Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/1SSf1xeMv-n7TWmJn1mz0ob3ZIY.roa
File: 1SSf1xeMv-n7TWmJn1mz0ob3ZIY.roa (raw, json)
Hash identifier: GazxVssazPsWyeI3Dswmsjo6AaD/Jg2kgabhFg1dObI=
Subject key identifier: D5:24:9F:D7:17:8C:BF:E9:FB:4D:69:89:9F:59:B3:D2:86:F7:64:86
Certificate issuer: /CN=df0198a7b3afdcdd7003562a0871878e238760ad
Certificate serial: 018CEA1653871103F7982E3F142429F1960B
Authority key identifier: DF:01:98:A7:B3:AF:DC:DD:70:03:56:2A:08:71:87:8E:23:87:60:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/1SSf1xeMv-n7TWmJn1mz0ob3ZIY.roa
Signing time: Mon 08 Jan 2024 17:19:40 +0000
ROA not before: Mon 08 Jan 2024 17:19:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 195.184.160.0/19 maxlen: 24
188.142.160.0/19 maxlen: 24
89.223.128.0/17 maxlen: 24
178.48.0.0/16 maxlen: 24
78.139.0.0/18 maxlen: 24
5.206.128.0/18 maxlen: 24
86.101.0.0/16 maxlen: 24
130.43.192.0/18 maxlen: 24
188.142.192.0/18 maxlen: 24
185.33.80.0/23 maxlen: 24
37.188.80.0/21 maxlen: 24
5.63.192.0/18 maxlen: 24
94.44.0.0/16 maxlen: 24
151.0.64.0/18 maxlen: 24
88.87.240.0/21 maxlen: 24
80.98.0.0/15 maxlen: 24
185.10.124.0/22 maxlen: 24
212.48.240.0/20 maxlen: 24
37.220.192.0/18 maxlen: 24
212.96.32.0/19 maxlen: 24
80.244.96.0/20 maxlen: 24
185.123.28.0/22 maxlen: 24
213.222.128.0/18 maxlen: 24
37.191.0.0/18 maxlen: 24
176.63.0.0/16 maxlen: 24
89.132.0.0/14 maxlen: 24
5.148.192.0/18 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jan 2024 13:28:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ea:16:53:87:11:03:f7:98:2e:3f:14:24:29:f1:96:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df0198a7b3afdcdd7003562a0871878e238760ad
Validity
Not Before: Jan 8 17:19:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5249fd7178cbfe9fb4d69899f59b3d286f76486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:63:a2:da:10:cd:b8:e4:7c:99:39:95:58:cc:
df:dd:28:cd:af:ba:e7:48:02:07:f3:59:0b:e0:90:
0d:51:96:2b:cf:78:7a:29:49:1b:dd:16:7b:94:23:
69:d4:ba:50:19:9f:f1:23:51:1c:b9:da:de:40:b4:
37:87:27:9c:08:6c:59:32:9e:3f:3b:cb:f9:d8:1b:
34:b9:69:11:ef:6f:9a:7b:e2:ad:39:fa:9b:8d:3c:
c8:cd:00:bf:2c:26:99:66:86:46:a3:ba:5e:2a:04:
00:cd:23:8b:93:a3:c2:9d:0c:08:04:97:3d:f0:31:
23:30:96:bd:a3:96:d1:59:04:22:56:61:f4:62:48:
1d:87:84:e7:c1:9c:70:5e:4d:4b:0f:cd:14:3b:da:
7b:2e:d8:8d:64:7d:a7:e4:e7:2a:2a:46:75:e6:69:
a6:04:c2:76:dd:5d:8b:82:09:e1:47:c7:dd:8b:3c:
99:9c:ce:61:aa:91:ad:dd:f9:6d:93:46:88:80:31:
b9:bb:bd:af:2d:41:da:15:4a:56:38:58:cc:0b:ce:
24:09:a9:7f:02:5d:dd:cf:12:e2:1c:76:e5:5d:70:
c6:7c:40:82:e0:57:19:b0:e2:e9:b5:e5:cc:c6:a7:
ad:3c:09:38:3d:7d:96:26:96:53:c3:ee:86:10:20:
1f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:24:9F:D7:17:8C:BF:E9:FB:4D:69:89:9F:59:B3:D2:86:F7:64:86
X509v3 Authority Key Identifier:
keyid:DF:01:98:A7:B3:AF:DC:DD:70:03:56:2A:08:71:87:8E:23:87:60:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/1SSf1xeMv-n7TWmJn1mz0ob3ZIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.192.0/18
5.148.192.0/18
5.206.128.0/18
37.188.80.0/21
37.191.0.0/18
37.220.192.0/18
78.139.0.0/18
80.98.0.0/15
80.244.96.0/20
86.101.0.0/16
88.87.240.0/21
89.132.0.0/14
89.223.128.0/17
94.44.0.0/16
130.43.192.0/18
151.0.64.0/18
176.63.0.0/16
178.48.0.0/16
185.10.124.0/22
185.33.80.0/23
185.123.28.0/22
188.142.160.0-188.142.255.255
195.184.160.0/19
212.48.240.0/20
212.96.32.0/19
213.222.128.0/18
Signature Algorithm: sha256WithRSAEncryption
53:fe:1b:2b:89:53:91:5c:e6:bd:a7:52:18:90:ca:a4:5a:27:
5b:63:6a:1b:c3:c8:62:38:f5:04:a6:64:81:e2:5e:49:07:38:
c7:5b:1e:c7:04:46:2b:06:c4:c6:03:0e:14:02:ef:49:e3:3b:
ff:2f:ff:7d:06:4e:bc:33:3b:33:a1:d1:8f:4f:03:f3:4a:f4:
db:29:65:36:d8:4f:cb:1a:c2:54:5c:e6:59:51:5c:bf:cb:b7:
c8:97:32:b2:18:95:91:9c:66:fe:44:27:05:cb:f6:a9:1e:8d:
ca:5a:4a:b5:65:3c:c6:74:b1:23:e7:71:83:91:2d:0a:cd:de:
c9:c2:10:31:69:92:e7:8d:6f:71:54:ec:d3:ad:41:f5:09:b3:
ea:4f:cb:d5:6f:b9:09:09:97:3d:fb:e2:55:47:78:cc:63:e0:
3d:00:bd:51:90:f6:31:5d:06:34:09:c6:80:e4:d7:b1:03:a0:
a2:96:f8:4f:1f:ef:0a:66:f1:72:ea:1e:66:0d:26:68:aa:49:
d7:c8:d3:3f:59:6b:fc:cf:39:cc:96:46:b3:e4:75:aa:e7:65:
62:9d:d3:c9:c9:a6:79:e3:b8:a2:88:93:04:6f:23:07:90:38:
a6:bb:48:04:36:e1:bd:5d:2a:be:6b:c9:ab:cf:69:4c:eb:50:
a1:5f:9a:e9
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAYzqFlOHEQP3mC4/FCQp8ZYLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMDE5OGE3YjNhZmRjZGQ3MDAzNTYyYTA4NzE4NzhlMjM4
NzYwYWQwHhcNMjQwMTA4MTcxOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTI0OWZkNzE3OGNiZmU5ZmI0ZDY5ODk5ZjU5YjNkMjg2Zjc2NDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWOi2hDNuOR8mTmVWMzf3SjNr7rn
SAIH81kL4JANUZYrz3h6KUkb3RZ7lCNp1LpQGZ/xI1EcudreQLQ3hyecCGxZMp4/
O8v52Bs0uWkR72+ae+KtOfqbjTzIzQC/LCaZZoZGo7peKgQAzSOLk6PCnQwIBJc9
8DEjMJa9o5bRWQQiVmH0Ykgdh4TnwZxwXk1LD80UO9p7LtiNZH2n5OcqKkZ15mmm
BMJ23V2LggnhR8fdizyZnM5hqpGt3fltk0aIgDG5u72vLUHaFUpWOFjMC84kCal/
Al3dzxLiHHblXXDGfECC4FcZsOLpteXMxqetPAk4PX2WJpZTw+6GECAfaQIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFNUkn9cXjL/p+01piZ9Zs9KG92SGMB8GA1UdIwQY
MBaAFN8BmKezr9zdcANWKghxh44jh2CtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3dHWXA3T3YzTjF3QTFZcUNIR0hqaU9IWUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9kM2ZjYTYtZWNiNS00M2FhLThjOWQt
MGZjYzZjMzAxMWZjLzEvMVNTZjF4ZU12LW43VFdtSm4xbXowb2IzWklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9kM2ZjYTYtZWNiNS00M2FhLThjOWQtMGZjYzZjMzAxMWZj
LzEvM3dHWXA3T3YzTjF3QTFZcUNIR0hqaU9IWUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG6BggrBgEFBQcBBwEB/wSBqjCBpzCBpAQCAAEwgZ0DBAYF
P8ADBAYFlMADBAYFzoADBAMlvFADBAYlvwADBAYl3MADBAZOiwADAwFQYgMEBFD0
YAMDAFZlAwQDWFfwAwMCWYQDBAdZ34ADAwBeLAMEBoIrwAMEBpcAQAMDALA/AwMA
sjADBAK5CnwDBAG5IVADBAK5exwwCwMEBbyOoAMDALyOAwQFw7igAwQE1DDwAwQF
1GAgAwQG1d6AMA0GCSqGSIb3DQEBCwUAA4IBAQBT/hsriVORXOa9p1IYkMqkWidb
Y2obw8hiOPUEpmSB4l5JBzjHWx7HBEYrBsTGAw4UAu9J4zv/L/99Bk68MzszodGP
TwPzSvTbKWU22E/LGsJUXOZZUVy/y7fIlzKyGJWRnGb+RCcFy/apHo3KWkq1ZTzG
dLEj53GDkS0Kzd7JwhAxaZLnjW9xVOzTrUH1CbPqT8vVb7kJCZc9++JVR3jMY+A9
AL1RkPYxXQY0CcaA5NexA6CilvhPH+8KZvFy6h5mDSZoqknXyNM/WWv8zznMlkaz
5HWq52VindPJyaZ547iiiJMEbyMHkDimu0gENuG9XSq+a8mrz2lM61ChX5rp
-----END CERTIFICATE-----
Generated at Wed Jan 24 16:46:13 2024 by rpki-client on console-ams.rpki-client.org