Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/JU21uv0bk-6TW4Ax1UF9x-g9xks.roa
File: JU21uv0bk-6TW4Ax1UF9x-g9xks.roa (raw, json)
Hash identifier: Q29scIUH7NQZd+WjiPkFxiubVPl5BXfJw04qmQAE0b4=
Subject key identifier: 25:4D:B5:BA:FD:1B:93:EE:93:5B:80:31:D5:41:7D:C7:E8:3D:C6:4B
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 018A560A068684A68C507E6B94661B00671E
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/JU21uv0bk-6TW4Ax1UF9x-g9xks.roa
Signing time: Sat 02 Sep 2023 13:16:52 +0000
ROA not before: Sat 02 Sep 2023 13:16:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48309
IP address blocks: 37.191.92.0/22 maxlen: 24
37.191.64.0/22 maxlen: 22
37.191.68.0/22 maxlen: 22
37.191.74.0/24 maxlen: 24
37.191.72.0/22 maxlen: 22
37.191.76.0/22 maxlen: 22
37.191.80.0/21 maxlen: 24
37.191.88.0/22 maxlen: 22
188.136.161.0/24 maxlen: 24
188.136.163.0/24 maxlen: 24
188.136.165.0/24 maxlen: 24
188.136.160.0/24 maxlen: 24
188.136.162.0/24 maxlen: 24
188.136.164.0/24 maxlen: 24
188.136.166.0/24 maxlen: 24
188.136.167.0/24 maxlen: 24
188.136.169.0/24 maxlen: 24
188.136.171.0/24 maxlen: 24
188.136.168.0/24 maxlen: 24
188.136.170.0/24 maxlen: 24
188.136.172.0/24 maxlen: 24
188.136.173.0/24 maxlen: 24
188.136.175.0/24 maxlen: 24
188.136.176.0/21 maxlen: 21
188.136.174.0/24 maxlen: 24
188.136.185.0/24 maxlen: 24
188.136.184.0/24 maxlen: 24
188.136.186.0/24 maxlen: 24
188.136.192.0/23 maxlen: 23
188.136.187.0/24 maxlen: 24
188.136.188.0/24 maxlen: 24
188.136.190.0/24 maxlen: 24
188.136.189.0/24 maxlen: 24
188.136.191.0/24 maxlen: 24
188.136.194.0/24 maxlen: 24
188.136.196.0/24 maxlen: 24
188.136.196.0/22 maxlen: 22
188.136.195.0/24 maxlen: 24
188.136.200.0/24 maxlen: 24
188.136.202.0/24 maxlen: 24
188.136.204.0/24 maxlen: 24
188.136.206.0/24 maxlen: 24
188.136.201.0/24 maxlen: 24
188.136.203.0/24 maxlen: 24
188.136.205.0/24 maxlen: 24
188.136.208.0/24 maxlen: 24
188.136.210.0/24 maxlen: 24
188.136.212.0/24 maxlen: 24
188.136.207.0/24 maxlen: 24
188.136.209.0/24 maxlen: 24
188.136.211.0/24 maxlen: 24
188.136.213.0/24 maxlen: 24
188.136.129.0/24 maxlen: 24
188.136.131.0/24 maxlen: 24
188.136.128.0/24 maxlen: 24
188.136.130.0/24 maxlen: 24
188.136.132.0/24 maxlen: 24
188.136.133.0/24 maxlen: 24
188.136.135.0/24 maxlen: 24
188.136.134.0/24 maxlen: 24
188.136.141.0/24 maxlen: 24
188.136.143.0/24 maxlen: 24
188.136.145.0/24 maxlen: 24
188.136.144.0/22 maxlen: 22
188.136.140.0/24 maxlen: 24
188.136.142.0/24 maxlen: 24
188.136.144.0/24 maxlen: 24
31.25.104.0/22 maxlen: 22
188.136.149.0/24 maxlen: 24
188.136.147.0/24 maxlen: 24
188.136.151.0/24 maxlen: 24
31.25.108.0/24 maxlen: 24
31.25.110.0/23 maxlen: 23
188.136.146.0/24 maxlen: 24
188.136.150.0/24 maxlen: 24
188.136.152.0/24 maxlen: 24
31.25.109.0/24 maxlen: 24
188.136.153.0/24 maxlen: 24
188.136.155.0/24 maxlen: 24
188.136.157.0/24 maxlen: 24
188.136.159.0/24 maxlen: 24
188.136.154.0/24 maxlen: 24
188.136.156.0/24 maxlen: 24
188.136.158.0/24 maxlen: 24
188.136.214.0/24 maxlen: 24
188.136.216.0/22 maxlen: 22
188.136.215.0/24 maxlen: 24
188.136.222.0/24 maxlen: 24
188.136.223.0/24 maxlen: 24
185.85.68.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 04 Dec 2023 11:31:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:56:0a:06:86:84:a6:8c:50:7e:6b:94:66:1b:00:67:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Sep 2 13:16:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=254db5bafd1b93ee935b8031d5417dc7e83dc64b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d2:9e:d3:fa:36:c9:d2:00:02:cf:00:d3:93:
76:fa:37:5a:81:b8:28:bf:bd:6c:15:dc:9a:22:d1:
9b:d3:0b:b7:fc:01:b2:b6:69:ad:86:bd:f7:67:a1:
00:89:6c:79:0c:27:91:9a:c3:29:75:4d:aa:58:cf:
97:96:af:22:df:d6:2b:66:98:49:db:33:35:ac:02:
b1:38:ae:b4:64:e7:7e:1b:5a:23:d2:95:4c:a0:49:
90:42:3c:f9:a0:ed:e5:37:2a:c6:8f:37:0d:c8:e1:
63:21:18:08:2d:f0:7d:f9:ce:cb:92:74:73:ca:17:
95:20:b6:b2:37:92:c2:a1:f3:5d:82:9b:51:ee:2d:
25:53:10:e5:2b:7a:61:2d:9d:cb:2d:b5:ef:ab:30:
aa:4b:68:a6:d0:db:4c:32:2f:eb:9f:79:58:f1:f7:
82:73:db:87:69:7f:8f:95:a3:86:00:55:c5:36:fc:
34:13:48:7e:c0:a5:3c:74:5d:a0:5d:28:50:94:23:
ec:46:77:ce:8c:7f:1f:44:79:64:53:f5:e1:0c:61:
be:f4:df:48:62:17:75:f1:3f:67:f7:d2:a6:67:0a:
e9:41:db:8a:cd:de:1b:ac:71:52:91:49:1c:5d:92:
d9:88:d1:6d:01:7b:92:6d:1c:16:47:73:ba:00:e3:
80:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:4D:B5:BA:FD:1B:93:EE:93:5B:80:31:D5:41:7D:C7:E8:3D:C6:4B
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/JU21uv0bk-6TW4Ax1UF9x-g9xks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.104.0/21
37.191.64.0/19
185.85.68.0/22
188.136.128.0/21
188.136.140.0-188.136.147.255
188.136.149.0-188.136.219.255
188.136.222.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:bc:1f:07:9b:bf:59:3a:67:e7:4a:1d:88:70:b8:d6:84:1d:
11:b8:6a:6d:ec:60:0d:e4:3e:af:a9:8b:f5:5b:c6:98:8b:1a:
b7:10:4a:97:bf:00:e2:09:8a:9a:ad:1e:21:47:31:71:80:c6:
c9:e4:40:55:e5:b1:82:fe:e0:63:7f:3c:2d:35:14:0b:cf:9d:
2a:76:04:ef:9f:12:32:93:3f:fc:cb:24:8f:9e:7b:61:f7:56:
33:bd:6a:90:72:5d:b7:13:15:10:36:dc:00:c4:50:88:9f:54:
2f:1c:d2:d8:6c:b3:a8:92:34:29:9b:41:cb:32:3d:33:51:d1:
91:34:4f:e5:2d:89:e6:44:93:29:61:7a:f7:4e:de:ed:5f:5b:
b5:f2:98:82:1c:8f:e6:31:22:57:78:98:d6:9e:8f:94:5e:26:
17:57:c5:fc:10:0e:7d:5b:74:b3:b5:b2:88:e1:62:cc:d5:cf:
84:2a:7c:3d:bf:7d:f0:95:df:0f:53:9f:4a:66:9a:83:b0:56:
97:ae:4a:d5:1d:96:d4:58:1c:aa:92:b9:3f:4a:b8:30:0e:a7:
ca:d2:6d:43:01:d4:bf:f6:aa:c6:07:07:1e:43:d4:8d:70:f0:
6d:a2:88:84:c5:e3:f2:58:1f:18:51:37:8b:69:a5:f2:ed:ad:
e8:bd:7a:34
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYpWCgaGhKaMUH5rlGYbAGceMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjMwOTAyMTMxNjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTRkYjViYWZkMWI5M2VlOTM1YjgwMzFkNTQxN2RjN2U4M2RjNjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtKe0/o2ydIAAs8A05N2+jdagbgo
v71sFdyaItGb0wu3/AGytmmthr33Z6EAiWx5DCeRmsMpdU2qWM+Xlq8i39YrZphJ
2zM1rAKxOK60ZOd+G1oj0pVMoEmQQjz5oO3lNyrGjzcNyOFjIRgILfB9+c7LknRz
yheVILayN5LCofNdgptR7i0lUxDlK3phLZ3LLbXvqzCqS2im0NtMMi/rn3lY8feC
c9uHaX+PlaOGAFXFNvw0E0h+wKU8dF2gXShQlCPsRnfOjH8fRHlkU/XhDGG+9N9I
Yhd18T9n99KmZwrpQduKzd4brHFSkUkcXZLZiNFtAXuSbRwWR3O6AOOAoQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFCVNtbr9G5Puk1uAMdVBfcfoPcZLMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvSlUyMXV2MGJrLTZUVzRBeDFVRjl4LWc5eGtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQDHxloAwQF
Jb9AAwQCuVVEAwQDvIiAMAwDBAK8iIwDBAK8iJAwDAMEALyIlQMEAryI2AMEAbyI
3jANBgkqhkiG9w0BAQsFAAOCAQEAbrwfB5u/WTpn50odiHC41oQdEbhqbexgDeQ+
r6mL9VvGmIsatxBKl78A4gmKmq0eIUcxcYDGyeRAVeWxgv7gY388LTUUC8+dKnYE
758SMpM//Mskj557YfdWM71qkHJdtxMVEDbcAMRQiJ9ULxzS2GyzqJI0KZtByzI9
M1HRkTRP5S2J5kSTKWF6907e7V9btfKYghyP5jEiV3iY1p6PlF4mF1fF/BAOfVt0
s7WyiOFizNXPhCp8Pb998JXfD1OfSmaag7BWl65K1R2W1FgcqpK5P0q4MA6nytJt
QwHUv/aqxgcHHkPUjXDwbaKIhMXj8lgfGFE3i2ml8u2t6L16NA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:06 2024 by rpki-client on console-ams.rpki-client.org