Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/_hg7bfkLXQt9NFKPZpjVtdcQFok.roa
File: _hg7bfkLXQt9NFKPZpjVtdcQFok.roa (raw, json)
Hash identifier: JsAeC192BDN4qBk1jwGQE/ViKR17ahc6NSofKQMrTzg=
Subject key identifier: FE:18:3B:6D:F9:0B:5D:0B:7D:34:52:8F:66:98:D5:B5:D7:10:16:89
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018EF255B317C2AAF52FA5C59753D7B5C66D
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/_hg7bfkLXQt9NFKPZpjVtdcQFok.roa
Signing time: Thu 18 Apr 2024 17:51:26 +0000
ROA not before: Thu 18 Apr 2024 17:51:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 31.41.253.0/24 maxlen: 24
45.87.124.0/24 maxlen: 24
45.87.125.0/24 maxlen: 24
45.87.127.0/24 maxlen: 24
45.128.124.0/24 maxlen: 24
45.128.128.0/24 maxlen: 24
45.129.198.0/24 maxlen: 24
62.3.7.0/24 maxlen: 24
62.3.31.0/24 maxlen: 24
77.72.83.0/24 maxlen: 24
77.72.84.0/24 maxlen: 24
84.252.69.0/24 maxlen: 24
88.218.184.0/24 maxlen: 24
88.218.185.0/24 maxlen: 24
88.218.186.0/24 maxlen: 24
88.218.187.0/24 maxlen: 24
91.190.158.0/24 maxlen: 24
91.209.31.0/24 maxlen: 24
91.212.169.0/24 maxlen: 24
91.228.215.0/24 maxlen: 24
91.239.212.0/24 maxlen: 24
91.239.213.0/24 maxlen: 24
146.19.120.0/24 maxlen: 24
146.255.186.0/24 maxlen: 24
176.116.17.0/24 maxlen: 24
176.126.102.0/24 maxlen: 24
185.128.224.0/24 maxlen: 24
185.209.50.0/24 maxlen: 24
185.211.168.0/24 maxlen: 24
185.211.171.0/24 maxlen: 24
185.214.164.0/24 maxlen: 24
185.214.165.0/24 maxlen: 24
185.214.167.0/24 maxlen: 24
193.0.62.0/24 maxlen: 24
193.228.129.0/24 maxlen: 24
194.59.222.0/24 maxlen: 24
194.60.76.0/24 maxlen: 24
195.64.103.0/24 maxlen: 24
212.107.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Aug 2024 11:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f2:55:b3:17:c2:aa:f5:2f:a5:c5:97:53:d7:b5:c6:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 18 17:51:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe183b6df90b5d0b7d34528f6698d5b5d7101689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ca:1a:3d:20:96:f2:1f:0c:8c:83:1e:9e:60:
79:21:76:03:04:84:6c:52:e8:cc:5e:03:6c:1b:17:
ba:62:54:b3:68:05:a3:60:29:c1:52:63:af:7a:bb:
ab:31:54:ce:38:bd:74:65:f6:61:a9:d9:f0:0c:ae:
1b:34:b9:79:01:a9:37:e1:3e:d9:cb:7b:5e:fa:2b:
a8:59:50:6a:02:55:99:c7:09:c9:e9:3f:36:54:11:
c0:f1:0b:50:4d:c0:a7:65:0b:c5:f4:3f:a4:a0:74:
29:62:9e:67:29:77:10:30:59:c2:f1:3a:ea:5e:c9:
59:10:67:38:5f:c6:d2:d0:9b:bb:9a:43:ab:1a:59:
fe:72:3d:d3:48:3b:21:ff:2a:5b:fd:1a:e1:13:d5:
d4:dc:be:4a:4f:8e:64:c3:a3:88:34:00:0b:31:a7:
72:13:a8:a5:b0:33:10:55:53:41:3d:38:43:5d:48:
c5:49:14:ac:8e:3c:2c:58:68:14:cb:d7:5d:fe:5d:
35:d3:c6:30:98:04:7c:35:b4:11:a5:b1:28:5e:67:
c8:57:e0:60:1c:85:30:5f:fa:b0:38:14:dd:29:c8:
1a:56:84:df:98:d5:8e:24:26:22:41:58:32:c9:22:
ec:67:bd:35:e9:c5:97:04:f2:6a:5a:bb:fb:5c:bf:
f3:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:18:3B:6D:F9:0B:5D:0B:7D:34:52:8F:66:98:D5:B5:D7:10:16:89
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/_hg7bfkLXQt9NFKPZpjVtdcQFok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.253.0/24
45.87.124.0/23
45.87.127.0/24
45.128.124.0/24
45.128.128.0/24
45.129.198.0/24
62.3.7.0/24
62.3.31.0/24
77.72.83.0-77.72.84.255
84.252.69.0/24
88.218.184.0/22
91.190.158.0/24
91.209.31.0/24
91.212.169.0/24
91.228.215.0/24
91.239.212.0/23
146.19.120.0/24
146.255.186.0/24
176.116.17.0/24
176.126.102.0/24
185.128.224.0/24
185.209.50.0/24
185.211.168.0/24
185.211.171.0/24
185.214.164.0/23
185.214.167.0/24
193.0.62.0/24
193.228.129.0/24
194.59.222.0/24
194.60.76.0/24
195.64.103.0/24
212.107.25.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:14:ed:9d:36:d0:21:3d:67:e5:0c:57:f8:24:69:31:4f:4f:
b1:08:39:f2:6a:fd:68:0e:64:73:0e:e1:f2:3f:b4:28:99:5e:
fd:0c:d9:d5:2d:fc:41:97:f3:94:eb:a5:21:05:f7:e6:30:b9:
3c:f5:74:93:af:e3:8a:7c:b3:40:9b:f5:19:38:5d:ee:94:fb:
e3:c3:ae:54:c7:12:f3:46:0a:0c:f5:88:d6:2f:a0:8a:84:17:
97:0e:df:0f:74:dc:2d:31:08:da:c0:33:6c:8d:2b:19:ba:7b:
71:ea:41:eb:cb:57:6b:09:d1:92:92:0c:b4:db:78:6b:68:31:
bd:93:12:7d:e3:bb:9c:7b:22:74:ef:93:2d:e1:be:78:dc:54:
fb:3e:b9:b9:29:b4:ed:09:6a:57:3b:57:81:20:61:34:51:f6:
4a:8b:39:0e:58:9e:72:9a:77:25:4d:c7:26:d2:12:2a:58:3a:
b0:97:6e:20:f8:28:9a:0d:10:ae:cd:a9:23:8d:dd:7e:2d:4b:
58:69:b6:47:d6:37:79:7d:e5:b4:a5:aa:43:41:db:d6:3f:98:
d3:95:d8:73:62:47:bd:05:2f:69:2d:48:5c:03:fd:77:a6:dd:
0c:ba:90:bc:22:38:85:87:3e:32:40:b5:16:32:25:d1:e3:b0:
2d:04:cc:d7
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAY7yVbMXwqr1L6XFl1PXtcZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDE4MTc1MTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTE4M2I2ZGY5MGI1ZDBiN2QzNDUyOGY2Njk4ZDViNWQ3MTAxNjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsoaPSCW8h8MjIMenmB5IXYDBIRs
UujMXgNsGxe6YlSzaAWjYCnBUmOverurMVTOOL10ZfZhqdnwDK4bNLl5Aak34T7Z
y3te+iuoWVBqAlWZxwnJ6T82VBHA8QtQTcCnZQvF9D+koHQpYp5nKXcQMFnC8Trq
XslZEGc4X8bS0Ju7mkOrGln+cj3TSDsh/ypb/RrhE9XU3L5KT45kw6OINAALMady
E6ilsDMQVVNBPThDXUjFSRSsjjwsWGgUy9dd/l0108YwmAR8NbQRpbEoXmfIV+Bg
HIUwX/qwOBTdKcgaVoTfmNWOJCYiQVgyySLsZ7016cWXBPJqWrv7XL/zMQIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFP4YO235C10LfTRSj2aY1bXXEBaJMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvX2hnN2Jma0xYUXQ5TkZLUFpwalZ0ZGNRRm9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgDBAAf
Kf0DBAEtV3wDBAAtV38DBAAtgHwDBAAtgIADBAAtgcYDBAA+AwcDBAA+Ax8wDAME
AE1IUwMEAE1IVAMEAFT8RQMEAljauAMEAFu+ngMEAFvRHwMEAFvUqQMEAFvk1wME
AVvv1AMEAJITeAMEAJL/ugMEALB0EQMEALB+ZgMEALmA4AMEALnRMgMEALnTqAME
ALnTqwMEAbnWpAMEALnWpwMEAMEAPgMEAMHkgQMEAMI73gMEAMI8TAMEAMNAZwME
ANRrGTANBgkqhkiG9w0BAQsFAAOCAQEAbxTtnTbQIT1n5QxX+CRpMU9PsQg58mr9
aA5kcw7h8j+0KJle/QzZ1S38QZfzlOulIQX35jC5PPV0k6/jinyzQJv1GThd7pT7
48OuVMcS80YKDPWI1i+gioQXlw7fD3TcLTEI2sAzbI0rGbp7cepB68tXawnRkpIM
tNt4a2gxvZMSfeO7nHsidO+TLeG+eNxU+z65uSm07QlqVztXgSBhNFH2Sos5Dlie
cpp3JU3HJtISKlg6sJduIPgomg0Qrs2pI43dfi1LWGm2R9Y3eX3ltKWqQ0Hb1j+Y
05XYc2JHvQUvaS1IXAP9d6bdDLqQvCI4hYc+MkC1FjIl0eOwLQTM1w==
-----END CERTIFICATE-----
Generated at Mon Aug 5 15:20:46 2024 by rpki-client on console-ams.rpki-client.org