Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/jNSn1f5LJIaqFy7YUTDdBu3a81U.roa
File: jNSn1f5LJIaqFy7YUTDdBu3a81U.roa (raw, json)
Hash identifier: X1uFXaAYKV3SZitmZJXndQruxF4UohIsiYpN5kErNZ0=
Subject key identifier: 8C:D4:A7:D5:FE:4B:24:86:AA:17:2E:D8:51:30:DD:06:ED:DA:F3:55
Certificate issuer: /CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Certificate serial: 01891C1C6598F432B3BF5FDA0CCF706F000D
Authority key identifier: 87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/jNSn1f5LJIaqFy7YUTDdBu3a81U.roa
Signing time: Mon 03 Jul 2023 14:16:10 +0000
ROA not before: Mon 03 Jul 2023 14:16:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 192.214.192.0/19 maxlen: 24
23.90.192.0/18 maxlen: 24
185.87.100.0/22 maxlen: 24
185.20.16.0/22 maxlen: 24
185.134.156.0/22 maxlen: 24
45.133.68.0/22 maxlen: 24
79.99.160.0/21 maxlen: 24
185.133.80.0/22 maxlen: 24
92.119.232.0/22 maxlen: 24
185.197.108.0/22 maxlen: 24
5.183.248.0/22 maxlen: 24
45.89.76.0/22 maxlen: 24
45.92.180.0/22 maxlen: 24
185.48.252.0/22 maxlen: 24
45.129.218.0/24 maxlen: 24
45.129.216.0/24 maxlen: 24
185.163.136.0/22 maxlen: 24
45.129.217.0/24 maxlen: 24
185.241.140.0/22 maxlen: 24
94.154.4.0/24 maxlen: 24
88.218.12.0/22 maxlen: 24
185.191.36.0/22 maxlen: 24
185.163.212.0/22 maxlen: 24
185.86.88.0/22 maxlen: 24
45.86.96.0/22 maxlen: 24
185.163.220.0/22 maxlen: 24
185.163.228.0/22 maxlen: 24
31.204.80.0/21 maxlen: 24
94.187.128.0/19 maxlen: 24
2.59.144.0/22 maxlen: 24
185.186.88.0/22 maxlen: 24
185.169.156.0/22 maxlen: 24
185.132.64.0/22 maxlen: 24
45.142.108.0/22 maxlen: 24
185.135.176.0/22 maxlen: 24
195.216.140.0/22 maxlen: 24
168.220.128.0/19 maxlen: 24
46.18.124.0/24 maxlen: 24
46.18.125.0/24 maxlen: 24
46.18.120.0/22 maxlen: 24
46.18.126.0/23 maxlen: 24
185.254.8.0/22 maxlen: 24
185.138.116.0/22 maxlen: 24
5.10.128.0/21 maxlen: 24
45.80.252.0/22 maxlen: 24
185.98.116.0/22 maxlen: 24
45.152.16.0/22 maxlen: 24
62.192.156.0/22 maxlen: 24
2a00:41e0::/29 maxlen: 48
2a05:b780::/29 maxlen: 48
2a01:648::/29 maxlen: 48
2a00:6780::/29 maxlen: 48
2a05:c100::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:1c:65:98:f4:32:b3:bf:5f:da:0c:cf:70:6f:00:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Validity
Not Before: Jul 3 14:16:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8cd4a7d5fe4b2486aa172ed85130dd06eddaf355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:dc:e4:3c:3b:1a:f5:58:ba:c3:0f:7b:16:64:
ff:cc:e7:09:77:c3:ab:35:fe:07:60:c3:a9:de:6e:
71:fc:6b:dc:f0:aa:d6:1c:94:79:cc:34:df:bd:bf:
d4:bd:71:f2:25:f1:b7:47:8f:2a:55:41:44:f9:a5:
91:40:92:85:c4:03:a9:00:4d:76:00:2b:d3:fb:04:
c4:78:3e:d5:e2:b1:87:89:d1:dd:3a:76:6a:10:fd:
0b:4d:df:b4:d8:38:15:f4:6a:8c:17:61:e4:31:04:
ce:90:1c:19:c9:b1:74:43:3e:8a:31:da:9a:de:30:
28:b7:c5:47:d6:37:9d:ef:7c:99:8d:5c:b8:b5:2e:
e5:15:7a:6a:ed:21:be:7b:2f:b7:3d:c1:01:74:bf:
6c:ff:5f:19:91:7f:b8:62:60:02:35:a6:26:9b:c4:
9c:23:4f:54:1f:22:a5:a3:70:e6:d4:cb:2d:ad:99:
90:b2:3c:ac:bd:81:ce:d3:cb:0a:12:0f:2f:7d:ab:
38:5d:67:45:9d:7e:b1:33:75:c6:66:5a:20:85:81:
00:6d:bf:d7:57:c8:73:35:0d:80:07:90:ad:aa:11:
24:3e:55:1d:f1:20:57:03:f8:c6:96:fd:38:ea:8e:
90:1f:17:6b:18:94:d5:30:3b:2e:e2:ba:55:2d:fd:
3d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:D4:A7:D5:FE:4B:24:86:AA:17:2E:D8:51:30:DD:06:ED:DA:F3:55
X509v3 Authority Key Identifier:
keyid:87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/jNSn1f5LJIaqFy7YUTDdBu3a81U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.144.0/22
5.10.128.0/21
5.183.248.0/22
23.90.192.0/18
31.204.80.0/21
45.80.252.0/22
45.86.96.0/22
45.89.76.0/22
45.92.180.0/22
45.129.216.0-45.129.218.255
45.133.68.0/22
45.142.108.0/22
45.152.16.0/22
46.18.120.0/21
62.192.156.0/22
79.99.160.0/21
88.218.12.0/22
92.119.232.0/22
94.154.4.0/24
94.187.128.0/19
168.220.128.0/19
185.20.16.0/22
185.48.252.0/22
185.86.88.0/22
185.87.100.0/22
185.98.116.0/22
185.132.64.0/22
185.133.80.0/22
185.134.156.0/22
185.135.176.0/22
185.138.116.0/22
185.163.136.0/22
185.163.212.0/22
185.163.220.0/22
185.163.228.0/22
185.169.156.0/22
185.186.88.0/22
185.191.36.0/22
185.197.108.0/22
185.241.140.0/22
185.254.8.0/22
192.214.192.0/19
195.216.140.0/22
IPv6:
2a00:41e0::/29
2a00:6780::/29
2a01:648::/29
2a05:b780::/29
2a05:c100::/29
Signature Algorithm: sha256WithRSAEncryption
42:99:64:b1:17:2b:90:4d:81:da:0a:ae:59:00:dc:ff:c3:c1:
e5:f4:96:78:b5:8c:1d:69:44:a7:c1:35:c0:98:26:a0:27:c9:
57:48:98:a4:8d:56:4d:54:2e:03:df:6f:3f:a6:1b:a0:da:d1:
37:de:88:1a:0d:b3:35:6f:0b:76:02:f8:dc:b5:a0:8a:d8:01:
e2:2a:cb:65:46:97:ab:d0:7f:79:80:63:83:25:8d:b1:5f:56:
b9:73:f1:6a:7a:16:2e:1c:8c:29:4a:54:99:b2:cd:21:80:6c:
84:27:36:38:b8:e7:5a:eb:6e:7b:2f:3f:46:0b:7e:c0:58:a4:
9f:81:e0:7f:0e:eb:8a:a4:54:3d:42:8f:76:7c:24:79:5c:35:
5d:01:fb:17:3f:38:05:d7:a4:fa:e8:df:87:de:61:3c:b0:79:
9c:eb:9a:42:3d:87:89:f4:06:ce:67:9e:af:22:22:08:7f:ff:
68:63:39:85:f2:18:57:6e:57:61:25:c8:fd:2f:32:5d:ed:70:
92:57:85:ab:3d:cf:96:ca:05:aa:a2:ba:16:88:26:fb:b0:8e:
92:e5:22:ac:73:ab:72:d1:6c:f8:cc:0b:05:09:f3:49:00:ab:
84:36:53:d5:8e:09:dd:80:83:04:a2:61:68:16:3d:20:48:36:
57:1d:05:7f
-----BEGIN CERTIFICATE-----
MIIGNjCCBR6gAwIBAgISAYkcHGWY9DKzv1/aDM9wbwANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZDk5MDEzMTQ2N2I3N2QxMTE2MmI3OWZiZTNiMDZjYThh
YjJkMzkwHhcNMjMwNzAzMTQxNjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2Q0YTdkNWZlNGIyNDg2YWExNzJlZDg1MTMwZGQwNmVkZGFmMzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytzkPDsa9Vi6ww97FmT/zOcJd8Or
Nf4HYMOp3m5x/Gvc8KrWHJR5zDTfvb/UvXHyJfG3R48qVUFE+aWRQJKFxAOpAE12
ACvT+wTEeD7V4rGHidHdOnZqEP0LTd+02DgV9GqMF2HkMQTOkBwZybF0Qz6KMdqa
3jAot8VH1jed73yZjVy4tS7lFXpq7SG+ey+3PcEBdL9s/18ZkX+4YmACNaYmm8Sc
I09UHyKlo3Dm1MstrZmQsjysvYHO08sKEg8vfas4XWdFnX6xM3XGZloghYEAbb/X
V8hzNQ2AB5CtqhEkPlUd8SBXA/jGlv046o6QHxdrGJTVMDsu4rpVLf09bQIDAQAB
o4IDQjCCAz4wHQYDVR0OBBYEFIzUp9X+SySGqhcu2FEw3Qbt2vNVMB8GA1UdIwQY
MBaAFIfZkBMUZ7d9ERYrefvjsGyoqy05MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMt
YjhlOGIzNGRiMjkwLzEvak5TbjFmNUxKSWFxRnk3WVVURGRCdTNhODFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMtYjhlOGIzNGRiMjkw
LzEvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVgYIKwYBBQUHAQcBAf8EggFFMIIBQTCCARIEAgABMIIB
CgMEAgI7kAMEAwUKgAMEAgW3+AMEBhdawAMEAx/MUAMEAi1Q/AMEAi1WYAMEAi1Z
TAMEAi1ctDAMAwQDLYHYAwQALYHaAwQCLYVEAwQCLY5sAwQCLZgQAwQDLhJ4AwQC
PsCcAwQDT2OgAwQCWNoMAwQCXHfoAwQAXpoEAwQFXruAAwQFqNyAAwQCuRQQAwQC
uTD8AwQCuVZYAwQCuVdkAwQCuWJ0AwQCuYRAAwQCuYVQAwQCuYacAwQCuYewAwQC
uYp0AwQCuaOIAwQCuaPUAwQCuaPcAwQCuaPkAwQCuamcAwQCubpYAwQCub8kAwQC
ucVsAwQCufGMAwQCuf4IAwQFwNbAAwQCw9iMMCkEAgACMCMDBQMqAEHgAwUDKgBn
gAMFAyoBBkgDBQMqBbeAAwUDKgXBADANBgkqhkiG9w0BAQsFAAOCAQEAQplksRcr
kE2B2gquWQDc/8PB5fSWeLWMHWlEp8E1wJgmoCfJV0iYpI1WTVQuA99vP6YboNrR
N96IGg2zNW8LdgL43LWgitgB4irLZUaXq9B/eYBjgyWNsV9WuXPxanoWLhyMKUpU
mbLNIYBshCc2OLjnWutuey8/Rgt+wFikn4Hgfw7riqRUPUKPdnwkeVw1XQH7Fz84
Bdek+ujfh95hPLB5nOuaQj2HifQGzmeeryIiCH//aGM5hfIYV25XYSXI/S8yXe1w
kleFqz3PlsoFqqK6Fogm+7COkuUirHOrctFs+MwLBQnzSQCrhDZT1Y4J3YCDBKJh
aBY9IEg2Vx0Ffw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:21 2024 by rpki-client on console-fra.rpki-client.org