Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/lnX9oK2mKHinJXk1KKPexKmvVWQ.roa
File: lnX9oK2mKHinJXk1KKPexKmvVWQ.roa (raw, json)
Hash identifier: n1SBIskVaMpv/ntgk77zCZQMdasc86jIIivVNRu7KcI=
Subject key identifier: 96:75:FD:A0:AD:A6:28:78:A7:25:79:35:28:A3:DE:C4:A9:AF:55:64
Certificate issuer: /CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Certificate serial: 018BF0EA7EA896A5AFD7D3C79207226ED041
Authority key identifier: 89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/lnX9oK2mKHinJXk1KKPexKmvVWQ.roa
Signing time: Tue 21 Nov 2023 08:06:21 +0000
ROA not before: Tue 21 Nov 2023 08:06:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203214
IP address blocks: 185.141.11.0/24 maxlen: 24
185.141.10.0/24 maxlen: 24
185.141.9.0/24 maxlen: 24
185.141.8.0/24 maxlen: 24
109.224.52.0/22 maxlen: 22
109.224.56.0/22 maxlen: 22
109.224.56.0/21 maxlen: 21
109.224.60.0/22 maxlen: 22
109.224.0.0/18 maxlen: 18
109.224.2.0/23 maxlen: 23
109.224.1.0/24 maxlen: 24
109.224.0.0/21 maxlen: 21
109.224.4.0/22 maxlen: 22
109.224.8.0/22 maxlen: 22
109.224.8.0/21 maxlen: 21
109.224.5.0/24 maxlen: 24
109.224.16.0/22 maxlen: 22
109.224.15.0/24 maxlen: 24
109.224.14.0/24 maxlen: 24
109.224.14.0/23 maxlen: 23
109.224.13.0/24 maxlen: 24
109.224.12.0/23 maxlen: 23
109.224.12.0/24 maxlen: 24
109.224.24.0/22 maxlen: 22
109.224.20.0/22 maxlen: 22
109.224.30.0/23 maxlen: 23
109.224.29.0/24 maxlen: 24
109.224.28.0/24 maxlen: 24
109.224.36.0/22 maxlen: 22
109.224.32.0/22 maxlen: 22
109.224.32.0/24 maxlen: 24
109.224.44.0/22 maxlen: 22
109.224.43.0/24 maxlen: 24
109.224.42.0/23 maxlen: 23
109.224.42.0/24 maxlen: 24
109.224.41.0/24 maxlen: 24
109.224.40.0/21 maxlen: 21
109.224.40.0/24 maxlen: 24
109.224.48.0/22 maxlen: 22
109.224.48.0/21 maxlen: 21
185.118.96.0/24 maxlen: 24
185.118.96.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f0:ea:7e:a8:96:a5:af:d7:d3:c7:92:07:22:6e:d0:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Validity
Not Before: Nov 21 08:06:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9675fda0ada62878a725793528a3dec4a9af5564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:43:e1:f6:36:60:9f:5e:fe:7a:b6:ff:78:20:
fe:c6:99:62:f4:c9:b2:31:2e:ed:1c:81:8a:98:c5:
8d:c2:bd:5e:17:95:81:97:98:1d:52:91:86:3d:28:
0e:85:e5:c0:06:50:be:f5:55:e3:11:b2:61:72:f1:
d2:d2:71:8c:b1:b4:c1:36:3d:a9:05:27:6c:97:7a:
e2:74:6a:87:0a:7c:86:3d:4a:0f:36:59:ad:60:8e:
32:bc:7d:26:71:03:74:ce:e1:fb:d7:6d:27:58:97:
f7:8e:3e:98:4b:34:d7:d1:f4:f8:7b:01:80:50:63:
3e:ca:67:e8:86:0a:83:11:a0:6c:91:e4:63:26:d7:
1e:61:f3:32:62:8b:a5:e0:7e:66:75:e3:44:9a:e4:
81:a6:bb:44:15:b3:93:af:ad:3f:a6:51:67:24:e9:
b6:01:00:36:07:1e:d2:52:6f:b8:24:e2:bf:f6:80:
3e:12:e2:b9:96:7d:d7:27:b8:91:16:c7:7a:fb:87:
1e:18:45:98:4a:30:64:4b:a9:af:db:b1:c0:04:26:
3e:96:b2:a7:d2:dd:c1:b7:9e:72:87:83:97:ff:4d:
4b:15:05:13:5c:b4:83:6d:16:cd:79:16:39:cf:e7:
3f:4d:0a:d2:c9:fb:db:9b:62:a2:96:ac:29:66:d9:
bc:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:75:FD:A0:AD:A6:28:78:A7:25:79:35:28:A3:DE:C4:A9:AF:55:64
X509v3 Authority Key Identifier:
keyid:89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/lnX9oK2mKHinJXk1KKPexKmvVWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.0.0/18
185.118.96.0/22
185.141.8.0/22
Signature Algorithm: sha256WithRSAEncryption
dd:d2:ac:e9:d3:72:ee:6b:ea:c1:ef:79:df:cd:6b:8a:d8:67:
88:66:1b:55:80:27:19:8b:cc:fe:6f:fd:b9:5c:9b:87:89:0f:
3e:94:e5:bf:2a:d1:de:2c:9a:9e:8f:5e:18:90:f2:93:c0:6b:
7f:3b:54:2d:f1:9e:51:0f:99:ed:2b:eb:23:36:54:b9:b7:b1:
fb:c1:58:aa:ce:95:51:a3:74:3d:03:a1:57:b0:15:a0:28:0c:
3e:b4:cb:cd:eb:e7:7d:a3:ee:68:71:56:50:fb:d4:42:4c:bd:
80:af:a4:08:7d:aa:47:c8:96:e8:67:55:76:14:d8:42:f9:15:
02:70:63:01:25:f2:0c:cb:ea:4f:1a:20:b9:86:59:de:73:4a:
1c:6e:51:79:d5:d0:5e:de:60:66:4e:67:90:70:cc:ee:fa:a2:
b9:a4:97:95:92:d2:d8:43:45:be:40:2d:ad:d4:c5:36:60:17:
4e:d2:41:59:c0:a0:df:2f:f2:a5:a1:0c:b8:c9:7e:d7:c2:0d:
a4:13:05:72:e5:4c:40:06:d6:2e:53:42:b9:62:66:7a:60:8b:
ef:da:92:4d:b1:e2:eb:f2:06:2e:be:44:34:4e:5f:0f:f8:0f:
27:d8:d2:5c:3f:a1:9d:b2:42:a3:cb:14:b7:6f:ea:16:5a:06:
47:27:ed:04
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvw6n6olqWv19PHkgcibtBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmVkNmU0YjVjN2MxOWRiOThjNTc0MzJhZjRkY2Y2MzBi
ZjYwYWUwHhcNMjMxMTIxMDgwNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Njc1ZmRhMGFkYTYyODc4YTcyNTc5MzUyOGEzZGVjNGE5YWY1NTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUPh9jZgn17+erb/eCD+xpli9Mmy
MS7tHIGKmMWNwr1eF5WBl5gdUpGGPSgOheXABlC+9VXjEbJhcvHS0nGMsbTBNj2p
BSdsl3ridGqHCnyGPUoPNlmtYI4yvH0mcQN0zuH7120nWJf3jj6YSzTX0fT4ewGA
UGM+ymfohgqDEaBskeRjJtceYfMyYoul4H5mdeNEmuSBprtEFbOTr60/plFnJOm2
AQA2Bx7SUm+4JOK/9oA+EuK5ln3XJ7iRFsd6+4ceGEWYSjBkS6mv27HABCY+lrKn
0t3Bt55yh4OX/01LFQUTXLSDbRbNeRY5z+c/TQrSyfvbm2KilqwpZtm8tQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJZ1/aCtpih4pyV5NSij3sSpr1VkMB8GA1UdIwQY
MBaAFIlu1uS1x8GduYxXQyr03PYwv2CuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYt
ZGMxZmY2NzQ2ZDJlLzEvbG5YOW9LMm1LSGluSlhrMUtLUGV4S212VldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYtZGMxZmY2NzQ2ZDJl
LzEvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQGbeAAAwQC
uXZgAwQCuY0IMA0GCSqGSIb3DQEBCwUAA4IBAQDd0qzp03Lua+rB73nfzWuK2GeI
ZhtVgCcZi8z+b/25XJuHiQ8+lOW/KtHeLJqej14YkPKTwGt/O1Qt8Z5RD5ntK+sj
NlS5t7H7wViqzpVRo3Q9A6FXsBWgKAw+tMvN6+d9o+5ocVZQ+9RCTL2Ar6QIfapH
yJboZ1V2FNhC+RUCcGMBJfIMy+pPGiC5hlnec0ocblF51dBe3mBmTmeQcMzu+qK5
pJeVktLYQ0W+QC2t1MU2YBdO0kFZwKDfL/KloQy4yX7Xwg2kEwVy5UxABtYuU0K5
YmZ6YIvv2pJNseLr8gYuvkQ0Tl8P+A8n2NJcP6GdskKjyxS3b+oWWgZHJ+0E
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:07 2024 by rpki-client on console-ams.rpki-client.org