Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/Gk90M9ERf-qM3Oiq5lmUacRsDWc.roa
File: Gk90M9ERf-qM3Oiq5lmUacRsDWc.roa (raw, json)
Hash identifier: 9RScNtvM//saCDt3UAgLBisbQ1WH7M+OXPwtoXvHqM0=
Subject key identifier: 1A:4F:74:33:D1:11:7F:EA:8C:DC:E8:AA:E6:59:94:69:C4:6C:0D:67
Certificate issuer: /CN=c2d2a234e224bf87996f2f0df559ead882f9e651
Certificate serial: 018ECC8CDAC33B9B0A868DC67D2FB031EE5E
Authority key identifier: C2:D2:A2:34:E2:24:BF:87:99:6F:2F:0D:F5:59:EA:D8:82:F9:E6:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtKiNOIkv4eZby8N9Vnq2IL55lE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/Gk90M9ERf-qM3Oiq5lmUacRsDWc.roa
Signing time: Thu 11 Apr 2024 09:46:06 +0000
ROA not before: Thu 11 Apr 2024 09:46:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50926
IP address blocks: 5.175.40.0/21 maxlen: 24
31.24.40.0/21 maxlen: 24
31.24.152.0/21 maxlen: 24
84.246.208.0/21 maxlen: 24
91.142.208.0/20 maxlen: 24
91.200.140.0/22 maxlen: 24
91.213.46.0/24 maxlen: 24
94.127.184.0/21 maxlen: 24
109.68.80.0/21 maxlen: 24
149.62.168.0/21 maxlen: 24
185.23.68.0/22 maxlen: 24
185.70.92.0/22 maxlen: 24
185.101.224.0/22 maxlen: 24
185.129.248.0/22 maxlen: 24
185.176.8.0/24 maxlen: 24
185.176.9.0/24 maxlen: 24
185.176.10.0/24 maxlen: 24
185.176.11.0/24 maxlen: 24
185.222.156.0/22 maxlen: 24
188.95.112.0/21 maxlen: 24
188.164.192.0/21 maxlen: 24
194.116.147.0/24 maxlen: 24
195.5.116.0/23 maxlen: 24
212.34.156.0/22 maxlen: 24
2a00:5ac0::/44 maxlen: 44
2a00:5ac0:100::/48 maxlen: 48
2a00:5ac0:147::/48 maxlen: 48
2a00:5ac0:180::/48 maxlen: 48
2a00:5ac0:200::/48 maxlen: 48
2a00:5ac0:300::/48 maxlen: 48
2a01:4b80::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 23 May 2024 08:53:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cc:8c:da:c3:3b:9b:0a:86:8d:c6:7d:2f:b0:31:ee:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d2a234e224bf87996f2f0df559ead882f9e651
Validity
Not Before: Apr 11 09:46:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a4f7433d1117fea8cdce8aae6599469c46c0d67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2c:74:09:8b:98:17:57:42:c5:45:84:05:8c:
c8:34:26:a9:d3:93:dd:a8:95:23:ac:3c:31:c3:ec:
2b:73:7d:28:89:c0:b0:9c:a2:83:d8:50:00:f5:f5:
ec:2f:88:28:6c:14:a5:5e:92:80:ca:ac:12:2d:bc:
f7:1a:2f:3f:d1:68:8c:85:86:fb:64:43:80:83:a7:
54:56:73:90:d7:2a:1e:38:88:25:44:96:d5:fc:4f:
90:4a:61:85:d8:54:47:35:bc:12:88:40:a2:5f:f7:
ac:9a:9a:6f:b2:61:3d:9c:c2:4c:0a:37:14:75:ff:
81:3d:ab:5f:06:dc:0a:72:8c:9c:d9:11:22:7f:af:
7c:a6:be:53:39:f7:b4:d0:f7:95:d9:c4:00:d8:47:
94:dc:cd:ee:d4:4e:c1:79:5f:a6:29:ea:b3:39:b0:
71:83:70:87:14:55:46:74:82:fb:9c:09:24:5a:b1:
d5:39:9f:61:f3:88:a3:ae:57:c9:3a:79:08:02:2d:
b6:7d:3c:15:1d:f8:f8:e4:e2:9a:00:93:21:b6:24:
43:46:ce:c8:cc:ca:be:0c:05:dc:a9:76:18:d5:59:
34:c2:3f:66:6e:10:ba:82:a8:f0:b4:4f:9b:29:1c:
2d:da:26:39:c7:fa:29:bc:1e:06:03:83:ea:fc:05:
54:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:4F:74:33:D1:11:7F:EA:8C:DC:E8:AA:E6:59:94:69:C4:6C:0D:67
X509v3 Authority Key Identifier:
keyid:C2:D2:A2:34:E2:24:BF:87:99:6F:2F:0D:F5:59:EA:D8:82:F9:E6:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtKiNOIkv4eZby8N9Vnq2IL55lE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/Gk90M9ERf-qM3Oiq5lmUacRsDWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/wtKiNOIkv4eZby8N9Vnq2IL55lE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.40.0/21
31.24.40.0/21
31.24.152.0/21
84.246.208.0/21
91.142.208.0/20
91.200.140.0/22
91.213.46.0/24
94.127.184.0/21
109.68.80.0/21
149.62.168.0/21
185.23.68.0/22
185.70.92.0/22
185.101.224.0/22
185.129.248.0/22
185.176.8.0/22
185.222.156.0/22
188.95.112.0/21
188.164.192.0/21
194.116.147.0/24
195.5.116.0/23
212.34.156.0/22
IPv6:
2a00:5ac0::/44
2a00:5ac0:100::/48
2a00:5ac0:147::/48
2a00:5ac0:180::/48
2a00:5ac0:200::/48
2a00:5ac0:300::/48
2a01:4b80::/32
Signature Algorithm: sha256WithRSAEncryption
22:88:dd:00:d5:7c:2c:ab:d3:02:65:19:99:ae:a2:aa:de:8d:
36:46:54:14:9b:d5:f9:12:97:e9:15:dd:3e:45:f0:3b:ce:08:
53:22:17:2c:f4:5d:c2:49:2c:d9:19:ab:76:a0:87:7b:07:2e:
3b:e2:6a:77:a0:9d:a9:36:80:e2:3d:88:81:f6:ab:83:ad:72:
58:0a:6f:75:38:9a:57:0e:45:69:cd:dc:5d:5d:d2:bd:13:c2:
94:d9:02:8b:b4:16:1b:d9:00:29:e0:e0:48:3b:28:ba:2e:bb:
fc:31:32:b8:fd:6d:94:3d:ad:34:dd:9f:f4:75:81:69:c2:22:
f4:33:00:78:90:56:cd:ed:ea:5b:bb:d8:9d:76:18:b2:b8:f1:
2a:f2:4c:7e:78:38:c8:4a:bf:1d:8c:c9:ff:5f:b7:df:ea:93:
c6:47:d4:35:19:f0:79:8c:b7:e0:47:2d:b3:dd:49:28:bb:ca:
e5:38:8b:a1:e4:eb:a6:fc:d9:ee:03:82:75:46:80:04:09:bf:
72:1d:e4:50:9c:3c:6c:14:c7:86:ef:9e:14:e8:d4:05:82:42:
d8:e0:7f:78:8a:80:31:c7:e2:f4:cd:18:ea:29:0f:39:4c:cd:
3f:c9:f5:2d:aa:54:f4:c5:be:60:0e:bd:51:1a:a0:66:0a:8b:
49:ad:8b:2e
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAY7MjNrDO5sKho3GfS+wMe5eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDJhMjM0ZTIyNGJmODc5OTZmMmYwZGY1NTllYWQ4ODJm
OWU2NTEwHhcNMjQwNDExMDk0NjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTRmNzQzM2QxMTE3ZmVhOGNkY2U4YWFlNjU5OTQ2OWM0NmMwZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCx0CYuYF1dCxUWEBYzINCap05Pd
qJUjrDwxw+wrc30oicCwnKKD2FAA9fXsL4gobBSlXpKAyqwSLbz3Gi8/0WiMhYb7
ZEOAg6dUVnOQ1yoeOIglRJbV/E+QSmGF2FRHNbwSiECiX/esmppvsmE9nMJMCjcU
df+BPatfBtwKcoyc2REif698pr5TOfe00PeV2cQA2EeU3M3u1E7BeV+mKeqzObBx
g3CHFFVGdIL7nAkkWrHVOZ9h84ijrlfJOnkIAi22fTwVHfj45OKaAJMhtiRDRs7I
zMq+DAXcqXYY1Vk0wj9mbhC6gqjwtE+bKRwt2iY5x/opvB4GA4Pq/AVU5QIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFBpPdDPREX/qjNzoquZZlGnEbA1nMB8GA1UdIwQY
MBaAFMLSojTiJL+HmW8vDfVZ6tiC+eZRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RLaU5PSWt2NGVaYnk4TjlWbnEySUw1NWxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9kMWVlNGItZTg4YS00ZTQxLWE2MTYt
NGIyNDhkYTZjOTZjLzEvR2s5ME05RVJmLXFNM09pcTVsbVVhY1JzRFdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9kMWVlNGItZTg4YS00ZTQxLWE2MTYtNGIyNDhkYTZjOTZj
LzEvd3RLaU5PSWt2NGVaYnk4TjlWbnEySUw1NWxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCBhAQCAAEwfgMEAwWv
KAMEAx8YKAMEAx8YmAMEA1T20AMEBFuO0AMEAlvIjAMEAFvVLgMEA15/uAMEA21E
UAMEA5U+qAMEArkXRAMEArlGXAMEArll4AMEArmB+AMEArmwCAMEArnenAMEA7xf
cAMEA7ykwAMEAMJ0kwMEAcMFdAMEAtQinDBDBAIAAjA9AwcEKgBawAAAAwcAKgBa
wAEAAwcAKgBawAFHAwcAKgBawAGAAwcAKgBawAIAAwcAKgBawAMAAwUAKgFLgDAN
BgkqhkiG9w0BAQsFAAOCAQEAIojdANV8LKvTAmUZma6iqt6NNkZUFJvV+RKX6RXd
PkXwO84IUyIXLPRdwkks2RmrdqCHewcuO+Jqd6CdqTaA4j2Igfarg61yWApvdTia
Vw5Fac3cXV3SvRPClNkCi7QWG9kAKeDgSDsoui67/DEyuP1tlD2tNN2f9HWBacIi
9DMAeJBWze3qW7vYnXYYsrjxKvJMfng4yEq/HYzJ/1+33+qTxkfUNRnweYy34Ect
s91JKLvK5TiLoeTrpvzZ7gOCdUaABAm/ch3kUJw8bBTHhu+eFOjUBYJC2OB/eIqA
Mcfi9M0Y6ikPOUzNP8n1LapU9MW+YA69URqgZgqLSa2LLg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:04 2024 by rpki-client on console-fra.rpki-client.org