Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/j2zq90lwNSnxVwOBHnTTSF7BmNc.roa
File: j2zq90lwNSnxVwOBHnTTSF7BmNc.roa (raw, json)
Hash identifier: zFbVqi4HM7PMWy1yk6H/zlKg6ubEMHJm5HaTWldK8EA=
Subject key identifier: 8F:6C:EA:F7:49:70:35:29:F1:57:03:81:1E:74:D3:48:5E:C1:98:D7
Certificate issuer: /CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Certificate serial: 01918E9480D85856F516E7CB6E64E9ACA321
Authority key identifier: E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/j2zq90lwNSnxVwOBHnTTSF7BmNc.roa
Signing time: Mon 26 Aug 2024 12:06:22 +0000
ROA not before: Mon 26 Aug 2024 12:06:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41937
IP address blocks: 5.134.104.0/21 maxlen: 24
46.235.96.0/21 maxlen: 24
62.240.24.0/21 maxlen: 24
87.250.32.0/19 maxlen: 24
91.185.96.0/19 maxlen: 24
91.204.52.0/22 maxlen: 24
92.244.128.0/19 maxlen: 19
109.72.48.0/20 maxlen: 24
109.94.228.0/22 maxlen: 24
109.94.232.0/21 maxlen: 24
109.122.64.0/18 maxlen: 24
109.198.0.0/19 maxlen: 24
178.79.0.0/18 maxlen: 24
178.237.208.0/20 maxlen: 24
178.250.136.0/21 maxlen: 24
185.10.140.0/22 maxlen: 24
185.26.172.0/22 maxlen: 24
185.34.92.0/22 maxlen: 24
185.103.136.0/22 maxlen: 24
185.112.20.0/22 maxlen: 24
185.179.136.0/22 maxlen: 24
2a00:8720::/32 maxlen: 48
2a00:cf00::/32 maxlen: 48
2a01:b800::/32 maxlen: 48
2a02:61a0::/32 maxlen: 48
2a03:fc40::/32 maxlen: 48
2a04:1dc0::/29 maxlen: 48
2a06:5b00::/29 maxlen: 48
2a06:63c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 26 Aug 2024 21:36:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8e:94:80:d8:58:56:f5:16:e7:cb:6e:64:e9:ac:a3:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Validity
Not Before: Aug 26 12:06:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f6ceaf749703529f15703811e74d3485ec198d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4b:be:d0:85:80:0e:0c:05:89:d9:cc:5f:1b:
ca:fa:1f:0a:70:ce:64:34:84:7c:e1:30:c5:5d:b1:
48:b5:cc:de:51:14:d9:e0:ce:7a:63:d3:37:56:53:
14:b1:ae:95:73:db:0d:a7:7e:43:39:30:46:0a:f7:
88:38:30:93:40:60:bf:38:49:96:58:dd:9e:72:71:
cc:d4:91:07:c2:78:99:be:a0:6d:e0:13:95:db:42:
c8:e3:dd:45:c5:72:a0:64:55:8d:62:b0:ab:1b:6b:
4a:0e:5d:46:e6:77:74:db:64:a6:19:70:7b:f8:d9:
52:56:75:1b:0a:27:a4:3c:c3:e3:c8:24:d5:a8:4b:
07:69:39:b3:16:8f:b3:dc:ce:9a:c2:ed:23:5d:50:
0a:6f:45:e5:49:51:fc:57:80:79:d1:2f:80:98:15:
33:b6:df:af:70:14:18:4e:25:43:ea:cf:73:ae:d6:
85:72:f7:68:f1:c1:f9:26:55:9c:76:d9:55:a7:7e:
0a:29:81:73:6e:51:6d:3b:5a:41:ca:b5:31:1d:38:
96:51:90:96:31:da:b7:9c:ee:01:43:96:40:1e:0c:
11:00:f9:10:98:1f:67:af:5d:37:74:08:60:aa:01:
19:88:b0:34:15:ec:75:90:b4:a0:e8:5f:d7:ae:73:
81:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:6C:EA:F7:49:70:35:29:F1:57:03:81:1E:74:D3:48:5E:C1:98:D7
X509v3 Authority Key Identifier:
keyid:E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/j2zq90lwNSnxVwOBHnTTSF7BmNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.104.0/21
46.235.96.0/21
62.240.24.0/21
87.250.32.0/19
91.185.96.0/19
91.204.52.0/22
92.244.128.0/19
109.72.48.0/20
109.94.228.0-109.94.239.255
109.122.64.0/18
109.198.0.0/19
178.79.0.0/18
178.237.208.0/20
178.250.136.0/21
185.10.140.0/22
185.26.172.0/22
185.34.92.0/22
185.103.136.0/22
185.112.20.0/22
185.179.136.0/22
IPv6:
2a00:8720::/32
2a00:cf00::/32
2a01:b800::/32
2a02:61a0::/32
2a03:fc40::/32
2a04:1dc0::/29
2a06:5b00::/29
2a06:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
89:bc:47:ef:5d:5d:34:44:22:55:b7:5f:0f:92:56:c3:a0:39:
5e:0e:d3:f6:82:31:19:94:af:5a:a8:b5:79:0e:ec:f3:6f:18:
6c:63:e7:0c:66:8c:5c:8a:c0:f4:82:26:c5:90:41:65:04:3f:
ee:f8:62:34:52:51:f7:9d:fa:e3:db:0c:3c:1c:00:31:0d:58:
1c:39:2f:48:e4:4f:8e:aa:7a:4e:47:6a:3a:d9:1d:a2:6c:f1:
df:20:4c:75:48:53:80:df:35:bb:be:47:8b:87:22:2e:7f:dc:
55:6d:3e:22:ff:a9:e6:90:ae:2c:28:37:15:d0:29:e7:99:2e:
59:1e:55:e6:ca:a4:5c:02:2d:da:ea:6c:8a:fd:2a:12:59:88:
b7:4a:f2:26:b5:4c:a3:56:cb:7f:a6:f6:29:2b:44:39:dd:74:
20:f2:be:7f:95:24:4d:15:a3:30:2d:32:09:d4:84:e4:f6:d3:
f7:5b:35:a1:05:8c:22:3e:33:d3:5b:58:e8:48:70:c8:cc:a9:
3b:8b:4e:84:41:42:08:04:df:f2:50:c1:94:e7:38:59:79:9a:
f6:f4:97:85:8e:cf:4f:ba:a9:dd:dd:57:4d:85:8f:09:cf:00:
ae:fc:39:d5:10:12:6c:84:75:5c:b4:44:34:fb:06:06:d7:e1:
0b:a9:28:3a
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAZGOlIDYWFb1FufLbmTprKMhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YjEzMjBmYmMyNGQ2ZjQzNjZjYjY0ZmNmNWVkMmQ3YjFi
NmJkZjcwHhcNMjQwODI2MTIwNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjZjZWFmNzQ5NzAzNTI5ZjE1NzAzODExZTc0ZDM0ODVlYzE5OGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0u+0IWADgwFidnMXxvK+h8KcM5k
NIR84TDFXbFItczeURTZ4M56Y9M3VlMUsa6Vc9sNp35DOTBGCveIODCTQGC/OEmW
WN2ecnHM1JEHwniZvqBt4BOV20LI491FxXKgZFWNYrCrG2tKDl1G5nd022SmGXB7
+NlSVnUbCiekPMPjyCTVqEsHaTmzFo+z3M6awu0jXVAKb0XlSVH8V4B50S+AmBUz
tt+vcBQYTiVD6s9zrtaFcvdo8cH5JlWcdtlVp34KKYFzblFtO1pByrUxHTiWUZCW
Mdq3nO4BQ5ZAHgwRAPkQmB9nr103dAhgqgEZiLA0Fex1kLSg6F/XrnOBbwIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFI9s6vdJcDUp8VcDgR5000hewZjXMB8GA1UdIwQY
MBaAFOmxMg+8JNb0Nmy2T89e0textr33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUt
ZDNlMjgwMGJkNjQwLzEvajJ6cTkwbHdOU254VndPQkhuVFRTRjdCbU5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUtZDNlMjgwMGJkNjQw
LzEvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBhwQCAAEwgYADBAMF
hmgDBAMu62ADBAM+8BgDBAVX+iADBAVbuWADBAJbzDQDBAVc9IADBARtSDAwDAME
Am1e5AMEBG1e4AMEBm16QAMEBW3GAAMEBrJPAAMEBLLt0AMEA7L6iAMEArkKjAME
ArkarAMEArkiXAMEArlniAMEArlwFAMEArmziDA+BAIAAjA4AwUAKgCHIAMFACoA
zwADBQAqAbgAAwUAKgJhoAMFACoD/EADBQMqBB3AAwUDKgZbAAMFAyoGY8AwDQYJ
KoZIhvcNAQELBQADggEBAIm8R+9dXTREIlW3Xw+SVsOgOV4O0/aCMRmUr1qotXkO
7PNvGGxj5wxmjFyKwPSCJsWQQWUEP+74YjRSUfed+uPbDDwcADENWBw5L0jkT46q
ek5HajrZHaJs8d8gTHVIU4DfNbu+R4uHIi5/3FVtPiL/qeaQriwoNxXQKeeZLlke
VebKpFwCLdrqbIr9KhJZiLdK8ia1TKNWy3+m9ikrRDnddCDyvn+VJE0VozAtMgnU
hOT20/dbNaEFjCI+M9NbWOhIcMjMqTuLToRBQggE3/JQwZTnOFl5mvb0l4WOz0+6
qd3dV02FjwnPAK78OdUQEmyEdVy0RDT7BgbX4QupKDo=
-----END CERTIFICATE-----
Generated at Mon Aug 26 23:15:22 2024 by rpki-client on console-fra.rpki-client.org