Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/9A7et_a-8ljnv9SUZpT2G_pnsv8.roa
File: 9A7et_a-8ljnv9SUZpT2G_pnsv8.roa (raw, json)
Hash identifier: HckVqGPhv4UXw+A9QmannVNgIil1KNnNU1JR3krpiLg=
Subject key identifier: F4:0E:DE:B7:F6:BE:F2:58:E7:BF:D4:94:66:94:F6:1B:FA:67:B2:FF
Certificate issuer: /CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Certificate serial: 018CC79368882540DB30BBE64B87C0B345C3
Authority key identifier: 99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/9A7et_a-8ljnv9SUZpT2G_pnsv8.roa
Signing time: Tue 02 Jan 2024 00:29:35 +0000
ROA not before: Tue 02 Jan 2024 00:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13335
IP address blocks: 188.114.98.0/24 maxlen: 24
188.114.97.0/24 maxlen: 24
188.114.96.0/24 maxlen: 24
188.114.104.0/24 maxlen: 24
188.114.100.0/24 maxlen: 24
188.114.99.0/24 maxlen: 24
188.114.101.0/24 maxlen: 24
188.114.103.0/24 maxlen: 24
188.114.102.0/24 maxlen: 24
188.114.111.0/24 maxlen: 24
188.114.106.0/23 maxlen: 23
188.114.108.0/24 maxlen: 24
188.114.110.0/24 maxlen: 24
188.114.109.0/24 maxlen: 24
141.101.67.0/24 maxlen: 24
141.101.66.0/24 maxlen: 24
141.101.69.0/24 maxlen: 24
141.101.68.0/24 maxlen: 24
141.101.71.0/24 maxlen: 24
141.101.70.0/24 maxlen: 24
141.101.65.0/24 maxlen: 24
141.101.74.0/24 maxlen: 24
141.101.73.0/24 maxlen: 24
141.101.76.0/23 maxlen: 23
141.101.75.0/24 maxlen: 24
141.101.72.0/24 maxlen: 24
141.101.83.0/24 maxlen: 24
141.101.82.0/24 maxlen: 24
141.101.84.0/24 maxlen: 24
141.101.85.0/24 maxlen: 24
141.101.88.0/22 maxlen: 22
141.101.87.0/24 maxlen: 24
141.101.90.0/24 maxlen: 24
141.101.86.0/24 maxlen: 24
141.101.95.0/24 maxlen: 24
141.101.94.0/24 maxlen: 24
141.101.97.0/24 maxlen: 24
141.101.96.0/24 maxlen: 24
141.101.98.0/24 maxlen: 24
141.101.93.0/24 maxlen: 24
141.101.92.0/24 maxlen: 24
141.101.104.0/24 maxlen: 24
141.101.105.0/24 maxlen: 24
141.101.100.0/22 maxlen: 22
141.101.100.0/24 maxlen: 24
141.101.99.0/24 maxlen: 24
141.101.109.0/24 maxlen: 24
141.101.108.0/24 maxlen: 24
141.101.111.0/24 maxlen: 24
141.101.110.0/24 maxlen: 24
141.101.112.0/23 maxlen: 23
141.101.107.0/24 maxlen: 24
141.101.106.0/24 maxlen: 24
141.101.112.0/20 maxlen: 20
141.101.114.0/23 maxlen: 23
141.101.64.0/24 maxlen: 24
141.101.120.0/22 maxlen: 22
2a06:98c0:1c04::/48 maxlen: 48
2a06:98c1:3101::/48 maxlen: 48
2a06:98c1:3123::/48 maxlen: 48
2a06:98c1:310f::/48 maxlen: 48
2a06:98c0:1c01::/48 maxlen: 48
2a06:98c0:1c0f::/48 maxlen: 48
2a06:98c0:1c23::/48 maxlen: 48
2a06:98c1:3107::/48 maxlen: 48
2a06:98c0:1c0c::/48 maxlen: 48
2a06:98c1:3104::/48 maxlen: 48
2a06:98c0:1c20::/48 maxlen: 48
2a06:98c1:3106::/48 maxlen: 48
2a06:98c0:1c09::/48 maxlen: 48
2a06:98c1:3103::/48 maxlen: 48
2a06:98c0:1c06::/48 maxlen: 48
2a06:98c1:3120::/48 maxlen: 48
2a06:98c1:56::/48 maxlen: 48
2a06:98c0:1c25::/48 maxlen: 48
2a06:98c1:310c::/48 maxlen: 48
2a06:98c0:1c03::/48 maxlen: 48
2a06:98c0:1c22::/48 maxlen: 48
2a06:98c0:1c00::/48 maxlen: 48
2a06:98c1:3109::/48 maxlen: 48
2a06:98c1:310b::/48 maxlen: 48
2a06:98c1:50::/45 maxlen: 45
2a06:98c0:1c0e::/48 maxlen: 48
2a06:98c1:3108::/48 maxlen: 48
2a06:98c1:3100::/48 maxlen: 48
2a06:98c1:3200::/48 maxlen: 48
2a06:98c0:1c05::/48 maxlen: 48
2a06:98c0:1c08::/48 maxlen: 48
2a06:98c1:3122::/48 maxlen: 48
2a06:98c1:58::/48 maxlen: 48
2a06:98c1:310e::/48 maxlen: 48
2a06:98c0:1c02::/48 maxlen: 48
2a06:98c0:1c24::/48 maxlen: 48
2a06:98c1:3121::/48 maxlen: 48
2a06:98c1:310d::/48 maxlen: 48
2a06:98c0:1c0d::/48 maxlen: 48
2a06:98c1:54::/48 maxlen: 48
2a06:98c0:1c10::/48 maxlen: 48
2a06:98c1:310a::/48 maxlen: 48
2a06:98c0:1c21::/48 maxlen: 48
2a06:98c1:3105::/48 maxlen: 48
2a06:98c0:1c0a::/48 maxlen: 48
2a06:98c1:3102::/48 maxlen: 48
2a06:98c0:1c07::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 22 Jan 2024 08:05:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:68:88:25:40:db:30:bb:e6:4b:87:c0:b3:45:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Validity
Not Before: Jan 2 00:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f40edeb7f6bef258e7bfd4946694f61bfa67b2ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:79:61:b0:a0:02:fa:6d:d2:1f:c4:8b:1e:96:
52:52:46:49:ef:26:96:6c:40:51:04:8c:b4:fc:7f:
a6:0b:d3:f5:46:df:b9:89:dc:1d:81:1e:f2:0d:b4:
15:3c:f0:04:44:db:c0:6c:26:83:9f:13:40:8a:1b:
bf:e8:76:0d:b6:98:22:74:58:f4:bb:f7:dc:d4:ab:
6c:bb:b5:96:05:3a:7c:f1:51:6e:21:56:e4:9a:08:
43:12:a5:82:80:0f:a4:41:a1:a9:a1:16:e4:78:19:
34:4a:33:55:f7:ae:7d:9a:11:35:eb:92:17:c9:60:
ef:b1:77:a6:c3:65:62:7a:25:38:54:5d:a8:46:e7:
d2:f4:93:76:08:7b:5b:a0:63:9e:35:94:e9:56:11:
48:fe:3c:70:ea:88:69:ad:6a:56:48:f5:8d:5d:3d:
5e:3f:f3:d7:3b:df:30:69:72:f2:c3:19:85:8c:fc:
5e:3d:aa:37:01:39:6a:c9:43:26:60:11:ae:17:14:
43:1b:2e:e3:ab:ce:ac:50:d9:9d:96:a0:04:6b:4f:
dc:7f:cb:ad:64:90:42:76:43:03:74:06:36:66:8a:
08:7e:75:05:1e:5b:ca:31:da:88:dd:56:7b:cc:84:
39:f7:b7:91:0d:af:42:46:82:29:4f:b2:bb:cd:61:
51:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:0E:DE:B7:F6:BE:F2:58:E7:BF:D4:94:66:94:F6:1B:FA:67:B2:FF
X509v3 Authority Key Identifier:
keyid:99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/9A7et_a-8ljnv9SUZpT2G_pnsv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.101.64.0-141.101.77.255
141.101.82.0-141.101.127.255
188.114.96.0-188.114.104.255
188.114.106.0-188.114.111.255
IPv6:
2a06:98c0:1c00::-2a06:98c0:1c0a:ffff:ffff:ffff:ffff:ffff
2a06:98c0:1c0c::-2a06:98c0:1c10:ffff:ffff:ffff:ffff:ffff
2a06:98c0:1c20::-2a06:98c0:1c25:ffff:ffff:ffff:ffff:ffff
2a06:98c1:50::-2a06:98c1:58:ffff:ffff:ffff:ffff:ffff
2a06:98c1:3100::/44
2a06:98c1:3120::/46
2a06:98c1:3200::/48
Signature Algorithm: sha256WithRSAEncryption
68:15:41:44:0f:08:44:e8:1b:03:f5:dd:b1:f3:c3:3e:46:96:
6f:08:02:0a:5c:ef:ce:6b:26:9f:53:60:a4:f0:4b:26:a9:bd:
c0:66:23:6b:b3:3a:64:db:20:a2:b1:6e:95:d0:d4:71:01:37:
aa:5b:ed:b6:37:aa:b6:95:e0:b0:ce:bd:f4:c5:8e:2e:2d:75:
db:6b:42:66:6a:cd:81:eb:45:52:b5:3d:07:80:d7:f1:25:01:
3c:5f:01:e4:10:e3:a4:d9:24:75:26:d6:e5:fa:0d:87:7c:46:
10:99:0a:df:58:d2:0b:49:f1:c8:35:0a:00:03:26:ff:d9:18:
ee:be:64:0f:8c:fa:b5:d3:7e:9c:21:5e:55:25:43:08:10:c3:
2f:50:33:71:b9:96:f4:73:5f:2a:a4:d7:10:58:28:dc:5e:01:
f5:0d:cb:9f:34:50:15:70:8f:c9:0e:fd:89:3d:b5:4b:3c:5d:
cb:8a:92:95:47:6d:0f:7b:7a:9c:bb:cf:53:f9:bf:e1:ca:b9:
47:c9:bd:22:c6:6d:cb:54:ed:f9:e5:82:02:92:78:84:62:42:
7f:b5:61:d0:b2:3d:d6:82:ea:63:f7:f0:e0:9f:c2:6e:64:3e:
c7:e6:62:80:df:99:99:ab:ed:bc:32:a9:ad:b6:66:3e:b2:2b:
6c:9a:63:d7
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYzHk2iIJUDbMLvmS4fAs0XDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDViZmFkNDVkN2M2NWE2ZTM0MzAyODUwOWZkMTg5MmU5
N2I5ZDAwHhcNMjQwMTAyMDAyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDBlZGViN2Y2YmVmMjU4ZTdiZmQ0OTQ2Njk0ZjYxYmZhNjdiMmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHlhsKAC+m3SH8SLHpZSUkZJ7yaW
bEBRBIy0/H+mC9P1Rt+5idwdgR7yDbQVPPAERNvAbCaDnxNAihu/6HYNtpgidFj0
u/fc1Ktsu7WWBTp88VFuIVbkmghDEqWCgA+kQaGpoRbkeBk0SjNV9659mhE165IX
yWDvsXemw2VieiU4VF2oRufS9JN2CHtboGOeNZTpVhFI/jxw6ohprWpWSPWNXT1e
P/PXO98waXLywxmFjPxePao3ATlqyUMmYBGuFxRDGy7jq86sUNmdlqAEa0/cf8ut
ZJBCdkMDdAY2ZooIfnUFHlvKMdqI3VZ7zIQ597eRDa9CRoIpT7K7zWFRnQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFPQO3rf2vvJY57/UlGaU9hv6Z7L/MB8GA1UdIwQY
MBaAFJnVv61F18ZabjQwKFCf0Ykul7nQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQt
NzU1MTgwOWNiNzMxLzEvOUE3ZXRfYS04bGpudjlTVVpwVDJHX3Buc3Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQtNzU1MTgwOWNiNzMx
LzEvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjA+BAIAATA4MAwDBAaN
ZUADBAGNZUwwDAMEAY1lUgMEB41lADAMAwQFvHJgAwQAvHJoMAwDBAG8cmoDBAS8
cmAwcAQCAAIwajARAwYCKgaYwBwDBwAqBpjAHAowEgMHAioGmMAcDAMHACoGmMAc
EDASAwcFKgaYwBwgAwcBKgaYwBwkMBIDBwQqBpjBAFADBwAqBpjBAFgDBwQqBpjB
MQADBwIqBpjBMSADBwAqBpjBMgAwDQYJKoZIhvcNAQELBQADggEBAGgVQUQPCETo
GwP13bHzwz5Glm8IAgpc785rJp9TYKTwSyapvcBmI2uzOmTbIKKxbpXQ1HEBN6pb
7bY3qraV4LDOvfTFji4tddtrQmZqzYHrRVK1PQeA1/ElATxfAeQQ46TZJHUm1uX6
DYd8RhCZCt9Y0gtJ8cg1CgADJv/ZGO6+ZA+M+rXTfpwhXlUlQwgQwy9QM3G5lvRz
Xyqk1xBYKNxeAfUNy580UBVwj8kO/Yk9tUs8XcuKkpVHbQ97epy7z1P5v+HKuUfJ
vSLGbctU7fnlggKSeIRiQn+1YdCyPdaC6mP38OCfwm5kPsfmYoDfmZmr7bwyqa22
Zj6yK2yaY9c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:15 2024 by rpki-client on console-fra.rpki-client.org