Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/ihQ_Yh4BsXypcfhFLL3w4drso2I.roa
File: ihQ_Yh4BsXypcfhFLL3w4drso2I.roa (raw, json)
Hash identifier: 2mccEjMV1Q18Z0ktSRE0Mq9J6K86VJ2cXMllG00nwbU=
Subject key identifier: 8A:14:3F:62:1E:01:B1:7C:A9:71:F8:45:2C:BD:F0:E1:DA:EC:A3:62
Certificate issuer: /CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Certificate serial: 0191130119A2C65BC80766CF1D822D9758E8
Authority key identifier: 87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/ihQ_Yh4BsXypcfhFLL3w4drso2I.roa
Signing time: Fri 02 Aug 2024 12:12:04 +0000
ROA not before: Fri 02 Aug 2024 12:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16347
IP address blocks: 2.59.144.0/22 maxlen: 22
5.10.128.0/21 maxlen: 21
5.183.248.0/22 maxlen: 22
23.90.192.0/18 maxlen: 18
31.204.80.0/21 maxlen: 21
45.80.252.0/22 maxlen: 22
45.86.96.0/22 maxlen: 22
45.89.76.0/22 maxlen: 22
45.92.180.0/22 maxlen: 22
45.129.216.0/24 maxlen: 24
45.129.217.0/24 maxlen: 24
45.129.218.0/24 maxlen: 24
45.133.68.0/22 maxlen: 22
45.142.108.0/22 maxlen: 22
45.152.16.0/22 maxlen: 22
46.18.120.0/22 maxlen: 22
46.18.124.0/24 maxlen: 24
46.18.125.0/24 maxlen: 24
46.18.126.0/23 maxlen: 23
62.192.156.0/22 maxlen: 22
79.99.160.0/21 maxlen: 21
88.218.12.0/22 maxlen: 22
92.119.232.0/22 maxlen: 22
94.154.4.0/24 maxlen: 24
94.187.128.0/19 maxlen: 19
168.220.128.0/19 maxlen: 19
185.20.16.0/22 maxlen: 22
185.48.252.0/22 maxlen: 22
185.86.88.0/22 maxlen: 22
185.87.100.0/22 maxlen: 22
185.98.116.0/22 maxlen: 22
185.132.64.0/22 maxlen: 22
185.133.80.0/22 maxlen: 22
185.134.156.0/22 maxlen: 22
185.135.176.0/22 maxlen: 22
185.138.116.0/22 maxlen: 22
185.163.136.0/22 maxlen: 22
185.163.212.0/22 maxlen: 22
185.163.220.0/22 maxlen: 22
185.163.228.0/22 maxlen: 22
185.169.156.0/22 maxlen: 22
185.186.88.0/22 maxlen: 22
185.191.36.0/22 maxlen: 22
185.197.108.0/22 maxlen: 22
185.241.140.0/22 maxlen: 22
185.254.8.0/22 maxlen: 22
192.214.192.0/19 maxlen: 19
195.216.140.0/22 maxlen: 22
2a00:41e0::/29 maxlen: 29
2a00:6780::/29 maxlen: 32
2a00:6780::/32 maxlen: 32
2a01:648::/29 maxlen: 29
2a05:b780::/29 maxlen: 29
2a05:c100::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 22 Oct 2024 06:56:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:13:01:19:a2:c6:5b:c8:07:66:cf:1d:82:2d:97:58:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Validity
Not Before: Aug 2 12:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a143f621e01b17ca971f8452cbdf0e1daeca362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:dd:3c:0f:ed:fe:4c:95:3d:d4:82:c4:b8:e9:
1a:fe:8c:77:d7:c0:7a:77:81:ea:00:8e:e9:80:89:
10:66:40:a2:1e:a8:16:34:0a:04:7b:0f:a8:5c:27:
b7:a8:6d:d9:03:0c:f9:f1:9d:28:1c:b2:75:60:21:
26:6e:5c:24:b2:b6:7e:7b:43:3f:47:66:f9:53:b9:
8f:bc:ce:bc:27:ea:65:cd:1c:a4:ee:77:09:71:4b:
55:bb:6b:a0:ce:1e:28:73:70:3a:db:89:9e:d0:f0:
bf:71:8e:80:f4:1b:e9:63:d1:03:7f:37:74:28:40:
db:b4:94:6c:b2:c0:c2:01:ae:b7:10:7a:c1:19:3d:
88:01:19:59:5e:d8:ca:e6:5a:68:c8:85:33:f7:db:
60:20:76:af:c8:76:48:a7:d4:c7:ef:25:c1:86:fc:
ff:2b:a9:29:6c:2a:40:f7:e1:ae:68:91:2b:ff:90:
9e:c1:3a:72:58:c3:ef:77:09:c2:25:80:e1:b8:29:
69:57:1c:f1:5d:7d:ce:0f:58:ef:6e:8b:8d:2c:87:
17:6a:49:13:52:4d:07:99:e0:1f:7b:ef:3a:2a:c8:
cb:24:c4:1a:54:2a:b0:32:aa:09:3b:41:74:98:e1:
3c:5d:ab:63:b1:7b:aa:05:c4:74:72:4f:37:6f:ab:
13:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:14:3F:62:1E:01:B1:7C:A9:71:F8:45:2C:BD:F0:E1:DA:EC:A3:62
X509v3 Authority Key Identifier:
keyid:87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/ihQ_Yh4BsXypcfhFLL3w4drso2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.144.0/22
5.10.128.0/21
5.183.248.0/22
23.90.192.0/18
31.204.80.0/21
45.80.252.0/22
45.86.96.0/22
45.89.76.0/22
45.92.180.0/22
45.129.216.0-45.129.218.255
45.133.68.0/22
45.142.108.0/22
45.152.16.0/22
46.18.120.0/21
62.192.156.0/22
79.99.160.0/21
88.218.12.0/22
92.119.232.0/22
94.154.4.0/24
94.187.128.0/19
168.220.128.0/19
185.20.16.0/22
185.48.252.0/22
185.86.88.0/22
185.87.100.0/22
185.98.116.0/22
185.132.64.0/22
185.133.80.0/22
185.134.156.0/22
185.135.176.0/22
185.138.116.0/22
185.163.136.0/22
185.163.212.0/22
185.163.220.0/22
185.163.228.0/22
185.169.156.0/22
185.186.88.0/22
185.191.36.0/22
185.197.108.0/22
185.241.140.0/22
185.254.8.0/22
192.214.192.0/19
195.216.140.0/22
IPv6:
2a00:41e0::/29
2a00:6780::/29
2a01:648::/29
2a05:b780::/29
2a05:c100::/29
Signature Algorithm: sha256WithRSAEncryption
a0:18:f2:6d:96:4f:0b:9a:35:d5:2e:86:03:48:d8:8b:75:ea:
89:04:83:df:e8:29:5b:df:93:3c:80:96:fd:21:66:20:dd:32:
74:b0:2d:ca:62:1c:66:65:e1:d7:10:f9:9b:0b:7e:f5:ad:94:
a8:e0:28:1a:94:c6:8e:bf:d9:95:c0:e1:66:30:47:73:19:e9:
a1:6f:e5:c1:3e:bc:65:0e:93:d3:a8:ea:01:aa:5e:fe:5f:53:
4b:6b:17:f4:3d:48:18:f7:72:19:8f:15:32:bc:a3:0c:a4:64:
5c:5a:e9:f2:2a:76:21:c0:ff:51:80:48:54:1f:f2:07:0e:3b:
64:82:19:42:95:37:a2:a0:81:e5:f0:70:4c:33:ac:85:91:bd:
42:2a:f1:fb:d0:25:f2:61:db:fe:2d:e1:38:05:37:92:12:e8:
b2:47:a7:6f:72:63:b3:47:8d:c5:e5:d8:19:0e:8a:f0:c4:7c:
8f:b2:e1:9e:19:4b:25:39:d0:e9:3f:85:42:2e:b3:35:a3:56:
a3:1c:8d:3b:e7:2f:7a:e5:90:67:0a:1b:63:e0:69:d1:e8:b5:
4d:80:46:d5:cb:63:4b:53:78:f1:a5:98:69:40:3c:d8:26:28:
63:05:ae:42:b5:55:ee:83:1a:26:82:5a:8f:20:4c:94:3c:1b:
e3:b7:d2:41
-----BEGIN CERTIFICATE-----
MIIGNjCCBR6gAwIBAgISAZETARmixlvIB2bPHYItl1joMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZDk5MDEzMTQ2N2I3N2QxMTE2MmI3OWZiZTNiMDZjYThh
YjJkMzkwHhcNMjQwODAyMTIxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTE0M2Y2MjFlMDFiMTdjYTk3MWY4NDUyY2JkZjBlMWRhZWNhMzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmN08D+3+TJU91ILEuOka/ox318B6
d4HqAI7pgIkQZkCiHqgWNAoEew+oXCe3qG3ZAwz58Z0oHLJ1YCEmblwksrZ+e0M/
R2b5U7mPvM68J+plzRyk7ncJcUtVu2ugzh4oc3A624me0PC/cY6A9BvpY9EDfzd0
KEDbtJRsssDCAa63EHrBGT2IARlZXtjK5lpoyIUz99tgIHavyHZIp9TH7yXBhvz/
K6kpbCpA9+GuaJEr/5CewTpyWMPvdwnCJYDhuClpVxzxXX3OD1jvbouNLIcXakkT
Uk0HmeAfe+86KsjLJMQaVCqwMqoJO0F0mOE8XatjsXuqBcR0ck83b6sTYwIDAQAB
o4IDQjCCAz4wHQYDVR0OBBYEFIoUP2IeAbF8qXH4RSy98OHa7KNiMB8GA1UdIwQY
MBaAFIfZkBMUZ7d9ERYrefvjsGyoqy05MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMt
YjhlOGIzNGRiMjkwLzEvaWhRX1loNEJzWHlwY2ZoRkxMM3c0ZHJzbzJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMtYjhlOGIzNGRiMjkw
LzEvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVgYIKwYBBQUHAQcBAf8EggFFMIIBQTCCARIEAgABMIIB
CgMEAgI7kAMEAwUKgAMEAgW3+AMEBhdawAMEAx/MUAMEAi1Q/AMEAi1WYAMEAi1Z
TAMEAi1ctDAMAwQDLYHYAwQALYHaAwQCLYVEAwQCLY5sAwQCLZgQAwQDLhJ4AwQC
PsCcAwQDT2OgAwQCWNoMAwQCXHfoAwQAXpoEAwQFXruAAwQFqNyAAwQCuRQQAwQC
uTD8AwQCuVZYAwQCuVdkAwQCuWJ0AwQCuYRAAwQCuYVQAwQCuYacAwQCuYewAwQC
uYp0AwQCuaOIAwQCuaPUAwQCuaPcAwQCuaPkAwQCuamcAwQCubpYAwQCub8kAwQC
ucVsAwQCufGMAwQCuf4IAwQFwNbAAwQCw9iMMCkEAgACMCMDBQMqAEHgAwUDKgBn
gAMFAyoBBkgDBQMqBbeAAwUDKgXBADANBgkqhkiG9w0BAQsFAAOCAQEAoBjybZZP
C5o11S6GA0jYi3XqiQSD3+gpW9+TPICW/SFmIN0ydLAtymIcZmXh1xD5mwt+9a2U
qOAoGpTGjr/ZlcDhZjBHcxnpoW/lwT68ZQ6T06jqAape/l9TS2sX9D1IGPdyGY8V
MryjDKRkXFrp8ip2IcD/UYBIVB/yBw47ZIIZQpU3oqCB5fBwTDOshZG9Qirx+9Al
8mHb/i3hOAU3khLoskenb3Jjs0eNxeXYGQ6K8MR8j7LhnhlLJTnQ6T+FQi6zNaNW
oxyNO+cveuWQZwobY+Bp0ei1TYBG1ctjS1N48aWYaUA82CYoYwWuQrVV7oMaJoJa
jyBMlDwb47fSQQ==
-----END CERTIFICATE-----
Generated at Tue Oct 22 08:44:36 2024 by rpki-client on console-ams.rpki-client.org