Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/3QbwrYCAwhyrJcbXsSKrs6JSHvk.roa
File: 3QbwrYCAwhyrJcbXsSKrs6JSHvk.roa (raw, json)
Hash identifier: ukq1QJALcXiLPDV20qxh+558aNflvJeJUSwwUF64bik=
Subject key identifier: DD:06:F0:AD:80:80:C2:1C:AB:25:C6:D7:B1:22:AB:B3:A2:52:1E:F9
Certificate issuer: /CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Certificate serial: 018BA3E772DD958694A700C8C1826F3F0A4E
Authority key identifier: 89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/3QbwrYCAwhyrJcbXsSKrs6JSHvk.roa
Signing time: Mon 06 Nov 2023 09:12:16 +0000
ROA not before: Mon 06 Nov 2023 09:12:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203214
IP address blocks: 185.141.8.0/24 maxlen: 24
109.224.52.0/22 maxlen: 22
109.224.56.0/22 maxlen: 22
109.224.56.0/21 maxlen: 21
109.224.60.0/22 maxlen: 22
109.224.0.0/18 maxlen: 18
109.224.2.0/23 maxlen: 23
109.224.1.0/24 maxlen: 24
109.224.0.0/21 maxlen: 21
109.224.4.0/22 maxlen: 22
109.224.8.0/22 maxlen: 22
109.224.8.0/21 maxlen: 21
109.224.5.0/24 maxlen: 24
109.224.16.0/22 maxlen: 22
109.224.15.0/24 maxlen: 24
109.224.14.0/24 maxlen: 24
109.224.14.0/23 maxlen: 23
109.224.13.0/24 maxlen: 24
109.224.12.0/23 maxlen: 23
109.224.12.0/24 maxlen: 24
109.224.24.0/22 maxlen: 22
109.224.20.0/22 maxlen: 22
109.224.30.0/23 maxlen: 23
109.224.29.0/24 maxlen: 24
109.224.28.0/24 maxlen: 24
109.224.36.0/22 maxlen: 22
109.224.32.0/22 maxlen: 22
109.224.32.0/24 maxlen: 24
109.224.44.0/22 maxlen: 22
109.224.43.0/24 maxlen: 24
109.224.42.0/23 maxlen: 23
109.224.42.0/24 maxlen: 24
109.224.41.0/24 maxlen: 24
109.224.40.0/21 maxlen: 21
109.224.40.0/24 maxlen: 24
109.224.48.0/22 maxlen: 22
109.224.48.0/21 maxlen: 21
185.118.96.0/24 maxlen: 24
185.118.96.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 21 Nov 2023 08:06:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a3:e7:72:dd:95:86:94:a7:00:c8:c1:82:6f:3f:0a:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Validity
Not Before: Nov 6 09:12:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd06f0ad8080c21cab25c6d7b122abb3a2521ef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2e:da:ca:45:ef:1e:29:5e:bf:ca:9a:01:1f:
a5:4d:4e:c0:92:d2:f2:c4:00:b1:89:dd:d2:d0:4e:
05:85:04:48:ff:5d:a2:f7:35:37:e9:9d:b4:30:45:
27:a6:03:38:5d:93:79:87:6f:cd:1a:f7:f1:57:3e:
f3:9b:56:fa:4b:04:27:b3:aa:df:71:f7:01:0f:60:
d1:b9:d8:21:7e:6c:e5:af:d1:e6:d2:5e:a8:6e:db:
20:ff:ee:2b:b4:1b:9c:06:56:85:cb:7c:06:c9:fa:
c5:8c:f2:b4:b8:05:08:34:c2:0d:d1:aa:4c:5f:52:
e6:22:ab:73:b4:3e:5e:2b:d2:a9:4c:87:8b:ee:4d:
0b:47:e4:ec:e1:6e:00:53:0c:3e:e6:65:30:28:be:
eb:de:ab:c3:ce:f0:1b:e3:5a:91:a1:c4:6d:07:88:
7d:01:41:8d:72:08:da:2b:0b:ce:93:59:45:f1:84:
9d:02:21:71:93:03:80:f7:38:20:dd:19:85:31:66:
03:00:c0:c6:dc:c5:f6:be:ee:2b:94:8c:0d:92:80:
08:1b:7d:41:45:b0:b4:83:3e:33:c4:f8:b9:7a:16:
91:2b:0b:d3:de:40:e3:83:08:0e:90:d2:e7:60:11:
4d:60:7a:66:f1:2e:2a:05:69:d8:e1:5b:2a:f4:53:
58:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:06:F0:AD:80:80:C2:1C:AB:25:C6:D7:B1:22:AB:B3:A2:52:1E:F9
X509v3 Authority Key Identifier:
keyid:89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/3QbwrYCAwhyrJcbXsSKrs6JSHvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.0.0/18
185.118.96.0/22
185.141.8.0/24
Signature Algorithm: sha256WithRSAEncryption
e9:60:ec:60:77:34:49:a1:c5:6f:c8:a6:d2:13:83:29:e7:78:
b8:01:ef:6e:e5:d1:14:96:fc:87:bc:48:df:b8:cd:bc:fa:c9:
92:59:0b:99:b4:24:0d:e3:16:9a:a0:a7:80:51:03:fa:04:a6:
62:b1:ef:54:ac:58:68:b1:0c:c6:0d:78:8d:70:3e:91:08:28:
d2:08:6e:01:b9:37:50:7a:c7:20:51:83:64:88:6e:35:aa:be:
e1:0b:e1:5b:0c:7f:9e:7a:94:e1:9a:c1:df:ad:ea:1c:26:a5:
18:c7:86:83:56:bc:14:8a:e7:e3:10:ff:98:86:aa:10:ca:5a:
9e:45:f7:15:96:64:61:7c:ab:4a:03:18:34:02:71:e5:6c:5c:
8c:c6:35:be:9f:17:06:ad:3f:20:f4:6b:d0:6f:fd:a7:0a:58:
d3:b7:69:ee:4b:2e:b2:e6:e5:5d:19:71:06:17:74:96:17:43:
25:ea:99:93:88:d4:e9:46:4b:5f:cf:eb:52:08:7b:43:71:98:
b8:e9:5a:47:ce:3f:bd:f2:2e:cf:20:6e:87:26:44:74:a8:0c:
ca:a2:c4:fa:e1:c7:7e:50:14:53:d4:71:14:78:1f:43:a3:2b:
98:01:d4:02:dc:8d:80:be:df:8d:07:8e:66:1d:8f:75:19:8c:
4b:99:c0:16
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYuj53LdlYaUpwDIwYJvPwpOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmVkNmU0YjVjN2MxOWRiOThjNTc0MzJhZjRkY2Y2MzBi
ZjYwYWUwHhcNMjMxMTA2MDkxMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDA2ZjBhZDgwODBjMjFjYWIyNWM2ZDdiMTIyYWJiM2EyNTIxZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApy7aykXvHilev8qaAR+lTU7AktLy
xACxid3S0E4FhQRI/12i9zU36Z20MEUnpgM4XZN5h2/NGvfxVz7zm1b6SwQns6rf
cfcBD2DRudghfmzlr9Hm0l6obtsg/+4rtBucBlaFy3wGyfrFjPK0uAUINMIN0apM
X1LmIqtztD5eK9KpTIeL7k0LR+Ts4W4AUww+5mUwKL7r3qvDzvAb41qRocRtB4h9
AUGNcgjaKwvOk1lF8YSdAiFxkwOA9zgg3RmFMWYDAMDG3MX2vu4rlIwNkoAIG31B
RbC0gz4zxPi5ehaRKwvT3kDjgwgOkNLnYBFNYHpm8S4qBWnY4Vsq9FNYdQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN0G8K2AgMIcqyXG17Eiq7OiUh75MB8GA1UdIwQY
MBaAFIlu1uS1x8GduYxXQyr03PYwv2CuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYt
ZGMxZmY2NzQ2ZDJlLzEvM1Fid3JZQ0F3aHlySmNiWHNTS3JzNkpTSHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYtZGMxZmY2NzQ2ZDJl
LzEvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQGbeAAAwQC
uXZgAwQAuY0IMA0GCSqGSIb3DQEBCwUAA4IBAQDpYOxgdzRJocVvyKbSE4Mp53i4
Ae9u5dEUlvyHvEjfuM28+smSWQuZtCQN4xaaoKeAUQP6BKZise9UrFhosQzGDXiN
cD6RCCjSCG4BuTdQescgUYNkiG41qr7hC+FbDH+eepThmsHfreocJqUYx4aDVrwU
iufjEP+YhqoQylqeRfcVlmRhfKtKAxg0AnHlbFyMxjW+nxcGrT8g9GvQb/2nCljT
t2nuSy6y5uVdGXEGF3SWF0Ml6pmTiNTpRktfz+tSCHtDcZi46VpHzj+98i7PIG6H
JkR0qAzKosT64cd+UBRT1HEUeB9DoyuYAdQC3I2Avt+NB45mHY91GYxLmcAW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:07 2024 by rpki-client on console-ams.rpki-client.org