Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/jABfj_kgcx9cYrSBXnZ78P0ccSg.roa
File: jABfj_kgcx9cYrSBXnZ78P0ccSg.roa (raw, json)
Hash identifier: UWWbLUFIfeilzdDN+9NtACuaO/TIelVVss/7GvwjP3s=
Subject key identifier: 8C:00:5F:8F:F9:20:73:1F:5C:62:B4:81:5E:76:7B:F0:FD:1C:71:28
Certificate issuer: /CN=3be2f0164b66a76795860b4ea3586fad563bac47
Certificate serial: 0190686C7D0BCEB9957FCB780868EC24CF08
Authority key identifier: 3B:E2:F0:16:4B:66:A7:67:95:86:0B:4E:A3:58:6F:AD:56:3B:AC:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O-LwFktmp2eVhgtOo1hvrVY7rEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/jABfj_kgcx9cYrSBXnZ78P0ccSg.roa
Signing time: Sun 30 Jun 2024 09:14:18 +0000
ROA not before: Sun 30 Jun 2024 09:14:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206264
IP address blocks: 2.57.214.0/24 maxlen: 24
2.57.215.0/24 maxlen: 24
5.183.209.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
45.139.122.0/24 maxlen: 24
80.251.152.0/23 maxlen: 24
89.249.49.0/24 maxlen: 24
93.123.72.0/24 maxlen: 24
94.156.33.0/24 maxlen: 24
185.191.124.0/24 maxlen: 24
185.191.125.0/24 maxlen: 24
185.191.126.0/24 maxlen: 24
185.191.127.0/24 maxlen: 24
2a0d:1000::/29 maxlen: 29
2a0d:1000::/30 maxlen: 30
2a0d:1004::/30 maxlen: 30
Validation: Failed, certificate revoked on Fri 13 Sep 2024 04:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:68:6c:7d:0b:ce:b9:95:7f:cb:78:08:68:ec:24:cf:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3be2f0164b66a76795860b4ea3586fad563bac47
Validity
Not Before: Jun 30 09:14:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c005f8ff920731f5c62b4815e767bf0fd1c7128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:8a:3f:f6:b5:c6:07:fe:4f:f6:a6:19:95:16:
80:ae:be:3d:b4:f9:d3:40:e1:20:72:c5:fd:d2:65:
7f:46:3a:8b:17:0a:60:7f:9c:0c:60:79:e6:e2:bf:
cc:8b:e1:5d:be:3c:8a:4d:ed:75:95:a7:d4:69:fe:
9d:e0:a9:c2:3d:25:7e:97:93:86:b0:38:c1:9e:f3:
36:7f:8d:bd:ca:4e:2e:bf:aa:51:28:91:c4:de:f6:
22:d2:08:64:18:3c:4d:76:a0:53:17:50:57:b4:5f:
54:0f:2c:db:3e:29:13:d9:4b:21:41:6b:56:84:bf:
cf:1c:9e:58:d2:55:00:89:05:39:79:30:26:d9:45:
13:1b:a7:b1:f9:ec:65:81:5f:36:2a:fa:a9:be:63:
c9:40:d1:10:e3:d7:2b:1f:af:78:9c:2c:0f:5d:3d:
36:91:51:20:4c:ba:ab:1d:fe:58:fe:15:ec:0f:7a:
b7:5d:4a:64:11:dc:90:95:12:23:2a:91:cb:93:e9:
c7:51:4e:fd:be:e3:b2:98:4f:f0:4e:81:5b:12:89:
2c:a6:5d:8d:5e:bc:ed:83:db:c3:bb:e1:b8:d2:9c:
10:98:2f:eb:eb:18:2e:3a:fe:ee:f9:88:d1:e7:34:
39:47:30:42:35:a8:09:30:ef:ed:d7:ea:43:c0:28:
0f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:00:5F:8F:F9:20:73:1F:5C:62:B4:81:5E:76:7B:F0:FD:1C:71:28
X509v3 Authority Key Identifier:
keyid:3B:E2:F0:16:4B:66:A7:67:95:86:0B:4E:A3:58:6F:AD:56:3B:AC:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-LwFktmp2eVhgtOo1hvrVY7rEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/jABfj_kgcx9cYrSBXnZ78P0ccSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/O-LwFktmp2eVhgtOo1hvrVY7rEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.214.0/23
5.183.209.0/24
45.129.84.0/24
45.139.122.0/24
80.251.152.0/23
89.249.49.0/24
93.123.72.0/24
94.156.33.0/24
185.191.124.0/22
IPv6:
2a0d:1000::/29
Signature Algorithm: sha256WithRSAEncryption
83:0b:8b:5c:7b:e3:50:a0:e4:9e:83:d1:fb:5c:6a:72:3f:0c:
eb:bd:64:af:a4:33:0d:f9:b6:a8:a3:ec:61:1d:2c:84:d2:3e:
ba:7f:6a:86:7f:b8:db:20:cc:b9:73:5e:a1:1e:05:28:20:88:
e2:1b:6d:14:a6:9e:07:97:78:99:9c:3e:5f:90:fd:c0:31:06:
ab:9b:e1:af:53:91:2f:5a:62:46:a6:17:5a:93:d0:e4:3e:71:
5d:d4:a5:cb:1c:14:19:3a:4a:fa:e1:4f:02:19:56:ad:86:b9:
8e:06:5d:aa:b1:ad:5f:2c:23:01:e0:54:97:35:01:ae:c4:52:
25:17:66:f2:3b:80:b0:5d:f4:75:cc:29:1e:67:06:68:9e:26:
6e:d6:5a:9c:c1:63:2c:dc:e0:1f:01:4d:ba:df:1c:14:59:71:
f0:04:18:ad:0d:59:7f:9e:04:85:9b:b1:fa:d5:d4:bd:de:8f:
19:60:57:d5:8c:95:02:9b:29:e2:31:6b:5c:21:ae:cf:8e:c5:
56:91:99:c0:58:8a:55:cb:48:81:5d:b2:bc:a5:c5:c7:aa:27:
4e:f3:22:d2:55:d3:36:68:f8:50:3d:fb:79:26:96:f5:1c:0f:
df:51:7c:11:11:17:a2:52:f8:d4:b8:d3:2d:34:18:f4:63:5d:
a2:c8:a2:f8
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZBobH0LzrmVf8t4CGjsJM8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZTJmMDE2NGI2NmE3Njc5NTg2MGI0ZWEzNTg2ZmFkNTYz
YmFjNDcwHhcNMjQwNjMwMDkxNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzAwNWY4ZmY5MjA3MzFmNWM2MmI0ODE1ZTc2N2JmMGZkMWM3MTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Yo/9rXGB/5P9qYZlRaArr49tPnT
QOEgcsX90mV/RjqLFwpgf5wMYHnm4r/Mi+FdvjyKTe11lafUaf6d4KnCPSV+l5OG
sDjBnvM2f429yk4uv6pRKJHE3vYi0ghkGDxNdqBTF1BXtF9UDyzbPikT2UshQWtW
hL/PHJ5Y0lUAiQU5eTAm2UUTG6ex+exlgV82KvqpvmPJQNEQ49crH694nCwPXT02
kVEgTLqrHf5Y/hXsD3q3XUpkEdyQlRIjKpHLk+nHUU79vuOymE/wToFbEokspl2N
Xrztg9vDu+G40pwQmC/r6xguOv7u+YjR5zQ5RzBCNagJMO/t1+pDwCgPrQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFIwAX4/5IHMfXGK0gV52e/D9HHEoMB8GA1UdIwQY
MBaAFDvi8BZLZqdnlYYLTqNYb61WO6xHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTy1Md0ZrdG1wMmVWaGd0T28xaHZyVlk3ckVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9jNzJiNjctNzZlYy00YWZhLWIzNzYt
ZjlhZDM4MDUxMjIwLzEvakFCZmpfa2djeDljWXJTQlhuWjc4UDBjY1NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9jNzJiNjctNzZlYy00YWZhLWIzNzYtZjlhZDM4MDUxMjIw
LzEvTy1Md0ZrdG1wMmVWaGd0T28xaHZyVlk3ckVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQBAjnWAwQA
BbfRAwQALYFUAwQALYt6AwQBUPuYAwQAWfkxAwQAXXtIAwQAXpwhAwQCub98MA0E
AgACMAcDBQMqDRAAMA0GCSqGSIb3DQEBCwUAA4IBAQCDC4tce+NQoOSeg9H7XGpy
PwzrvWSvpDMN+baoo+xhHSyE0j66f2qGf7jbIMy5c16hHgUoIIjiG20Upp4Hl3iZ
nD5fkP3AMQarm+GvU5EvWmJGphdak9DkPnFd1KXLHBQZOkr64U8CGVathrmOBl2q
sa1fLCMB4FSXNQGuxFIlF2byO4CwXfR1zCkeZwZoniZu1lqcwWMs3OAfAU263xwU
WXHwBBitDVl/ngSFm7H61dS93o8ZYFfVjJUCmyniMWtcIa7PjsVWkZnAWIpVy0iB
XbK8pcXHqidO8yLSVdM2aPhQPft5Jpb1HA/fUXwREReiUvjUuNMtNBj0Y12iyKL4
-----END CERTIFICATE-----
Generated at Fri Sep 13 06:20:12 2024 by rpki-client on console-fra.rpki-client.org