Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/DH0jAnzYPv78BAgdrWA3xq6dMrc.roa
File: DH0jAnzYPv78BAgdrWA3xq6dMrc.roa (raw, json)
Hash identifier: dbPUgFVALLt2GiogtLi+khje7J1LY/olsw+0C58DYyg=
Subject key identifier: 0C:7D:23:02:7C:D8:3E:FE:FC:04:08:1D:AD:60:37:C6:AE:9D:32:B7
Certificate issuer: /CN=24d9da4ffb1bb6d273de1bad5dbbf0d1ff47f0cf
Certificate serial: 018CCA995A18EBF5E9CE6A70430CF28F5DBA
Authority key identifier: 24:D9:DA:4F:FB:1B:B6:D2:73:DE:1B:AD:5D:BB:F0:D1:FF:47:F0:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JNnaT_sbttJz3hutXbvw0f9H8M8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/DH0jAnzYPv78BAgdrWA3xq6dMrc.roa
Signing time: Tue 02 Jan 2024 14:34:56 +0000
ROA not before: Tue 02 Jan 2024 14:34:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29256
IP address blocks: 94.252.128.0/22 maxlen: 22
94.252.132.0/22 maxlen: 22
94.252.136.0/21 maxlen: 21
94.252.144.0/20 maxlen: 20
178.52.112.0/20 maxlen: 20
178.52.128.0/20 maxlen: 20
178.52.144.0/20 maxlen: 20
188.139.208.0/20 maxlen: 20
178.52.64.0/20 maxlen: 20
46.213.240.0/20 maxlen: 20
188.139.224.0/20 maxlen: 20
178.52.80.0/20 maxlen: 20
185.136.144.0/22 maxlen: 22
178.52.96.0/20 maxlen: 20
188.139.240.0/20 maxlen: 20
178.52.224.0/20 maxlen: 20
178.52.240.0/20 maxlen: 20
178.52.160.0/20 maxlen: 20
178.52.176.0/20 maxlen: 20
178.52.192.0/20 maxlen: 20
178.52.208.0/20 maxlen: 20
46.213.80.0/20 maxlen: 20
46.213.96.0/20 maxlen: 20
46.213.112.0/20 maxlen: 20
46.213.16.0/20 maxlen: 20
46.213.32.0/20 maxlen: 20
46.213.48.0/20 maxlen: 20
46.213.64.0/20 maxlen: 20
178.52.0.0/20 maxlen: 20
46.213.176.0/20 maxlen: 20
46.213.192.0/20 maxlen: 20
178.52.16.0/20 maxlen: 20
188.139.160.0/20 maxlen: 20
188.139.176.0/20 maxlen: 20
178.52.32.0/20 maxlen: 20
46.213.208.0/20 maxlen: 20
188.139.192.0/20 maxlen: 20
178.52.48.0/20 maxlen: 20
46.213.224.0/20 maxlen: 20
46.213.128.0/20 maxlen: 20
46.213.144.0/20 maxlen: 20
188.139.128.0/20 maxlen: 20
46.213.160.0/20 maxlen: 20
188.139.144.0/20 maxlen: 20
46.57.128.0/20 maxlen: 20
94.252.224.0/20 maxlen: 20
46.57.144.0/20 maxlen: 20
94.252.240.0/21 maxlen: 21
94.252.252.0/22 maxlen: 22
94.252.248.0/22 maxlen: 22
46.57.160.0/20 maxlen: 20
94.252.160.0/20 maxlen: 20
94.252.176.0/22 maxlen: 22
94.252.182.0/24 maxlen: 24
94.252.181.0/24 maxlen: 24
94.252.184.0/24 maxlen: 24
94.252.183.0/24 maxlen: 24
94.252.180.0/24 maxlen: 24
94.252.185.0/24 maxlen: 24
94.252.186.0/24 maxlen: 24
94.252.192.0/20 maxlen: 20
94.252.189.0/24 maxlen: 24
94.252.188.0/24 maxlen: 24
94.252.191.0/24 maxlen: 24
94.252.190.0/24 maxlen: 24
94.252.187.0/24 maxlen: 24
94.252.208.0/20 maxlen: 20
46.57.240.0/20 maxlen: 20
46.213.0.0/20 maxlen: 20
46.57.176.0/20 maxlen: 20
46.57.192.0/20 maxlen: 20
46.57.208.0/20 maxlen: 20
46.57.224.0/20 maxlen: 20
2a00:b800::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 25 Sep 2024 08:49:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:5a:18:eb:f5:e9:ce:6a:70:43:0c:f2:8f:5d:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24d9da4ffb1bb6d273de1bad5dbbf0d1ff47f0cf
Validity
Not Before: Jan 2 14:34:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c7d23027cd83efefc04081dad6037c6ae9d32b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:88:4a:6f:7b:38:04:32:3b:12:df:c8:d6:55:
68:96:e6:f8:3f:ca:08:bd:15:da:80:5d:27:28:e1:
33:f2:18:bb:59:e4:ac:bb:84:51:f4:35:58:42:f4:
0b:54:ca:4e:f9:ba:3a:d0:ce:2f:6f:13:be:02:ac:
9e:a7:f9:4a:9b:87:a5:e6:c2:74:b7:e9:2c:db:ec:
d7:fb:36:fa:13:9b:fa:ff:cf:19:1d:ff:00:fd:39:
93:7e:ec:ec:19:01:b3:29:61:0e:b8:48:13:ba:9a:
91:a1:36:20:d7:bf:28:a7:42:be:cc:b0:f3:87:2f:
39:86:83:1e:c6:73:05:e0:6a:cc:cc:c5:ab:57:a5:
43:14:3e:f0:3f:5f:e6:69:c1:8c:4d:6b:b1:7c:8e:
49:75:36:84:a3:4f:e8:72:9b:46:fc:07:07:46:39:
e1:28:37:04:61:c5:cd:26:ca:b3:15:75:59:31:63:
bc:1f:a3:79:b0:53:2c:fa:2f:63:f5:bb:11:df:5d:
1c:54:95:b0:d3:e4:29:d9:f9:e3:76:85:1a:97:84:
ee:82:3b:08:af:0b:95:cc:2b:d4:af:ad:2e:c5:82:
43:a1:0f:9f:16:86:6c:41:aa:1f:64:a2:e4:cb:3f:
b6:91:30:c8:ae:f1:af:f6:4b:3e:ec:71:05:d2:1e:
75:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:7D:23:02:7C:D8:3E:FE:FC:04:08:1D:AD:60:37:C6:AE:9D:32:B7
X509v3 Authority Key Identifier:
keyid:24:D9:DA:4F:FB:1B:B6:D2:73:DE:1B:AD:5D:BB:F0:D1:FF:47:F0:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JNnaT_sbttJz3hutXbvw0f9H8M8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/DH0jAnzYPv78BAgdrWA3xq6dMrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/JNnaT_sbttJz3hutXbvw0f9H8M8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.57.128.0/17
46.213.0.0/16
94.252.128.0/17
178.52.0.0/16
185.136.144.0/22
188.139.128.0/17
IPv6:
2a00:b800::/32
Signature Algorithm: sha256WithRSAEncryption
96:47:73:30:fd:10:cd:7e:ad:97:5f:d9:d3:f4:52:27:f3:5a:
0d:db:94:e8:03:61:95:a5:cc:be:77:c2:d3:52:1b:8f:e8:20:
0d:6d:d9:5c:85:a5:f9:20:9d:a8:b1:9f:fc:7d:0a:ad:39:ca:
6f:8b:1b:ef:9f:3a:c2:99:58:19:3e:23:8e:9e:71:f5:f1:a5:
1b:d9:e4:6d:ca:a3:a4:bb:0e:67:93:2b:52:85:1d:b9:72:02:
94:30:30:22:88:75:e9:b5:38:54:b7:2d:28:38:bc:47:f4:28:
2e:45:03:ec:b7:b8:c6:15:b8:d1:4c:f9:99:96:e3:77:ad:01:
70:e7:e5:42:c9:e1:94:e1:19:8b:a0:a1:2d:be:18:b6:99:f8:
44:77:8b:40:a7:7e:d2:b8:9b:09:ad:dd:ac:8f:b4:0e:fb:6e:
b4:a4:89:ef:e8:62:25:b2:10:4b:f6:14:ce:e0:5a:6e:96:b3:
c2:7e:2f:86:e5:c2:74:fa:f8:4f:5f:0d:bb:19:8f:8a:9b:f6:
ef:3d:9b:95:7d:96:50:9a:13:ef:3d:4a:87:53:ab:78:b4:93:
bf:1d:56:72:bc:4e:5b:4e:dd:07:24:e4:5c:5e:d1:f7:8c:15:
6d:07:8a:ad:9c:a0:9a:eb:49:d5:fe:1a:15:74:44:7c:cc:f4:
27:ec:6a:09
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYzKmVoY6/XpzmpwQwzyj126MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZDlkYTRmZmIxYmI2ZDI3M2RlMWJhZDVkYmJmMGQxZmY0
N2YwY2YwHhcNMjQwMTAyMTQzNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzdkMjMwMjdjZDgzZWZlZmMwNDA4MWRhZDYwMzdjNmFlOWQzMmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYhKb3s4BDI7Et/I1lVolub4P8oI
vRXagF0nKOEz8hi7WeSsu4RR9DVYQvQLVMpO+bo60M4vbxO+Aqyep/lKm4el5sJ0
t+ks2+zX+zb6E5v6/88ZHf8A/TmTfuzsGQGzKWEOuEgTupqRoTYg178op0K+zLDz
hy85hoMexnMF4GrMzMWrV6VDFD7wP1/macGMTWuxfI5JdTaEo0/ocptG/AcHRjnh
KDcEYcXNJsqzFXVZMWO8H6N5sFMs+i9j9bsR310cVJWw0+Qp2fnjdoUal4TugjsI
rwuVzCvUr60uxYJDoQ+fFoZsQaofZKLkyz+2kTDIrvGv9ks+7HEF0h51lwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFAx9IwJ82D7+/AQIHa1gN8aunTK3MB8GA1UdIwQY
MBaAFCTZ2k/7G7bSc94brV278NH/R/DPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk5uYVRfc2J0dEp6M2h1dFhidncwZjlIOE04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8xZWIxMjAtNjg3Yy00OTkzLTg1N2Yt
OGEwM2E3YzFmZTliLzEvREgwakFuellQdjc4QkFnZHJXQTN4cTZkTXJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8xZWIxMjAtNjg3Yy00OTkzLTg1N2YtOGEwM2E3YzFmZTli
LzEvSk5uYVRfc2J0dEp6M2h1dFhidncwZjlIOE04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAoBAIAATAiAwQHLjmAAwMA
LtUDBAde/IADAwCyNAMEArmIkAMEB7yLgDANBAIAAjAHAwUAKgC4ADANBgkqhkiG
9w0BAQsFAAOCAQEAlkdzMP0QzX6tl1/Z0/RSJ/NaDduU6ANhlaXMvnfC01Ibj+gg
DW3ZXIWl+SCdqLGf/H0KrTnKb4sb7586wplYGT4jjp5x9fGlG9nkbcqjpLsOZ5Mr
UoUduXIClDAwIoh16bU4VLctKDi8R/QoLkUD7Le4xhW40Uz5mZbjd60BcOflQsnh
lOEZi6ChLb4Ytpn4RHeLQKd+0ribCa3drI+0DvtutKSJ7+hiJbIQS/YUzuBabpaz
wn4vhuXCdPr4T18NuxmPipv27z2blX2WUJoT7z1Kh1OreLSTvx1WcrxOW07dByTk
XF7R94wVbQeKrZygmutJ1f4aFXREfMz0J+xqCQ==
-----END CERTIFICATE-----
Generated at Wed Sep 25 11:48:47 2024 by rpki-client on console-fra.rpki-client.org