Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/JrcDNnpWLLCwkQGYzC65cs-kFvM.roa
File: JrcDNnpWLLCwkQGYzC65cs-kFvM.roa (raw, json)
Hash identifier: QCwL+d1bxuAwmorUl7uGWUKWbtEDLRRYi2qAW74Quvs=
Subject key identifier: 26:B7:03:36:7A:56:2C:B0:B0:91:01:98:CC:2E:B9:72:CF:A4:16:F3
Certificate issuer: /CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Certificate serial: 01856EA6A01069251E6AA8F324D17B60B065
Authority key identifier: 99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/JrcDNnpWLLCwkQGYzC65cs-kFvM.roa
Signing time: Sun 01 Jan 2023 18:44:51 +0000
ROA not before: Sun 01 Jan 2023 18:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6848
IP address blocks: 195.162.192.0/19 maxlen: 19
212.76.224.0/19 maxlen: 19
188.188.0.0/15 maxlen: 15
78.29.192.0/18 maxlen: 18
213.132.128.0/19 maxlen: 19
81.82.0.0/15 maxlen: 15
195.16.0.0/19 maxlen: 19
46.253.160.0/20 maxlen: 20
141.134.0.0/15 maxlen: 15
62.205.64.0/18 maxlen: 18
185.30.52.0/22 maxlen: 22
178.116.0.0/14 maxlen: 14
78.20.0.0/14 maxlen: 14
5.23.128.0/17 maxlen: 17
188.95.146.0/23 maxlen: 23
212.88.224.0/19 maxlen: 19
85.28.64.0/18 maxlen: 18
84.192.0.0/13 maxlen: 13
83.217.128.0/19 maxlen: 19
213.214.32.0/19 maxlen: 19
213.251.64.0/18 maxlen: 18
185.23.244.0/22 maxlen: 22
213.224.0.0/16 maxlen: 16
217.168.120.0/21 maxlen: 21
212.123.0.0/19 maxlen: 19
82.143.64.0/18 maxlen: 18
94.224.0.0/14 maxlen: 14
213.118.0.0/15 maxlen: 15
81.164.0.0/15 maxlen: 15
195.130.128.0/19 maxlen: 19
217.72.224.0/20 maxlen: 20
188.44.64.0/19 maxlen: 19
185.248.41.0/24 maxlen: 24
185.248.40.0/22 maxlen: 22
2a02:1800::/24 maxlen: 24
2a00:1cf8::/32 maxlen: 32
2a02:1800:101::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 09 Nov 2023 12:44:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:a0:10:69:25:1e:6a:a8:f3:24:d1:7b:60:b0:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Validity
Not Before: Jan 1 18:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=26b703367a562cb0b0910198cc2eb972cfa416f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:6f:09:d3:3a:2c:c1:ec:42:a7:7a:fe:68:0e:
39:f0:86:79:b2:c7:76:bf:60:97:bc:66:1a:b7:e7:
01:15:57:2b:da:fd:a0:d5:6b:cd:86:a7:26:dd:27:
16:35:06:96:74:f9:fa:18:45:70:24:44:79:60:c8:
22:17:5c:6f:b6:eb:cd:b8:7b:78:75:d2:ff:e7:52:
61:44:b1:91:ae:00:98:be:fd:1f:c7:90:e9:d9:da:
57:6a:2a:14:9e:3f:24:e1:9a:f2:7f:b1:17:80:ee:
1c:35:00:cf:86:b1:eb:9d:25:9d:5d:d9:67:e2:26:
0d:c0:8e:19:15:d6:01:ca:6c:07:8c:a7:82:89:63:
e2:41:18:0a:41:1a:f7:4b:38:89:69:13:24:c5:c7:
7c:ef:f4:04:df:0e:4b:51:d1:d8:82:00:37:da:76:
65:60:2f:59:16:2d:d9:59:e3:42:54:48:6e:c2:9d:
9b:f4:8f:37:98:29:e8:5f:cd:1e:cb:6a:2b:2a:0d:
db:57:db:59:06:d1:07:97:8f:55:ae:f5:c1:ca:29:
45:d3:50:ae:49:f0:5d:ee:82:a7:1b:52:b7:33:81:
5f:ba:8d:91:86:f8:ff:8d:ab:99:e5:ec:bd:39:a9:
4a:11:75:bf:90:e8:3e:2e:6e:fe:c3:13:b0:d7:80:
91:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:B7:03:36:7A:56:2C:B0:B0:91:01:98:CC:2E:B9:72:CF:A4:16:F3
X509v3 Authority Key Identifier:
keyid:99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/JrcDNnpWLLCwkQGYzC65cs-kFvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.128.0/17
46.253.160.0/20
62.205.64.0/18
78.20.0.0/14
78.29.192.0/18
81.82.0.0/15
81.164.0.0/15
82.143.64.0/18
83.217.128.0/19
84.192.0.0/13
85.28.64.0/18
94.224.0.0/14
141.134.0.0/15
178.116.0.0/14
185.23.244.0/22
185.30.52.0/22
185.248.40.0/22
188.44.64.0/19
188.95.146.0/23
188.188.0.0/15
195.16.0.0/19
195.130.128.0/19
195.162.192.0/19
212.76.224.0/19
212.88.224.0/19
212.123.0.0/19
213.118.0.0/15
213.132.128.0/19
213.214.32.0/19
213.224.0.0/16
213.251.64.0/18
217.72.224.0/20
217.168.120.0/21
IPv6:
2a00:1cf8::/32
2a02:1800::/24
Signature Algorithm: sha256WithRSAEncryption
0f:04:86:bc:92:ce:c2:70:bf:9c:92:81:42:d8:73:17:fa:a5:
b8:0e:38:15:63:4f:0a:3a:83:6d:b3:25:21:37:ec:af:85:63:
ba:7b:f4:ad:9e:b9:80:cc:f8:28:ab:cc:6b:a3:28:cb:6b:ae:
5f:9e:6c:ae:4b:b5:8f:35:3a:78:6d:69:26:28:33:4e:d9:2e:
8a:1b:e6:fb:d2:80:b3:53:07:59:5e:06:05:0f:a0:7f:ac:28:
a0:88:79:69:ff:81:e0:bd:f4:43:23:09:d6:4b:e5:f0:08:5c:
00:b8:55:1e:44:a0:78:6f:b8:2a:27:69:e2:9d:d4:ee:df:0d:
86:e9:d8:42:ae:d1:33:ea:16:b9:a1:d8:55:10:ee:85:f1:e6:
ef:31:17:64:fa:f2:12:af:fa:fa:7c:52:c7:dc:01:06:ba:dc:
78:c8:2f:c4:99:9d:5b:3b:d6:0e:47:c4:a1:a7:5a:31:f7:2c:
12:28:d5:f1:92:cb:c7:11:42:e4:61:00:1e:64:68:18:6e:61:
75:a7:ed:ee:de:e3:ad:66:b3:52:ad:f9:4a:5a:ce:fa:68:b9:
66:e7:91:09:a2:42:65:76:eb:d5:d5:d5:67:8d:08:78:da:9b:
f7:aa:6c:1c:e6:6a:44:a6:04:15:a9:91:c0:3c:d3:4e:5f:0a:
5b:b1:0b:5d
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgISAYVupqAQaSUeaqjzJNF7YLBlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5OWRmN2RjMGVkNTE4ZjFlYzY5OTc0Y2Y5OGNlY2FhZGEx
YTg2ODAwHhcNMjMwMTAxMTg0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmI3MDMzNjdhNTYyY2IwYjA5MTAxOThjYzJlYjk3MmNmYTQxNmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA628J0zoswexCp3r+aA458IZ5ssd2
v2CXvGYat+cBFVcr2v2g1WvNhqcm3ScWNQaWdPn6GEVwJER5YMgiF1xvtuvNuHt4
ddL/51JhRLGRrgCYvv0fx5Dp2dpXaioUnj8k4Zryf7EXgO4cNQDPhrHrnSWdXdln
4iYNwI4ZFdYBymwHjKeCiWPiQRgKQRr3SziJaRMkxcd87/QE3w5LUdHYggA32nZl
YC9ZFi3ZWeNCVEhuwp2b9I83mCnoX80ey2orKg3bV9tZBtEHl49VrvXByilF01Cu
SfBd7oKnG1K3M4Ffuo2Rhvj/jauZ5ey9OalKEXW/kOg+Lm7+wxOw14CRzwIDAQAB
o4IC2TCCAtUwHQYDVR0OBBYEFCa3AzZ6ViywsJEBmMwuuXLPpBbzMB8GA1UdIwQY
MBaAFJmd99wO1Rjx7GmXTPmM7KraGoaAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYt
MTM4Yjc4N2RlM2UzLzEvSnJjRE5ucFdMTEN3a1FHWXpDNjVjcy1rRnZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYtMTM4Yjc4N2RlM2Uz
LzEvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHuBggrBgEFBQcBBwEB/wSB3jCB2zCBwwQCAAEwgbwDBAcF
F4ADBAQu/aADBAY+zUADAwJOFAMEBk4dwAMDAVFSAwMBUaQDBAZSj0ADBAVT2YAD
AwNUwAMEBlUcQAMDAl7gAwMBjYYDAwKydAMEArkX9AMEArkeNAMEArn4KAMEBbws
QAMEAbxfkgMDAby8AwQFwxAAAwQFw4KAAwQFw6LAAwQF1EzgAwQF1FjgAwQF1HsA
AwMB1XYDBAXVhIADBAXV1iADAwDV4AMEBtX7QAMEBNlI4AMEA9moeDATBAIAAjAN
AwUAKgAc+AMEACoCGDANBgkqhkiG9w0BAQsFAAOCAQEADwSGvJLOwnC/nJKBQthz
F/qluA44FWNPCjqDbbMlITfsr4Vjunv0rZ65gMz4KKvMa6Moy2uuX55srku1jzU6
eG1pJigzTtkuihvm+9KAs1MHWV4GBQ+gf6wooIh5af+B4L30QyMJ1kvl8AhcALhV
HkSgeG+4Kidp4p3U7t8NhunYQq7RM+oWuaHYVRDuhfHm7zEXZPryEq/6+nxSx9wB
BrrceMgvxJmdWzvWDkfEoadaMfcsEijV8ZLLxxFC5GEAHmRoGG5hdaft7t7jrWaz
Uq35SlrO+mi5ZueRCaJCZXbr1dXVZ40IeNqb96psHOZqRKYEFamRwDzTTl8KW7EL
XQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:30 2024 by rpki-client on console-ams.rpki-client.org