Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/98JE7W-SzS8M3rAu8UkpfeH9aag.roa
File: 98JE7W-SzS8M3rAu8UkpfeH9aag.roa (raw, json)
Hash identifier: xW3UeYuRlxyvK/u4LvxJWBzj0oq2KGf4PrKxRV9MDUo=
Subject key identifier: F7:C2:44:ED:6F:92:CD:2F:0C:DE:B0:2E:F1:49:29:7D:E1:FD:69:A8
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018CC801D220C6554403EE77587A95E1CA29
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/98JE7W-SzS8M3rAu8UkpfeH9aag.roa
Signing time: Tue 02 Jan 2024 02:30:11 +0000
ROA not before: Tue 02 Jan 2024 02:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3258
IP address blocks: 141.98.196.0/22 maxlen: 24
141.98.197.0/24 maxlen: 24
141.98.198.0/24 maxlen: 24
141.98.196.0/24 maxlen: 24
45.66.216.0/22 maxlen: 24
92.60.40.0/22 maxlen: 24
45.159.48.0/22 maxlen: 24
45.14.105.0/24 maxlen: 24
45.14.107.0/24 maxlen: 24
45.142.124.0/22 maxlen: 24
147.78.240.0/21 maxlen: 24
185.200.64.0/22 maxlen: 24
149.62.44.0/22 maxlen: 24
193.111.30.0/23 maxlen: 24
185.184.220.0/22 maxlen: 24
45.149.156.0/22 maxlen: 24
109.107.137.0/24 maxlen: 24
109.107.140.0/24 maxlen: 24
176.119.148.0/22 maxlen: 24
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
176.126.114.0/24 maxlen: 24
194.104.152.0/22 maxlen: 24
62.106.70.0/24 maxlen: 24
88.214.20.0/22 maxlen: 24
45.143.232.0/22 maxlen: 24
45.14.64.0/22 maxlen: 24
45.14.70.0/24 maxlen: 24
45.66.128.0/22 maxlen: 24
91.200.240.0/22 maxlen: 24
193.32.148.0/22 maxlen: 24
2a09:4::/48 maxlen: 48
2a09:3::/48 maxlen: 48
2a09:5::/48 maxlen: 48
2a09:7::/48 maxlen: 48
2a09:7::/36 maxlen: 48
2a09:1::/48 maxlen: 48
2a09:7:2008::/48 maxlen: 48
2a09:2::/48 maxlen: 48
2a0d:c7c1::/32 maxlen: 48
2a09:7:1::/48 maxlen: 48
2a10:480::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 04 Apr 2024 05:24:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:d2:20:c6:55:44:03:ee:77:58:7a:95:e1:ca:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 2 02:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7c244ed6f92cd2f0cdeb02ef149297de1fd69a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:bc:c1:86:46:16:df:06:03:4a:33:ba:bd:65:
6f:e0:1c:0f:45:c2:78:4b:26:af:1c:50:74:e5:22:
1f:7a:e1:0c:9f:24:0f:77:ce:40:aa:15:af:d7:9c:
cb:0e:09:35:f8:77:93:44:80:7f:3e:2c:ea:cf:c3:
50:8f:77:34:5b:dc:4e:5e:77:71:91:ee:80:9b:a1:
25:11:96:93:a0:15:dc:99:cb:9a:5d:42:0f:fe:bc:
97:ec:db:55:d9:04:6d:66:c4:bf:44:c9:34:b4:98:
40:66:f4:3e:51:62:c6:5e:53:a9:a2:3c:6e:e6:1e:
ac:26:9e:32:24:ce:26:b1:01:4d:87:fc:49:6a:42:
d1:0e:9a:9e:0b:28:71:97:4a:1b:63:55:50:11:25:
df:05:87:af:fb:f9:1f:21:60:54:1e:07:9c:dc:1e:
11:29:83:7b:1c:9d:00:aa:65:4d:8c:a4:03:1b:fc:
ac:27:06:4e:d6:eb:66:7d:0d:db:f8:79:d3:de:f8:
92:ea:2b:c9:48:98:25:95:12:2c:48:c1:13:58:f9:
3f:7f:ec:da:2a:29:2c:21:7b:a8:ed:dc:c3:a9:7e:
75:65:24:32:d7:1b:96:3b:c8:7d:1f:97:b3:63:ac:
f6:fc:37:7c:11:e6:c5:19:b3:a3:37:fc:10:80:2e:
89:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:C2:44:ED:6F:92:CD:2F:0C:DE:B0:2E:F1:49:29:7D:E1:FD:69:A8
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/98JE7W-SzS8M3rAu8UkpfeH9aag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.64.0/22
45.14.70.0/24
45.14.105.0/24
45.14.107.0/24
45.66.128.0/22
45.66.216.0/22
45.142.124.0/22
45.143.232.0/22
45.149.156.0/22
45.159.48.0/22
62.106.70.0/24
88.214.20.0/22
91.200.240.0/22
92.60.40.0/22
109.107.137.0/24
109.107.140.0/24
141.98.196.0/22
147.78.240.0/21
149.62.44.0/22
176.119.148.0/22
176.126.114.0/24
185.184.220.0/22
185.200.64.0/22
193.32.148.0/22
193.111.30.0/23
194.104.152.0/22
195.245.241.0-195.245.242.255
IPv6:
2a09:1::/48
2a09:2::/48
2a09:3::/48
2a09:4::/48
2a09:5::/48
2a09:7::/36
2a09:7:2008::/48
2a0d:c7c1::/32
2a10:480::/29
Signature Algorithm: sha256WithRSAEncryption
7c:43:e9:49:d8:84:ea:c8:7d:94:da:85:bb:86:8f:c7:c6:32:
4d:7c:d8:43:69:1c:fc:67:20:f1:77:6d:09:b7:7e:9e:ee:92:
62:15:d6:ca:93:e5:41:98:e0:d4:80:41:a8:91:1a:90:3d:82:
89:9b:dd:b3:9a:8f:19:cd:8f:58:c3:b8:48:b1:4f:0e:b2:60:
3e:c2:43:af:ef:05:20:af:2f:ff:4d:ad:e7:7c:3b:4b:a5:52:
95:89:48:64:16:49:bd:35:23:fe:e8:cf:39:3a:64:52:ea:a9:
98:54:d2:93:46:b4:39:96:e3:50:68:e1:65:a5:d8:26:f6:56:
96:c4:f8:28:53:4a:ca:76:66:6c:61:b3:63:36:71:c2:6c:31:
18:23:53:0e:a5:40:b6:59:57:56:8d:b8:7e:9f:db:69:a9:38:
26:5f:32:e6:7f:ef:94:d1:74:30:40:3f:fd:99:ab:2a:66:b9:
b3:3f:1d:72:d7:ea:16:ad:82:25:0b:0a:ef:0e:a4:25:85:37:
a3:35:03:5a:19:46:92:ba:6e:3c:20:28:93:9b:44:33:fc:9f:
e1:9e:2f:7a:2c:0f:3a:78:b9:77:5a:55:e2:ec:33:a2:40:79:
63:7c:9f:c8:af:e6:2b:cd:49:38:88:dc:d0:8b:63:cb:4d:94:
38:2c:4f:10
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgISAYzIAdIgxlVEA+53WHqV4copMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwMTAyMDIzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2MyNDRlZDZmOTJjZDJmMGNkZWIwMmVmMTQ5Mjk3ZGUxZmQ2OWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbzBhkYW3wYDSjO6vWVv4BwPRcJ4
SyavHFB05SIfeuEMnyQPd85AqhWv15zLDgk1+HeTRIB/Pizqz8NQj3c0W9xOXndx
ke6Am6ElEZaToBXcmcuaXUIP/ryX7NtV2QRtZsS/RMk0tJhAZvQ+UWLGXlOpojxu
5h6sJp4yJM4msQFNh/xJakLRDpqeCyhxl0obY1VQESXfBYev+/kfIWBUHgec3B4R
KYN7HJ0AqmVNjKQDG/ysJwZO1utmfQ3b+HnT3viS6ivJSJgllRIsSMETWPk/f+za
KiksIXuo7dzDqX51ZSQy1xuWO8h9H5ezY6z2/Dd8EebFGbOjN/wQgC6J9QIDAQAB
o4IDCTCCAwUwHQYDVR0OBBYEFPfCRO1vks0vDN6wLvFJKX3h/WmoMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvOThKRTdXLVN6UzhNM3JBdThVa3BmZUg5YWFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHQYIKwYBBQUHAQcBAf8EggEMMIIBCDCBsQQCAAEwgaoD
BAItDkADBAAtDkYDBAAtDmkDBAAtDmsDBAItQoADBAItQtgDBAItjnwDBAItj+gD
BAItlZwDBAItnzADBAA+akYDBAJY1hQDBAJbyPADBAJcPCgDBABta4kDBABta4wD
BAKNYsQDBAOTTvADBAKVPiwDBAKwd5QDBACwfnIDBAK5uNwDBAK5yEADBALBIJQD
BAHBbx4DBALCaJgwDAMEAMP18QMEAMP18jBSBAIAAjBMAwcAKgkAAQAAAwcAKgkA
AgAAAwcAKgkAAwAAAwcAKgkABAAAAwcAKgkABQAAAwYEKgkABwADBwAqCQAHIAgD
BQAqDcfBAwUDKhAEgDANBgkqhkiG9w0BAQsFAAOCAQEAfEPpSdiE6sh9lNqFu4aP
x8YyTXzYQ2kc/Gcg8XdtCbd+nu6SYhXWypPlQZjg1IBBqJEakD2CiZvds5qPGc2P
WMO4SLFPDrJgPsJDr+8FIK8v/02t53w7S6VSlYlIZBZJvTUj/ujPOTpkUuqpmFTS
k0a0OZbjUGjhZaXYJvZWlsT4KFNKynZmbGGzYzZxwmwxGCNTDqVAtllXVo24fp/b
aak4Jl8y5n/vlNF0MEA//ZmrKma5sz8dctfqFq2CJQsK7w6kJYU3ozUDWhlGkrpu
PCAok5tEM/yf4Z4veiwPOni5d1pV4uwzokB5Y3yfyK/mK81JOIjc0Itjy02UOCxP
EA==
-----END CERTIFICATE-----
Generated at Thu Apr 4 09:24:12 2024 by rpki-client on console-ams.rpki-client.org