Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/XzDJ3sMJZATOKJhUl2f2M8bLcHs.roa
File: XzDJ3sMJZATOKJhUl2f2M8bLcHs.roa (raw, json)
Hash identifier: miz1NkpViQAMDqWsfOXF1I5Ke4SHQk81jGwljteyGL0=
Subject key identifier: 5F:30:C9:DE:C3:09:64:04:CE:28:98:54:97:67:F6:33:C6:CB:70:7B
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 018F4E527135ADF9E004D5027930C61F877B
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/XzDJ3sMJZATOKJhUl2f2M8bLcHs.roa
Signing time: Mon 06 May 2024 14:32:56 +0000
ROA not before: Mon 06 May 2024 14:32:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136258
IP address blocks: 109.104.152.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
147.78.2.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
185.126.238.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
185.213.23.0/24 maxlen: 24
2a11:840:6::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:18::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:20::/48 maxlen: 48
2a11:840:21::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:26::/48 maxlen: 48
2a11:840:30::/48 maxlen: 48
2a11:840:33::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:48::/48 maxlen: 48
2a11:840:54::/48 maxlen: 48
2a11:840:60::/48 maxlen: 48
2a11:840:61::/48 maxlen: 48
2a11:840:62::/48 maxlen: 48
2a11:840:63::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 22 May 2024 18:47:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4e:52:71:35:ad:f9:e0:04:d5:02:79:30:c6:1f:87:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: May 6 14:32:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f30c9dec3096404ce2898549767f633c6cb707b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:71:e0:ad:ba:0a:ab:56:35:61:15:44:a2:3f:
15:6b:44:3c:8d:af:a9:56:23:4b:c8:0e:dc:d4:e8:
48:3b:b9:78:35:ba:8d:9d:6e:b5:59:67:41:14:f7:
43:69:24:d1:a2:57:e9:e6:8c:ae:5a:b7:be:a0:ea:
a1:c2:77:ce:d9:2d:ec:49:d2:c2:22:92:70:7c:33:
c8:5c:f5:40:ae:95:1e:79:60:cd:ac:d2:dd:22:e9:
ea:4c:8b:47:dd:74:8a:9a:6d:30:91:07:0d:7c:e6:
dc:35:24:4e:fc:68:20:61:ac:b8:b0:62:b0:c9:8d:
47:f0:22:cb:d4:56:a2:2b:7e:7a:ea:3d:9b:a4:cd:
56:4c:20:0d:07:2f:12:52:4c:c2:ad:61:05:0e:58:
08:dc:fb:85:02:3b:eb:26:12:ec:04:f8:22:45:fa:
ca:14:af:ec:37:f3:d2:40:2c:b0:86:1a:5e:7f:62:
14:86:71:8a:b6:24:26:86:fd:ba:8d:06:3f:cc:70:
d8:9a:e1:fb:a2:12:96:08:35:59:9b:2a:c7:71:7a:
55:06:70:ce:b4:73:af:47:71:fd:f0:5a:e3:b7:91:
f1:fa:d0:a9:78:02:56:ae:47:bd:4d:14:22:32:96:
ea:e7:6e:b6:1d:99:b3:31:ee:85:8e:8b:dc:3b:77:
e7:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:30:C9:DE:C3:09:64:04:CE:28:98:54:97:67:F6:33:C6:CB:70:7B
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/XzDJ3sMJZATOKJhUl2f2M8bLcHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.152.0/23
109.104.155.0/24
147.78.0.0/22
185.126.238.0/23
185.213.23.0/24
IPv6:
2a11:840:6::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:20::/47
2a11:840:24::-2a11:840:26:ffff:ffff:ffff:ffff:ffff
2a11:840:30::/48
2a11:840:33::/48
2a11:840:40::/47
2a11:840:47::-2a11:840:48:ffff:ffff:ffff:ffff:ffff
2a11:840:54::/48
2a11:840:60::/46
Signature Algorithm: sha256WithRSAEncryption
3f:6d:30:e0:93:e6:8b:a3:bd:f0:5f:14:2a:b2:d6:75:49:fc:
57:1f:a4:7a:20:81:91:d4:3b:6b:1c:eb:6f:db:14:e8:29:e5:
3c:b9:56:8e:f8:25:47:0b:a1:62:18:2f:6e:b2:79:77:98:47:
cc:13:02:41:fb:8e:a9:6a:59:a8:ad:77:12:83:ac:22:67:50:
15:dc:20:3b:85:e4:6e:c8:d9:e6:fc:2f:d4:1e:42:24:18:7f:
fa:f7:f4:98:da:d6:fc:8f:96:43:cf:00:b8:58:e1:86:47:c1:
60:0b:48:26:35:45:e1:d8:7f:80:35:92:f8:dc:db:27:a7:c7:
b4:9c:81:b5:5b:fe:ce:17:9f:be:e1:5b:31:6a:bb:1c:e0:00:
a5:a6:a5:ea:ea:c4:85:68:f5:d8:ac:08:f1:b2:4a:72:7b:7d:
2e:1c:74:61:0c:61:3f:0d:50:f3:d3:d9:04:fd:01:cb:64:52:
8c:55:1f:ee:2e:7e:78:e4:a6:bc:2a:ed:9e:95:d4:c7:32:95:
23:0d:e7:9d:24:a4:7e:b7:be:e7:fa:c6:0d:d1:ad:e3:91:2e:
08:a5:a7:1d:80:82:65:99:b4:4b:e6:71:7a:71:2c:48:2d:ad:
f9:ef:6a:2d:8d:b2:10:df:50:92:c9:ac:68:64:fa:b0:02:68:
a1:ef:df:32
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAY9OUnE1rfngBNUCeTDGH4d7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjQwNTA2MTQzMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjMwYzlkZWMzMDk2NDA0Y2UyODk4NTQ5NzY3ZjYzM2M2Y2I3MDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXHgrboKq1Y1YRVEoj8Va0Q8ja+p
ViNLyA7c1OhIO7l4NbqNnW61WWdBFPdDaSTRolfp5oyuWre+oOqhwnfO2S3sSdLC
IpJwfDPIXPVArpUeeWDNrNLdIunqTItH3XSKmm0wkQcNfObcNSRO/GggYay4sGKw
yY1H8CLL1FaiK3566j2bpM1WTCANBy8SUkzCrWEFDlgI3PuFAjvrJhLsBPgiRfrK
FK/sN/PSQCywhhpef2IUhnGKtiQmhv26jQY/zHDYmuH7ohKWCDVZmyrHcXpVBnDO
tHOvR3H98Frjt5Hx+tCpeAJWrke9TRQiMpbq5262HZmzMe6FjovcO3fn8wIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFF8wyd7DCWQEziiYVJdn9jPGy3B7MB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvWHpESjNzTUpaQVRPS0poVWwyZjJNOGJMY0hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjAkBAIAATAeAwQBbWiY
AwQAbWibAwQCk04AAwQBuX7uAwQAudUXMIGhBAIAAjCBmjASAwcBKhEIQAAGAwcA
KhEIQAAIMBIDBwQqEQhAABADBwAqEQhAABQwEgMHACoRCEAAFwMHASoRCEAAGAMH
ASoRCEAAIDASAwcCKhEIQAAkAwcAKhEIQAAmAwcAKhEIQAAwAwcAKhEIQAAzAwcB
KhEIQABAMBIDBwAqEQhAAEcDBwAqEQhAAEgDBwAqEQhAAFQDBwIqEQhAAGAwDQYJ
KoZIhvcNAQELBQADggEBAD9tMOCT5oujvfBfFCqy1nVJ/FcfpHoggZHUO2sc62/b
FOgp5Ty5Vo74JUcLoWIYL26yeXeYR8wTAkH7jqlqWaitdxKDrCJnUBXcIDuF5G7I
2eb8L9QeQiQYf/r39Jja1vyPlkPPALhY4YZHwWALSCY1ReHYf4A1kvjc2yenx7Sc
gbVb/s4Xn77hWzFquxzgAKWmperqxIVo9disCPGySnJ7fS4cdGEMYT8NUPPT2QT9
ActkUoxVH+4ufnjkprwq7Z6V1McylSMN550kpH63vuf6xg3RreORLgilpx2AgmWZ
tEvmcXpxLEgtrfnvai2NshDfUJLJrGhk+rACaKHv3zI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:20 2024 by rpki-client on console-fra.rpki-client.org