Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/_Hs0ijjq1g8K7yBWW8eCqQW0WKA.roa
File: _Hs0ijjq1g8K7yBWW8eCqQW0WKA.roa (raw, json)
Hash identifier: L+B8wX/XKW1kqPyICtmWwcfqs/GiCXRJOh99wvreA7U=
Subject key identifier: FC:7B:34:8A:38:EA:D6:0F:0A:EF:20:56:5B:C7:82:A9:05:B4:58:A0
Certificate issuer: /CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Certificate serial: 01883E0DB0A7499B16E10A8C48D75D72EFBC
Authority key identifier: 89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/_Hs0ijjq1g8K7yBWW8eCqQW0WKA.roa
Signing time: Sun 21 May 2023 11:24:24 +0000
ROA not before: Sun 21 May 2023 11:24:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203214
IP address blocks: 185.141.8.0/24 maxlen: 24
109.224.52.0/22 maxlen: 22
109.224.56.0/22 maxlen: 22
109.224.56.0/21 maxlen: 21
109.224.60.0/22 maxlen: 22
109.224.0.0/18 maxlen: 18
109.224.2.0/23 maxlen: 23
109.224.1.0/24 maxlen: 24
109.224.0.0/21 maxlen: 21
109.224.4.0/22 maxlen: 22
109.224.8.0/22 maxlen: 22
109.224.8.0/21 maxlen: 21
109.224.16.0/22 maxlen: 22
109.224.15.0/24 maxlen: 24
109.224.14.0/24 maxlen: 24
109.224.14.0/23 maxlen: 23
109.224.13.0/24 maxlen: 24
109.224.12.0/23 maxlen: 23
109.224.12.0/24 maxlen: 24
109.224.24.0/22 maxlen: 22
109.224.20.0/22 maxlen: 22
109.224.30.0/23 maxlen: 23
109.224.29.0/24 maxlen: 24
109.224.28.0/24 maxlen: 24
109.224.36.0/22 maxlen: 22
109.224.32.0/22 maxlen: 22
109.224.44.0/22 maxlen: 22
109.224.43.0/24 maxlen: 24
109.224.42.0/23 maxlen: 23
109.224.42.0/24 maxlen: 24
109.224.41.0/24 maxlen: 24
109.224.40.0/21 maxlen: 21
109.224.40.0/24 maxlen: 24
109.224.48.0/22 maxlen: 22
109.224.48.0/21 maxlen: 21
185.118.96.0/24 maxlen: 24
185.118.96.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 30 May 2023 19:11:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:3e:0d:b0:a7:49:9b:16:e1:0a:8c:48:d7:5d:72:ef:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Validity
Not Before: May 21 11:24:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc7b348a38ead60f0aef20565bc782a905b458a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e8:a2:f6:39:4b:e2:4c:d0:79:53:68:fe:ca:
2c:88:c9:f4:16:3d:d8:e7:1a:fb:9e:f4:14:47:07:
e4:6a:27:1d:1a:24:b0:e7:c3:2b:b7:2c:60:11:50:
fa:94:5a:fd:2b:5a:8d:87:d9:0f:ec:33:53:f3:bf:
08:42:44:cb:a0:92:f3:04:b3:87:fe:51:3c:bd:f1:
fd:71:82:ad:b9:9e:eb:ca:02:86:c1:29:46:f4:d0:
01:dc:39:01:5e:03:51:67:4c:8e:61:8b:e0:b7:96:
a3:5e:f4:8d:66:22:1a:f5:9a:b9:a0:fa:8f:8e:c6:
61:f8:fc:38:76:e3:aa:b2:9b:07:3a:8f:52:46:0c:
1d:b4:aa:5c:e4:64:27:d8:99:6f:f3:34:29:be:33:
3c:f5:20:dd:6b:4e:ed:24:e2:19:17:21:ec:22:43:
35:d8:8c:b2:80:2d:2b:5d:cd:53:90:ec:f5:45:e3:
01:d4:74:68:a6:dc:76:b7:71:4e:66:f3:6e:57:6f:
e2:97:ba:c8:31:84:dc:dd:a8:3b:80:5b:83:23:ab:
df:8d:cd:0d:aa:94:b6:d2:6f:12:b6:a8:c2:56:98:
61:1f:8e:ae:11:62:18:89:c1:92:1d:1d:b3:3a:77:
77:c5:97:f4:ff:86:c8:a6:99:bb:32:1d:e3:05:c5:
5a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:7B:34:8A:38:EA:D6:0F:0A:EF:20:56:5B:C7:82:A9:05:B4:58:A0
X509v3 Authority Key Identifier:
keyid:89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/_Hs0ijjq1g8K7yBWW8eCqQW0WKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.0.0/18
185.118.96.0/22
185.141.8.0/24
Signature Algorithm: sha256WithRSAEncryption
03:3d:34:9c:4e:88:0f:af:3b:61:dd:00:5e:21:58:04:f4:7f:
b8:c8:2d:d8:21:3f:97:b4:21:15:59:f7:8d:0a:33:97:4a:78:
b6:05:56:07:27:c0:b1:26:d4:6b:7b:8d:d2:4b:c5:a9:2a:0f:
41:2a:de:24:55:6c:7b:7c:96:44:55:36:f2:50:db:bb:ca:25:
a8:f7:3b:ab:77:66:16:93:c8:01:65:23:2f:e6:de:ee:5e:36:
94:7f:d5:60:88:c3:b9:a0:dd:ed:b1:0c:f9:87:0b:98:9e:7f:
03:0f:7f:64:5d:f5:65:d0:37:25:c2:10:8d:40:70:7b:5c:8f:
40:23:34:dc:bc:9b:31:47:15:f7:fd:59:8a:14:f2:e6:be:e3:
96:9c:59:c2:e7:b6:a2:10:33:da:93:f9:31:ce:2d:1a:21:71:
2c:73:bc:1b:23:9b:07:71:8f:9c:a9:05:5f:8f:c4:8e:b7:10:
79:51:0f:2c:12:2f:f4:02:e2:a2:99:aa:76:42:71:a3:e1:df:
bb:2b:17:a6:f0:8d:d2:e0:7b:5d:59:68:55:d0:d3:f5:90:33:
6a:8c:9b:8e:40:6f:44:74:72:d2:4f:54:db:ba:a3:08:04:e3:
00:e3:92:50:48:24:26:81:e0:aa:b1:3b:25:fd:f5:27:a4:48:
56:94:d2:06
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYg+DbCnSZsW4QqMSNddcu+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmVkNmU0YjVjN2MxOWRiOThjNTc0MzJhZjRkY2Y2MzBi
ZjYwYWUwHhcNMjMwNTIxMTEyNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzdiMzQ4YTM4ZWFkNjBmMGFlZjIwNTY1YmM3ODJhOTA1YjQ1OGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOii9jlL4kzQeVNo/sosiMn0Fj3Y
5xr7nvQURwfkaicdGiSw58MrtyxgEVD6lFr9K1qNh9kP7DNT878IQkTLoJLzBLOH
/lE8vfH9cYKtuZ7rygKGwSlG9NAB3DkBXgNRZ0yOYYvgt5ajXvSNZiIa9Zq5oPqP
jsZh+Pw4duOqspsHOo9SRgwdtKpc5GQn2Jlv8zQpvjM89SDda07tJOIZFyHsIkM1
2IyygC0rXc1TkOz1ReMB1HRoptx2t3FOZvNuV2/il7rIMYTc3ag7gFuDI6vfjc0N
qpS20m8StqjCVphhH46uEWIYicGSHR2zOnd3xZf0/4bIppm7Mh3jBcVaHwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPx7NIo46tYPCu8gVlvHgqkFtFigMB8GA1UdIwQY
MBaAFIlu1uS1x8GduYxXQyr03PYwv2CuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYt
ZGMxZmY2NzQ2ZDJlLzEvX0hzMGlqanExZzhLN3lCV1c4ZUNxUVcwV0tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYtZGMxZmY2NzQ2ZDJl
LzEvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQGbeAAAwQC
uXZgAwQAuY0IMA0GCSqGSIb3DQEBCwUAA4IBAQADPTScTogPrzth3QBeIVgE9H+4
yC3YIT+XtCEVWfeNCjOXSni2BVYHJ8CxJtRre43SS8WpKg9BKt4kVWx7fJZEVTby
UNu7yiWo9zurd2YWk8gBZSMv5t7uXjaUf9VgiMO5oN3tsQz5hwuYnn8DD39kXfVl
0DclwhCNQHB7XI9AIzTcvJsxRxX3/VmKFPLmvuOWnFnC57aiEDPak/kxzi0aIXEs
c7wbI5sHcY+cqQVfj8SOtxB5UQ8sEi/0AuKimap2QnGj4d+7Kxem8I3S4HtdWWhV
0NP1kDNqjJuOQG9EdHLST1TbuqMIBOMA45JQSCQmgeCqsTsl/fUnpEhWlNIG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:11 2024 by rpki-client on console-fra.rpki-client.org