Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/1jDNDzgwuyWM3Oxd-FT2A7_ar0w.roa
File: 1jDNDzgwuyWM3Oxd-FT2A7_ar0w.roa (raw, json)
Hash identifier: HpYocVqoQGnXwGSxaWLBwBjlpxBj+4WnDV8JLW8n7Vg=
Subject key identifier: D6:30:CD:0F:38:30:BB:25:8C:DC:EC:5D:F8:54:F6:03:BF:DA:AF:4C
Certificate issuer: /CN=5eb42ab8de98be1c771f0a9868582fcf95dc4ac6
Certificate serial: 019345A83032D91AE13B988ABCF132015E93
Authority key identifier: 5E:B4:2A:B8:DE:98:BE:1C:77:1F:0A:98:68:58:2F:CF:95:DC:4A:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrQquN6Yvhx3HwqYaFgvz5XcSsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/1jDNDzgwuyWM3Oxd-FT2A7_ar0w.roa
Signing time: Tue 19 Nov 2024 18:21:10 +0000
ROA not before: Tue 19 Nov 2024 18:21:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48348
IP address blocks: 89.248.96.0/20 maxlen: 24
89.248.96.0/24 maxlen: 24
89.248.97.0/24 maxlen: 24
89.248.98.0/24 maxlen: 24
89.248.99.0/24 maxlen: 24
89.248.100.0/24 maxlen: 24
89.248.101.0/24 maxlen: 24
89.248.102.0/24 maxlen: 24
89.248.103.0/24 maxlen: 24
89.248.104.0/24 maxlen: 24
89.248.105.0/24 maxlen: 24
89.248.106.0/24 maxlen: 24
89.248.107.0/24 maxlen: 24
89.248.108.0/24 maxlen: 24
89.248.109.0/24 maxlen: 24
89.248.110.0/24 maxlen: 24
93.174.0.0/21 maxlen: 24
93.174.1.0/24 maxlen: 24
93.174.2.0/24 maxlen: 24
93.174.3.0/24 maxlen: 24
93.174.4.0/24 maxlen: 24
93.174.5.0/24 maxlen: 24
93.174.6.0/24 maxlen: 24
93.174.7.0/24 maxlen: 24
185.15.76.0/22 maxlen: 24
185.15.76.0/24 maxlen: 24
185.15.77.0/24 maxlen: 24
185.80.4.0/22 maxlen: 24
185.80.6.0/24 maxlen: 24
2a05:7900::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 20 Nov 2024 10:05:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:45:a8:30:32:d9:1a:e1:3b:98:8a:bc:f1:32:01:5e:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5eb42ab8de98be1c771f0a9868582fcf95dc4ac6
Validity
Not Before: Nov 19 18:21:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d630cd0f3830bb258cdcec5df854f603bfdaaf4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e5:4a:a3:33:36:08:ad:40:80:b7:e9:6b:b8:
94:e8:77:d3:d9:52:fd:28:0b:7c:b3:92:85:cd:9b:
5c:f3:d3:48:8a:b3:c8:41:5a:77:76:ea:6d:45:a2:
56:9b:5c:0b:69:ba:2b:fe:61:da:71:5e:ed:c3:0c:
b1:aa:7e:6c:31:44:85:7c:61:5f:b7:64:1d:85:46:
00:f8:ce:b7:d7:1b:a9:07:9d:2f:55:68:6b:7c:a8:
fa:5f:8d:53:c1:ae:21:73:27:a1:f9:34:b1:7c:c4:
c5:71:57:cb:e2:7b:2a:d0:b8:53:51:99:49:4d:42:
4a:b7:01:f4:58:69:d8:20:98:d0:33:8f:94:21:e2:
53:39:ff:75:f1:1e:be:2d:0f:ba:55:ab:94:24:ba:
5e:a0:84:85:9a:6f:79:c7:f3:34:7d:a1:3f:e9:3d:
6c:2c:30:4c:19:64:7f:b4:16:72:8e:35:8b:a6:24:
0a:e2:d5:09:fa:60:4e:ab:7f:be:c0:94:e9:1c:8e:
40:b2:60:2e:0c:3f:f4:d8:3a:1e:e3:23:ff:e5:6d:
ae:ec:a9:e3:88:de:49:85:87:b7:bd:68:8e:91:88:
da:71:e1:2a:cb:2e:27:73:d9:a6:9c:c4:bf:3a:a8:
e1:5d:21:31:93:6f:08:c5:0e:1b:1a:8e:c9:86:cb:
11:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:30:CD:0F:38:30:BB:25:8C:DC:EC:5D:F8:54:F6:03:BF:DA:AF:4C
X509v3 Authority Key Identifier:
keyid:5E:B4:2A:B8:DE:98:BE:1C:77:1F:0A:98:68:58:2F:CF:95:DC:4A:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrQquN6Yvhx3HwqYaFgvz5XcSsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/1jDNDzgwuyWM3Oxd-FT2A7_ar0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/XrQquN6Yvhx3HwqYaFgvz5XcSsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.96.0/20
93.174.0.0/21
185.15.76.0/22
185.80.4.0/22
IPv6:
2a05:7900::/29
Signature Algorithm: sha256WithRSAEncryption
8d:6a:07:75:ee:17:27:09:bb:42:cb:d2:f3:47:bf:1d:90:12:
45:19:53:0c:25:0b:22:59:9a:60:b7:91:de:65:e4:48:7d:f9:
39:10:63:86:a8:cb:32:07:ed:47:4a:59:68:70:7c:e7:6f:38:
cd:d2:46:7f:e7:a6:91:45:1c:3a:b0:79:28:ce:70:28:b2:47:
8e:6c:80:6c:07:94:9c:45:f1:43:dc:f7:d4:15:cf:e2:52:d1:
7b:4f:b8:37:a4:06:68:90:0a:77:a7:56:a4:d9:16:50:9e:49:
43:63:5c:d6:0e:c4:cc:9c:33:29:0c:40:7c:a1:a7:af:2b:b4:
25:00:62:7d:dd:99:40:85:da:ed:c8:0a:26:b3:8b:1d:8c:77:
47:02:c6:9f:9f:1d:3d:a8:cb:ac:18:5f:10:4f:2e:8f:2b:bb:
3d:79:65:f0:fb:a6:a1:fd:0f:27:aa:58:46:dc:68:b5:55:be:
10:24:21:bc:00:5b:43:54:7b:29:cf:5e:d4:34:65:a5:3b:a5:
2c:4d:b8:16:2d:39:07:bd:54:80:ff:1c:24:7f:d1:71:3a:02:
6a:55:9b:7c:3a:06:e6:37:a9:64:ab:44:76:76:6d:92:1f:58:
72:2d:d8:eb:2e:64:7d:cb:e7:a3:3d:91:cb:7d:09:c2:08:bc:
20:36:8d:bf
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZNFqDAy2RrhO5iKvPEyAV6TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYjQyYWI4ZGU5OGJlMWM3NzFmMGE5ODY4NTgyZmNmOTVk
YzRhYzYwHhcNMjQxMTE5MTgyMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjMwY2QwZjM4MzBiYjI1OGNkY2VjNWRmODU0ZjYwM2JmZGFhZjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+VKozM2CK1AgLfpa7iU6HfT2VL9
KAt8s5KFzZtc89NIirPIQVp3duptRaJWm1wLabor/mHacV7twwyxqn5sMUSFfGFf
t2QdhUYA+M631xupB50vVWhrfKj6X41Twa4hcyeh+TSxfMTFcVfL4nsq0LhTUZlJ
TUJKtwH0WGnYIJjQM4+UIeJTOf918R6+LQ+6VauUJLpeoISFmm95x/M0faE/6T1s
LDBMGWR/tBZyjjWLpiQK4tUJ+mBOq3++wJTpHI5AsmAuDD/02Doe4yP/5W2u7Knj
iN5JhYe3vWiOkYjaceEqyy4nc9mmnMS/OqjhXSExk28IxQ4bGo7JhssRBwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNYwzQ84MLsljNzsXfhU9gO/2q9MMB8GA1UdIwQY
MBaAFF60KrjemL4cdx8KmGhYL8+V3ErGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJRcXVONll2aHgzSHdxWWFGZ3Z6NVhjU3NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9hODRlN2UtYzYxNi00YWIxLWE0OTQt
NzczYzBiM2M4OTM1LzEvMWpETkR6Z3d1eVdNM094ZC1GVDJBN19hcjB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9hODRlN2UtYzYxNi00YWIxLWE0OTQtNzczYzBiM2M4OTM1
LzEvWHJRcXVONll2aHgzSHdxWWFGZ3Z6NVhjU3NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEWfhgAwQD
Xa4AAwQCuQ9MAwQCuVAEMA0EAgACMAcDBQMqBXkAMA0GCSqGSIb3DQEBCwUAA4IB
AQCNagd17hcnCbtCy9LzR78dkBJFGVMMJQsiWZpgt5HeZeRIffk5EGOGqMsyB+1H
SllocHznbzjN0kZ/56aRRRw6sHkoznAoskeObIBsB5ScRfFD3PfUFc/iUtF7T7g3
pAZokAp3p1ak2RZQnklDY1zWDsTMnDMpDEB8oaevK7QlAGJ93ZlAhdrtyAoms4sd
jHdHAsafnx09qMusGF8QTy6PK7s9eWXw+6ah/Q8nqlhG3Gi1Vb4QJCG8AFtDVHsp
z17UNGWlO6UsTbgWLTkHvVSA/xwkf9FxOgJqVZt8OgbmN6lkq0R2dm2SH1hyLdjr
LmR9y+ejPZHLfQnCCLwgNo2/
-----END CERTIFICATE-----
Generated at Wed Nov 20 12:17:26 2024 by rpki-client on console-ams.rpki-client.org