Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/jJumAsMH1L3pdbrnXmLYBkkCKMA.roa
File: jJumAsMH1L3pdbrnXmLYBkkCKMA.roa (raw, json)
Hash identifier: l1u5srkObFbWMELAZH4MUNYh6Q042+u45KzplIbzatk=
Subject key identifier: 8C:9B:A6:02:C3:07:D4:BD:E9:75:BA:E7:5E:62:D8:06:49:02:28:C0
Certificate issuer: /CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Certificate serial: 0191D5FEACFD122AB18677759222AAE1559B
Authority key identifier: 5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/jJumAsMH1L3pdbrnXmLYBkkCKMA.roa
Signing time: Mon 09 Sep 2024 08:55:22 +0000
ROA not before: Mon 09 Sep 2024 08:55:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34244
IP address blocks: 5.180.0.0/22 maxlen: 22
31.170.24.0/21 maxlen: 21
37.221.104.0/22 maxlen: 22
45.8.152.0/22 maxlen: 22
45.14.4.0/22 maxlen: 22
45.93.232.0/22 maxlen: 22
45.131.188.0/22 maxlen: 22
45.152.172.0/22 maxlen: 22
81.92.196.0/22 maxlen: 22
81.92.220.0/22 maxlen: 22
85.30.128.0/18 maxlen: 18
92.39.32.0/20 maxlen: 20
94.46.136.0/22 maxlen: 22
94.46.240.0/22 maxlen: 22
128.127.184.0/21 maxlen: 21
141.98.236.0/22 maxlen: 22
155.137.24.0/21 maxlen: 21
178.236.64.0/20 maxlen: 24
178.255.112.0/22 maxlen: 22
185.4.8.0/22 maxlen: 22
185.27.96.0/22 maxlen: 22
185.121.44.0/22 maxlen: 22
185.176.28.0/22 maxlen: 22
185.186.32.0/22 maxlen: 22
185.197.224.0/22 maxlen: 22
185.216.152.0/22 maxlen: 22
185.223.236.0/22 maxlen: 22
185.240.208.0/22 maxlen: 22
185.247.236.0/22 maxlen: 22
188.66.48.0/22 maxlen: 22
193.34.202.0/24 maxlen: 24
193.221.93.0/24 maxlen: 24
193.221.120.0/24 maxlen: 24
193.221.123.0/24 maxlen: 24
193.221.219.0/24 maxlen: 24
195.210.52.0/23 maxlen: 23
2a02:80::/29 maxlen: 29
2a02:80::/32 maxlen: 32
2a02:1610::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d5:fe:ac:fd:12:2a:b1:86:77:75:92:22:aa:e1:55:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Validity
Not Before: Sep 9 08:55:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c9ba602c307d4bde975bae75e62d806490228c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e7:77:cc:ef:bc:7b:b6:9a:cd:a5:45:e0:59:
d9:f8:1c:86:f0:24:b7:d3:e8:df:59:32:fc:6b:58:
63:9b:50:be:83:98:26:f3:3e:be:d2:ed:b1:e1:7d:
35:e0:d0:88:e9:cd:93:42:17:be:09:74:ef:39:f6:
75:e6:03:6f:95:d9:ec:7b:ad:dd:fd:22:d5:89:00:
59:5e:af:5a:9a:35:1e:eb:95:32:1a:c2:2c:ea:29:
cb:c2:9f:ba:fc:b4:5d:c9:cb:72:8d:d9:50:f2:67:
d8:bc:c6:6c:4f:ac:87:90:9d:5e:be:66:2c:0d:e6:
da:40:c5:24:4b:9f:1a:94:91:42:73:93:67:9d:86:
6c:27:dc:57:c3:0e:3f:14:93:3c:27:e0:8c:ee:60:
32:d7:22:5c:f6:76:11:a7:c9:e7:56:78:14:a8:ba:
16:e8:6d:46:47:7d:95:42:51:75:7b:de:35:07:72:
06:42:55:7c:96:30:45:bb:80:ce:93:d3:b1:fe:c4:
5e:1e:03:bf:cc:ef:ef:eb:d7:c7:e8:9f:93:37:91:
2b:85:ec:bb:0e:5e:ee:b4:58:d8:a3:c0:b7:23:73:
79:da:13:d5:23:c3:89:11:b0:b1:84:ec:c0:5b:a1:
61:2d:d3:1b:e5:cf:23:56:ad:f3:8a:55:c8:15:8d:
23:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:9B:A6:02:C3:07:D4:BD:E9:75:BA:E7:5E:62:D8:06:49:02:28:C0
X509v3 Authority Key Identifier:
keyid:5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/jJumAsMH1L3pdbrnXmLYBkkCKMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/Xx-gbV262kPeRPTksdyUkrsofJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.0.0/22
31.170.24.0/21
37.221.104.0/22
45.8.152.0/22
45.14.4.0/22
45.93.232.0/22
45.131.188.0/22
45.152.172.0/22
81.92.196.0/22
81.92.220.0/22
85.30.128.0/18
92.39.32.0/20
94.46.136.0/22
94.46.240.0/22
128.127.184.0/21
141.98.236.0/22
155.137.24.0/21
178.236.64.0/20
178.255.112.0/22
185.4.8.0/22
185.27.96.0/22
185.121.44.0/22
185.176.28.0/22
185.186.32.0/22
185.197.224.0/22
185.216.152.0/22
185.223.236.0/22
185.240.208.0/22
185.247.236.0/22
188.66.48.0/22
193.34.202.0/24
193.221.93.0/24
193.221.120.0/24
193.221.123.0/24
193.221.219.0/24
195.210.52.0/23
IPv6:
2a02:80::/29
2a02:1610::/32
Signature Algorithm: sha256WithRSAEncryption
4f:4f:95:d9:d3:06:f2:79:62:13:f0:62:0b:fd:e3:c7:b6:2e:
8b:0e:ea:8d:d1:ad:fc:c8:2e:f9:90:99:8b:3d:a7:32:0d:6a:
ed:b7:4d:d8:43:50:0a:04:52:11:d3:77:f3:0c:9f:16:83:3e:
b5:7a:06:5a:b0:ad:e3:2e:b0:92:ec:41:d1:b8:56:8d:48:d4:
a9:84:79:80:74:81:5a:79:14:22:d5:89:49:11:4c:41:25:eb:
59:69:61:6b:af:8b:29:92:3c:79:f8:80:a5:0a:09:9b:22:98:
cc:64:25:cb:8b:58:2e:4e:08:4a:10:c6:e0:b6:b4:a7:83:30:
e6:db:6e:3e:47:07:e0:3e:9b:2a:09:c0:71:75:d2:d7:54:bf:
2a:cd:8f:d4:a1:b7:e9:13:b5:75:34:f7:7b:c8:94:16:d1:14:
5a:d1:a9:6f:a7:f1:36:f9:22:1d:ec:07:c0:56:73:4c:69:84:
fa:8e:5c:51:f9:f9:ab:2f:7f:20:b9:70:99:68:d1:b0:c5:03:
da:b4:c1:fb:a7:dc:72:e4:e2:f7:0c:04:7b:03:68:2a:33:f4:
4a:c2:71:2f:c2:5d:eb:30:e7:df:ea:4c:ba:0b:71:64:ee:32:
58:3a:21:ec:d5:7c:56:96:08:df:49:3e:5e:9e:54:22:0f:ad:
2a:1e:b8:1c
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAZHV/qz9Eiqxhnd1kiKq4VWbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWZhMDZkNWRiYWRhNDNkZTQ0ZjRlNGIxZGM5NDkyYmIy
ODdjOWQwHhcNMjQwOTA5MDg1NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzliYTYwMmMzMDdkNGJkZTk3NWJhZTc1ZTYyZDgwNjQ5MDIyOGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmud3zO+8e7aazaVF4FnZ+ByG8CS3
0+jfWTL8a1hjm1C+g5gm8z6+0u2x4X014NCI6c2TQhe+CXTvOfZ15gNvldnse63d
/SLViQBZXq9amjUe65UyGsIs6inLwp+6/LRdyctyjdlQ8mfYvMZsT6yHkJ1evmYs
DebaQMUkS58alJFCc5NnnYZsJ9xXww4/FJM8J+CM7mAy1yJc9nYRp8nnVngUqLoW
6G1GR32VQlF1e941B3IGQlV8ljBFu4DOk9Ox/sReHgO/zO/v69fH6J+TN5Erhey7
Dl7utFjYo8C3I3N52hPVI8OJEbCxhOzAW6FhLdMb5c8jVq3zilXIFY0jawIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFIybpgLDB9S96XW6515i2AZJAijAMB8GA1UdIwQY
MBaAFF8foG1dutpD3kT05LHclJK7KHydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHgtZ2JWMjYya1BlUlBUa3NkeVVrcnNvZkowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84NDdkMTctYmE3Yy00ZWFlLTlkNTUt
MjU4NDZkNTlmZDYwLzEvakp1bUFzTUgxTDNwZGJyblhtTFlCa2tDS01BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84NDdkMTctYmE3Yy00ZWFlLTlkNTUtMjU4NDZkNTlmZDYw
LzEvWHgtZ2JWMjYya1BlUlBUa3NkeVVrcnNvZkowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8Egfswgfgwgd8EAgABMIHYAwQC
BbQAAwQDH6oYAwQCJd1oAwQCLQiYAwQCLQ4EAwQCLV3oAwQCLYO8AwQCLZisAwQC
UVzEAwQCUVzcAwQGVR6AAwQEXCcgAwQCXi6IAwQCXi7wAwQDgH+4AwQCjWLsAwQD
m4kYAwQEsuxAAwQCsv9wAwQCuQQIAwQCuRtgAwQCuXksAwQCubAcAwQCubogAwQC
ucXgAwQCudiYAwQCud/sAwQCufDQAwQCuffsAwQCvEIwAwQAwSLKAwQAwd1dAwQA
wd14AwQAwd17AwQAwd3bAwQBw9I0MBQEAgACMA4DBQMqAgCAAwUAKgIWEDANBgkq
hkiG9w0BAQsFAAOCAQEAT0+V2dMG8nliE/BiC/3jx7Yuiw7qjdGt/Mgu+ZCZiz2n
Mg1q7bdN2ENQCgRSEdN38wyfFoM+tXoGWrCt4y6wkuxB0bhWjUjUqYR5gHSBWnkU
ItWJSRFMQSXrWWlha6+LKZI8efiApQoJmyKYzGQly4tYLk4IShDG4La0p4Mw5ttu
PkcH4D6bKgnAcXXS11S/Ks2P1KG36RO1dTT3e8iUFtEUWtGpb6fxNvkiHewHwFZz
TGmE+o5cUfn5qy9/ILlwmWjRsMUD2rTB+6fccuTi9wwEewNoKjP0SsJxL8Jd6zDn
3+pMugtxZO4yWDoh7NV8VpYI30k+Xp5UIg+tKh64HA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:01 2025 by rpki-client