Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/jVhlXKUs40LGBL7i8eh5O8KDNbs.roa
File: jVhlXKUs40LGBL7i8eh5O8KDNbs.roa (raw, json)
Hash identifier: ZrEqrsYSuNeX6OJO20U3JxRPaU93WJbMisx1pEfNcww=
Subject key identifier: 8D:58:65:5C:A5:2C:E3:42:C6:04:BE:E2:F1:E8:79:3B:C2:83:35:BB
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018C787694AE5A020653CEF69973F2F06420
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/jVhlXKUs40LGBL7i8eh5O8KDNbs.roa
Signing time: Sun 17 Dec 2023 15:48:06 +0000
ROA not before: Sun 17 Dec 2023 15:48:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3258
IP address blocks: 141.98.196.0/22 maxlen: 24
141.98.197.0/24 maxlen: 24
141.98.198.0/24 maxlen: 24
141.98.196.0/24 maxlen: 24
45.66.216.0/22 maxlen: 24
92.60.40.0/22 maxlen: 24
45.159.48.0/22 maxlen: 24
45.14.105.0/24 maxlen: 24
45.14.107.0/24 maxlen: 24
45.142.124.0/22 maxlen: 24
147.78.240.0/21 maxlen: 24
185.200.64.0/22 maxlen: 24
149.62.44.0/22 maxlen: 24
193.111.30.0/23 maxlen: 24
185.184.220.0/22 maxlen: 24
45.149.156.0/22 maxlen: 24
109.107.137.0/24 maxlen: 24
109.107.140.0/24 maxlen: 24
176.119.148.0/22 maxlen: 24
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
176.126.114.0/24 maxlen: 24
194.104.152.0/22 maxlen: 24
62.106.70.0/24 maxlen: 24
88.214.20.0/22 maxlen: 24
45.143.232.0/22 maxlen: 24
45.14.64.0/22 maxlen: 24
45.14.70.0/24 maxlen: 24
45.66.128.0/22 maxlen: 24
91.200.240.0/22 maxlen: 24
193.32.148.0/22 maxlen: 24
2a09:4::/48 maxlen: 48
2a09:3::/48 maxlen: 48
2a09:5::/48 maxlen: 48
2a09:7::/48 maxlen: 48
2a09:7::/36 maxlen: 48
2a09:1::/48 maxlen: 48
2a09:7:2008::/48 maxlen: 48
2a09:2::/48 maxlen: 48
2a0d:c7c1::/32 maxlen: 48
2a09:7:1::/48 maxlen: 48
2a10:480::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:78:76:94:ae:5a:02:06:53:ce:f6:99:73:f2:f0:64:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Dec 17 15:48:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d58655ca52ce342c604bee2f1e8793bc28335bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c7:50:26:12:b5:09:39:9e:e5:40:4b:fb:73:
e0:59:83:55:ad:a2:c4:e1:73:d1:b9:3e:07:98:69:
6a:71:b8:38:d5:e7:78:12:15:2d:71:2d:57:d3:11:
26:e4:3f:1c:17:bd:ef:b1:8c:f3:01:80:7e:b8:06:
ce:fd:37:63:f6:ed:f9:80:dc:d5:a2:6f:92:c5:9d:
a0:4e:27:2f:dd:12:84:3a:4d:28:52:b7:a7:56:32:
88:c0:f5:f9:06:ff:70:a2:8b:68:3e:8d:13:bc:88:
37:64:7e:53:f4:2a:8b:14:73:a4:2c:4c:14:d9:6a:
be:13:9b:d5:ec:2c:c0:77:98:b0:d0:31:18:2f:ef:
30:c3:67:c1:88:9a:41:23:c4:09:5b:a4:9b:e2:6a:
3b:29:35:d5:03:9a:e6:97:d5:47:79:10:c4:6b:4b:
24:27:b0:1e:0a:80:6b:ee:21:3d:40:dd:f0:10:66:
19:33:05:ba:3f:ac:74:d2:e5:e8:fb:2b:ca:bd:99:
94:21:a3:2f:2b:52:aa:b0:78:ce:06:c9:3a:83:ce:
6d:63:7c:c1:d5:0d:c2:aa:86:4e:a9:82:89:06:2f:
9d:e2:b1:ff:48:fa:ae:53:49:7f:51:c8:7f:1d:8d:
d7:69:c5:9e:fa:7a:62:b5:36:1a:63:25:97:fb:e7:
4d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:58:65:5C:A5:2C:E3:42:C6:04:BE:E2:F1:E8:79:3B:C2:83:35:BB
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/jVhlXKUs40LGBL7i8eh5O8KDNbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.64.0/22
45.14.70.0/24
45.14.105.0/24
45.14.107.0/24
45.66.128.0/22
45.66.216.0/22
45.142.124.0/22
45.143.232.0/22
45.149.156.0/22
45.159.48.0/22
62.106.70.0/24
88.214.20.0/22
91.200.240.0/22
92.60.40.0/22
109.107.137.0/24
109.107.140.0/24
141.98.196.0/22
147.78.240.0/21
149.62.44.0/22
176.119.148.0/22
176.126.114.0/24
185.184.220.0/22
185.200.64.0/22
193.32.148.0/22
193.111.30.0/23
194.104.152.0/22
195.245.241.0-195.245.242.255
IPv6:
2a09:1::/48
2a09:2::/48
2a09:3::/48
2a09:4::/48
2a09:5::/48
2a09:7::/36
2a09:7:2008::/48
2a0d:c7c1::/32
2a10:480::/29
Signature Algorithm: sha256WithRSAEncryption
74:4c:f7:f3:50:c3:3c:19:eb:79:e4:ec:6f:cd:c6:6f:c8:59:
21:32:14:e2:eb:81:18:be:5e:41:fd:54:92:ba:6f:d5:09:03:
b8:53:eb:c6:b1:ca:6d:f9:89:08:20:a8:97:cc:31:0d:32:c0:
c7:18:58:ab:c1:b4:0b:7c:58:1b:3d:d4:2d:18:1a:d7:70:38:
77:a8:ce:2f:9d:d5:df:f4:a8:7d:67:c8:6c:29:ab:58:7a:a3:
cf:25:14:2b:ff:c1:a5:1d:a7:23:0a:4c:61:75:ed:a3:3a:38:
f1:cc:70:52:87:d2:d3:e0:85:d2:8c:65:c5:df:e9:31:a4:4a:
7d:a3:c7:2a:ab:81:36:ea:99:64:4a:be:5f:53:d7:03:dc:cc:
4b:18:f1:5b:29:94:39:e6:31:35:02:9a:5b:15:bc:b6:71:97:
77:d9:0e:9e:fa:db:17:12:39:a3:b9:db:f1:4f:49:29:66:90:
34:5c:7e:f7:2e:14:c9:89:4d:1b:21:5c:54:05:6a:b7:b1:ba:
a2:a2:02:db:8d:ac:ee:d8:ae:c7:3a:2d:1e:2b:77:0d:cf:c3:
f9:28:36:a0:f2:ed:b9:67:a9:2f:de:74:fe:4c:1a:40:c0:17:
43:79:86:1a:26:2b:4a:53:58:5c:1d:60:19:b3:29:da:e3:62:
17:e0:90:62
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgISAYx4dpSuWgIGU872mXPy8GQgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMxMjE3MTU0ODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDU4NjU1Y2E1MmNlMzQyYzYwNGJlZTJmMWU4NzkzYmMyODMzNWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcdQJhK1CTme5UBL+3PgWYNVraLE
4XPRuT4HmGlqcbg41ed4EhUtcS1X0xEm5D8cF73vsYzzAYB+uAbO/Tdj9u35gNzV
om+SxZ2gTicv3RKEOk0oUrenVjKIwPX5Bv9wootoPo0TvIg3ZH5T9CqLFHOkLEwU
2Wq+E5vV7CzAd5iw0DEYL+8ww2fBiJpBI8QJW6Sb4mo7KTXVA5rml9VHeRDEa0sk
J7AeCoBr7iE9QN3wEGYZMwW6P6x00uXo+yvKvZmUIaMvK1KqsHjOBsk6g85tY3zB
1Q3CqoZOqYKJBi+d4rH/SPquU0l/Uch/HY3XacWe+npitTYaYyWX++dNKQIDAQAB
o4IDCTCCAwUwHQYDVR0OBBYEFI1YZVylLONCxgS+4vHoeTvCgzW7MB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvalZobFhLVXM0MExHQkw3aThlaDVPOEtETmJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHQYIKwYBBQUHAQcBAf8EggEMMIIBCDCBsQQCAAEwgaoD
BAItDkADBAAtDkYDBAAtDmkDBAAtDmsDBAItQoADBAItQtgDBAItjnwDBAItj+gD
BAItlZwDBAItnzADBAA+akYDBAJY1hQDBAJbyPADBAJcPCgDBABta4kDBABta4wD
BAKNYsQDBAOTTvADBAKVPiwDBAKwd5QDBACwfnIDBAK5uNwDBAK5yEADBALBIJQD
BAHBbx4DBALCaJgwDAMEAMP18QMEAMP18jBSBAIAAjBMAwcAKgkAAQAAAwcAKgkA
AgAAAwcAKgkAAwAAAwcAKgkABAAAAwcAKgkABQAAAwYEKgkABwADBwAqCQAHIAgD
BQAqDcfBAwUDKhAEgDANBgkqhkiG9w0BAQsFAAOCAQEAdEz381DDPBnreeTsb83G
b8hZITIU4uuBGL5eQf1Ukrpv1QkDuFPrxrHKbfmJCCCol8wxDTLAxxhYq8G0C3xY
Gz3ULRga13A4d6jOL53V3/SofWfIbCmrWHqjzyUUK//BpR2nIwpMYXXtozo48cxw
UofS0+CF0oxlxd/pMaRKfaPHKquBNuqZZEq+X1PXA9zMSxjxWymUOeYxNQKaWxW8
tnGXd9kOnvrbFxI5o7nb8U9JKWaQNFx+9y4UyYlNGyFcVAVqt7G6oqIC242s7tiu
xzotHit3Dc/D+Sg2oPLtuWepL950/kwaQMAXQ3mGGiYrSlNYXB1gGbMp2uNiF+CQ
Yg==
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:34 2024 by rpki-client on console-fra.rpki-client.org