Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/j5Xl_jjksVKzce_uRrTlrso7o88.roa
File: j5Xl_jjksVKzce_uRrTlrso7o88.roa (raw, json)
Hash identifier: bAYbgdv6jovzxHSjA1nbWMP/cSYnyt1PlbmruONG1/4=
Subject key identifier: 8F:95:E5:FE:38:E4:B1:52:B3:71:EF:EE:46:B4:E5:AE:CA:3B:A3:CF
Certificate issuer: /CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Certificate serial: 018C3A7AA330DAEE0F4536102A77645F6EED
Authority key identifier: A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/j5Xl_jjksVKzce_uRrTlrso7o88.roa
Signing time: Tue 05 Dec 2023 14:56:04 +0000
ROA not before: Tue 05 Dec 2023 14:56:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39686
IP address blocks: 144.178.192.0/19 maxlen: 24
144.178.224.0/20 maxlen: 24
185.184.204.0/22 maxlen: 24
144.178.96.0/21 maxlen: 24
45.11.164.0/22 maxlen: 24
161.51.64.0/19 maxlen: 24
144.178.108.0/22 maxlen: 24
144.178.112.0/22 maxlen: 24
151.236.144.0/20 maxlen: 24
144.178.120.0/21 maxlen: 24
93.95.248.0/21 maxlen: 24
144.178.240.0/21 maxlen: 24
89.20.160.0/19 maxlen: 24
144.178.248.0/22 maxlen: 24
144.178.64.0/19 maxlen: 24
2a01:9bc0::/29 maxlen: 48
2a02:fe8::/32 maxlen: 48
2a02:fe9::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3a:7a:a3:30:da:ee:0f:45:36:10:2a:77:64:5f:6e:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Validity
Not Before: Dec 5 14:56:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f95e5fe38e4b152b371efee46b4e5aeca3ba3cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ac:c1:34:f9:af:06:0b:b2:f6:19:8d:25:12:
45:42:7e:e2:94:83:51:a7:f3:5a:3d:b1:4f:13:05:
61:c8:1b:45:32:2b:e0:39:4e:c7:be:41:5c:fe:04:
18:bd:2c:e7:f8:d2:80:2e:10:ec:51:52:49:97:a2:
49:6f:e2:92:be:fa:37:9e:d2:38:06:dc:56:3d:58:
50:2a:a9:66:1a:7a:32:90:8c:bc:9d:6c:0e:2f:fb:
4d:2f:e8:ee:0c:d8:90:7f:aa:2f:6b:0e:c8:fc:60:
fb:67:6a:37:c4:3e:4a:49:2e:a4:0a:4d:0e:74:94:
76:64:50:af:28:ec:08:e9:35:eb:08:4f:30:42:00:
40:c2:16:cc:fe:83:4b:58:86:07:6f:66:08:1e:26:
9c:1e:d1:4a:e6:75:57:6c:da:3f:eb:93:16:f6:16:
8d:87:c0:fc:56:40:b7:12:6a:c3:64:f8:5c:a6:61:
63:9e:83:f2:76:3e:95:60:21:cd:e2:b1:b8:26:2d:
82:69:fc:ec:e1:f6:d8:24:dd:e4:d9:f3:1c:da:8e:
d3:ea:34:67:a5:76:bd:53:22:2b:ed:42:5d:8a:7e:
67:a4:b6:ef:b6:cc:f2:7c:d9:3f:53:51:c3:72:7c:
c6:89:eb:11:5b:9c:68:86:1f:d7:26:8e:f9:17:0a:
8f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:95:E5:FE:38:E4:B1:52:B3:71:EF:EE:46:B4:E5:AE:CA:3B:A3:CF
X509v3 Authority Key Identifier:
keyid:A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/j5Xl_jjksVKzce_uRrTlrso7o88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/qGWA4YrW_43JQr6IPBbei3MflgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.164.0/22
89.20.160.0/19
93.95.248.0/21
144.178.64.0-144.178.103.255
144.178.108.0-144.178.115.255
144.178.120.0/21
144.178.192.0-144.178.251.255
151.236.144.0/20
161.51.64.0/19
185.184.204.0/22
IPv6:
2a01:9bc0::/29
2a02:fe8::/31
Signature Algorithm: sha256WithRSAEncryption
3e:81:de:da:3a:36:c4:ab:01:f2:11:19:15:a5:38:be:ac:80:
34:af:b9:9a:28:d8:f3:91:74:42:1d:61:2c:77:ac:d5:7c:2b:
8a:10:95:33:80:bf:47:86:5b:0c:59:6d:18:11:9e:43:fa:c5:
a6:93:b9:8c:1c:81:0a:93:11:06:f6:ea:0d:eb:27:4f:54:20:
f4:d8:14:35:34:d2:4c:39:19:77:3d:73:6a:75:f7:8d:4d:6e:
33:30:cc:50:14:1f:b2:9b:28:22:48:03:f5:4c:82:ae:9e:22:
81:64:2c:b8:0d:f5:2c:bc:04:79:c7:e9:c5:6b:d5:9b:1d:b1:
42:b7:cb:44:51:73:fc:9a:9b:c4:e1:cb:6e:ca:f0:49:4e:b6:
07:f9:d9:e6:1d:17:8a:c8:da:bd:d1:77:80:de:06:37:36:ac:
b3:c6:16:65:2f:26:72:2e:c9:21:93:60:62:fc:df:e5:e1:da:
de:a2:40:ce:c2:57:4f:29:b1:c8:6a:0b:a4:b1:39:4d:a7:c9:
c7:ff:a8:0d:c2:3e:c6:18:eb:a1:1e:85:3b:da:b6:6d:f3:86:
fc:e8:ee:7b:3d:fc:b1:13:92:a7:77:eb:96:9f:75:d1:03:95:
a4:36:57:2f:07:63:47:69:ac:8d:d5:d9:f0:c8:80:54:e5:79:
5c:d9:b1:6b
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYw6eqMw2u4PRTYQKndkX27tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjU4MGUxOGFkNmZmOGRjOTQyYmU4ODNjMTZkZThiNzMx
Zjk2MDUwHhcNMjMxMjA1MTQ1NjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjk1ZTVmZTM4ZTRiMTUyYjM3MWVmZWU0NmI0ZTVhZWNhM2JhM2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqzBNPmvBguy9hmNJRJFQn7ilINR
p/NaPbFPEwVhyBtFMivgOU7HvkFc/gQYvSzn+NKALhDsUVJJl6JJb+KSvvo3ntI4
BtxWPVhQKqlmGnoykIy8nWwOL/tNL+juDNiQf6ovaw7I/GD7Z2o3xD5KSS6kCk0O
dJR2ZFCvKOwI6TXrCE8wQgBAwhbM/oNLWIYHb2YIHiacHtFK5nVXbNo/65MW9haN
h8D8VkC3EmrDZPhcpmFjnoPydj6VYCHN4rG4Ji2Cafzs4fbYJN3k2fMc2o7T6jRn
pXa9UyIr7UJdin5npLbvtszyfNk/U1HDcnzGiesRW5xohh/XJo75FwqPiQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFI+V5f445LFSs3Hv7ka05a7KO6PPMB8GA1UdIwQY
MBaAFKhlgOGK1v+NyUK+iDwW3otzH5YFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXQTRZcldfNDNKUXI2SVBCYmVpM01mbGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lMjlkY2UtYTE3NC00Yjc3LTg5YWEt
MjM2ZTkyZmM2YTU5LzEvajVYbF9qamtzVkt6Y2VfdVJyVGxyc283bzg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9lMjlkY2UtYTE3NC00Yjc3LTg5YWEtMjM2ZTkyZmM2YTU5
LzEvcUdXQTRZcldfNDNKUXI2SVBCYmVpM01mbGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwWgQCAAEwVAMEAi0LpAME
BVkUoAMEA11f+DAMAwQGkLJAAwQDkLJgMAwDBAKQsmwDBAKQsnADBAOQsngwDAME
BpCywAMEApCy+AMEBJfskAMEBaEzQAMEArm4zDAUBAIAAjAOAwUDKgGbwAMFASoC
D+gwDQYJKoZIhvcNAQELBQADggEBAD6B3to6NsSrAfIRGRWlOL6sgDSvuZoo2POR
dEIdYSx3rNV8K4oQlTOAv0eGWwxZbRgRnkP6xaaTuYwcgQqTEQb26g3rJ09UIPTY
FDU00kw5GXc9c2p1941NbjMwzFAUH7KbKCJIA/VMgq6eIoFkLLgN9Sy8BHnH6cVr
1ZsdsUK3y0RRc/yam8Thy27K8ElOtgf52eYdF4rI2r3Rd4DeBjc2rLPGFmUvJnIu
ySGTYGL83+Xh2t6iQM7CV08pschqC6SxOU2nycf/qA3CPsYY66EehTvatm3zhvzo
7ns9/LETkqd365afddEDlaQ2Vy8HY0dprI3V2fDIgFTleVzZsWs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:35 2024 by rpki-client on console-ams.rpki-client.org