Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/h5-hsNYbsoGGOie-T27RsRH15Js.roa
File: h5-hsNYbsoGGOie-T27RsRH15Js.roa (raw, json)
Hash identifier: 3uJ4l87E+3gzmsAIJ3x3d/nA7YnlKeCrAwWKr5e1tB4=
Subject key identifier: 87:9F:A1:B0:D6:1B:B2:81:86:3A:27:BE:4F:6E:D1:B1:11:F5:E4:9B
Certificate issuer: /CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Certificate serial: 018BA3E771F93F52432922FC3276EA28A085
Authority key identifier: 89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/h5-hsNYbsoGGOie-T27RsRH15Js.roa
Signing time: Mon 06 Nov 2023 09:12:15 +0000
ROA not before: Mon 06 Nov 2023 09:12:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50710
IP address blocks: 109.224.52.0/22 maxlen: 22
109.224.56.0/22 maxlen: 22
109.224.56.0/21 maxlen: 21
109.224.60.0/22 maxlen: 22
109.224.1.0/24 maxlen: 24
109.224.0.0/21 maxlen: 21
109.224.2.0/23 maxlen: 23
109.224.0.0/18 maxlen: 18
109.224.4.0/22 maxlen: 22
109.224.8.0/21 maxlen: 21
109.224.8.0/22 maxlen: 22
109.224.13.0/24 maxlen: 24
109.224.12.0/23 maxlen: 23
109.224.12.0/24 maxlen: 24
109.224.14.0/24 maxlen: 24
109.224.14.0/23 maxlen: 23
109.224.15.0/24 maxlen: 24
109.224.16.0/22 maxlen: 22
109.224.24.0/22 maxlen: 22
109.224.20.0/22 maxlen: 22
109.224.28.0/24 maxlen: 24
109.224.30.0/23 maxlen: 23
109.224.29.0/24 maxlen: 24
109.224.32.0/24 maxlen: 24
109.224.32.0/22 maxlen: 22
109.224.36.0/22 maxlen: 22
109.224.41.0/24 maxlen: 24
109.224.40.0/24 maxlen: 24
109.224.40.0/21 maxlen: 21
109.224.42.0/23 maxlen: 23
109.224.42.0/24 maxlen: 24
109.224.43.0/24 maxlen: 24
109.224.44.0/22 maxlen: 22
109.224.48.0/21 maxlen: 21
109.224.48.0/22 maxlen: 22
185.118.96.0/22 maxlen: 22
185.118.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Nov 2023 08:06:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a3:e7:71:f9:3f:52:43:29:22:fc:32:76:ea:28:a0:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Validity
Not Before: Nov 6 09:12:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=879fa1b0d61bb281863a27be4f6ed1b111f5e49b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:34:b1:e3:18:7b:b3:3b:44:c3:84:c4:9f:d7:
12:9d:0b:62:af:e9:59:17:46:cf:b2:3a:a1:75:94:
61:b7:c7:60:21:b0:6b:b7:08:69:e4:19:9b:25:2d:
e4:46:45:3a:86:e2:af:58:86:07:19:49:ae:ee:d1:
ae:01:8f:60:82:45:41:c4:06:53:1b:2b:25:83:23:
83:ad:30:77:c5:c4:c1:7a:c5:d4:50:34:22:c1:ad:
12:f6:77:46:05:b7:37:e5:99:91:25:a0:cf:ed:ec:
64:6b:71:d6:21:73:85:0a:1b:d1:25:fa:9a:c7:63:
72:ca:cc:8e:21:78:d2:27:b1:45:83:fa:cd:ec:71:
a4:fd:e3:90:32:d2:1f:bc:bc:1b:64:3d:23:17:f6:
37:8d:0f:30:45:28:ce:a0:54:e0:28:c7:a6:13:48:
73:4c:10:ad:a2:ce:2d:14:15:e7:5b:de:e5:69:66:
8d:3b:fb:53:68:31:f6:72:2b:c4:6f:78:10:b9:29:
57:9f:78:93:8b:56:50:ec:b6:73:63:81:d2:8e:7d:
11:ac:01:83:de:db:39:e3:53:81:df:86:2f:97:bd:
72:9a:33:39:a4:d1:4b:d9:35:e1:f6:ab:9d:e4:cf:
2f:f2:3d:c6:61:ef:f5:39:92:51:98:85:9e:20:88:
b0:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:9F:A1:B0:D6:1B:B2:81:86:3A:27:BE:4F:6E:D1:B1:11:F5:E4:9B
X509v3 Authority Key Identifier:
keyid:89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/h5-hsNYbsoGGOie-T27RsRH15Js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.0.0/18
185.118.96.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:38:ee:8b:fa:5c:28:cf:46:c0:64:f3:02:d0:a7:42:87:5e:
52:48:69:bc:9c:2a:6c:9b:b8:07:18:10:f6:50:ea:cf:be:3f:
01:67:e6:e7:04:c6:3d:1d:d0:6b:50:e4:90:87:e4:2e:27:62:
15:40:ec:3b:a7:4a:e0:74:f4:bc:5f:cb:4b:e5:b2:22:2d:ad:
d4:c6:ab:75:30:b4:c3:b4:98:c1:fd:02:00:c7:9e:3c:87:77:
ae:6c:bb:e5:fa:65:dd:d6:85:b6:77:9e:36:2b:d8:1c:29:be:
46:aa:02:35:b5:12:2c:3d:33:b6:b3:2a:39:13:dd:1b:12:c0:
75:f5:8e:48:d3:1c:67:a3:d7:5b:fa:9f:6c:5d:af:dc:c0:c8:
83:1a:00:a4:06:af:0f:9e:a5:1f:c9:a3:14:5f:4d:03:c3:2a:
10:9c:ab:b0:5a:82:fb:16:f4:72:79:68:b1:e0:97:55:32:0c:
cf:07:12:c0:4d:94:63:24:fd:d2:ee:f8:e3:63:c4:4b:71:d2:
57:53:61:d3:b7:36:a4:50:3d:a2:90:51:7e:17:5f:1e:a2:19:
2a:2b:9c:8d:5c:da:6c:ba:3f:84:ae:1a:aa:3b:75:97:23:bd:
b5:68:ec:5f:d2:bd:f2:45:07:b0:fc:6f:ea:13:fb:75:eb:e8:
a1:20:0d:58
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuj53H5P1JDKSL8MnbqKKCFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmVkNmU0YjVjN2MxOWRiOThjNTc0MzJhZjRkY2Y2MzBi
ZjYwYWUwHhcNMjMxMTA2MDkxMjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzlmYTFiMGQ2MWJiMjgxODYzYTI3YmU0ZjZlZDFiMTExZjVlNDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDSx4xh7sztEw4TEn9cSnQtir+lZ
F0bPsjqhdZRht8dgIbBrtwhp5BmbJS3kRkU6huKvWIYHGUmu7tGuAY9ggkVBxAZT
GyslgyODrTB3xcTBesXUUDQiwa0S9ndGBbc35ZmRJaDP7exka3HWIXOFChvRJfqa
x2NyysyOIXjSJ7FFg/rN7HGk/eOQMtIfvLwbZD0jF/Y3jQ8wRSjOoFTgKMemE0hz
TBCtos4tFBXnW97laWaNO/tTaDH2civEb3gQuSlXn3iTi1ZQ7LZzY4HSjn0RrAGD
3ts541OB34Yvl71ymjM5pNFL2TXh9qud5M8v8j3GYe/1OZJRmIWeIIiwlwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIefobDWG7KBhjonvk9u0bER9eSbMB8GA1UdIwQY
MBaAFIlu1uS1x8GduYxXQyr03PYwv2CuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYt
ZGMxZmY2NzQ2ZDJlLzEvaDUtaHNOWWJzb0dHT2llLVQyN1JzUkgxNUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYtZGMxZmY2NzQ2ZDJl
LzEvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGbeAAAwQC
uXZgMA0GCSqGSIb3DQEBCwUAA4IBAQCLOO6L+lwoz0bAZPMC0KdCh15SSGm8nCps
m7gHGBD2UOrPvj8BZ+bnBMY9HdBrUOSQh+QuJ2IVQOw7p0rgdPS8X8tL5bIiLa3U
xqt1MLTDtJjB/QIAx548h3eubLvl+mXd1oW2d542K9gcKb5GqgI1tRIsPTO2syo5
E90bEsB19Y5I0xxno9db+p9sXa/cwMiDGgCkBq8PnqUfyaMUX00DwyoQnKuwWoL7
FvRyeWix4JdVMgzPBxLATZRjJP3S7vjjY8RLcdJXU2HTtzakUD2ikFF+F18eohkq
K5yNXNpsuj+ErhqqO3WXI721aOxf0r3yRQew/G/qE/t16+ihIA1Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:11 2024 by rpki-client on console-fra.rpki-client.org