Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/JK7Hwczi8MDSJI2CZCzh701_JDQ.roa
File: JK7Hwczi8MDSJI2CZCzh701_JDQ.roa (raw, json)
Hash identifier: FF93ruahcpwt28G4OXZfv6IHkRO0XTpwn0YsT29/RjQ=
Subject key identifier: 24:AE:C7:C1:CC:E2:F0:C0:D2:24:8D:82:64:2C:E1:EF:4D:7F:24:34
Certificate issuer: /CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Certificate serial: 01909C3764C563C9F68ABB4436643558018D
Authority key identifier: C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/JK7Hwczi8MDSJI2CZCzh701_JDQ.roa
Signing time: Wed 10 Jul 2024 10:36:34 +0000
ROA not before: Wed 10 Jul 2024 10:36:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35625
IP address blocks: 37.16.78.0/24 maxlen: 24
37.235.88.0/21 maxlen: 24
45.15.204.0/22 maxlen: 24
45.88.140.0/22 maxlen: 24
45.138.192.0/22 maxlen: 24
46.29.120.0/21 maxlen: 24
85.208.216.0/22 maxlen: 24
91.212.236.0/24 maxlen: 24
91.229.136.0/24 maxlen: 24
94.158.180.0/22 maxlen: 24
109.71.136.0/21 maxlen: 24
109.197.240.0/21 maxlen: 24
109.205.0.0/21 maxlen: 24
185.31.148.0/22 maxlen: 24
185.39.168.0/22 maxlen: 24
185.71.148.0/22 maxlen: 24
185.75.140.0/22 maxlen: 24
185.117.18.0/24 maxlen: 24
185.161.44.0/22 maxlen: 24
185.167.76.0/24 maxlen: 24
185.181.4.0/22 maxlen: 24
185.218.212.0/22 maxlen: 24
185.220.72.0/22 maxlen: 24
185.227.0.0/22 maxlen: 24
185.230.96.0/22 maxlen: 24
185.246.26.0/24 maxlen: 24
185.246.96.0/22 maxlen: 24
185.252.156.0/22 maxlen: 24
193.176.64.0/22 maxlen: 24
194.88.112.0/21 maxlen: 24
194.126.178.0/24 maxlen: 24
195.90.116.0/22 maxlen: 24
195.190.27.0/24 maxlen: 24
2a00:ba60::/32 maxlen: 32
2a00:ba61::/32 maxlen: 32
2a00:ba62::/32 maxlen: 32
2a00:ba67::/32 maxlen: 32
2a01:6600:2e00::/40 maxlen: 40
2a02:21c8::/32 maxlen: 32
2a09:8c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 11 Jul 2024 15:03:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9c:37:64:c5:63:c9:f6:8a:bb:44:36:64:35:58:01:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Validity
Not Before: Jul 10 10:36:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24aec7c1cce2f0c0d2248d82642ce1ef4d7f2434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:90:56:6d:7c:db:e9:7f:75:76:bb:9b:9f:41:
de:22:45:0f:09:52:2a:69:4e:40:09:e5:fb:e3:2b:
51:42:b8:60:d0:0c:00:14:fb:e5:a0:7c:43:b1:93:
15:0d:73:ab:21:af:7d:6b:f6:5f:0f:62:ec:3a:fc:
61:31:85:ff:37:ad:01:8c:df:fc:34:1c:48:4c:75:
15:bc:6f:ec:e7:31:89:49:42:87:d0:1b:1f:2b:20:
7c:46:db:e2:36:52:1c:5b:18:aa:7e:81:31:f9:a0:
73:5c:dd:28:59:43:1c:02:08:d5:54:cf:ed:e3:95:
3c:d3:68:ac:2b:01:19:43:fc:bb:c1:74:8a:1a:09:
33:bb:08:4d:bb:31:3d:c4:a1:a6:a2:f9:cf:0e:46:
64:77:47:58:cf:bb:75:9a:a9:d7:10:7e:bb:bf:9c:
75:8d:15:ec:f6:d5:bd:fc:53:17:27:0d:48:ac:80:
fd:ec:05:a7:2c:0c:ac:5a:3f:ef:43:2f:a6:ab:31:
67:8c:74:12:fa:73:0c:f8:b0:a2:20:14:c2:22:24:
27:6e:a7:38:34:18:f8:c5:68:6f:00:35:32:c4:78:
55:75:9e:bb:ce:99:d0:d4:4c:08:c9:d4:b5:1f:32:
25:e4:6a:5e:7f:98:0b:15:10:10:38:19:da:3c:2d:
8b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:AE:C7:C1:CC:E2:F0:C0:D2:24:8D:82:64:2C:E1:EF:4D:7F:24:34
X509v3 Authority Key Identifier:
keyid:C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/JK7Hwczi8MDSJI2CZCzh701_JDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.78.0/24
37.235.88.0/21
45.15.204.0/22
45.88.140.0/22
45.138.192.0/22
46.29.120.0/21
85.208.216.0/22
91.212.236.0/24
91.229.136.0/24
94.158.180.0/22
109.71.136.0/21
109.197.240.0/21
109.205.0.0/21
185.31.148.0/22
185.39.168.0/22
185.71.148.0/22
185.75.140.0/22
185.117.18.0/24
185.161.44.0/22
185.167.76.0/24
185.181.4.0/22
185.218.212.0/22
185.220.72.0/22
185.227.0.0/22
185.230.96.0/22
185.246.26.0/24
185.246.96.0/22
185.252.156.0/22
193.176.64.0/22
194.88.112.0/21
194.126.178.0/24
195.90.116.0/22
195.190.27.0/24
IPv6:
2a00:ba60::-2a00:ba62:ffff:ffff:ffff:ffff:ffff:ffff
2a00:ba67::/32
2a01:6600:2e00::/40
2a02:21c8::/32
2a09:8c40::/29
Signature Algorithm: sha256WithRSAEncryption
9d:8f:e1:fe:ae:1a:08:ec:86:d4:8a:2a:eb:1f:72:6f:a7:98:
51:9b:0c:70:8a:c3:41:ac:ab:13:3d:9d:77:ca:bd:8d:4f:3e:
6b:f1:71:96:fb:0f:f9:a5:e8:44:db:fa:6b:d2:20:a7:07:57:
b2:89:e6:33:56:b1:a7:d8:b2:f6:8f:4b:7b:2a:ef:9b:04:c7:
65:44:b8:b3:28:76:db:fc:b8:e4:d9:f2:e3:91:15:32:a5:78:
24:68:72:75:95:a8:bd:e3:69:fa:82:78:0f:aa:96:ed:91:68:
11:f9:a5:c9:02:72:2b:b4:d8:28:e0:55:48:47:59:4e:97:8c:
74:81:0a:8a:fc:5f:47:b3:5d:31:be:c8:be:26:34:2e:76:b0:
fc:ff:4c:de:78:b0:44:1e:a2:a8:21:5c:12:4c:cb:64:0a:6f:
c1:f2:04:2f:52:f3:b8:30:0e:03:6d:0f:b3:63:ec:b1:57:a6:
c0:15:6f:2b:50:1f:49:1c:df:b0:a8:18:d9:92:27:ee:40:ae:
c8:ec:be:cc:a7:19:91:5e:f3:06:19:9e:f2:78:b7:c2:a9:87:
8a:c9:92:37:69:f3:00:e4:f9:db:72:d2:52:fb:44:db:81:f0:
50:54:fa:20:c3:e7:0b:c2:5f:4b:b3:b3:a1:62:c6:74:03:1d:
e0:e6:79:3a
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAZCcN2TFY8n2irtENmQ1WAGNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YWNmNTlhYmQ0YWJiZmJmODMwYTA2MDIyNWE5NmEyMTc5
YTI2OTQwHhcNMjQwNzEwMTAzNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGFlYzdjMWNjZTJmMGMwZDIyNDhkODI2NDJjZTFlZjRkN2YyNDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZBWbXzb6X91drubn0HeIkUPCVIq
aU5ACeX74ytRQrhg0AwAFPvloHxDsZMVDXOrIa99a/ZfD2LsOvxhMYX/N60BjN/8
NBxITHUVvG/s5zGJSUKH0BsfKyB8RtviNlIcWxiqfoEx+aBzXN0oWUMcAgjVVM/t
45U802isKwEZQ/y7wXSKGgkzuwhNuzE9xKGmovnPDkZkd0dYz7t1mqnXEH67v5x1
jRXs9tW9/FMXJw1IrID97AWnLAysWj/vQy+mqzFnjHQS+nMM+LCiIBTCIiQnbqc4
NBj4xWhvADUyxHhVdZ67zpnQ1EwIydS1HzIl5Gpef5gLFRAQOBnaPC2LmQIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFCSux8HM4vDA0iSNgmQs4e9NfyQ0MB8GA1UdIwQY
MBaAFMis9Zq9Srv7+DCgYCJalqIXmiaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvSks3SHdjemk4TURTSkkyQ1pDemg3MDFfSkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGgYIKwYBBQUHAQcBAf8EggEJMIIBBTCBzQQCAAEwgcYD
BAAlEE4DBAMl61gDBAItD8wDBAItWIwDBAItisADBAMuHXgDBAJV0NgDBABb1OwD
BABb5YgDBAJenrQDBANtR4gDBANtxfADBANtzQADBAK5H5QDBAK5J6gDBAK5R5QD
BAK5S4wDBAC5dRIDBAK5oSwDBAC5p0wDBAK5tQQDBAK52tQDBAK53EgDBAK54wAD
BAK55mADBAC59hoDBAK59mADBAK5/JwDBALBsEADBAPCWHADBADCfrIDBALDWnQD
BADDvhswMwQCAAIwLTAOAwUFKgC6YAMFACoAumIDBQAqALpnAwYAKgFmAC4DBQAq
AiHIAwUDKgmMQDANBgkqhkiG9w0BAQsFAAOCAQEAnY/h/q4aCOyG1Ioq6x9yb6eY
UZsMcIrDQayrEz2dd8q9jU8+a/FxlvsP+aXoRNv6a9IgpwdXsonmM1axp9iy9o9L
eyrvmwTHZUS4syh22/y45Nny45EVMqV4JGhydZWoveNp+oJ4D6qW7ZFoEfmlyQJy
K7TYKOBVSEdZTpeMdIEKivxfR7NdMb7IviY0Lnaw/P9M3niwRB6iqCFcEkzLZApv
wfIEL1LzuDAOA20Ps2PssVemwBVvK1AfSRzfsKgY2ZIn7kCuyOy+zKcZkV7zBhme
8ni3wqmHismSN2nzAOT523LSUvtE24HwUFT6IMPnC8JfS7OzoWLGdAMd4OZ5Og==
-----END CERTIFICATE-----
Generated at Thu Jul 11 18:11:43 2024 by rpki-client on console-ams.rpki-client.org