Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/kKyjIjQgW6GHM7_2344NF2FpBZA.roa
File: kKyjIjQgW6GHM7_2344NF2FpBZA.roa (raw, json)
Hash identifier: bDizZInAnORyuBTxTFMMaRQFOZKVZlyecWeoD0gmkUc=
Subject key identifier: 90:AC:A3:22:34:20:5B:A1:87:33:BF:F6:DF:8E:0D:17:61:69:05:90
Certificate issuer: /CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
Certificate serial: 0192C4197AE05E8669F671161FF6065B760E
Authority key identifier: AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/kKyjIjQgW6GHM7_2344NF2FpBZA.roa
Signing time: Fri 25 Oct 2024 14:34:17 +0000
ROA not before: Fri 25 Oct 2024 14:34:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31520
IP address blocks: 5.1.0.0/23 maxlen: 23
5.1.4.0/22 maxlen: 22
5.1.8.0/21 maxlen: 21
5.1.16.0/20 maxlen: 20
31.128.76.0/23 maxlen: 23
31.128.78.0/23 maxlen: 23
31.128.80.0/22 maxlen: 22
31.128.84.0/22 maxlen: 22
31.128.88.0/22 maxlen: 22
31.128.92.0/22 maxlen: 22
77.222.139.0/24 maxlen: 24
77.222.152.0/22 maxlen: 22
77.222.156.0/24 maxlen: 24
77.222.157.0/24 maxlen: 24
77.222.158.0/23 maxlen: 23
80.77.32.0/22 maxlen: 22
80.77.36.0/24 maxlen: 24
80.77.37.0/24 maxlen: 24
80.77.38.0/24 maxlen: 24
80.77.39.0/24 maxlen: 24
80.77.40.0/22 maxlen: 22
80.77.44.0/22 maxlen: 22
80.91.166.0/24 maxlen: 24
85.159.0.0/21 maxlen: 21
91.197.220.0/24 maxlen: 24
91.197.221.0/24 maxlen: 24
91.197.222.0/24 maxlen: 24
91.197.223.0/24 maxlen: 24
93.183.214.0/24 maxlen: 24
93.183.216.0/24 maxlen: 24
93.183.217.0/24 maxlen: 24
93.183.218.0/23 maxlen: 23
93.183.220.0/22 maxlen: 22
93.183.224.0/24 maxlen: 24
93.183.225.0/24 maxlen: 24
93.183.226.0/24 maxlen: 24
93.183.227.0/24 maxlen: 24
93.183.230.0/24 maxlen: 24
93.183.231.0/24 maxlen: 24
93.183.232.0/22 maxlen: 22
93.183.240.0/21 maxlen: 21
93.183.248.0/21 maxlen: 21
94.232.72.0/21 maxlen: 21
109.206.32.0/19 maxlen: 24
176.102.48.0/23 maxlen: 23
176.102.50.0/24 maxlen: 24
176.102.51.0/24 maxlen: 24
176.102.52.0/22 maxlen: 24
176.102.56.0/21 maxlen: 24
176.112.0.0/19 maxlen: 24
176.241.128.0/19 maxlen: 24
176.241.148.0/22 maxlen: 22
185.46.248.0/22 maxlen: 24
188.247.96.0/20 maxlen: 20
188.247.116.0/24 maxlen: 24
188.247.117.0/24 maxlen: 24
188.247.118.0/24 maxlen: 24
188.247.119.0/24 maxlen: 24
193.108.49.0/24 maxlen: 24
193.108.128.0/24 maxlen: 24
194.29.60.0/22 maxlen: 22
195.114.141.0/24 maxlen: 24
195.114.142.0/24 maxlen: 24
195.114.143.0/24 maxlen: 24
195.114.144.0/24 maxlen: 24
195.114.145.0/24 maxlen: 24
195.114.146.0/23 maxlen: 23
195.114.148.0/23 maxlen: 23
195.114.150.0/24 maxlen: 24
195.114.151.0/24 maxlen: 24
195.114.152.0/24 maxlen: 24
195.114.153.0/24 maxlen: 24
195.114.154.0/24 maxlen: 24
195.114.155.0/24 maxlen: 24
195.114.156.0/24 maxlen: 24
195.114.157.0/24 maxlen: 24
195.114.158.0/24 maxlen: 24
195.114.159.0/24 maxlen: 24
213.111.201.0/24 maxlen: 24
213.111.202.0/24 maxlen: 24
213.111.206.0/23 maxlen: 23
213.111.215.0/24 maxlen: 24
213.111.216.0/24 maxlen: 24
213.111.218.0/23 maxlen: 23
213.111.248.0/24 maxlen: 24
213.111.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Nov 2024 08:59:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c4:19:7a:e0:5e:86:69:f6:71:16:1f:f6:06:5b:76:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
Validity
Not Before: Oct 25 14:34:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90aca32234205ba18733bff6df8e0d1761690590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:8c:f1:79:6b:4f:cb:ca:76:fb:2a:3f:e6:08:
8d:71:39:75:69:59:e3:aa:63:2b:cc:b4:37:af:3a:
55:53:47:5c:bf:ff:9b:9a:51:2f:28:80:31:30:9a:
1d:af:aa:a4:d3:18:af:8f:47:e1:d3:d6:2b:88:94:
3b:53:1a:b1:b0:1f:8f:58:7f:23:d0:1c:c2:28:42:
21:99:da:80:44:68:38:ea:05:54:b7:8f:c9:72:f4:
88:b5:55:b5:59:a0:35:9f:78:0f:19:47:8b:6c:d8:
63:49:41:90:ba:8f:c7:24:05:c3:c3:d9:fa:7f:41:
ba:f3:16:4c:8d:80:56:bf:d6:f3:da:62:ad:c0:09:
de:66:5a:c0:83:a2:0e:7c:4f:21:fc:66:bb:89:e5:
66:ba:22:bc:c4:ed:73:da:e9:ae:0b:ee:ec:a0:dc:
2d:01:a4:4e:82:8c:b7:9f:e0:33:4a:49:56:78:a3:
8f:32:24:bd:e7:de:2d:96:98:fb:78:92:ac:b5:06:
df:dd:30:ed:22:ba:e6:2c:de:93:d6:f6:ba:db:54:
4b:a3:0f:20:9d:b5:09:df:47:f5:1b:4e:30:8d:4a:
f8:1a:26:6d:31:ff:7e:d3:1c:34:c7:ba:e5:81:d3:
52:e8:c2:12:70:43:73:f3:a1:dc:07:18:bc:54:70:
c5:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:AC:A3:22:34:20:5B:A1:87:33:BF:F6:DF:8E:0D:17:61:69:05:90
X509v3 Authority Key Identifier:
keyid:AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/kKyjIjQgW6GHM7_2344NF2FpBZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/q8jb5SCDrTNcnx_eYBbsi0kpMUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.0.0/23
5.1.4.0-5.1.31.255
31.128.76.0-31.128.95.255
77.222.139.0/24
77.222.152.0/21
80.77.32.0/20
80.91.166.0/24
85.159.0.0/21
91.197.220.0/22
93.183.214.0/24
93.183.216.0-93.183.227.255
93.183.230.0-93.183.235.255
93.183.240.0/20
94.232.72.0/21
109.206.32.0/19
176.102.48.0/20
176.112.0.0/19
176.241.128.0/19
185.46.248.0/22
188.247.96.0/20
188.247.116.0/22
193.108.49.0/24
193.108.128.0/24
194.29.60.0/22
195.114.141.0-195.114.159.255
213.111.201.0-213.111.202.255
213.111.206.0/23
213.111.215.0-213.111.216.255
213.111.218.0/23
213.111.248.0/24
213.111.255.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:0b:63:5a:0c:ca:6c:e6:d0:86:bd:1f:89:66:86:31:5e:5c:
be:f6:b6:92:f9:9b:6e:db:b4:f9:6f:ff:a6:07:09:fa:42:01:
f5:c1:96:b2:27:45:53:be:8f:76:8c:85:4e:21:13:9f:e5:c8:
cd:ad:4c:cd:79:a7:8c:4b:86:4c:9e:59:d3:5e:eb:1c:c7:3d:
bc:cf:a7:2c:df:d8:f0:8d:47:a6:35:3c:ef:60:c2:45:26:24:
4f:1c:49:88:ed:29:01:9d:0d:4b:7c:e2:0f:58:82:a2:a9:32:
f0:1b:e9:3b:d1:56:d0:e7:40:f2:ce:8d:54:ed:c2:1e:c2:12:
ab:ae:23:7a:88:cb:e4:64:8f:31:a9:d6:dd:38:73:64:8f:f1:
8a:f1:2f:e4:d3:e2:bd:08:16:24:04:23:42:d7:9f:25:ac:1e:
5d:10:b9:6a:74:ed:1c:2f:d7:fd:43:16:7b:30:72:15:55:7b:
72:1b:cf:d9:3d:b3:f2:ed:5b:b2:3c:87:4f:5c:58:9a:fd:ea:
bc:39:85:96:4a:3c:34:6e:79:7b:15:a4:b3:3a:7b:6c:6e:a6:
ab:ec:55:d0:ed:92:29:c6:75:84:56:8b:07:f6:d6:5f:df:63:
7a:47:a4:d2:a8:35:d5:c3:f3:b6:b3:a7:8a:d9:ac:a9:c9:0b:
57:12:d7:d4
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgISAZLEGXrgXoZp9nEWH/YGW3YOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYzhkYmU1MjA4M2FkMzM1YzlmMWZkZTYwMTZlYzhiNDky
OTMxNDAwHhcNMjQxMDI1MTQzNDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGFjYTMyMjM0MjA1YmExODczM2JmZjZkZjhlMGQxNzYxNjkwNTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIzxeWtPy8p2+yo/5giNcTl1aVnj
qmMrzLQ3rzpVU0dcv/+bmlEvKIAxMJodr6qk0xivj0fh09YriJQ7UxqxsB+PWH8j
0BzCKEIhmdqARGg46gVUt4/JcvSItVW1WaA1n3gPGUeLbNhjSUGQuo/HJAXDw9n6
f0G68xZMjYBWv9bz2mKtwAneZlrAg6IOfE8h/Ga7ieVmuiK8xO1z2umuC+7soNwt
AaROgoy3n+AzSklWeKOPMiS9594tlpj7eJKstQbf3TDtIrrmLN6T1va621RLow8g
nbUJ30f1G04wjUr4GiZtMf9+0xw0x7rlgdNS6MIScENz86HcBxi8VHDFtQIDAQAB
o4IC+zCCAvcwHQYDVR0OBBYEFJCsoyI0IFuhhzO/9t+ODRdhaQWQMB8GA1UdIwQY
MBaAFKvI2+Ugg60zXJ8f3mAW7ItJKTFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcThqYjVTQ0RyVE5jbnhfZVlCYnNpMGtwTVVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jZTZjY2ItMjVjZi00OTE3LWIzY2Qt
MzA1NmFmOWEzMzVlLzEva0t5aklqUWdXNkdITTdfMjM0NE5GMkZwQlpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jZTZjY2ItMjVjZi00OTE3LWIzY2QtMzA1NmFmOWEzMzVl
LzEvcThqYjVTQ0RyVE5jbnhfZVlCYnNpMGtwTVVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDwYIKwYBBQUHAQcBAf8Egf8wgfwwgfkEAgABMIHyAwQB
BQEAMAwDBAIFAQQDBAUFAQAwDAMEAh+ATAMEBR+AQAMEAE3eiwMEA03emAMEBFBN
IAMEAFBbpgMEA1WfAAMEAlvF3AMEAF231jAMAwQDXbfYAwQCXbfgMAwDBAFdt+YD
BAJdt+gDBARdt/ADBANe6EgDBAVtziADBASwZjADBAWwcAADBAWw8YADBAK5LvgD
BAS892ADBAK893QDBADBbDEDBADBbIADBALCHTwwDAMEAMNyjQMEBcNygDAMAwQA
1W/JAwQA1W/KAwQB1W/OMAwDBADVb9cDBADVb9gDBAHVb9oDBADVb/gDBADVb/8w
DQYJKoZIhvcNAQELBQADggEBAH4LY1oMymzm0Ia9H4lmhjFeXL72tpL5m27btPlv
/6YHCfpCAfXBlrInRVO+j3aMhU4hE5/lyM2tTM15p4xLhkyeWdNe6xzHPbzPpyzf
2PCNR6Y1PO9gwkUmJE8cSYjtKQGdDUt84g9YgqKpMvAb6TvRVtDnQPLOjVTtwh7C
EquuI3qIy+RkjzGp1t04c2SP8YrxL+TT4r0IFiQEI0LXnyWsHl0QuWp07Rwv1/1D
FnswchVVe3Ibz9k9s/LtW7I8h09cWJr96rw5hZZKPDRueXsVpLM6e2xupqvsVdDt
kinGdYRWiwf21l/fY3pHpNKoNdXD87azp4rZrKnJC1cS19Q=
-----END CERTIFICATE-----
Generated at Mon Nov 4 11:00:40 2024 by rpki-client on console-ams.rpki-client.org