Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/JOw-tmuogFtufQtVWEpBkv1boqM.roa
File: JOw-tmuogFtufQtVWEpBkv1boqM.roa (raw, json)
Hash identifier: WgXqtce8I4lOA3trC/b685J2AbpbyB/SlhWRA62dzn8=
Subject key identifier: 24:EC:3E:B6:6B:A8:80:5B:6E:7D:0B:55:58:4A:41:92:FD:5B:A2:A3
Certificate issuer: /CN=92192e8d785581f72b18644224bd8c3fa8a2d11b
Certificate serial: 018CC5DC93626D55B6E340D653DE4AA806BF
Authority key identifier: 92:19:2E:8D:78:55:81:F7:2B:18:64:42:24:BD:8C:3F:A8:A2:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/JOw-tmuogFtufQtVWEpBkv1boqM.roa
Signing time: Mon 01 Jan 2024 16:30:16 +0000
ROA not before: Mon 01 Jan 2024 16:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59588
IP address blocks: 45.153.119.0/24 maxlen: 24
45.153.116.0/24 maxlen: 24
45.153.116.0/23 maxlen: 23
45.153.117.0/24 maxlen: 24
45.153.118.0/23 maxlen: 23
45.153.118.0/24 maxlen: 24
198.160.168.0/23 maxlen: 23
198.160.168.0/24 maxlen: 24
151.236.160.0/24 maxlen: 24
151.236.161.0/24 maxlen: 24
151.236.162.0/23 maxlen: 23
151.236.162.0/24 maxlen: 24
151.236.163.0/24 maxlen: 24
151.236.160.0/23 maxlen: 23
151.236.164.0/23 maxlen: 23
151.236.164.0/24 maxlen: 24
151.236.165.0/24 maxlen: 24
151.236.166.0/24 maxlen: 24
151.236.167.0/24 maxlen: 24
151.236.168.0/23 maxlen: 23
151.236.168.0/24 maxlen: 24
151.236.169.0/24 maxlen: 24
151.236.170.0/24 maxlen: 24
151.236.170.0/23 maxlen: 23
151.236.166.0/23 maxlen: 23
151.236.172.0/24 maxlen: 24
151.236.171.0/24 maxlen: 24
151.236.172.0/23 maxlen: 23
151.236.173.0/24 maxlen: 24
151.236.176.0/23 maxlen: 23
151.236.175.0/24 maxlen: 24
151.236.176.0/24 maxlen: 24
151.236.177.0/24 maxlen: 24
151.236.174.0/23 maxlen: 23
151.236.174.0/24 maxlen: 24
151.236.178.0/23 maxlen: 23
151.236.178.0/24 maxlen: 24
151.236.179.0/24 maxlen: 24
151.236.186.0/24 maxlen: 24
151.236.182.0/24 maxlen: 24
151.236.182.0/23 maxlen: 24
151.236.183.0/24 maxlen: 24
151.236.180.0/24 maxlen: 24
151.236.180.0/23 maxlen: 23
151.236.181.0/24 maxlen: 24
151.236.189.0/24 maxlen: 24
151.236.190.0/24 maxlen: 24
151.236.190.0/23 maxlen: 23
151.236.191.0/24 maxlen: 24
151.236.188.0/23 maxlen: 23
151.236.188.0/24 maxlen: 24
198.176.116.0/24 maxlen: 24
198.176.117.0/24 maxlen: 24
2a10:2200:b::/48 maxlen: 48
2a10:2200:c::/48 maxlen: 48
2a10:2200:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 07:59:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:93:62:6d:55:b6:e3:40:d6:53:de:4a:a8:06:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92192e8d785581f72b18644224bd8c3fa8a2d11b
Validity
Not Before: Jan 1 16:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24ec3eb66ba8805b6e7d0b55584a4192fd5ba2a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:bb:28:40:d7:60:79:45:ed:91:06:23:3d:40:
8d:c1:ae:06:b1:22:36:e1:53:9a:e8:8e:7a:d2:c4:
b5:f4:c2:8a:f3:19:26:f3:e6:3d:b7:7d:e2:61:84:
18:22:36:bb:d5:7e:0a:cb:a0:64:5b:59:b0:90:7e:
9c:a0:a2:4c:43:ad:f5:1b:6e:6c:09:88:a7:0d:ac:
25:d4:b5:44:b3:79:1a:f7:63:8c:13:05:75:0e:2d:
f2:26:fb:45:d1:32:aa:ca:86:ef:e9:b9:bb:8a:36:
95:58:02:96:02:d8:83:74:de:3d:15:13:c9:14:b5:
bb:a9:2f:e2:83:2c:8c:92:9b:20:07:90:52:8a:52:
44:51:c1:80:89:26:da:e8:23:c7:61:b1:a1:3d:45:
ce:28:93:23:96:3c:46:fc:26:ce:a0:a1:7e:0a:2a:
58:62:9c:37:ff:1f:2a:04:a1:62:e2:66:e3:fa:73:
a6:1d:ae:21:35:96:40:f2:d6:6a:f9:90:fa:5d:8b:
54:8b:db:a0:a0:dd:1d:47:5c:f5:8f:c6:a1:02:ba:
f9:81:e9:82:f7:04:e8:1e:93:05:77:cc:85:a4:14:
9b:97:eb:89:32:44:1d:4e:a3:06:e8:72:3e:b0:a8:
60:e0:ba:c2:ad:70:44:74:31:b7:fd:6b:8a:a9:96:
73:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:EC:3E:B6:6B:A8:80:5B:6E:7D:0B:55:58:4A:41:92:FD:5B:A2:A3
X509v3 Authority Key Identifier:
keyid:92:19:2E:8D:78:55:81:F7:2B:18:64:42:24:BD:8C:3F:A8:A2:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/JOw-tmuogFtufQtVWEpBkv1boqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/khkujXhVgfcrGGRCJL2MP6ii0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.116.0/22
151.236.160.0-151.236.183.255
151.236.186.0/24
151.236.188.0/22
198.160.168.0/23
198.176.116.0/23
IPv6:
2a10:2200:2::/48
2a10:2200:b::-2a10:2200:c:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
62:95:3d:6f:9e:1e:df:d0:be:25:bb:fb:e4:98:76:cf:ec:c5:
71:13:23:e0:df:21:fc:1f:c0:52:5b:b2:df:63:30:17:9f:0a:
a6:82:63:d2:f8:c7:ac:83:55:c6:cb:1c:ad:84:86:b3:e3:48:
36:bb:7a:41:d3:e6:89:6f:ad:b8:6a:5e:66:de:c3:69:61:57:
fc:00:eb:01:19:bb:97:89:00:92:37:a1:bc:ca:65:d9:1c:c8:
3c:c5:6f:e9:af:e1:bc:14:00:1e:b1:ad:43:2b:00:14:1c:bf:
ad:5b:0d:5d:7c:f3:7f:05:79:6d:84:63:80:17:b7:6e:14:ae:
9b:9b:5d:b2:e7:32:91:fe:79:fd:42:53:3c:58:1d:ea:67:69:
fc:b4:c0:b8:1e:66:d2:12:83:44:92:b4:3f:ad:1f:52:66:37:
3f:49:86:4e:b9:9e:10:60:8f:5a:1c:18:b6:78:1c:1a:2e:2b:
67:73:c1:1c:fa:d5:f2:ca:09:bd:01:34:d1:fb:00:33:01:b5:
16:66:84:ca:30:85:7e:9a:d2:ac:fa:83:c8:91:74:1d:20:e2:
78:47:e1:e4:80:89:5b:3c:46:1c:82:a2:2b:8e:84:ed:12:a0:
60:ac:eb:b4:be:1e:2c:73:36:55:73:0d:17:84:ab:fa:2e:4e:
a9:97:66:a7
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYzF3JNibVW240DWU95KqAa/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMTkyZThkNzg1NTgxZjcyYjE4NjQ0MjI0YmQ4YzNmYThh
MmQxMWIwHhcNMjQwMTAxMTYzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGVjM2ViNjZiYTg4MDViNmU3ZDBiNTU1ODRhNDE5MmZkNWJhMmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA87soQNdgeUXtkQYjPUCNwa4GsSI2
4VOa6I560sS19MKK8xkm8+Y9t33iYYQYIja71X4Ky6BkW1mwkH6coKJMQ631G25s
CYinDawl1LVEs3ka92OMEwV1Di3yJvtF0TKqyobv6bm7ijaVWAKWAtiDdN49FRPJ
FLW7qS/igyyMkpsgB5BSilJEUcGAiSba6CPHYbGhPUXOKJMjljxG/CbOoKF+CipY
Ypw3/x8qBKFi4mbj+nOmHa4hNZZA8tZq+ZD6XYtUi9ugoN0dR1z1j8ahArr5gemC
9wToHpMFd8yFpBSbl+uJMkQdTqMG6HI+sKhg4LrCrXBEdDG3/WuKqZZz5QIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFCTsPrZrqIBbbn0LVVhKQZL9W6KjMB8GA1UdIwQY
MBaAFJIZLo14VYH3KxhkQiS9jD+ootEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2hrdWpYaFZnZmNyR0dSQ0pMMk1QNmlpMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9kOWIzOTctZTEwNS00YWM5LTg1Mzct
MDA4NWEzNjVhMjVmLzEvSk93LXRtdW9nRnR1ZlF0VldFcEJrdjFib3FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9kOWIzOTctZTEwNS00YWM5LTg1MzctMDA4NWEzNjVhMjVm
LzEva2hrdWpYaFZnZmNyR0dSQ0pMMk1QNmlpMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTAyBAIAATAsAwQCLZl0MAwD
BAWX7KADBAOX7LADBACX7LoDBAKX7LwDBAHGoKgDBAHGsHQwIwQCAAIwHQMHACoQ
IgAAAjASAwcAKhAiAAALAwcAKhAiAAAMMA0GCSqGSIb3DQEBCwUAA4IBAQBilT1v
nh7f0L4lu/vkmHbP7MVxEyPg3yH8H8BSW7LfYzAXnwqmgmPS+Mesg1XGyxythIaz
40g2u3pB0+aJb624al5m3sNpYVf8AOsBGbuXiQCSN6G8ymXZHMg8xW/pr+G8FAAe
sa1DKwAUHL+tWw1dfPN/BXlthGOAF7duFK6bm12y5zKR/nn9QlM8WB3qZ2n8tMC4
HmbSEoNEkrQ/rR9SZjc/SYZOuZ4QYI9aHBi2eBwaLitnc8Ec+tXyygm9ATTR+wAz
AbUWZoTKMIV+mtKs+oPIkXQdIOJ4R+HkgIlbPEYcgqIrjoTtEqBgrOu0vh4sczZV
cw0XhKv6Lk6pl2an
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:42 2025 by rpki-client