Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/JkmDJla2vUq65tIRyP-_B9W2Xvc.roa
File: JkmDJla2vUq65tIRyP-_B9W2Xvc.roa (raw, json)
Hash identifier: ddrABdL5D3qN2o8VpY6x402rOeAPpcSCClLVp0NdPj0=
Subject key identifier: 26:49:83:26:56:B6:BD:4A:BA:E6:D2:11:C8:FF:BF:07:D5:B6:5E:F7
Certificate issuer: /CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Certificate serial: 018914DBD504DA16AE744E6C0D5E695961AE
Authority key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/JkmDJla2vUq65tIRyP-_B9W2Xvc.roa
Signing time: Sun 02 Jul 2023 04:28:18 +0000
ROA not before: Sun 02 Jul 2023 04:28:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43754
IP address blocks: 46.245.64.0/18 maxlen: 32
46.245.68.0/22 maxlen: 32
46.245.72.0/22 maxlen: 32
46.245.76.0/22 maxlen: 32
46.245.80.0/22 maxlen: 32
46.245.84.0/22 maxlen: 32
185.147.160.0/24 maxlen: 32
185.147.161.0/24 maxlen: 32
185.147.162.0/24 maxlen: 32
185.147.163.0/24 maxlen: 32
46.245.88.0/22 maxlen: 32
46.245.92.0/22 maxlen: 32
46.245.96.0/22 maxlen: 32
46.245.100.0/22 maxlen: 32
46.245.104.0/22 maxlen: 32
46.245.108.0/22 maxlen: 32
46.245.112.0/22 maxlen: 32
46.245.116.0/22 maxlen: 32
77.238.104.0/21 maxlen: 32
77.238.104.0/22 maxlen: 32
77.238.110.0/24 maxlen: 24
77.238.111.0/24 maxlen: 24
77.238.108.0/24 maxlen: 24
77.238.109.0/24 maxlen: 24
77.238.120.0/22 maxlen: 32
46.245.64.0/22 maxlen: 32
46.245.120.0/22 maxlen: 32
46.245.124.0/22 maxlen: 32
89.235.96.0/22 maxlen: 32
185.120.220.0/22 maxlen: 32
185.120.248.0/22 maxlen: 32
31.25.128.0/21 maxlen: 32
176.65.240.0/22 maxlen: 32
176.65.252.0/23 maxlen: 32
176.65.254.0/23 maxlen: 32
176.65.255.0/24 maxlen: 32
128.65.176.0/20 maxlen: 32
79.127.0.0/17 maxlen: 32
185.99.212.0/22 maxlen: 32
185.109.244.0/22 maxlen: 32
185.49.84.0/22 maxlen: 32
185.109.248.0/22 maxlen: 32
178.22.120.0/21 maxlen: 32
37.156.8.0/22 maxlen: 32
37.156.8.0/21 maxlen: 32
37.156.15.0/24 maxlen: 24
37.156.13.0/24 maxlen: 24
37.156.14.0/24 maxlen: 24
37.156.12.0/24 maxlen: 24
188.0.240.0/23 maxlen: 32
185.112.32.0/21 maxlen: 32
185.112.32.0/22 maxlen: 32
185.112.36.0/22 maxlen: 32
93.115.144.0/21 maxlen: 32
46.143.0.0/17 maxlen: 32
109.122.224.0/20 maxlen: 32
37.156.144.0/22 maxlen: 32
178.216.251.0/24 maxlen: 32
178.216.248.0/24 maxlen: 32
178.216.248.0/22 maxlen: 32
178.216.249.0/24 maxlen: 32
178.216.250.0/24 maxlen: 32
185.141.212.0/24 maxlen: 32
185.141.213.0/24 maxlen: 32
185.141.214.0/24 maxlen: 32
185.141.215.0/24 maxlen: 32
5.134.192.0/21 maxlen: 32
212.33.192.0/22 maxlen: 32
212.33.196.0/22 maxlen: 32
212.33.204.0/22 maxlen: 32
212.33.200.0/22 maxlen: 32
185.141.168.0/24 maxlen: 32
185.141.169.0/24 maxlen: 32
185.141.170.0/24 maxlen: 32
185.141.171.0/24 maxlen: 32
185.98.112.0/22 maxlen: 32
89.41.40.0/22 maxlen: 32
93.118.180.0/24 maxlen: 24
93.118.180.0/22 maxlen: 32
31.7.64.0/20 maxlen: 32
31.7.64.0/21 maxlen: 32
31.7.72.0/21 maxlen: 32
2a06:5484::/30 maxlen: 128
2a05:1a00::/26 maxlen: 128
2a05:1a10::/29 maxlen: 128
Validation: Failed, certificate revoked on Wed 04 Oct 2023 05:10:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:14:db:d5:04:da:16:ae:74:4e:6c:0d:5e:69:59:61:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Validity
Not Before: Jul 2 04:28:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2649832656b6bd4abae6d211c8ffbf07d5b65ef7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7b:ef:1b:01:ec:46:3c:c0:c3:5e:c8:dd:4b:
51:ab:b4:4d:ea:f9:d6:a2:4a:cb:33:1c:14:44:fa:
da:16:0d:71:38:97:ec:6b:7a:8e:2e:ee:41:df:13:
ee:63:7b:33:86:81:5a:01:74:90:5a:79:e4:69:31:
5d:c7:c9:65:1d:a5:fd:9d:a8:bb:12:f3:6f:4f:a6:
b7:3c:01:c7:d0:04:4c:9a:5e:f7:fd:c6:cb:3d:40:
05:3e:4b:e9:5e:fd:42:6c:64:9d:8c:37:19:bd:7f:
b5:e4:c4:62:b3:ec:75:e4:90:02:f4:96:11:f3:70:
33:24:ad:24:df:17:4b:14:4d:a3:70:ea:0f:c0:32:
00:56:6e:34:04:7d:ea:83:6d:7a:2e:6f:85:9f:34:
68:ef:00:eb:7c:f1:54:c3:a8:3b:65:ef:15:74:15:
e6:df:7e:00:40:35:61:f8:2b:af:38:2a:ba:dd:83:
41:9b:7e:c7:4c:7f:5c:d0:84:38:c5:42:00:c4:6e:
d6:8f:28:37:84:9f:64:f2:ac:aa:81:01:d6:cc:33:
d0:84:90:c9:bc:ce:eb:fd:29:60:5a:e2:f9:72:27:
ed:c8:8e:71:ba:cd:39:48:17:2b:32:b6:cc:30:20:
b4:49:b1:75:40:3e:72:58:e6:76:a8:2e:de:6c:0e:
66:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:49:83:26:56:B6:BD:4A:BA:E6:D2:11:C8:FF:BF:07:D5:B6:5E:F7
X509v3 Authority Key Identifier:
keyid:5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/JkmDJla2vUq65tIRyP-_B9W2Xvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.192.0/21
31.7.64.0/20
31.25.128.0/21
37.156.8.0/21
37.156.144.0/22
46.143.0.0/17
46.245.64.0/18
77.238.104.0/21
77.238.120.0/22
79.127.0.0/17
89.41.40.0/22
89.235.96.0/22
93.115.144.0/21
93.118.180.0/22
109.122.224.0/20
128.65.176.0/20
176.65.240.0/22
176.65.252.0/22
178.22.120.0/21
178.216.248.0/22
185.49.84.0/22
185.98.112.0/22
185.99.212.0/22
185.109.244.0-185.109.251.255
185.112.32.0/21
185.120.220.0/22
185.120.248.0/22
185.141.168.0/22
185.141.212.0/22
185.147.160.0/22
188.0.240.0/23
212.33.192.0/20
IPv6:
2a05:1a00::/26
2a06:5484::/30
Signature Algorithm: sha256WithRSAEncryption
29:79:d1:2e:df:36:79:1f:40:19:80:5c:eb:df:6e:2a:3d:df:
45:3f:e4:bb:9c:23:81:5a:ab:04:89:e3:64:8a:8b:26:3a:c8:
7c:13:af:e4:69:87:c4:f6:a5:dd:cc:01:64:f0:9a:57:f1:0e:
2e:2b:44:a7:e3:62:1e:6c:fe:51:2b:ce:d2:32:74:e7:5c:82:
37:74:f4:89:e3:80:aa:aa:bf:d8:ec:c8:de:33:75:ac:32:c1:
21:59:67:e3:70:63:32:2e:80:ce:71:49:64:12:ff:db:9e:b1:
45:c7:c8:5e:73:c6:de:dc:09:bd:d7:26:d0:b0:3c:a8:d9:8d:
d8:88:a5:cb:c3:b8:8e:be:bd:09:88:38:b3:3f:9d:88:c0:ac:
88:5e:d9:a6:c1:3e:2f:9a:a6:c9:23:2b:36:ea:bb:fa:76:d0:
64:8e:20:eb:81:6f:6d:c5:7e:66:c7:78:da:09:b0:9e:bc:df:
15:72:ba:a8:98:db:e9:b2:76:f6:29:57:81:da:2e:cc:4f:6a:
b8:63:59:91:b7:1d:81:dc:a7:ae:3e:78:83:dc:da:49:64:fb:
38:51:bb:ef:b4:b5:00:98:30:e5:1f:ce:92:b8:c0:70:65:33:
03:bb:99:8b:04:32:4d:b5:7b:3d:34:d4:b1:ed:5c:ae:56:fc:
0a:84:3f:35
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAYkU29UE2haudE5sDV5pWWGuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNTI2MzRhMmViMDNmODU2NWI1ZTMzZGMyYjlmNDkwNDFm
N2NmYjAwHhcNMjMwNzAyMDQyODE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjQ5ODMyNjU2YjZiZDRhYmFlNmQyMTFjOGZmYmYwN2Q1YjY1ZWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHvvGwHsRjzAw17I3UtRq7RN6vnW
okrLMxwURPraFg1xOJfsa3qOLu5B3xPuY3szhoFaAXSQWnnkaTFdx8llHaX9nai7
EvNvT6a3PAHH0ARMml73/cbLPUAFPkvpXv1CbGSdjDcZvX+15MRis+x15JAC9JYR
83AzJK0k3xdLFE2jcOoPwDIAVm40BH3qg216Lm+FnzRo7wDrfPFUw6g7Ze8VdBXm
334AQDVh+CuvOCq63YNBm37HTH9c0IQ4xUIAxG7Wjyg3hJ9k8qyqgQHWzDPQhJDJ
vM7r/SlgWuL5ciftyI5xus05SBcrMrbMMCC0SbF1QD5yWOZ2qC7ebA5m8wIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFCZJgyZWtr1KuubSEcj/vwfVtl73MB8GA1UdIwQY
MBaAFFtSY0ousD+FZbXjPcK59JBB98+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUt
ZGM2NTU0ZmQxMjM1LzEvSmttREpsYTJ2VXE2NXRJUnlQLV9COVcyWHZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUtZGM2NTU0ZmQxMjM1
LzEvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCBzwQCAAEwgcgDBAMF
hsADBAQfB0ADBAMfGYADBAMlnAgDBAIlnJADBAcujwADBAYu9UADBANN7mgDBAJN
7ngDBAdPfwADBAJZKSgDBAJZ62ADBANdc5ADBAJddrQDBARteuADBASAQbADBAKw
QfADBAKwQfwDBAOyFngDBAKy2PgDBAK5MVQDBAK5YnADBAK5Y9QwDAMEArlt9AME
Arlt+AMEA7lwIAMEArl43AMEArl4+AMEArmNqAMEArmN1AMEArmToAMEAbwA8AME
BNQhwDAUBAIAAjAOAwUGKgUaAAMFAioGVIQwDQYJKoZIhvcNAQELBQADggEBACl5
0S7fNnkfQBmAXOvfbio930U/5LucI4FaqwSJ42SKiyY6yHwTr+Rph8T2pd3MAWTw
mlfxDi4rRKfjYh5s/lErztIydOdcgjd09InjgKqqv9jsyN4zdawywSFZZ+NwYzIu
gM5xSWQS/9uesUXHyF5zxt7cCb3XJtCwPKjZjdiIpcvDuI6+vQmIOLM/nYjArIhe
2abBPi+apskjKzbqu/p20GSOIOuBb23FfmbHeNoJsJ683xVyuqiY2+mydvYpV4Ha
LsxParhjWZG3HYHcp64+eIPc2klk+zhRu++0tQCYMOUfzpK4wHBlMwO7mYsEMk21
ez001LHtXK5W/AqEPzU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:07 2024 by rpki-client on console-fra.rpki-client.org