Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/oj9oDj3X74LJU2JklCjCJL0OVNs.roa
File: oj9oDj3X74LJU2JklCjCJL0OVNs.roa (raw, json)
Hash identifier: bQECuJECZ3I8FphfEMj/4+Y/O2UIUxHXdlbWC7qfr7k=
Subject key identifier: A2:3F:68:0E:3D:D7:EF:82:C9:53:62:64:94:28:C2:24:BD:0E:54:DB
Certificate issuer: /CN=237f7db033314c473cda194e0df79f1c375da3f4
Certificate serial: 0186A0C9414FAB38324F883FE09744928917
Authority key identifier: 23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/oj9oDj3X74LJU2JklCjCJL0OVNs.roa
Signing time: Thu 02 Mar 2023 05:26:29 +0000
ROA not before: Thu 02 Mar 2023 05:26:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3225
IP address blocks: 91.140.216.0/22 maxlen: 24
91.140.221.0/24 maxlen: 24
91.140.220.0/24 maxlen: 24
91.140.224.0/24 maxlen: 24
91.140.222.0/24 maxlen: 24
91.140.223.0/24 maxlen: 24
91.140.224.0/22 maxlen: 22
91.140.226.0/24 maxlen: 24
91.140.233.0/24 maxlen: 24
91.140.228.0/22 maxlen: 22
91.140.232.0/24 maxlen: 24
91.140.240.0/24 maxlen: 24
91.140.235.0/24 maxlen: 24
91.140.234.0/24 maxlen: 24
91.140.238.0/24 maxlen: 24
91.140.239.0/24 maxlen: 24
91.140.236.0/24 maxlen: 24
91.140.237.0/24 maxlen: 24
91.140.242.0/24 maxlen: 24
91.140.241.0/24 maxlen: 24
91.140.244.0/22 maxlen: 22
91.140.246.0/24 maxlen: 24
91.140.248.0/24 maxlen: 24
91.140.249.0/24 maxlen: 24
91.140.248.0/22 maxlen: 22
91.140.252.0/24 maxlen: 24
91.140.253.0/24 maxlen: 24
91.140.250.0/24 maxlen: 24
91.140.252.0/22 maxlen: 22
91.140.251.0/24 maxlen: 24
91.140.255.0/24 maxlen: 24
91.140.254.0/24 maxlen: 24
91.140.164.0/22 maxlen: 22
185.16.4.0/22 maxlen: 22
91.140.160.0/22 maxlen: 22
91.140.172.0/22 maxlen: 22
94.187.224.0/19 maxlen: 24
91.140.180.0/22 maxlen: 22
94.187.232.0/22 maxlen: 22
91.140.192.0/22 maxlen: 24
91.140.188.0/22 maxlen: 22
94.187.228.0/22 maxlen: 22
94.187.236.0/22 maxlen: 22
91.140.196.0/22 maxlen: 24
94.187.240.0/22 maxlen: 24
91.140.201.0/24 maxlen: 24
91.140.200.0/22 maxlen: 22
91.140.203.0/24 maxlen: 24
94.187.244.0/22 maxlen: 22
91.140.204.0/22 maxlen: 22
91.140.202.0/24 maxlen: 24
91.140.212.0/22 maxlen: 22
94.187.252.0/22 maxlen: 22
91.140.207.0/24 maxlen: 24
94.187.248.0/22 maxlen: 22
91.140.208.0/22 maxlen: 22
91.140.128.0/22 maxlen: 22
91.140.128.0/17 maxlen: 17
91.140.132.0/22 maxlen: 22
91.140.140.0/22 maxlen: 22
91.140.152.0/22 maxlen: 22
91.140.148.0/22 maxlen: 22
194.54.241.0/24 maxlen: 24
194.54.244.0/22 maxlen: 22
194.54.243.0/24 maxlen: 24
194.54.248.0/22 maxlen: 22
194.54.252.0/22 maxlen: 22
194.54.192.0/19 maxlen: 24
194.54.192.0/18 maxlen: 18
194.54.194.0/23 maxlen: 23
194.54.196.0/22 maxlen: 22
194.54.204.0/22 maxlen: 22
194.54.200.0/22 maxlen: 22
194.54.202.0/24 maxlen: 24
194.54.209.0/24 maxlen: 24
194.54.208.0/22 maxlen: 22
194.54.208.0/24 maxlen: 24
194.54.212.0/22 maxlen: 22
194.54.216.0/22 maxlen: 22
194.54.224.0/19 maxlen: 19
194.54.220.0/24 maxlen: 24
194.54.220.0/22 maxlen: 22
194.54.224.0/22 maxlen: 22
194.54.232.0/22 maxlen: 22
194.54.228.0/22 maxlen: 22
194.54.234.0/24 maxlen: 24
194.54.236.0/22 maxlen: 22
194.54.240.0/22 maxlen: 24
2a01:7780::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 05 Mar 2023 06:06:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a0:c9:41:4f:ab:38:32:4f:88:3f:e0:97:44:92:89:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=237f7db033314c473cda194e0df79f1c375da3f4
Validity
Not Before: Mar 2 05:26:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a23f680e3dd7ef82c95362649428c224bd0e54db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:39:e9:23:02:62:3c:8e:da:3a:a0:31:45:4a:
34:df:2e:21:c2:87:9c:00:61:ea:9b:1d:3e:ce:c2:
c8:d9:2c:79:f5:0f:75:e3:73:88:f5:ba:0b:71:9e:
f6:58:9b:2c:28:dd:a7:7d:14:6b:74:01:cf:83:21:
43:d3:79:c3:67:9f:13:96:d2:1d:40:1c:ba:c7:ae:
b7:79:40:c5:c4:b3:75:10:93:a0:03:d5:96:d4:24:
ef:ed:2f:37:ab:1f:0e:dd:4c:53:af:5b:94:03:37:
24:ee:d4:40:39:8c:71:ce:be:fb:25:e7:e1:64:e6:
ae:95:cd:95:53:db:fa:7d:2d:2a:51:32:6b:57:4e:
5a:c4:da:8c:0b:f3:18:ee:92:cd:94:b4:63:a6:3b:
fe:88:f8:4b:ce:e9:e7:8f:ed:31:13:36:83:cb:84:
88:6b:53:8f:ba:6c:32:8a:d5:5b:98:48:f3:b7:28:
8a:37:d3:7f:a0:17:c9:b6:f8:9a:1a:f8:a8:34:d4:
17:04:5d:bc:5f:83:99:17:4b:a3:1e:60:43:00:6c:
0f:53:85:63:b6:a3:aa:96:8d:31:2f:65:1b:32:e6:
37:84:f6:28:48:b9:e7:e8:ca:86:07:38:eb:d2:01:
0b:53:ca:7a:25:d1:b3:2d:01:4d:dd:24:ff:0f:b5:
1d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:3F:68:0E:3D:D7:EF:82:C9:53:62:64:94:28:C2:24:BD:0E:54:DB
X509v3 Authority Key Identifier:
keyid:23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/oj9oDj3X74LJU2JklCjCJL0OVNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/I399sDMxTEc82hlODfefHDddo_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.140.128.0/17
94.187.224.0/19
185.16.4.0/22
194.54.192.0/18
IPv6:
2a01:7780::/32
Signature Algorithm: sha256WithRSAEncryption
2b:3a:2f:f8:b7:44:b2:e6:65:3c:4e:fb:fd:62:08:99:30:b9:
b7:bc:e8:c0:ee:80:d6:13:68:fd:25:e5:f6:6d:81:1a:87:ef:
6e:94:f1:7d:6f:08:3c:88:22:e1:87:c9:87:09:e3:cb:05:6f:
b9:d7:d7:d6:69:ee:5c:9f:20:3b:75:33:c0:39:aa:9e:86:5f:
c1:55:4c:0d:d9:27:1d:b4:d5:6e:84:e0:ab:4f:27:a1:fa:39:
fb:10:e0:e5:da:4b:df:9c:99:5f:12:6f:0c:19:fa:df:d5:d2:
55:38:33:e5:15:39:e6:52:e7:2f:b9:dd:65:d5:62:90:a4:00:
56:63:73:84:89:83:1a:5f:2a:35:f0:69:30:0e:13:99:b0:af:
61:ac:78:72:43:b9:c2:6c:21:47:f6:4a:7f:f8:2f:c0:da:ef:
d4:c5:61:f0:51:52:b8:eb:66:0d:e9:0e:ba:f7:e6:5f:bf:80:
00:da:af:fe:8b:34:e1:7f:6b:ef:32:69:0d:85:f9:d1:2a:16:
88:d6:2c:d3:78:e2:c8:97:90:18:32:5a:6d:83:c6:0b:72:11:
80:a5:0f:96:98:d2:6f:f7:4c:8d:d5:a8:a6:8e:ff:e1:26:51:
62:3f:d2:f0:4f:dd:b4:3b:92:85:4a:3a:5b:78:5b:eb:47:ce:
22:d2:97:6c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYagyUFPqzgyT4g/4JdEkokXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzN2Y3ZGIwMzMzMTRjNDczY2RhMTk0ZTBkZjc5ZjFjMzc1
ZGEzZjQwHhcNMjMwMzAyMDUyNjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjNmNjgwZTNkZDdlZjgyYzk1MzYyNjQ5NDI4YzIyNGJkMGU1NGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DnpIwJiPI7aOqAxRUo03y4hwoec
AGHqmx0+zsLI2Sx59Q9143OI9boLcZ72WJssKN2nfRRrdAHPgyFD03nDZ58TltId
QBy6x663eUDFxLN1EJOgA9WW1CTv7S83qx8O3UxTr1uUAzck7tRAOYxxzr77Jefh
ZOaulc2VU9v6fS0qUTJrV05axNqMC/MY7pLNlLRjpjv+iPhLzunnj+0xEzaDy4SI
a1OPumwyitVbmEjztyiKN9N/oBfJtviaGvioNNQXBF28X4OZF0ujHmBDAGwPU4Vj
tqOqlo0xL2UbMuY3hPYoSLnn6MqGBzjr0gELU8p6JdGzLQFN3ST/D7UdHQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKI/aA491++CyVNiZJQowiS9DlTbMB8GA1UdIwQY
MBaAFCN/fbAzMUxHPNoZTg33nxw3XaP0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTM5OXNETXhURWM4MmhsT0RmZWZIRGRkb19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9lZWY1NTctMGUxMC00MGNlLWE0OGYt
ZWUwNjAzOTQ5ZjkzLzEvb2o5b0RqM1g3NExKVTJKa2xDakNKTDBPVk5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9lZWY1NTctMGUxMC00MGNlLWE0OGYtZWUwNjAzOTQ5Zjkz
LzEvSTM5OXNETXhURWM4MmhsT0RmZWZIRGRkb19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQHW4yAAwQF
XrvgAwQCuRAEAwQGwjbAMA0EAgACMAcDBQAqAXeAMA0GCSqGSIb3DQEBCwUAA4IB
AQArOi/4t0Sy5mU8Tvv9YgiZMLm3vOjA7oDWE2j9JeX2bYEah+9ulPF9bwg8iCLh
h8mHCePLBW+519fWae5cnyA7dTPAOaqehl/BVUwN2ScdtNVuhOCrTyeh+jn7EODl
2kvfnJlfEm8MGfrf1dJVODPlFTnmUucvud1l1WKQpABWY3OEiYMaXyo18GkwDhOZ
sK9hrHhyQ7nCbCFH9kp/+C/A2u/UxWHwUVK462YN6Q669+Zfv4AA2q/+izThf2vv
MmkNhfnRKhaI1izTeOLIl5AYMlptg8YLchGApQ+WmNJv90yN1aimjv/hJlFiP9Lw
T920O5KFSjpbeFvrR84i0pds
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:58 2024 by rpki-client on console-ams.rpki-client.org