Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/JNWnav-EyiGHtIYKdjDS8nmOBSg.roa
File: JNWnav-EyiGHtIYKdjDS8nmOBSg.roa (raw, json)
Hash identifier: JtLdT6kv+8Oeb1V4XaGy0aWw9Zsz8llYFRd1jsSr1DQ=
Subject key identifier: 24:D5:A7:6A:FF:84:CA:21:87:B4:86:0A:76:30:D2:F2:79:8E:05:28
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018DA7617A32F32FF4962AFEDB15279050F0
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/JNWnav-EyiGHtIYKdjDS8nmOBSg.roa
Signing time: Wed 14 Feb 2024 11:29:59 +0000
ROA not before: Wed 14 Feb 2024 11:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42910
IP address blocks: 31.210.32.0/24 maxlen: 24
31.210.33.0/24 maxlen: 24
31.210.35.0/24 maxlen: 24
31.210.44.0/24 maxlen: 24
31.210.45.0/24 maxlen: 32
31.210.46.0/24 maxlen: 24
31.210.47.0/24 maxlen: 24
31.210.56.0/24 maxlen: 24
31.210.57.0/24 maxlen: 24
31.210.58.0/24 maxlen: 24
31.210.59.0/24 maxlen: 24
31.210.60.0/24 maxlen: 24
31.210.61.0/24 maxlen: 32
77.92.128.0/24 maxlen: 24
77.92.129.0/24 maxlen: 24
77.92.130.0/24 maxlen: 24
77.92.131.0/24 maxlen: 24
77.92.132.0/24 maxlen: 24
77.92.133.0/24 maxlen: 32
77.92.134.0/24 maxlen: 24
77.92.135.0/24 maxlen: 24
77.92.136.0/24 maxlen: 24
77.92.137.0/24 maxlen: 24
77.92.138.0/24 maxlen: 24
77.92.139.0/24 maxlen: 24
77.92.140.0/24 maxlen: 32
77.92.141.0/24 maxlen: 24
77.92.148.0/24 maxlen: 24
77.92.149.0/24 maxlen: 24
77.92.155.0/24 maxlen: 32
77.92.156.0/24 maxlen: 24
77.92.157.0/24 maxlen: 32
77.92.158.0/24 maxlen: 24
77.92.159.0/24 maxlen: 24
78.135.79.0/24 maxlen: 24
78.135.108.0/24 maxlen: 32
78.135.113.0/24 maxlen: 32
78.135.114.0/24 maxlen: 32
78.135.115.0/24 maxlen: 24
78.135.116.0/24 maxlen: 24
188.132.134.0/24 maxlen: 24
188.132.135.0/24 maxlen: 32
188.132.142.0/24 maxlen: 24
188.132.147.0/24 maxlen: 32
188.132.148.0/24 maxlen: 24
188.132.157.0/24 maxlen: 24
188.132.158.0/24 maxlen: 32
188.132.172.0/24 maxlen: 24
188.132.175.0/24 maxlen: 24
188.132.176.0/24 maxlen: 32
188.132.177.0/24 maxlen: 24
188.132.180.0/24 maxlen: 24
188.132.194.0/24 maxlen: 24
188.132.204.0/24 maxlen: 32
188.132.205.0/24 maxlen: 32
188.132.244.0/24 maxlen: 32
188.132.245.0/24 maxlen: 24
188.132.246.0/24 maxlen: 24
188.132.252.0/24 maxlen: 24
188.132.253.0/24 maxlen: 24
188.132.254.0/24 maxlen: 24
188.132.255.0/24 maxlen: 24
212.68.33.0/24 maxlen: 32
212.68.40.0/24 maxlen: 32
212.68.41.0/24 maxlen: 32
212.68.42.0/24 maxlen: 32
212.68.43.0/24 maxlen: 32
212.68.44.0/24 maxlen: 24
212.68.45.0/24 maxlen: 32
212.68.46.0/24 maxlen: 32
212.68.50.0/24 maxlen: 32
212.68.51.0/24 maxlen: 24
212.68.56.0/24 maxlen: 32
212.68.57.0/24 maxlen: 32
212.68.61.0/24 maxlen: 32
2a02:26b0::/32 maxlen: 32
2a02:26b0:8000::/48 maxlen: 48
2a02:26b0:8001::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 23 Feb 2024 08:20:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a7:61:7a:32:f3:2f:f4:96:2a:fe:db:15:27:90:50:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Feb 14 11:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24d5a76aff84ca2187b4860a7630d2f2798e0528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c3:90:0a:0a:33:75:dc:af:18:3a:90:08:47:
9d:1e:c7:cb:3e:eb:c6:f1:73:76:57:bd:38:b8:9b:
4f:0e:a2:27:8d:48:e2:f9:d0:64:5b:5e:09:82:63:
63:8d:17:6d:06:92:ee:fc:cb:39:43:8a:7f:24:16:
f0:0d:e2:b5:b5:ae:64:e2:13:9c:a0:6b:a7:da:8e:
fc:cf:99:fb:15:62:5f:60:2c:16:4c:ea:28:f4:33:
a1:62:a2:c8:b2:b4:a8:37:04:a8:67:0e:a5:c3:25:
73:f2:e7:c3:22:84:e3:25:06:f4:2e:dd:2c:b2:74:
3a:17:fb:5c:a4:08:75:5b:56:d8:30:01:ae:8b:75:
8d:09:38:4a:88:d9:dc:49:c2:08:53:b9:0d:3d:af:
c5:40:de:e4:40:2d:b2:ac:44:eb:0d:bb:c3:2d:f7:
25:ab:29:d6:93:ae:b7:2f:08:0a:33:89:55:3d:ea:
7c:60:12:9c:7f:29:ac:fd:62:9b:df:92:7f:ac:4d:
ea:de:87:f7:3f:f7:6a:e8:6d:27:ea:69:2c:fc:7d:
ea:34:31:af:f9:a7:be:19:cc:31:e8:ec:55:a3:b5:
e0:72:aa:0f:fd:da:b4:43:8e:29:21:c7:bb:1a:14:
00:3d:cd:71:c9:76:5e:7c:7b:3b:23:a9:4c:10:18:
bb:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:D5:A7:6A:FF:84:CA:21:87:B4:86:0A:76:30:D2:F2:79:8E:05:28
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/JNWnav-EyiGHtIYKdjDS8nmOBSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.32.0/23
31.210.35.0/24
31.210.44.0/22
31.210.56.0-31.210.61.255
77.92.128.0-77.92.141.255
77.92.148.0/23
77.92.155.0-77.92.159.255
78.135.79.0/24
78.135.108.0/24
78.135.113.0-78.135.116.255
188.132.134.0/23
188.132.142.0/24
188.132.147.0-188.132.148.255
188.132.157.0-188.132.158.255
188.132.172.0/24
188.132.175.0-188.132.177.255
188.132.180.0/24
188.132.194.0/24
188.132.204.0/23
188.132.244.0-188.132.246.255
188.132.252.0/22
212.68.33.0/24
212.68.40.0-212.68.46.255
212.68.50.0/23
212.68.56.0/23
212.68.61.0/24
IPv6:
2a02:26b0::/32
Signature Algorithm: sha256WithRSAEncryption
07:a5:65:1d:79:ee:7d:97:34:cb:a9:45:bf:87:22:3c:0d:bd:
9d:15:f0:1b:7b:9a:08:8e:f0:f0:0c:7f:22:20:8e:54:49:bc:
31:ea:25:08:a8:1e:4a:0a:21:0a:51:3b:d3:a8:56:ee:a5:96:
ff:99:c9:ed:09:ec:de:ce:33:69:f5:a5:4e:c5:a5:e7:d5:17:
b6:83:0e:f1:fc:50:34:ce:8e:65:35:db:3b:e7:0e:69:56:af:
2b:4f:eb:ad:d8:40:66:5b:06:aa:99:c3:a0:58:06:9e:d9:98:
1f:04:e3:6d:dd:65:1a:cd:56:82:f8:b5:98:a7:db:b5:a9:3f:
f6:6e:cf:be:b6:fa:54:69:7d:e2:20:ed:4b:3d:a3:9f:fb:60:
32:b7:0f:d7:47:0e:5e:ce:71:4a:4b:70:bc:ad:96:30:25:15:
c3:8f:7d:0d:70:dd:09:18:c4:87:b3:32:03:68:da:12:02:41:
aa:e4:cc:77:86:4d:69:a4:00:e8:b7:0d:3b:61:36:9f:d1:ed:
e4:21:61:75:70:68:ae:c8:ea:a3:47:f8:05:cb:f9:14:da:cb:
44:69:06:59:b4:f5:f1:6a:cc:cc:af:cb:ae:0f:0a:32:7c:2c:
37:d0:c5:71:cf:e4:ae:b2:22:3f:37:5f:57:cb:fa:97:b3:63:
c5:1a:20:cf
-----BEGIN CERTIFICATE-----
MIIF8TCCBNmgAwIBAgISAY2nYXoy8y/0lir+2xUnkFDwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjQwMjE0MTEyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGQ1YTc2YWZmODRjYTIxODdiNDg2MGE3NjMwZDJmMjc5OGUwNTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMOQCgozddyvGDqQCEedHsfLPuvG
8XN2V704uJtPDqInjUji+dBkW14JgmNjjRdtBpLu/Ms5Q4p/JBbwDeK1ta5k4hOc
oGun2o78z5n7FWJfYCwWTOoo9DOhYqLIsrSoNwSoZw6lwyVz8ufDIoTjJQb0Lt0s
snQ6F/tcpAh1W1bYMAGui3WNCThKiNncScIIU7kNPa/FQN7kQC2yrETrDbvDLfcl
qynWk663LwgKM4lVPep8YBKcfyms/WKb35J/rE3q3of3P/dq6G0n6mks/H3qNDGv
+ae+Gcwx6OxVo7XgcqoP/dq0Q44pIce7GhQAPc1xyXZefHs7I6lMEBi7zQIDAQAB
o4IC/TCCAvkwHQYDVR0OBBYEFCTVp2r/hMohh7SGCnYw0vJ5jgUoMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvSk5XbmF2LUV5aUdIdElZS2RqRFM4bm1PQlNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEQYIKwYBBQUHAQcBAf8EggEAMIH9MIHrBAIAATCB5AME
AR/SIAMEAB/SIwMEAh/SLDAMAwQDH9I4AwQBH9I8MAwDBAdNXIADBAFNXIwDBAFN
XJQwDAMEAE1cmwMEBU1cgAMEAE6HTwMEAE6HbDAMAwQATodxAwQATod0AwQBvISG
AwQAvISOMAwDBAC8hJMDBAC8hJQwDAMEALyEnQMEALyEngMEALyErDAMAwQAvISv
AwQBvISwAwQAvIS0AwQAvITCAwQBvITMMAwDBAK8hPQDBAC8hPYDBAK8hPwDBADU
RCEwDAMEA9REKAMEANRELgMEAdREMgMEAdREOAMEANREPTANBAIAAjAHAwUAKgIm
sDANBgkqhkiG9w0BAQsFAAOCAQEAB6VlHXnufZc0y6lFv4ciPA29nRXwG3uaCI7w
8Ax/IiCOVEm8MeolCKgeSgohClE706hW7qWW/5nJ7Qns3s4zafWlTsWl59UXtoMO
8fxQNM6OZTXbO+cOaVavK0/rrdhAZlsGqpnDoFgGntmYHwTjbd1lGs1Wgvi1mKfb
tak/9m7Pvrb6VGl94iDtSz2jn/tgMrcP10cOXs5xSktwvK2WMCUVw499DXDdCRjE
h7MyA2jaEgJBquTMd4ZNaaQA6LcNO2E2n9Ht5CFhdXBorsjqo0f4Bcv5FNrLRGkG
WbT18WrMzK/Lrg8KMnwsN9DFcc/krrIiPzdfV8v6l7NjxRogzw==
-----END CERTIFICATE-----
Generated at Fri Feb 23 13:38:36 2024 by rpki-client on console-ams.rpki-client.org