Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/otj4yINODu0jSVJ06P3bWKgJ-ms.roa
File: otj4yINODu0jSVJ06P3bWKgJ-ms.roa (raw, json)
Hash identifier: LV4eN7JyyaxIt75Zdue6mKPyF6VOQNTXDSii/r02vBU=
Subject key identifier: A2:D8:F8:C8:83:4E:0E:ED:23:49:52:74:E8:FD:DB:58:A8:09:FA:6B
Certificate issuer: /CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Certificate serial: 01866DE4350BC4ECBEF30E96FBAB10E6AE76
Authority key identifier: 89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/otj4yINODu0jSVJ06P3bWKgJ-ms.roa
Signing time: Mon 20 Feb 2023 08:15:17 +0000
ROA not before: Mon 20 Feb 2023 08:15:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203214
IP address blocks: 109.224.52.0/22 maxlen: 22
109.224.56.0/22 maxlen: 22
109.224.56.0/21 maxlen: 21
109.224.60.0/22 maxlen: 22
109.224.0.0/18 maxlen: 18
109.224.2.0/23 maxlen: 23
109.224.1.0/24 maxlen: 24
109.224.0.0/21 maxlen: 21
109.224.4.0/22 maxlen: 22
109.224.8.0/22 maxlen: 22
109.224.8.0/21 maxlen: 21
109.224.16.0/22 maxlen: 22
109.224.15.0/24 maxlen: 24
109.224.14.0/24 maxlen: 24
109.224.14.0/23 maxlen: 23
109.224.13.0/24 maxlen: 24
109.224.12.0/23 maxlen: 23
109.224.12.0/24 maxlen: 24
109.224.24.0/22 maxlen: 22
109.224.20.0/22 maxlen: 22
109.224.30.0/23 maxlen: 23
109.224.29.0/24 maxlen: 24
109.224.28.0/24 maxlen: 24
109.224.36.0/22 maxlen: 22
109.224.32.0/22 maxlen: 22
109.224.44.0/22 maxlen: 22
109.224.43.0/24 maxlen: 24
109.224.42.0/23 maxlen: 23
109.224.42.0/24 maxlen: 24
109.224.41.0/24 maxlen: 24
109.224.40.0/21 maxlen: 21
109.224.40.0/24 maxlen: 24
109.224.48.0/22 maxlen: 22
109.224.48.0/21 maxlen: 21
185.118.96.0/24 maxlen: 24
185.118.96.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 21 May 2023 11:24:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6d:e4:35:0b:c4:ec:be:f3:0e:96:fb:ab:10:e6:ae:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Validity
Not Before: Feb 20 08:15:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2d8f8c8834e0eed23495274e8fddb58a809fa6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9a:e5:49:25:d4:95:34:5f:99:e2:96:b7:6f:
03:26:70:6b:6d:b8:83:7c:79:77:4b:b2:c9:5f:17:
fd:6c:4e:df:a0:c3:38:74:67:51:40:57:eb:eb:67:
02:bf:9c:9d:96:32:cc:52:0a:79:30:05:c5:dd:f7:
0c:b4:d3:1b:a2:c2:e0:c3:d7:b9:d8:23:ed:e9:66:
7a:95:b8:03:d7:34:e0:a5:17:eb:a8:89:3b:2c:fd:
d4:33:07:eb:14:45:97:ad:5e:8f:4f:02:ae:b3:e6:
7d:d3:13:df:14:92:20:32:c6:df:a4:d0:a0:54:d2:
37:84:74:e4:17:d5:c5:2c:d1:47:be:40:30:e1:53:
6b:26:32:cc:8a:6e:78:ac:b6:dd:82:f7:c1:9a:62:
af:1d:50:e2:d4:3e:0b:92:89:42:83:c3:43:e7:b5:
69:5f:62:7f:dd:1c:56:c6:d4:fe:bd:34:8a:a6:4b:
2d:6c:76:b4:00:4a:44:cb:bf:b1:63:63:2c:9a:a2:
0b:a2:f0:0d:7a:c4:ce:4b:f5:67:d2:48:25:24:73:
85:4b:cd:23:e5:8d:94:1d:fa:d3:6c:38:69:c0:01:
55:bb:70:78:c9:3f:05:f2:dc:7c:76:9a:1d:4b:97:
59:47:24:52:32:06:c2:f8:e8:d6:26:eb:db:d0:c3:
99:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D8:F8:C8:83:4E:0E:ED:23:49:52:74:E8:FD:DB:58:A8:09:FA:6B
X509v3 Authority Key Identifier:
keyid:89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/otj4yINODu0jSVJ06P3bWKgJ-ms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.0.0/18
185.118.96.0/22
Signature Algorithm: sha256WithRSAEncryption
95:3e:a6:f9:da:3d:85:f0:f0:8f:96:d7:e5:0f:be:ac:8e:95:
3a:38:86:b4:f5:11:f0:68:2b:04:52:8e:60:16:a5:93:03:21:
81:0b:b2:b4:ff:dc:a4:79:8a:04:06:d9:61:84:7c:2d:22:4c:
67:a4:d6:bc:9d:88:c8:05:71:98:f5:b3:3d:c1:2a:27:71:c5:
42:b9:c1:0f:e0:fc:d3:f1:d0:1f:d4:45:af:5b:81:2b:e2:94:
63:2b:39:b2:eb:5f:a3:d9:e1:35:b0:69:e4:0f:b7:37:7a:04:
1e:68:c1:1e:e8:78:5c:7f:86:de:ba:4c:97:28:2f:85:9c:70:
5d:30:06:d7:c8:0e:43:a5:2b:bd:34:bd:3b:00:c8:a4:b9:56:
48:8d:da:64:8a:b0:7c:3e:9c:d1:6a:03:68:71:bc:5d:0c:e6:
15:d7:60:68:00:47:d9:50:04:0d:96:36:fd:12:fb:d7:b6:06:
7b:fc:dc:b7:4a:c7:0e:a2:12:11:c7:42:f0:1b:24:ab:f7:16:
d0:fc:6f:81:83:f5:89:9a:7b:4e:75:87:d5:90:e3:e6:7b:1a:
57:7f:58:14:04:96:76:b7:62:0c:6b:81:3f:02:22:4b:4c:e1:
11:d2:74:34:7a:77:7a:81:6f:82:2a:73:2c:6f:e9:45:36:cf:
55:73:a2:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZt5DULxOy+8w6W+6sQ5q52MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmVkNmU0YjVjN2MxOWRiOThjNTc0MzJhZjRkY2Y2MzBi
ZjYwYWUwHhcNMjMwMjIwMDgxNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmQ4ZjhjODgzNGUwZWVkMjM0OTUyNzRlOGZkZGI1OGE4MDlmYTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJrlSSXUlTRfmeKWt28DJnBrbbiD
fHl3S7LJXxf9bE7foMM4dGdRQFfr62cCv5ydljLMUgp5MAXF3fcMtNMbosLgw9e5
2CPt6WZ6lbgD1zTgpRfrqIk7LP3UMwfrFEWXrV6PTwKus+Z90xPfFJIgMsbfpNCg
VNI3hHTkF9XFLNFHvkAw4VNrJjLMim54rLbdgvfBmmKvHVDi1D4LkolCg8ND57Vp
X2J/3RxWxtT+vTSKpkstbHa0AEpEy7+xY2MsmqILovANesTOS/Vn0kglJHOFS80j
5Y2UHfrTbDhpwAFVu3B4yT8F8tx8dpodS5dZRyRSMgbC+OjWJuvb0MOZJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKLY+MiDTg7tI0lSdOj921ioCfprMB8GA1UdIwQY
MBaAFIlu1uS1x8GduYxXQyr03PYwv2CuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYt
ZGMxZmY2NzQ2ZDJlLzEvb3RqNHlJTk9EdTBqU1ZKMDZQM2JXS2dKLW1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYtZGMxZmY2NzQ2ZDJl
LzEvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGbeAAAwQC
uXZgMA0GCSqGSIb3DQEBCwUAA4IBAQCVPqb52j2F8PCPltflD76sjpU6OIa09RHw
aCsEUo5gFqWTAyGBC7K0/9ykeYoEBtlhhHwtIkxnpNa8nYjIBXGY9bM9wSonccVC
ucEP4PzT8dAf1EWvW4Er4pRjKzmy61+j2eE1sGnkD7c3egQeaMEe6Hhcf4beukyX
KC+FnHBdMAbXyA5DpSu9NL07AMikuVZIjdpkirB8PpzRagNocbxdDOYV12BoAEfZ
UAQNljb9EvvXtgZ7/Ny3SscOohIRx0LwGySr9xbQ/G+Bg/WJmntOdYfVkOPmexpX
f1gUBJZ2t2IMa4E/AiJLTOER0nQ0end6gW+CKnMsb+lFNs9Vc6Lc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:12 2024 by rpki-client on console-fra.rpki-client.org