Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/2oQVQ4lzKAu2An7tv2Ehq99yOvI.roa
File: 2oQVQ4lzKAu2An7tv2Ehq99yOvI.roa (raw, json)
Hash identifier: dB9E4qkLSoAaZa3GYUVYr6SKTgbQCxozoHb9v5nct3w=
Subject key identifier: DA:84:15:43:89:73:28:0B:B6:02:7E:ED:BF:61:21:AB:DF:72:3A:F2
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 018CC348C42414B2DD413416B364EACB0327
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/2oQVQ4lzKAu2An7tv2Ehq99yOvI.roa
Signing time: Mon 01 Jan 2024 04:29:35 +0000
ROA not before: Mon 01 Jan 2024 04:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49100
IP address blocks: 185.177.232.0/22 maxlen: 22
85.9.68.0/24 maxlen: 24
85.9.64.0/18 maxlen: 18
85.9.76.0/24 maxlen: 24
194.33.122.0/23 maxlen: 23
5.202.0.0/16 maxlen: 24
109.232.7.0/24 maxlen: 24
109.232.5.0/24 maxlen: 24
109.232.6.0/24 maxlen: 24
185.131.30.0/23 maxlen: 23
185.131.28.0/22 maxlen: 22
193.32.80.0/23 maxlen: 23
185.180.52.0/22 maxlen: 22
77.237.160.0/19 maxlen: 19
185.103.128.0/22 maxlen: 22
185.83.88.0/24 maxlen: 24
185.83.89.0/24 maxlen: 24
185.83.90.0/23 maxlen: 23
109.125.176.0/22 maxlen: 22
109.125.184.0/22 maxlen: 22
109.125.182.0/23 maxlen: 23
109.125.191.0/24 maxlen: 24
109.125.189.0/24 maxlen: 24
109.125.190.0/24 maxlen: 24
91.209.242.0/24 maxlen: 24
109.125.160.0/19 maxlen: 19
185.126.40.0/22 maxlen: 22
185.125.244.0/22 maxlen: 22
185.72.24.0/22 maxlen: 22
185.125.248.0/21 maxlen: 21
185.125.255.0/24 maxlen: 24
185.72.27.0/24 maxlen: 24
185.126.0.0/20 maxlen: 20
185.126.16.0/22 maxlen: 22
185.126.16.0/23 maxlen: 23
5.202.82.0/24 maxlen: 24
5.202.100.0/24 maxlen: 24
5.202.110.0/24 maxlen: 24
95.215.160.0/22 maxlen: 22
185.155.8.0/21 maxlen: 21
185.169.20.0/22 maxlen: 22
185.169.36.0/22 maxlen: 22
185.169.37.0/24 maxlen: 24
188.253.32.0/19 maxlen: 24
5.202.166.0/23 maxlen: 23
188.253.64.0/19 maxlen: 24
2a07:8f40::/29 maxlen: 29
2a0a:4e00::/29 maxlen: 29
2a07:8f00::/29 maxlen: 29
2001:4c88::/32 maxlen: 32
2a02:cd80::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 13 Feb 2024 06:28:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:c4:24:14:b2:dd:41:34:16:b3:64:ea:cb:03:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jan 1 04:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da8415438973280bb6027eedbf6121abdf723af2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:dd:dd:20:f2:73:9f:c6:94:8c:29:4c:ed:fc:
ce:89:58:d1:99:af:07:19:fd:89:c2:04:04:39:fe:
71:31:5b:1a:cb:de:40:0f:c1:1c:8c:b7:2c:e3:d6:
4c:74:dd:58:c9:ee:e6:82:d4:f6:8a:6a:7f:c5:a7:
84:b8:dd:54:3e:ca:d2:7a:72:fa:00:e5:bb:49:08:
20:60:8b:d2:34:0b:df:7c:36:0a:a1:8a:22:c0:36:
ed:d0:8d:b4:02:d5:5c:a2:12:07:a5:8e:82:75:e6:
7e:d2:90:ad:33:fb:cd:2f:c8:a8:0b:16:37:a3:2f:
8f:cc:a4:97:b6:a1:48:9b:c9:56:52:21:a0:c8:1a:
ce:32:34:56:65:2b:2e:5f:4e:b5:e6:b5:4b:bf:76:
9b:77:9d:a0:7e:e3:8b:2e:45:39:bf:6e:6b:2a:2e:
38:b8:b2:27:35:1c:e3:df:48:d2:60:70:11:9a:81:
34:88:61:69:96:8b:b9:3d:23:e4:c5:0f:95:cc:18:
39:4f:e9:c0:e6:07:5b:d2:04:da:3a:85:c4:ce:cd:
0d:1a:24:66:06:d5:3f:66:c5:76:91:fe:54:85:f3:
9d:f1:0d:20:a7:08:8a:37:33:be:2d:bd:6a:5a:9b:
82:22:a2:0f:db:81:3c:1f:49:25:41:71:58:45:d6:
70:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:84:15:43:89:73:28:0B:B6:02:7E:ED:BF:61:21:AB:DF:72:3A:F2
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/2oQVQ4lzKAu2An7tv2Ehq99yOvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.0.0/16
77.237.160.0/19
85.9.64.0/18
91.209.242.0/24
95.215.160.0/22
109.125.160.0/19
109.232.5.0-109.232.7.255
185.72.24.0/22
185.83.88.0/22
185.103.128.0/22
185.125.244.0-185.126.19.255
185.126.40.0/22
185.131.28.0/22
185.155.8.0/21
185.169.20.0/22
185.169.36.0/22
185.177.232.0/22
185.180.52.0/22
188.253.32.0-188.253.95.255
193.32.80.0/23
194.33.122.0/23
IPv6:
2001:4c88::/32
2a02:cd80::/29
2a07:8f00::/29
2a07:8f40::/29
2a0a:4e00::/29
Signature Algorithm: sha256WithRSAEncryption
bd:29:73:ef:50:aa:d0:22:6a:ad:75:a5:04:12:bb:79:82:eb:
ce:7c:c9:c4:fc:d0:7e:c6:3c:2c:4a:0c:92:bd:0d:70:b6:d0:
08:a7:ea:14:51:25:2f:78:7c:db:06:33:d7:03:f5:0d:f3:69:
5e:a9:cf:a1:72:83:62:5f:f4:46:41:1b:fc:55:c2:c0:26:88:
8c:e1:b0:d5:c3:cb:ba:56:de:1d:c5:b5:b1:8a:38:a8:be:d7:
77:ef:c6:c0:1f:b6:a5:76:20:5f:eb:98:51:42:19:13:52:a6:
52:93:ca:5c:92:42:44:33:5a:ec:01:f6:f9:48:b7:e4:20:11:
84:91:45:f9:fb:b3:e3:18:23:0d:da:f3:f3:c2:98:5d:8f:dc:
cb:bf:3b:d3:c9:e8:89:bc:96:ba:b7:0e:74:66:34:67:fe:0c:
17:cd:9a:88:ce:a7:9f:b5:35:a3:c8:99:c8:c1:14:ca:3f:1a:
9c:f0:b7:c5:c7:6e:cd:30:48:33:48:a4:a3:12:91:9e:54:ec:
d8:bd:c6:bc:ca:ad:db:85:50:64:ba:dd:d2:c2:f3:0a:3b:55:
a9:99:95:0c:f3:b6:b4:33:14:00:78:fc:06:49:c3:18:5a:5e:
c1:b4:f1:af:27:96:7a:e5:47:44:df:bf:d7:a9:a5:3a:a2:ed:
19:2a:39:91
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAYzDSMQkFLLdQTQWs2TqywMnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjQwMTAxMDQyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTg0MTU0Mzg5NzMyODBiYjYwMjdlZWRiZjYxMjFhYmRmNzIzYWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5N3dIPJzn8aUjClM7fzOiVjRma8H
Gf2JwgQEOf5xMVsay95AD8EcjLcs49ZMdN1Yye7mgtT2imp/xaeEuN1UPsrSenL6
AOW7SQggYIvSNAvffDYKoYoiwDbt0I20AtVcohIHpY6CdeZ+0pCtM/vNL8ioCxY3
oy+PzKSXtqFIm8lWUiGgyBrOMjRWZSsuX0615rVLv3abd52gfuOLLkU5v25rKi44
uLInNRzj30jSYHARmoE0iGFplou5PSPkxQ+VzBg5T+nA5gdb0gTaOoXEzs0NGiRm
BtU/ZsV2kf5UhfOd8Q0gpwiKNzO+Lb1qWpuCIqIP24E8H0klQXFYRdZwJwIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFNqEFUOJcygLtgJ+7b9hIavfcjryMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvMm9RVlE0bHpLQXUyQW43dHYyRWhxOTl5T3ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBnAQCAAEwgZUDAwAF
ygMEBU3toAMEBlUJQAMEAFvR8gMEAl/XoAMEBW19oDAMAwQAbegFAwQDbegAAwQC
uUgYAwQCuVNYAwQCuWeAMAwDBAK5ffQDBAK5fhADBAK5figDBAK5gxwDBAO5mwgD
BAK5qRQDBAK5qSQDBAK5segDBAK5tDQwDAMEBbz9IAMEBbz9QAMEAcEgUAMEAcIh
ejApBAIAAjAjAwUAIAFMiAMFAyoCzYADBQMqB48AAwUDKgePQAMFAyoKTgAwDQYJ
KoZIhvcNAQELBQADggEBAL0pc+9QqtAiaq11pQQSu3mC6858ycT80H7GPCxKDJK9
DXC20Ain6hRRJS94fNsGM9cD9Q3zaV6pz6Fyg2Jf9EZBG/xVwsAmiIzhsNXDy7pW
3h3FtbGKOKi+13fvxsAftqV2IF/rmFFCGRNSplKTylySQkQzWuwB9vlIt+QgEYSR
Rfn7s+MYIw3a8/PCmF2P3Mu/O9PJ6Im8lrq3DnRmNGf+DBfNmojOp5+1NaPImcjB
FMo/Gpzwt8XHbs0wSDNIpKMSkZ5U7Ni9xrzKrduFUGS63dLC8wo7VamZlQzztrQz
FAB4/AZJwxhaXsG08a8nlnrlR0Tfv9eppTqi7RkqOZE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org