm: sha256WithRSAEncryption
33:34:20:33:a2:3b:ba:54:b3:1c:b5:03:87:dc:f1:d5:4b:5b:
7b:b0:20:3c:d1:7f:de:5c:48:d9:b6:70:60:3e:35:ba:93:ad:
57:90:68:b8:43:0d:17:f7:a7:ec:ae:09:0d:64:21:97:50:32:
76:27:2b:7b:b8:37:be:dd:a0:93:a1:c5:de:ac:cb:a2:01:55:
64:c2:71:14:90:83:71:13:4c:f9:9c:97:41:5e:ff:33:90:96:
76:90:57:0b:c3:a4:04:3f:92:b3:76:b8:60:58:57:c0:17:2b:
6e:b8:83:7f:2a:10:5f:54:30:52:ce:83:ab:d0:c4:39:a3:49:
da:5b:74:1c:b7:6d:66:b4:ee:fb:e1:8c:1c:a7:c1:af:58:6d:
77:fa:00:a6:dc:17:0c:c0:6c:f6:65:66:07:85:de:a7:aa:61:
46:bd:d0:6b:ca:2a:61:fe:87:29:89:f3:79:9b:f6:cc:2c:fa:
25:c2:83:6b:1b:25:74:e6:15:54:41:97:6a:87:d0:f3:3b:83:
15:25:f1:59:c9:a2:4d:7d:40:11:29:49:75:d4:3d:02:7b:90:
90:10:25:ba:4c:ba:d5:fc:a4:24:88:27:2e:a0:24:8a:74:f9:
47:20:e1:95:c1:47:9e:ec:13:50:69:ad:1e:01:aa:1b:4a:07:
59:1d:14:27
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAYaX1ov/4DiAuXgezTemBAjiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjMwMjI4MTE0NDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Zjc0MTU0OTQ2OWY3Y2FkNDk1YzliYTIyMzM5YTBkZGQyMWRmMTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljMk6+YMTGn774PgbdLh+5lFTfIq
BFtqPjZm4EEM+Z+FJUoKsEzCc+CFEYlHsAhE8w0f5hnmAEJ1TkhnTvvXCwyWKwlm
pGJ7kU0c1CzJyn2sUFKO2U0z8dPRvONa7K7thTh7s7hL6Zo94BtZe3dk2DSrRY15
z4HuV9CgkroXvav6eTfdwti1gXS4S6eD0S8iCt7RIRwhu11XxfCFSozfEX2ty5MG
UhH7LVPwowM//AQ8AchDQAoCntt7Ub980BctVh4txOKzfUYuuG8LoxtSOihMrCBp
EvbH0EK9h03xfGSC5xIR3WPLKi4CZX9eH0xlcFbZ+m5d5fimqejMDNqc6wIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFH90FUlGn3ytSVyboiM5oN3SHfGXMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvZjNRVlNVYWZmSzFKWEp1aUl6bWczZElkOFpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBwYIKwYBBQUHAQcBAf8EgfcwgfQwgZgEAgABMIGRAwMA
gekDAwCJ+zALAwMFmWADBACZYAowDAMEAplgDAMEAplgEAMEAJlgGAMEAZlgNgME
AZlgkAMEAplg3DAMAwQAmWD9AwQAmWD+MAwDBADAKj8DBADAKkADBALALAADBADA
LAoDBADALA0DBADALBEDBADALBgDBADALCUDBADAZqUwDAMEAMBmqwMEAcBmrDBX
BAIAAjBRAwcAKgPbgEQEAwcAKgPbgEQQAwcAKgPbgEQUAwcAKgPbgEQgAwcAKgPb
gEQkAwcAKgPbgESAAwcAKgPbgESEAwcAKgPbgEyAAwcAKgPbgEyEMA0GCSqGSIb3
DQEBCwUAA4IBAQAzNCAzoju6VLMctQOH3PHVS1t7sCA80X/eXEjZtnBgPjW6k61X
kGi4Qw0X96fsrgkNZCGXUDJ2Jyt7uDe+3aCTocXerMuiAVVkwnEUkINxE0z5nJdB
Xv8zkJZ2kFcLw6QEP5KzdrhgWFfAFytuuIN/KhBfVDBSzoOr0MQ5o0naW3Qct21m
tO774Ywcp8GvWG13+gCm3BcMwGz2ZWYHhd6nqmFGvdBryiph/ocpifN5m/bMLPol
woNrGyV05hVUQZdqh9DzO4MVJfFZyaJNfUARKUl11D0Ce5CQECW6TLrV/KQkiCcu
oCSKdPlHIOGVwUee7BNQaa0eAaobSgdZHRQn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:43 2024 by rpki-client on console-ams.rpki-client.org