Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/INptaLjJNoNcg05JXv4LvgeRxFo.roa
File: INptaLjJNoNcg05JXv4LvgeRxFo.roa (raw, json)
Hash identifier: JQz6W8UTq8yTxT5NEFOsRz888YpzFgFpgDIcL2WGbLM=
Subject key identifier: 20:DA:6D:68:B8:C9:36:83:5C:83:4E:49:5E:FE:0B:BE:07:91:C4:5A
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018DD0D1B9039A639F696CEA9D78C1AD6EB0
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/INptaLjJNoNcg05JXv4LvgeRxFo.roa
Signing time: Thu 22 Feb 2024 12:37:01 +0000
ROA not before: Thu 22 Feb 2024 12:37:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 5.182.185.0/24 maxlen: 24
5.182.196.0/24 maxlen: 24
5.182.197.0/24 maxlen: 24
78.31.205.0/24 maxlen: 24
79.98.183.0/24 maxlen: 24
92.249.29.0/24 maxlen: 24
94.154.171.0/24 maxlen: 24
94.154.178.0/24 maxlen: 24
103.130.176.0/24 maxlen: 24
103.130.177.0/24 maxlen: 24
104.232.36.0/24 maxlen: 24
147.78.207.0/24 maxlen: 24
162.218.93.0/24 maxlen: 24
185.52.138.0/24 maxlen: 24
185.52.139.0/24 maxlen: 24
185.161.190.0/24 maxlen: 24
185.187.214.0/24 maxlen: 24
185.187.215.0/24 maxlen: 24
185.198.89.0/24 maxlen: 24
185.198.90.0/24 maxlen: 24
185.198.91.0/24 maxlen: 24
185.201.42.0/24 maxlen: 24
185.205.204.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
185.208.153.0/24 maxlen: 24
185.208.154.0/24 maxlen: 24
185.230.121.0/24 maxlen: 24
185.253.120.0/24 maxlen: 24
185.253.121.0/24 maxlen: 24
212.60.13.0/24 maxlen: 24
217.197.170.0/24 maxlen: 24
2a0a:8f40:3::/48 maxlen: 48
2a0a:8f40:7::/48 maxlen: 48
2a0a:8f40:8::/48 maxlen: 48
2a0a:8f40:9::/48 maxlen: 48
2a0a:8f40:a::/48 maxlen: 48
2a0a:8f40:b::/48 maxlen: 48
2a0a:8f40:c::/48 maxlen: 48
2a0a:8f40:1c::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 22 Mar 2024 15:59:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d0:d1:b9:03:9a:63:9f:69:6c:ea:9d:78:c1:ad:6e:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Feb 22 12:37:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20da6d68b8c936835c834e495efe0bbe0791c45a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:16:a6:2e:7a:be:22:db:d2:74:31:dd:26:ba:
98:0a:28:86:2c:43:d1:5e:d2:5b:f2:c5:26:79:5b:
1a:36:32:84:8a:ba:9b:0a:18:9d:96:71:1a:df:34:
9b:f0:bd:af:15:b5:9f:19:5d:55:00:41:00:73:d0:
f6:35:e1:83:ea:e0:3f:fe:87:b3:e8:b7:1b:67:99:
83:07:88:b6:9b:77:a9:43:46:44:26:9a:d1:d3:03:
99:cc:f3:51:49:91:42:6e:74:15:15:b4:fb:67:2d:
18:a6:24:dc:f8:81:80:44:04:4b:b5:b4:92:f6:3e:
af:fb:c2:f3:f3:8c:da:7f:27:85:fd:e9:60:5c:d2:
bc:6b:64:6d:06:95:03:b6:ab:7c:fa:52:62:28:7e:
c2:c2:43:e6:20:9b:5c:e2:2c:a5:8a:3b:2e:60:e3:
92:9b:00:49:be:36:72:0d:19:e2:8c:7f:18:e9:94:
ed:5e:89:1b:41:04:2f:59:52:6c:bb:b0:f6:cc:3c:
6a:ed:97:18:db:7f:fe:c3:fc:e2:03:af:b1:f9:64:
eb:f2:7d:51:46:1e:fa:1a:f5:ed:f5:e9:7d:96:3b:
e6:06:e8:8e:20:a8:09:de:ec:bc:a6:bd:af:08:36:
c2:06:35:94:d4:fc:c5:56:3d:f1:8c:09:c8:5a:8d:
5b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:DA:6D:68:B8:C9:36:83:5C:83:4E:49:5E:FE:0B:BE:07:91:C4:5A
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/INptaLjJNoNcg05JXv4LvgeRxFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.185.0/24
5.182.196.0/23
78.31.205.0/24
79.98.183.0/24
92.249.29.0/24
94.154.171.0/24
94.154.178.0/24
103.130.176.0/23
104.232.36.0/24
147.78.207.0/24
162.218.93.0/24
185.52.138.0/23
185.161.190.0/24
185.187.214.0/23
185.198.89.0-185.198.91.255
185.201.42.0/24
185.205.204.0/24
185.208.152.0-185.208.154.255
185.230.121.0/24
185.253.120.0/23
212.60.13.0/24
217.197.170.0/24
IPv6:
2a0a:8f40:3::/48
2a0a:8f40:7::-2a0a:8f40:c:ffff:ffff:ffff:ffff:ffff
2a0a:8f40:1c::/48
Signature Algorithm: sha256WithRSAEncryption
2d:21:d3:e3:c7:1d:38:d6:00:0d:bc:16:85:d1:47:27:6f:d4:
23:e6:81:4f:ef:5b:9f:80:1f:d0:b0:2f:54:fb:4b:41:c8:73:
ab:b5:ce:d7:c2:be:d1:b3:cd:93:2f:e1:8c:01:fa:32:f2:86:
cf:b7:97:af:a1:8c:88:a6:e4:05:92:ba:eb:20:80:e8:3d:ad:
1f:08:20:40:90:04:63:da:b0:64:59:7b:7f:28:a7:ff:f8:69:
93:8c:7f:27:b9:09:89:d5:d6:07:d1:17:84:67:32:42:89:b1:
07:2c:b5:f5:83:d1:96:9d:2f:8c:b3:24:b5:16:0a:23:d7:47:
69:13:06:54:db:de:d1:2a:21:5f:1d:75:c4:49:96:ae:55:3f:
36:4c:10:03:a7:d8:43:c7:c9:45:77:a1:f4:91:3d:59:dc:1a:
69:a2:8a:c4:5d:ee:45:3f:57:df:0b:08:8a:65:88:5e:37:e3:
f1:98:86:c2:6b:a6:a4:76:6e:b9:63:06:7f:14:aa:ea:5f:20:
22:5c:f7:24:1e:86:45:cd:c0:af:25:38:94:f4:06:80:ed:f2:
74:5a:aa:c0:30:54:37:f6:1b:70:67:e6:62:c4:be:1f:a9:94:
87:37:c7:a8:a3:7f:6a:7c:15:75:ee:09:d0:6f:86:52:59:96:
dc:d8:de:39
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAY3Q0bkDmmOfaWzqnXjBrW6wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwMjIyMTIzNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGRhNmQ2OGI4YzkzNjgzNWM4MzRlNDk1ZWZlMGJiZTA3OTFjNDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBamLnq+ItvSdDHdJrqYCiiGLEPR
XtJb8sUmeVsaNjKEirqbChidlnEa3zSb8L2vFbWfGV1VAEEAc9D2NeGD6uA//oez
6LcbZ5mDB4i2m3epQ0ZEJprR0wOZzPNRSZFCbnQVFbT7Zy0YpiTc+IGARARLtbSS
9j6v+8Lz84zafyeF/elgXNK8a2RtBpUDtqt8+lJiKH7CwkPmIJtc4iylijsuYOOS
mwBJvjZyDRnijH8Y6ZTtXokbQQQvWVJsu7D2zDxq7ZcY23/+w/ziA6+x+WTr8n1R
Rh76GvXt9el9ljvmBuiOIKgJ3uy8pr2vCDbCBjWU1PzFVj3xjAnIWo1bgwIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFCDabWi4yTaDXINOSV7+C74HkcRaMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvSU5wdGFMakpOb05jZzA1Slh2NEx2Z2VSeEZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCBmwQCAAEwgZQDBAAF
trkDBAEFtsQDBABOH80DBABPYrcDBABc+R0DBABemqsDBABemrIDBAFngrADBABo
6CQDBACTTs8DBACi2l0DBAG5NIoDBAC5ob4DBAG5u9YwDAMEALnGWQMEArnGWAME
ALnJKgMEALnNzDAMAwQDudCYAwQAudCaAwQAueZ5AwQBuf14AwQA1DwNAwQA2cWq
MCwEAgACMCYDBwAqCo9AAAMwEgMHACoKj0AABwMHACoKj0AADAMHACoKj0AAHDAN
BgkqhkiG9w0BAQsFAAOCAQEALSHT48cdONYADbwWhdFHJ2/UI+aBT+9bn4Af0LAv
VPtLQchzq7XO18K+0bPNky/hjAH6MvKGz7eXr6GMiKbkBZK66yCA6D2tHwggQJAE
Y9qwZFl7fyin//hpk4x/J7kJidXWB9EXhGcyQomxByy19YPRlp0vjLMktRYKI9dH
aRMGVNve0SohXx11xEmWrlU/NkwQA6fYQ8fJRXeh9JE9WdwaaaKKxF3uRT9X3wsI
imWIXjfj8ZiGwmumpHZuuWMGfxSq6l8gIlz3JB6GRc3AryU4lPQGgO3ydFqqwDBU
N/YbcGfmYsS+H6mUhzfHqKN/anwVde4J0G+GUlmW3NjeOQ==
-----END CERTIFICATE-----
Generated at Fri Mar 22 18:51:31 2024 by rpki-client on console-ams.rpki-client.org