Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/jb6K0IRux7oMRPMZf2hJzgcQb2E.roa
File: jb6K0IRux7oMRPMZf2hJzgcQb2E.roa (raw, json)
Hash identifier: DP7xXvTqqOJ8YxbxVl6ibyvcdlihsGXXzUKDYAa6R4w=
Subject key identifier: 8D:BE:8A:D0:84:6E:C7:BA:0C:44:F3:19:7F:68:49:CE:07:10:6F:61
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 018FE1F2F7CE0E02DCDE51C88F00F66BBCBD
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/jb6K0IRux7oMRPMZf2hJzgcQb2E.roa
Signing time: Tue 04 Jun 2024 06:32:27 +0000
ROA not before: Tue 04 Jun 2024 06:32:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3301
IP address blocks: 2.248.0.0/14 maxlen: 14
2.252.0.0/15 maxlen: 15
2.254.0.0/16 maxlen: 16
2.255.0.0/17 maxlen: 17
2.255.128.0/18 maxlen: 18
2.255.190.0/24 maxlen: 24
2.255.191.0/24 maxlen: 24
62.20.0.0/16 maxlen: 16
77.110.0.0/18 maxlen: 18
78.64.0.0/12 maxlen: 12
81.224.0.0/12 maxlen: 12
81.228.4.0/23 maxlen: 23
81.228.4.0/24 maxlen: 24
81.228.5.0/24 maxlen: 24
82.214.0.0/18 maxlen: 18
90.224.0.0/12 maxlen: 12
95.109.0.0/17 maxlen: 17
95.192.0.0/12 maxlen: 12
185.103.208.0/22 maxlen: 22
185.103.208.0/24 maxlen: 24
192.16.152.0/23 maxlen: 23
192.16.153.0/24 maxlen: 24
192.150.58.0/23 maxlen: 23
192.150.60.0/22 maxlen: 22
192.150.64.0/22 maxlen: 22
192.150.68.0/23 maxlen: 23
192.150.78.0/23 maxlen: 23
192.150.80.0/23 maxlen: 23
193.44.0.0/15 maxlen: 15
194.16.0.0/15 maxlen: 15
194.18.0.0/16 maxlen: 16
194.22.0.0/15 maxlen: 15
194.218.0.0/16 maxlen: 16
194.236.0.0/15 maxlen: 15
195.67.0.0/16 maxlen: 16
195.198.0.0/16 maxlen: 16
195.252.32.0/19 maxlen: 19
212.28.192.0/19 maxlen: 19
212.181.0.0/16 maxlen: 16
213.64.0.0/14 maxlen: 14
217.208.0.0/13 maxlen: 13
Validation: Failed, certificate revoked on Tue 11 Jun 2024 13:51:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e1:f2:f7:ce:0e:02:dc:de:51:c8:8f:00:f6:6b:bc:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: Jun 4 06:32:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8dbe8ad0846ec7ba0c44f3197f6849ce07106f61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:36:4f:2f:f5:ad:19:c6:bd:18:32:3f:1b:4c:
5a:1c:40:40:c8:9d:72:4b:c4:29:c1:9e:a0:42:e1:
e0:ae:11:10:b2:44:23:83:ec:ae:c5:f4:17:6c:6c:
b6:23:ca:92:37:f1:51:90:9e:81:65:2b:80:2f:0f:
71:14:29:94:e2:20:07:91:c6:4d:f5:ec:b2:10:be:
31:4f:81:57:30:74:6e:4f:5b:31:6d:44:27:5f:54:
8e:a5:d3:67:e5:9b:30:f6:d5:c0:53:4f:62:b8:59:
d2:7e:41:8b:b0:23:93:f3:f4:ea:22:03:14:54:d3:
de:96:5a:09:ff:6f:ad:3c:e1:6e:1b:9c:3a:d4:46:
68:9b:08:fe:40:1f:9b:ab:77:d9:19:82:73:fe:e2:
86:ef:61:54:6b:da:73:63:77:a1:26:02:03:02:89:
6e:c9:33:6d:9b:22:94:78:02:b6:41:b9:32:75:d3:
44:d3:7b:45:80:6f:cc:bb:12:23:63:67:ff:91:dd:
ee:a1:bb:a2:5f:26:b5:0f:6e:46:fb:4f:ff:61:a2:
b7:9f:6c:b6:68:0d:a1:64:56:f9:69:8e:32:9d:4b:
2b:dd:bc:c2:fe:80:37:d2:ea:d7:10:de:5f:3f:58:
a0:64:bb:2c:b9:49:0d:82:60:57:b5:50:42:5e:40:
f0:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:BE:8A:D0:84:6E:C7:BA:0C:44:F3:19:7F:68:49:CE:07:10:6F:61
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/jb6K0IRux7oMRPMZf2hJzgcQb2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.248.0.0-2.255.191.255
62.20.0.0/16
77.110.0.0/18
78.64.0.0/12
81.224.0.0/12
82.214.0.0/18
90.224.0.0/12
95.109.0.0/17
95.192.0.0/12
185.103.208.0/22
192.16.152.0/23
192.150.58.0-192.150.69.255
192.150.78.0-192.150.81.255
193.44.0.0/15
194.16.0.0-194.18.255.255
194.22.0.0/15
194.218.0.0/16
194.236.0.0/15
195.67.0.0/16
195.198.0.0/16
195.252.32.0/19
212.28.192.0/19
212.181.0.0/16
213.64.0.0/14
217.208.0.0/13
Signature Algorithm: sha256WithRSAEncryption
83:b2:a4:85:03:b2:d9:1a:40:a0:22:ba:8c:3b:a8:4e:33:a2:
35:98:a5:2d:4b:07:57:e8:53:f7:20:a0:88:b7:42:60:e0:28:
b6:59:10:f9:7b:e7:e4:7c:19:de:ad:f6:95:44:0d:15:38:87:
98:4c:90:2f:c8:f6:56:d8:41:68:2f:f7:50:d8:9f:70:6e:b3:
00:c5:25:03:fd:37:f3:ae:6f:07:cd:e3:c8:2c:77:e6:3a:d4:
c8:c4:65:30:1d:ef:1c:24:d3:15:b9:0e:b3:33:79:70:05:c4:
3f:60:eb:b9:f1:e6:a8:ad:43:df:ab:78:ae:8e:3b:15:b2:37:
eb:55:27:06:ab:1a:75:13:94:a2:0a:67:41:8f:31:1a:3b:34:
cc:0f:6f:91:ca:5a:86:1b:ca:0e:a0:17:17:37:b6:52:41:e0:
23:ed:24:c9:bc:2a:7a:ee:90:08:33:a9:1d:2f:c2:79:d7:1d:
76:37:b3:9b:71:5f:71:47:8c:b8:a2:59:4d:23:08:58:29:4a:
54:4c:e3:3c:30:4a:cd:04:fc:be:89:67:7b:4d:1b:40:71:9c:
c2:3c:2a:c9:e9:d9:17:fd:ba:79:5d:a5:ae:5f:a7:18:f4:99:
48:b8:4e:b9:50:d0:f2:c9:62:20:e5:46:85:20:c0:b7:f6:4c:
c6:f3:26:c2
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAY/h8vfODgLc3lHIjwD2a7y9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjgxMzhkNGVjMmVhNTFjYWNlZjA5ZmYxMDU4YTM3MGE1
YmUxOTAwHhcNMjQwNjA0MDYzMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGJlOGFkMDg0NmVjN2JhMGM0NGYzMTk3ZjY4NDljZTA3MTA2ZjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTZPL/WtGca9GDI/G0xaHEBAyJ1y
S8QpwZ6gQuHgrhEQskQjg+yuxfQXbGy2I8qSN/FRkJ6BZSuALw9xFCmU4iAHkcZN
9eyyEL4xT4FXMHRuT1sxbUQnX1SOpdNn5Zsw9tXAU09iuFnSfkGLsCOT8/TqIgMU
VNPelloJ/2+tPOFuG5w61EZomwj+QB+bq3fZGYJz/uKG72FUa9pzY3ehJgIDAolu
yTNtmyKUeAK2QbkyddNE03tFgG/MuxIjY2f/kd3uobuiXya1D25G+0//YaK3n2y2
aA2hZFb5aY4ynUsr3bzC/oA30urXEN5fP1igZLssuUkNgmBXtVBCXkDwlQIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFI2+itCEbse6DETzGX9oSc4HEG9hMB8GA1UdIwQY
MBaAFB9oE41OwupRys7wn/EFijcKW+GQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgt
NjA4NTY0ODM5ZmQwLzEvamI2SzBJUnV4N29NUlBNWmYyaEp6Z2NRYjJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgtNjA4NTY0ODM5ZmQw
LzEvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzCBrAQCAAEwgaUwCwMD
AwL4AwQGAv+AAwMAPhQDBAZNbgADAwROQAMDBFHgAwQGUtYAAwMEWuADBAdfbQAD
AwRfwAMEArln0AMEAcAQmDAMAwQBwJY6AwQBwJZEMAwDBAHAlk4DBAHAllADAwHB
LDAKAwMEwhADAwDCEgMDAcIWAwMAwtoDAwHC7AMDAMNDAwMAw8YDBAXD/CADBAXU
HMADAwDUtQMDAtVAAwMD2dAwDQYJKoZIhvcNAQELBQADggEBAIOypIUDstkaQKAi
uow7qE4zojWYpS1LB1foU/cgoIi3QmDgKLZZEPl75+R8Gd6t9pVEDRU4h5hMkC/I
9lbYQWgv91DYn3BuswDFJQP9N/OubwfN48gsd+Y61MjEZTAd7xwk0xW5DrMzeXAF
xD9g67nx5qitQ9+reK6OOxWyN+tVJwarGnUTlKIKZ0GPMRo7NMwPb5HKWoYbyg6g
Fxc3tlJB4CPtJMm8KnrukAgzqR0vwnnXHXY3s5txX3FHjLiiWU0jCFgpSlRM4zww
Ss0E/L6JZ3tNG0BxnMI8Ksnp2Rf9unldpa5fpxj0mUi4TrlQ0PLJYiDlRoUgwLf2
TMbzJsI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:43 2025 by rpki-client