Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/DRJlLCuoznnLiiE0zUdzJh9KRxU.roa
File: DRJlLCuoznnLiiE0zUdzJh9KRxU.roa (raw, json)
Hash identifier: QwjCvnc8VbWCyoy4SrRc8bt7evfypCxCUog2lM6Q2hQ=
Subject key identifier: 0D:12:65:2C:2B:A8:CE:79:CB:8A:21:34:CD:47:73:26:1F:4A:47:15
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019131828D234F3B689152D652A10194289D
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/DRJlLCuoznnLiiE0zUdzJh9KRxU.roa
Signing time: Thu 08 Aug 2024 10:22:04 +0000
ROA not before: Thu 08 Aug 2024 10:22:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 5.42.218.0/24 maxlen: 24
31.41.253.0/24 maxlen: 24
45.87.124.0/24 maxlen: 24
45.87.125.0/24 maxlen: 24
45.87.127.0/24 maxlen: 24
45.128.124.0/24 maxlen: 24
45.128.128.0/24 maxlen: 24
45.129.198.0/24 maxlen: 24
62.3.7.0/24 maxlen: 24
62.3.31.0/24 maxlen: 24
77.72.83.0/24 maxlen: 24
77.72.84.0/24 maxlen: 24
84.252.69.0/24 maxlen: 24
88.151.112.0/24 maxlen: 24
88.218.184.0/24 maxlen: 24
88.218.185.0/24 maxlen: 24
88.218.186.0/24 maxlen: 24
88.218.187.0/24 maxlen: 24
91.190.158.0/24 maxlen: 24
91.209.31.0/24 maxlen: 24
91.212.169.0/24 maxlen: 24
91.228.215.0/24 maxlen: 24
91.239.212.0/24 maxlen: 24
91.239.213.0/24 maxlen: 24
146.19.120.0/24 maxlen: 24
146.255.186.0/24 maxlen: 24
176.116.17.0/24 maxlen: 24
176.126.102.0/24 maxlen: 24
185.109.236.0/24 maxlen: 24
185.109.237.0/24 maxlen: 24
185.128.224.0/24 maxlen: 24
185.209.50.0/24 maxlen: 24
185.211.168.0/24 maxlen: 24
185.211.171.0/24 maxlen: 24
185.214.164.0/24 maxlen: 24
185.214.165.0/24 maxlen: 24
185.214.167.0/24 maxlen: 24
193.0.62.0/24 maxlen: 24
193.17.65.0/24 maxlen: 24
193.228.129.0/24 maxlen: 24
194.59.222.0/24 maxlen: 24
194.60.76.0/24 maxlen: 24
195.35.105.0/24 maxlen: 24
195.64.103.0/24 maxlen: 24
195.69.161.0/24 maxlen: 24
195.211.164.0/24 maxlen: 24
212.107.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Aug 2024 10:04:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:31:82:8d:23:4f:3b:68:91:52:d6:52:a1:01:94:28:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Aug 8 10:22:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d12652c2ba8ce79cb8a2134cd4773261f4a4715
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:2e:fa:c7:d4:f7:d2:9f:32:a1:83:c9:c4:38:
b9:16:d1:bb:c2:ab:ac:b9:b0:c2:b8:d7:62:c2:98:
25:0a:e9:ba:67:58:c9:62:06:e6:cd:ab:30:4b:e5:
9c:06:12:3a:3a:15:7d:15:86:97:4b:29:7d:e6:c2:
5f:2a:54:75:9b:ed:e1:8b:33:63:c2:fd:13:19:8e:
b8:7f:d3:e9:1f:2b:db:ab:8b:8d:45:f7:88:87:39:
17:54:b9:c3:5a:fb:4d:44:18:c4:4c:53:e3:96:8b:
ac:91:68:61:3f:c9:dc:f2:1e:46:fd:5c:83:ac:f7:
41:3b:17:93:0b:38:26:f6:d3:0b:d9:b5:a3:70:6b:
dd:ff:99:c9:5a:c8:b4:0f:91:4d:03:15:c6:69:97:
ee:97:d9:9d:17:06:12:f9:5c:29:5b:f4:4b:25:1e:
ab:9d:30:db:b3:7e:83:01:25:eb:dd:3e:81:8f:df:
54:f0:2c:cf:04:66:ae:12:25:b0:6b:fa:1a:d9:a7:
1b:4c:d6:51:f8:35:7c:39:11:bc:e4:13:9a:95:b6:
53:eb:fd:9e:eb:9d:68:96:dd:a9:ff:2f:23:6a:d7:
c6:d5:88:38:79:e0:29:fd:4c:23:66:77:c6:b2:40:
ec:e8:52:ce:ba:a6:72:ce:3a:7c:bf:da:08:cd:f4:
db:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:12:65:2C:2B:A8:CE:79:CB:8A:21:34:CD:47:73:26:1F:4A:47:15
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/DRJlLCuoznnLiiE0zUdzJh9KRxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.218.0/24
31.41.253.0/24
45.87.124.0/23
45.87.127.0/24
45.128.124.0/24
45.128.128.0/24
45.129.198.0/24
62.3.7.0/24
62.3.31.0/24
77.72.83.0-77.72.84.255
84.252.69.0/24
88.151.112.0/24
88.218.184.0/22
91.190.158.0/24
91.209.31.0/24
91.212.169.0/24
91.228.215.0/24
91.239.212.0/23
146.19.120.0/24
146.255.186.0/24
176.116.17.0/24
176.126.102.0/24
185.109.236.0/23
185.128.224.0/24
185.209.50.0/24
185.211.168.0/24
185.211.171.0/24
185.214.164.0/23
185.214.167.0/24
193.0.62.0/24
193.17.65.0/24
193.228.129.0/24
194.59.222.0/24
194.60.76.0/24
195.35.105.0/24
195.64.103.0/24
195.69.161.0/24
195.211.164.0/24
212.107.25.0/24
Signature Algorithm: sha256WithRSAEncryption
43:ef:4e:15:d4:f8:30:ab:19:f3:ea:cb:ca:05:ae:21:ef:a7:
2b:e9:43:bb:23:9b:f6:50:04:7f:f0:e4:42:1e:96:3f:3c:df:
56:9a:fe:ec:0e:08:03:6b:0a:da:0b:d1:b2:a2:48:db:da:dd:
47:be:c1:cd:7b:b7:61:e5:8f:10:ff:6e:46:80:9b:14:be:94:
98:bc:9c:67:d8:bb:17:83:1e:47:19:90:d1:66:55:47:7d:d9:
9d:a5:21:99:8d:da:05:0c:29:d2:7d:e4:90:8e:fd:19:0c:d3:
3f:5b:f0:32:63:cd:34:e7:e3:a8:c7:e8:44:cf:78:79:17:bf:
bf:ea:99:80:83:34:e8:b9:d7:7b:df:28:07:4e:ec:9c:8e:8f:
09:ce:33:31:b1:66:06:78:39:e0:c7:08:be:29:72:a1:02:1f:
44:f8:34:ae:7e:da:24:ac:3e:26:e1:6e:4a:d0:9d:c3:57:6e:
52:c7:5f:9a:82:8e:6f:13:a6:fa:29:9d:16:43:14:6e:cc:d8:
cc:83:5f:91:49:7a:d6:e4:e6:3e:2a:55:8c:f3:b4:05:ce:75:
ec:f7:9a:b0:50:c0:6f:ef:34:ae:82:df:2d:b4:65:c0:11:3d:
1f:41:41:57:a7:ea:80:09:c6:3c:86:2a:c9:b8:bb:ad:58:49:
8b:1a:1e:92
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgISAZExgo0jTztokVLWUqEBlCidMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwODA4MTAyMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDEyNjUyYzJiYThjZTc5Y2I4YTIxMzRjZDQ3NzMyNjFmNGE0NzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0y76x9T30p8yoYPJxDi5FtG7wqus
ubDCuNdiwpglCum6Z1jJYgbmzaswS+WcBhI6OhV9FYaXSyl95sJfKlR1m+3hizNj
wv0TGY64f9PpHyvbq4uNRfeIhzkXVLnDWvtNRBjETFPjlouskWhhP8nc8h5G/VyD
rPdBOxeTCzgm9tML2bWjcGvd/5nJWsi0D5FNAxXGaZful9mdFwYS+VwpW/RLJR6r
nTDbs36DASXr3T6Bj99U8CzPBGauEiWwa/oa2acbTNZR+DV8ORG85BOalbZT6/2e
651olt2p/y8jatfG1Yg4eeAp/UwjZnfGskDs6FLOuqZyzjp8v9oIzfTbWwIDAQAB
o4IC+zCCAvcwHQYDVR0OBBYEFA0SZSwrqM55y4ohNM1HcyYfSkcVMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvRFJKbExDdW96bm5MaWlFMHpVZHpKaDlLUnhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDwYIKwYBBQUHAQcBAf8Egf8wgfwwgfkEAgABMIHyAwQA
BSraAwQAHyn9AwQBLVd8AwQALVd/AwQALYB8AwQALYCAAwQALYHGAwQAPgMHAwQA
PgMfMAwDBABNSFMDBABNSFQDBABU/EUDBABYl3ADBAJY2rgDBABbvp4DBABb0R8D
BABb1KkDBABb5NcDBAFb79QDBACSE3gDBACS/7oDBACwdBEDBACwfmYDBAG5bewD
BAC5gOADBAC50TIDBAC506gDBAC506sDBAG51qQDBAC51qcDBADBAD4DBADBEUED
BADB5IEDBADCO94DBADCPEwDBADDI2kDBADDQGcDBADDRaEDBADD06QDBADUaxkw
DQYJKoZIhvcNAQELBQADggEBAEPvThXU+DCrGfPqy8oFriHvpyvpQ7sjm/ZQBH/w
5EIelj8831aa/uwOCANrCtoL0bKiSNva3Ue+wc17t2HljxD/bkaAmxS+lJi8nGfY
uxeDHkcZkNFmVUd92Z2lIZmN2gUMKdJ95JCO/RkM0z9b8DJjzTTn46jH6ETPeHkX
v7/qmYCDNOi513vfKAdO7JyOjwnOMzGxZgZ4OeDHCL4pcqECH0T4NK5+2iSsPibh
bkrQncNXblLHX5qCjm8TpvopnRZDFG7M2MyDX5FJetbk5j4qVYzztAXOdez3mrBQ
wG/vNK6C3y20ZcARPR9BQVen6oAJxjyGKsm4u61YSYsaHpI=
-----END CERTIFICATE-----
Generated at Fri Aug 9 12:13:07 2024 by rpki-client on console-fra.rpki-client.org