Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/rxv9QmrWYezoW6htVFT7brZizOk.roa
File: rxv9QmrWYezoW6htVFT7brZizOk.roa (raw, json)
Hash identifier: 59teAKPgDSvAW8r0TK/9TwY43CyiAmHl6qnxdQQQsLc=
Subject key identifier: AF:1B:FD:42:6A:D6:61:EC:E8:5B:A8:6D:54:54:FB:6E:B6:62:CC:E9
Certificate issuer: /CN=e7133dcaf2b1ebf5dade5a33aa1b2fb99d2689ba
Certificate serial: 018AB4C09F8059AAD2BE3FA19CDA30A5943F
Authority key identifier: E7:13:3D:CA:F2:B1:EB:F5:DA:DE:5A:33:AA:1B:2F:B9:9D:26:89:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5xM9yvKx6_Xa3lozqhsvuZ0mibo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/rxv9QmrWYezoW6htVFT7brZizOk.roa
Signing time: Wed 20 Sep 2023 22:40:37 +0000
ROA not before: Wed 20 Sep 2023 22:40:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 151.186.189.0/24 maxlen: 24
151.186.187.0/24 maxlen: 24
151.186.188.0/24 maxlen: 24
151.186.192.0/24 maxlen: 24
151.186.190.0/24 maxlen: 24
151.186.191.0/24 maxlen: 24
151.186.192.0/20 maxlen: 24
151.186.193.0/24 maxlen: 24
151.186.196.0/24 maxlen: 24
151.186.194.0/24 maxlen: 24
151.186.195.0/24 maxlen: 24
151.186.199.0/24 maxlen: 24
151.186.197.0/24 maxlen: 24
151.186.198.0/24 maxlen: 24
151.186.203.0/24 maxlen: 24
151.186.201.0/24 maxlen: 24
151.186.202.0/24 maxlen: 24
151.186.206.0/24 maxlen: 24
151.186.204.0/24 maxlen: 24
151.186.205.0/24 maxlen: 24
151.186.200.0/24 maxlen: 24
151.186.207.0/24 maxlen: 24
151.186.172.0/22 maxlen: 24
151.186.172.0/24 maxlen: 24
151.186.176.0/20 maxlen: 24
151.186.175.0/24 maxlen: 24
151.186.176.0/24 maxlen: 24
151.186.173.0/24 maxlen: 24
151.186.174.0/24 maxlen: 24
151.186.178.0/24 maxlen: 24
151.186.179.0/24 maxlen: 24
151.186.177.0/24 maxlen: 24
151.186.182.0/24 maxlen: 24
151.186.180.0/24 maxlen: 24
151.186.181.0/24 maxlen: 24
151.186.185.0/24 maxlen: 24
151.186.186.0/24 maxlen: 24
151.186.183.0/24 maxlen: 24
151.186.184.0/24 maxlen: 24
2a04:e4c4:5::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b4:c0:9f:80:59:aa:d2:be:3f:a1:9c:da:30:a5:94:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7133dcaf2b1ebf5dade5a33aa1b2fb99d2689ba
Validity
Not Before: Sep 20 22:40:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af1bfd426ad661ece85ba86d5454fb6eb662cce9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:91:6c:2e:ac:1d:79:eb:2f:14:39:74:72:a0:
ed:37:70:1d:a9:b6:60:8b:92:9e:5b:62:25:30:5d:
e3:08:61:15:0c:d1:6d:64:77:56:8e:ed:b1:0e:cb:
5b:ca:19:0d:57:fa:40:be:73:36:7e:ef:74:8e:04:
d0:53:3e:bc:40:3e:81:32:32:3f:41:80:93:79:e5:
7d:cc:75:6d:01:09:ae:15:59:4d:fb:08:6a:c3:5c:
23:f3:1a:51:04:ab:8b:97:f1:45:ae:e7:89:d0:de:
5b:d6:82:5a:ae:e6:d7:4a:20:d3:73:6a:ed:8d:41:
97:1d:96:22:ed:3d:c0:57:86:3a:2d:52:a6:e6:d4:
b6:2d:ea:ff:b7:cb:f6:74:43:05:1b:a0:6e:3c:bb:
4f:61:7e:e5:c0:e0:53:f0:c6:1a:22:69:03:b3:dc:
62:59:78:a4:73:93:ba:07:e8:d2:f0:8a:e6:dd:39:
66:cc:f7:98:7d:c3:ec:fe:3a:fd:88:66:b3:24:30:
bd:e5:03:13:29:ac:e5:89:8e:34:a7:0e:64:58:b0:
17:31:dc:a2:83:e5:59:2d:5b:02:0b:59:a0:c2:af:
27:ff:f8:de:cd:65:e6:c2:e9:c8:12:1d:aa:17:40:
1d:b7:5c:aa:db:74:5d:67:d2:22:15:4a:dd:3b:d5:
81:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:1B:FD:42:6A:D6:61:EC:E8:5B:A8:6D:54:54:FB:6E:B6:62:CC:E9
X509v3 Authority Key Identifier:
keyid:E7:13:3D:CA:F2:B1:EB:F5:DA:DE:5A:33:AA:1B:2F:B9:9D:26:89:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5xM9yvKx6_Xa3lozqhsvuZ0mibo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/rxv9QmrWYezoW6htVFT7brZizOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/5xM9yvKx6_Xa3lozqhsvuZ0mibo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.186.172.0-151.186.207.255
IPv6:
2a04:e4c4:5::/48
Signature Algorithm: sha256WithRSAEncryption
8d:4d:d0:b4:bc:74:47:95:6a:3c:d9:ac:4d:6c:7a:83:10:cc:
f8:f0:d4:e3:2e:31:e1:41:94:1d:2d:67:62:d5:b1:fc:26:92:
0f:39:7e:15:27:72:1c:0a:c5:a3:77:d1:12:9c:d8:95:ac:70:
83:31:a8:06:90:ed:3d:ba:d7:d8:44:8a:91:f4:31:6b:ba:d4:
a3:d6:e4:01:1b:40:bc:b8:9b:8f:01:18:6b:36:c3:13:97:13:
fa:e1:6e:c0:b8:24:1f:cd:ad:1b:8c:ca:c5:ef:49:ac:14:f6:
3f:e3:d1:21:27:7b:dd:60:3c:7c:84:b7:6b:bf:aa:58:89:f0:
80:15:e2:9b:1d:ff:31:83:b7:68:57:4a:39:a1:c1:fa:a5:25:
be:bf:f5:60:31:bc:fb:3e:04:fe:40:86:ef:52:f8:e8:01:e8:
02:ae:33:06:01:31:a4:f8:f8:0c:79:d7:2d:d5:13:34:2b:78:
dd:77:0d:b3:f3:7b:51:1a:26:b1:ec:7b:9b:73:27:29:1e:34:
03:12:78:11:0d:80:2b:d5:9e:98:5f:b6:9d:18:af:1c:0f:72:
28:fc:d5:5f:82:31:1f:4f:60:7a:03:a6:87:16:6c:f0:6f:1b:
f7:a2:0c:7b:fa:39:f4:71:4a:13:35:3e:a6:e2:19:21:bb:ac:
71:f0:a1:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYq0wJ+AWarSvj+hnNowpZQ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MTMzZGNhZjJiMWViZjVkYWRlNWEzM2FhMWIyZmI5OWQy
Njg5YmEwHhcNMjMwOTIwMjI0MDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjFiZmQ0MjZhZDY2MWVjZTg1YmE4NmQ1NDU0ZmI2ZWI2NjJjY2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5FsLqwdeesvFDl0cqDtN3AdqbZg
i5KeW2IlMF3jCGEVDNFtZHdWju2xDstbyhkNV/pAvnM2fu90jgTQUz68QD6BMjI/
QYCTeeV9zHVtAQmuFVlN+whqw1wj8xpRBKuLl/FFrueJ0N5b1oJarubXSiDTc2rt
jUGXHZYi7T3AV4Y6LVKm5tS2Ler/t8v2dEMFG6BuPLtPYX7lwOBT8MYaImkDs9xi
WXikc5O6B+jS8Irm3TlmzPeYfcPs/jr9iGazJDC95QMTKazliY40pw5kWLAXMdyi
g+VZLVsCC1mgwq8n//jezWXmwunIEh2qF0Adt1yq23RdZ9IiFUrdO9WBAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8b/UJq1mHs6FuobVRU+262YszpMB8GA1UdIwQY
MBaAFOcTPcrysev12t5aM6obL7mdJom6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXhNOXl2S3g2X1hhM2xvenFoc3Z1WjBtaWJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi81ZTRkZjgtYWU4Yy00NGE3LWJkNmUt
MTljZTQ2YTQyZmE0LzEvcnh2OVFtcldZZXpvVzZodFZGVDdiclppek9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi81ZTRkZjgtYWU4Yy00NGE3LWJkNmUtMTljZTQ2YTQyZmE0
LzEvNXhNOXl2S3g2X1hhM2xvenFoc3Z1WjBtaWJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAKXuqwD
BASXusAwDwQCAAIwCQMHACoE5MQABTANBgkqhkiG9w0BAQsFAAOCAQEAjU3QtLx0
R5VqPNmsTWx6gxDM+PDU4y4x4UGUHS1nYtWx/CaSDzl+FSdyHArFo3fREpzYlaxw
gzGoBpDtPbrX2ESKkfQxa7rUo9bkARtAvLibjwEYazbDE5cT+uFuwLgkH82tG4zK
xe9JrBT2P+PRISd73WA8fIS3a7+qWInwgBXimx3/MYO3aFdKOaHB+qUlvr/1YDG8
+z4E/kCG71L46AHoAq4zBgExpPj4DHnXLdUTNCt43XcNs/N7URomsex7m3MnKR40
AxJ4EQ2AK9WemF+2nRivHA9yKPzVX4IxH09gegOmhxZs8G8b96IMe/o59HFKEzU+
puIZIbuscfChhw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org