Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/JWlLNOfrs-NEg6up1dDkB1QdKBo.roa
File: JWlLNOfrs-NEg6up1dDkB1QdKBo.roa (raw, json)
Hash identifier: Erco/RmvdLcj731ZIwd4ysEpmsPErHyyOiv7OfY+VkM=
Subject key identifier: 25:69:4B:34:E7:EB:B3:E3:44:83:AB:A9:D5:D0:E4:07:54:1D:28:1A
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018BB403C388B9A589807851F8ABE07AFA4D
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/JWlLNOfrs-NEg6up1dDkB1QdKBo.roa
Signing time: Thu 09 Nov 2023 12:17:07 +0000
ROA not before: Thu 09 Nov 2023 12:17:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20632
IP address blocks: 84.204.230.0/24 maxlen: 24
212.14.160.0/19 maxlen: 19
84.204.160.0/20 maxlen: 20
82.196.64.0/19 maxlen: 19
84.204.176.0/21 maxlen: 21
79.171.8.0/21 maxlen: 21
81.24.128.0/20 maxlen: 20
84.204.188.0/22 maxlen: 22
84.204.192.0/18 maxlen: 18
109.124.108.0/22 maxlen: 22
217.195.64.0/19 maxlen: 19
109.124.64.0/18 maxlen: 18
213.154.160.0/21 maxlen: 21
213.154.168.0/21 maxlen: 21
213.168.32.0/19 maxlen: 19
213.154.176.0/21 maxlen: 21
213.154.184.0/21 maxlen: 21
84.204.0.0/17 maxlen: 17
213.172.0.0/19 maxlen: 19
93.153.128.0/17 maxlen: 17
93.153.144.0/21 maxlen: 21
109.74.112.0/20 maxlen: 20
93.153.158.0/24 maxlen: 24
93.153.162.0/24 maxlen: 24
93.153.161.0/24 maxlen: 24
195.144.224.0/19 maxlen: 19
212.119.160.0/19 maxlen: 19
80.247.176.0/20 maxlen: 20
81.3.128.0/18 maxlen: 18
91.193.212.0/22 maxlen: 22
84.204.132.0/22 maxlen: 22
94.25.248.0/21 maxlen: 21
84.204.138.0/24 maxlen: 24
84.204.136.0/24 maxlen: 24
84.204.139.0/24 maxlen: 24
213.182.160.0/19 maxlen: 19
84.204.140.0/22 maxlen: 22
84.204.144.0/20 maxlen: 20
212.44.64.0/19 maxlen: 19
195.5.128.0/19 maxlen: 19
82.140.64.0/18 maxlen: 18
82.140.93.0/24 maxlen: 24
95.137.0.0/17 maxlen: 17
46.47.192.0/18 maxlen: 18
62.182.128.0/21 maxlen: 21
2a03:d000:9009::/48 maxlen: 48
2a03:d000:9008::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 15 Dec 2023 12:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b4:03:c3:88:b9:a5:89:80:78:51:f8:ab:e0:7a:fa:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Nov 9 12:17:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25694b34e7ebb3e34483aba9d5d0e407541d281a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:93:a5:5c:36:ca:84:ab:dd:d3:be:97:aa:e9:
1b:fb:4b:06:d5:17:c6:77:27:08:a4:09:7e:1b:0e:
e5:26:95:00:d6:ca:6e:51:fd:83:29:79:00:a0:34:
10:d5:5f:83:7f:f3:17:3e:2a:a5:64:39:e7:e8:ca:
71:2a:42:32:d8:04:be:03:23:dc:ef:c6:2e:c7:35:
b3:ed:7b:15:2d:41:7a:f7:57:8d:07:ab:96:c0:9d:
45:88:60:97:c2:e8:f8:d9:19:09:d4:b4:db:4a:51:
e2:30:4b:1f:f1:ac:69:9b:1e:28:77:03:a8:23:73:
26:d1:22:2d:c7:3e:83:f6:9a:19:44:37:35:a5:0b:
e2:43:e9:3d:32:1d:db:07:b1:90:fc:90:c5:98:91:
21:14:0c:a0:a8:d6:67:c4:ef:31:19:72:46:f7:83:
cc:29:dd:7e:76:25:b1:e9:e5:6e:9f:37:d9:c5:30:
aa:23:98:aa:b9:4b:24:90:b8:c8:1e:b6:ed:31:c7:
97:94:91:ac:5a:e3:d7:d2:ae:51:69:85:92:88:fa:
a5:6a:9f:01:c0:ee:80:3b:0f:b9:0c:63:a9:a6:fd:
d9:1e:4d:59:0b:49:4b:aa:38:e5:5c:46:db:06:76:
df:66:f4:27:6d:3f:0e:9f:99:57:f5:2d:c9:65:d2:
c5:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:69:4B:34:E7:EB:B3:E3:44:83:AB:A9:D5:D0:E4:07:54:1D:28:1A
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/JWlLNOfrs-NEg6up1dDkB1QdKBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.47.192.0/18
62.182.128.0/21
79.171.8.0/21
80.247.176.0/20
81.3.128.0/18
81.24.128.0/20
82.140.64.0/18
82.196.64.0/19
84.204.0.0/17
84.204.132.0-84.204.136.255
84.204.138.0-84.204.183.255
84.204.188.0-84.204.255.255
91.193.212.0/22
93.153.128.0/17
94.25.248.0/21
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
195.5.128.0/19
195.144.224.0/19
212.14.160.0/19
212.44.64.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.172.0.0/19
213.182.160.0/19
217.195.64.0/19
IPv6:
2a03:d000:9008::/47
Signature Algorithm: sha256WithRSAEncryption
49:1e:aa:b4:ce:55:12:5c:fb:bb:32:21:11:a0:11:cb:bf:6f:
80:ed:d6:c0:70:77:dd:fd:4b:1a:0f:6a:f5:4e:a2:99:d7:e9:
01:62:b7:c7:b6:13:5b:f3:c9:d2:db:57:75:b4:fb:57:fa:1d:
c2:48:ec:f3:16:66:7d:e0:70:f7:fe:b9:4b:8c:50:92:1e:71:
84:cc:68:b6:16:d1:28:f0:d8:a4:a5:5b:6d:51:9f:df:e7:8d:
83:9e:a9:31:88:61:ce:0f:ba:d8:58:a0:59:1d:8a:a1:62:5c:
e7:53:e8:31:d0:92:ed:aa:2f:19:cf:50:1c:07:b6:41:e7:d7:
b9:28:0e:d3:7d:5e:b6:41:88:2f:37:84:d2:11:d7:e9:b9:be:
d1:ef:0c:3e:db:19:19:56:7d:23:36:04:3d:fe:09:90:a5:aa:
a9:fe:e5:f9:da:c9:0f:21:ec:64:da:9f:28:4f:c3:d6:be:be:
eb:03:0f:34:b5:7c:b9:3d:16:d2:1c:94:58:00:eb:da:5b:d6:
92:09:35:b7:b6:dc:e1:85:d4:5e:08:9a:dd:b2:bb:44:8e:1d:
fe:d9:a9:3a:ff:0c:65:37:3f:92:62:96:55:41:1e:77:ad:7c:
bb:6f:52:95:ce:80:9d:9c:61:c1:e4:89:91:88:65:80:3e:03:
69:fe:ca:cc
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAYu0A8OIuaWJgHhR+KvgevpNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMxMTA5MTIxNzA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTY5NGIzNGU3ZWJiM2UzNDQ4M2FiYTlkNWQwZTQwNzU0MWQyODFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJOlXDbKhKvd076Xqukb+0sG1RfG
dycIpAl+Gw7lJpUA1spuUf2DKXkAoDQQ1V+Df/MXPiqlZDnn6MpxKkIy2AS+AyPc
78YuxzWz7XsVLUF691eNB6uWwJ1FiGCXwuj42RkJ1LTbSlHiMEsf8axpmx4odwOo
I3Mm0SItxz6D9poZRDc1pQviQ+k9Mh3bB7GQ/JDFmJEhFAygqNZnxO8xGXJG94PM
Kd1+diWx6eVunzfZxTCqI5iquUskkLjIHrbtMceXlJGsWuPX0q5RaYWSiPqlap8B
wO6AOw+5DGOppv3ZHk1ZC0lLqjjlXEbbBnbfZvQnbT8On5lX9S3JZdLFRQIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFCVpSzTn67PjRIOrqdXQ5AdUHSgaMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvSldsTE5PZnJzLU5FZzZ1cDFkRGtCMVFkS0JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCBxgQCAAEwgb8DBAYu
L8ADBAM+toADBANPqwgDBARQ97ADBAZRA4ADBARRGIADBAZSjEADBAVSxEADBAdU
zAAwDAMEAlTMhAMEAFTMiDAMAwQBVMyKAwQDVMywMAsDBAJUzLwDAwBUzAMEAlvB
1AMEB12ZgAMEA14Z+AMEB1+JAAMEBG1KcAMEBm18QAMEBcMFgAMEBcOQ4AMEBdQO
oAMEBdQsQAMEBdR3oAMEBdWaoAMEBdWoIAMEBdWsAAMEBdW2oAMEBdnDQDAPBAIA
AjAJAwcBKgPQAJAIMA0GCSqGSIb3DQEBCwUAA4IBAQBJHqq0zlUSXPu7MiERoBHL
v2+A7dbAcHfd/UsaD2r1TqKZ1+kBYrfHthNb88nS21d1tPtX+h3CSOzzFmZ94HD3
/rlLjFCSHnGEzGi2FtEo8NikpVttUZ/f542DnqkxiGHOD7rYWKBZHYqhYlznU+gx
0JLtqi8Zz1AcB7ZB59e5KA7TfV62QYgvN4TSEdfpub7R7ww+2xkZVn0jNgQ9/gmQ
paqp/uX52skPIexk2p8oT8PWvr7rAw80tXy5PRbSHJRYAOvaW9aSCTW3ttzhhdRe
CJrdsrtEjh3+2ak6/wxlNz+SYpZVQR53rXy7b1KVzoCdnGHB5ImRiGWAPgNp/srM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:25 2024 by rpki-client on console-fra.rpki-client.org