Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/JfyFWJsAlusyphW0hLGQqi2VZ-8.roa
File: JfyFWJsAlusyphW0hLGQqi2VZ-8.roa (raw, json)
Hash identifier: LU8vOR3QAqnfPx9/oDFx4cyc8PeNhhwY5JYT6O6a/4U=
Subject key identifier: 25:FC:85:58:9B:00:96:EB:32:A6:15:B4:84:B1:90:AA:2D:95:67:EF
Certificate issuer: /CN=1daf46a40c246d6540d992c321b1cc3623d65995
Certificate serial: 018E13B6A72830272A82725CF0DC96499AD1
Authority key identifier: 1D:AF:46:A4:0C:24:6D:65:40:D9:92:C3:21:B1:CC:36:23:D6:59:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/JfyFWJsAlusyphW0hLGQqi2VZ-8.roa
Signing time: Wed 06 Mar 2024 12:22:01 +0000
ROA not before: Wed 06 Mar 2024 12:22:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62370
IP address blocks: 5.104.224.0/21 maxlen: 21
37.148.160.0/21 maxlen: 21
77.95.224.0/21 maxlen: 21
78.41.200.0/21 maxlen: 21
89.207.128.0/21 maxlen: 21
128.204.192.0/20 maxlen: 20
185.62.56.0/22 maxlen: 22
193.33.60.0/23 maxlen: 23
193.34.166.0/23 maxlen: 23
195.20.204.0/23 maxlen: 23
195.20.204.0/24 maxlen: 24
195.20.205.0/24 maxlen: 24
2a00:7b80::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 09 Apr 2024 07:26:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:13:b6:a7:28:30:27:2a:82:72:5c:f0:dc:96:49:9a:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1daf46a40c246d6540d992c321b1cc3623d65995
Validity
Not Before: Mar 6 12:22:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25fc85589b0096eb32a615b484b190aa2d9567ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:88:1b:3e:50:85:4e:bd:ab:b2:82:69:dd:34:
db:7b:40:ff:b0:10:8b:57:1d:79:3a:bf:1c:d1:43:
1a:f7:99:11:76:24:88:67:cb:00:40:ce:f4:c1:c2:
b1:1a:b5:08:a1:b9:28:c6:bb:0e:21:12:b4:25:d3:
4c:9a:6e:18:37:20:8d:c9:af:bf:e3:0d:16:7a:f0:
b6:0c:68:12:b2:e3:84:09:fb:16:d0:c0:47:79:82:
ee:93:27:de:5f:be:30:72:16:44:e8:0c:fa:ee:89:
db:3c:35:a4:e0:13:ea:24:d5:00:ea:09:70:35:b4:
f3:23:9c:b5:76:06:34:d1:30:86:23:e6:ba:64:a1:
e9:d5:cb:01:b7:fd:8c:75:6a:f4:a2:0d:fe:2c:62:
0a:73:47:55:96:8e:bd:2e:4b:e8:c8:d2:64:ef:4d:
e3:93:78:fb:42:a2:89:9d:64:15:18:c6:82:64:1e:
d1:07:26:ec:de:38:d3:ad:be:e7:b2:5b:0e:8a:6e:
eb:1f:1f:ed:55:8c:97:f7:64:b7:24:68:cd:c4:19:
f4:a9:22:4e:1e:fe:c3:77:de:13:d9:44:34:7f:ef:
8f:8d:c8:fc:9e:f7:59:18:c7:48:4c:8e:34:3f:e6:
1a:ef:fe:dd:4d:e5:b7:66:5b:6c:33:3a:83:9b:57:
e0:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:FC:85:58:9B:00:96:EB:32:A6:15:B4:84:B1:90:AA:2D:95:67:EF
X509v3 Authority Key Identifier:
keyid:1D:AF:46:A4:0C:24:6D:65:40:D9:92:C3:21:B1:CC:36:23:D6:59:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/JfyFWJsAlusyphW0hLGQqi2VZ-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.224.0/21
37.148.160.0/21
77.95.224.0/21
78.41.200.0/21
89.207.128.0/21
128.204.192.0/20
185.62.56.0/22
193.33.60.0/23
193.34.166.0/23
195.20.204.0/23
IPv6:
2a00:7b80::/32
Signature Algorithm: sha256WithRSAEncryption
9c:52:34:2b:3b:6a:8b:f8:b2:c7:e5:5e:53:c3:30:60:d6:ac:
41:db:61:7d:66:1e:6c:33:58:bc:a3:6d:84:56:3a:61:ad:57:
a8:35:c5:25:d5:84:e1:f9:d1:ce:ab:05:3d:b9:ca:70:71:71:
4d:05:49:90:48:e9:e7:84:37:b9:09:29:fd:90:33:38:ce:66:
33:78:df:9e:8f:ae:3d:23:de:90:b9:71:8b:71:dd:e5:9d:64:
38:bf:23:c3:01:84:96:a0:ec:ed:9d:2e:1b:e3:b2:ec:c0:ba:
01:d5:2f:af:a0:e1:29:10:86:fd:36:83:e1:61:60:2f:2f:a4:
cd:e5:8a:18:52:54:ac:f3:9e:36:df:62:b0:8d:cf:22:d4:ce:
0e:00:3f:6f:cf:23:8d:3d:82:f6:ef:8b:a2:9a:a7:80:10:74:
b1:d8:00:8d:fa:81:92:dd:3c:00:06:7c:39:56:e5:cf:d0:41:
1d:84:a3:5e:29:2e:0e:c3:80:47:37:40:94:5f:a1:19:1c:9f:
1b:fc:ce:9d:6a:10:97:cb:e5:c3:6d:6c:d7:a6:e7:02:36:e0:
4c:38:2e:b4:ef:f6:89:c3:4e:4e:b3:98:f0:92:62:86:83:f6:
eb:51:dd:11:85:23:40:c2:0f:3b:61:20:0a:25:be:1d:03:e3:
c1:76:2b:04
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAY4TtqcoMCcqgnJc8NyWSZrRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYWY0NmE0MGMyNDZkNjU0MGQ5OTJjMzIxYjFjYzM2MjNk
NjU5OTUwHhcNMjQwMzA2MTIyMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWZjODU1ODliMDA5NmViMzJhNjE1YjQ4NGIxOTBhYTJkOTU2N2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkogbPlCFTr2rsoJp3TTbe0D/sBCL
Vx15Or8c0UMa95kRdiSIZ8sAQM70wcKxGrUIobkoxrsOIRK0JdNMmm4YNyCNya+/
4w0WevC2DGgSsuOECfsW0MBHeYLukyfeX74wchZE6Az67onbPDWk4BPqJNUA6glw
NbTzI5y1dgY00TCGI+a6ZKHp1csBt/2MdWr0og3+LGIKc0dVlo69LkvoyNJk703j
k3j7QqKJnWQVGMaCZB7RBybs3jjTrb7nslsOim7rHx/tVYyX92S3JGjNxBn0qSJO
Hv7Dd94T2UQ0f++Pjcj8nvdZGMdITI40P+Ya7/7dTeW3ZltsMzqDm1fgpQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFCX8hVibAJbrMqYVtISxkKotlWfvMB8GA1UdIwQY
MBaAFB2vRqQMJG1lQNmSwyGxzDYj1lmVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGE5R3BBd2tiV1ZBMlpMREliSE1OaVBXV1pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS80NGMwZWYtNWRhNi00ZmYyLWI1ZWYt
NzlmMDQ4YmQyYTdhLzEvSmZ5RldKc0FsdXN5cGhXMGhMR1FxaTJWWi04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS80NGMwZWYtNWRhNi00ZmYyLWI1ZWYtNzlmMDQ4YmQyYTdh
LzEvSGE5R3BBd2tiV1ZBMlpMREliSE1OaVBXV1pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQDBWjgAwQD
JZSgAwQDTV/gAwQDTinIAwQDWc+AAwQEgMzAAwQCuT44AwQBwSE8AwQBwSKmAwQB
wxTMMA0EAgACMAcDBQAqAHuAMA0GCSqGSIb3DQEBCwUAA4IBAQCcUjQrO2qL+LLH
5V5TwzBg1qxB22F9Zh5sM1i8o22EVjphrVeoNcUl1YTh+dHOqwU9ucpwcXFNBUmQ
SOnnhDe5CSn9kDM4zmYzeN+ej649I96QuXGLcd3lnWQ4vyPDAYSWoOztnS4b47Ls
wLoB1S+voOEpEIb9NoPhYWAvL6TN5YoYUlSs854232Kwjc8i1M4OAD9vzyONPYL2
74uimqeAEHSx2ACN+oGS3TwABnw5VuXP0EEdhKNeKS4Ow4BHN0CUX6EZHJ8b/M6d
ahCXy+XDbWzXpucCNuBMOC607/aJw05Os5jwkmKGg/brUd0RhSNAwg87YSAKJb4d
A+PBdisE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:35 2024 by rpki-client on console-ams.rpki-client.org