Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/jfxNrmciB-kk5XUUfmrM-p0E_IE.roa
File: jfxNrmciB-kk5XUUfmrM-p0E_IE.roa (raw, json)
Hash identifier: ylHEQn4KlVMIsWkoa0Ebu4KLJEfT/NXFxl36BQSOkxM=
Subject key identifier: 8D:FC:4D:AE:67:22:07:E9:24:E5:75:14:7E:6A:CC:FA:9D:04:FC:81
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018ECC4A07FD7648DFBAAEDFC91865E9DC73
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/jfxNrmciB-kk5XUUfmrM-p0E_IE.roa
Signing time: Thu 11 Apr 2024 08:33:07 +0000
ROA not before: Thu 11 Apr 2024 08:33:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 31.41.253.0/24 maxlen: 24
45.87.124.0/24 maxlen: 24
45.87.125.0/24 maxlen: 24
45.87.127.0/24 maxlen: 24
45.128.124.0/24 maxlen: 24
45.128.128.0/24 maxlen: 24
62.3.7.0/24 maxlen: 24
62.3.31.0/24 maxlen: 24
77.72.83.0/24 maxlen: 24
77.72.84.0/24 maxlen: 24
84.252.69.0/24 maxlen: 24
88.218.184.0/24 maxlen: 24
88.218.185.0/24 maxlen: 24
88.218.186.0/24 maxlen: 24
88.218.187.0/24 maxlen: 24
91.190.158.0/24 maxlen: 24
91.209.31.0/24 maxlen: 24
91.212.169.0/24 maxlen: 24
91.228.215.0/24 maxlen: 24
91.239.212.0/24 maxlen: 24
91.239.213.0/24 maxlen: 24
146.19.120.0/24 maxlen: 24
146.255.186.0/24 maxlen: 24
176.116.17.0/24 maxlen: 24
176.126.102.0/24 maxlen: 24
185.128.224.0/24 maxlen: 24
185.209.50.0/24 maxlen: 24
185.211.171.0/24 maxlen: 24
185.214.164.0/24 maxlen: 24
185.214.165.0/24 maxlen: 24
185.214.167.0/24 maxlen: 24
193.0.62.0/24 maxlen: 24
193.228.129.0/24 maxlen: 24
194.59.222.0/24 maxlen: 24
194.60.76.0/24 maxlen: 24
195.64.103.0/24 maxlen: 24
212.107.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Apr 2024 19:59:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cc:4a:07:fd:76:48:df:ba:ae:df:c9:18:65:e9:dc:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 11 08:33:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8dfc4dae672207e924e575147e6accfa9d04fc81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:36:c4:bc:49:ab:51:30:71:14:07:2e:e8:34:
99:16:77:49:ab:10:18:04:c0:74:16:5a:50:21:7e:
22:3d:17:66:59:7b:44:2b:c9:ca:8d:b8:26:ad:66:
53:3c:84:c7:11:6c:ec:e2:84:7d:f6:67:56:26:bd:
99:24:c9:28:fa:69:4a:a8:27:39:f6:e1:de:3c:37:
2d:6a:27:e6:f3:45:37:6e:fe:e4:38:02:80:2b:7e:
f3:65:dc:0d:7b:84:5e:c6:10:57:d7:ea:c6:51:1c:
8a:a2:04:00:c6:d5:b3:10:5f:ec:14:92:ec:70:fa:
d1:19:27:0f:21:88:93:df:e4:4f:72:17:54:06:99:
71:ea:34:6d:16:db:6c:73:a3:71:42:ca:83:41:a6:
b8:64:c9:63:cf:3c:86:90:2f:63:2c:f1:91:66:1a:
f1:5a:3d:e9:10:c3:1a:77:53:1d:82:ab:c6:d9:5c:
e4:f5:30:e9:50:cd:f0:5e:c9:1e:41:d1:91:96:e1:
bb:fe:5b:24:e7:a0:f9:11:fc:ea:8b:75:72:a6:b3:
e2:93:c4:8b:5d:5d:fc:4a:53:9a:e7:e0:f2:c9:ea:
db:77:7a:2a:3b:fe:36:8a:92:ca:c7:0f:c2:fe:49:
3b:6d:78:ba:1a:f6:fd:d7:0b:22:c0:73:99:1c:17:
71:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:FC:4D:AE:67:22:07:E9:24:E5:75:14:7E:6A:CC:FA:9D:04:FC:81
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/jfxNrmciB-kk5XUUfmrM-p0E_IE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.253.0/24
45.87.124.0/23
45.87.127.0/24
45.128.124.0/24
45.128.128.0/24
62.3.7.0/24
62.3.31.0/24
77.72.83.0-77.72.84.255
84.252.69.0/24
88.218.184.0/22
91.190.158.0/24
91.209.31.0/24
91.212.169.0/24
91.228.215.0/24
91.239.212.0/23
146.19.120.0/24
146.255.186.0/24
176.116.17.0/24
176.126.102.0/24
185.128.224.0/24
185.209.50.0/24
185.211.171.0/24
185.214.164.0/23
185.214.167.0/24
193.0.62.0/24
193.228.129.0/24
194.59.222.0/24
194.60.76.0/24
195.64.103.0/24
212.107.25.0/24
Signature Algorithm: sha256WithRSAEncryption
30:10:af:15:f7:f0:ae:3f:01:67:58:e4:42:24:3c:81:c9:c8:
9b:77:71:1f:1c:b4:e6:2a:4d:02:ea:93:61:23:9f:fc:d5:53:
fb:b0:bc:58:ed:0c:65:c2:88:38:b0:02:14:70:32:c4:1c:2f:
f9:e0:b0:4d:a9:cf:94:08:08:3f:27:e3:4f:1b:aa:ed:cc:71:
7f:1e:e6:df:a7:c6:4c:bd:73:12:aa:f3:90:32:59:0b:85:de:
20:30:7a:19:86:81:68:93:9f:4d:48:b8:4e:52:e9:25:2b:fc:
2a:e4:71:61:30:e7:81:8c:88:e3:4b:ff:e3:c9:e3:f2:17:ea:
1f:bf:48:74:ec:14:1f:d7:fc:63:57:7d:e1:0d:ed:a3:e5:f6:
6e:c6:e3:f2:d2:37:a9:8b:91:c3:b1:76:3b:90:30:7a:bc:13:
02:f6:8e:30:5e:05:10:18:5b:58:c0:ec:cb:7b:94:0f:4f:25:
84:69:f1:a7:17:b1:a7:37:76:a9:5e:75:ce:3f:82:23:f1:09:
a8:dd:1f:8a:37:3c:27:bd:3a:78:41:3e:52:09:ef:a8:b1:b9:
2b:3a:06:f4:44:4b:e7:e8:96:af:c6:33:46:ee:6f:3e:bb:9c:
21:39:39:0b:8d:98:8f:21:98:01:10:c4:f9:64:c3:c4:34:44:
e0:25:58:7f
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAY7MSgf9dkjfuq7fyRhl6dxzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDExMDgzMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGZjNGRhZTY3MjIwN2U5MjRlNTc1MTQ3ZTZhY2NmYTlkMDRmYzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjbEvEmrUTBxFAcu6DSZFndJqxAY
BMB0FlpQIX4iPRdmWXtEK8nKjbgmrWZTPITHEWzs4oR99mdWJr2ZJMko+mlKqCc5
9uHePDctaifm80U3bv7kOAKAK37zZdwNe4RexhBX1+rGURyKogQAxtWzEF/sFJLs
cPrRGScPIYiT3+RPchdUBplx6jRtFttsc6NxQsqDQaa4ZMljzzyGkC9jLPGRZhrx
Wj3pEMMad1MdgqvG2Vzk9TDpUM3wXskeQdGRluG7/lsk56D5Efzqi3VyprPik8SL
XV38SlOa5+Dyyerbd3oqO/42ipLKxw/C/kk7bXi6Gvb91wsiwHOZHBdx3QIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFI38Ta5nIgfpJOV1FH5qzPqdBPyBMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvamZ4TnJtY2lCLWtrNVhVVWZtck0tcDBFX0lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDBAAf
Kf0DBAEtV3wDBAAtV38DBAAtgHwDBAAtgIADBAA+AwcDBAA+Ax8wDAMEAE1IUwME
AE1IVAMEAFT8RQMEAljauAMEAFu+ngMEAFvRHwMEAFvUqQMEAFvk1wMEAVvv1AME
AJITeAMEAJL/ugMEALB0EQMEALB+ZgMEALmA4AMEALnRMgMEALnTqwMEAbnWpAME
ALnWpwMEAMEAPgMEAMHkgQMEAMI73gMEAMI8TAMEAMNAZwMEANRrGTANBgkqhkiG
9w0BAQsFAAOCAQEAMBCvFffwrj8BZ1jkQiQ8gcnIm3dxHxy05ipNAuqTYSOf/NVT
+7C8WO0MZcKIOLACFHAyxBwv+eCwTanPlAgIPyfjTxuq7cxxfx7m36fGTL1zEqrz
kDJZC4XeIDB6GYaBaJOfTUi4TlLpJSv8KuRxYTDngYyI40v/48nj8hfqH79IdOwU
H9f8Y1d94Q3to+X2bsbj8tI3qYuRw7F2O5AwerwTAvaOMF4FEBhbWMDsy3uUD08l
hGnxpxexpzd2qV51zj+CI/EJqN0fijc8J706eEE+UgnvqLG5KzoG9ERL5+iWr8Yz
Ru5vPrucITk5C42YjyGYARDE+WTDxDRE4CVYfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:08 2024 by rpki-client on console-fra.rpki-client.org