Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/0lpdU2qSZtxank81q-Ln8lYYNs0.roa
File: 0lpdU2qSZtxank81q-Ln8lYYNs0.roa (raw, json)
Hash identifier: gluahBBFgNJYYSWgQOQdejxQJ+9bNPtUgfwdpwmxxz8=
Subject key identifier: D2:5A:5D:53:6A:92:66:DC:5A:9E:4F:35:AB:E2:E7:F2:56:18:36:CD
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 018CC64B85DB4954F2C35705F1E992558024
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/0lpdU2qSZtxank81q-Ln8lYYNs0.roa
Signing time: Mon 01 Jan 2024 18:31:27 +0000
ROA not before: Mon 01 Jan 2024 18:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43939
IP address blocks: 178.252.0.0/18 maxlen: 25
194.242.0.0/23 maxlen: 24
89.187.224.0/19 maxlen: 24
193.19.122.0/23 maxlen: 24
194.150.238.0/23 maxlen: 24
188.114.95.0/24 maxlen: 24
77.87.136.0/21 maxlen: 24
193.107.196.0/22 maxlen: 22
93.181.128.0/18 maxlen: 24
193.151.64.0/23 maxlen: 23
193.151.64.0/22 maxlen: 24
83.143.96.0/21 maxlen: 24
91.220.225.0/24 maxlen: 24
91.146.192.0/18 maxlen: 24
193.227.100.0/24 maxlen: 24
84.234.32.0/20 maxlen: 24
89.200.152.0/21 maxlen: 24
217.197.64.0/20 maxlen: 24
193.238.40.0/22 maxlen: 24
62.69.192.0/18 maxlen: 18
194.187.180.0/22 maxlen: 24
80.238.64.0/19 maxlen: 25
185.2.36.0/22 maxlen: 24
91.150.128.0/19 maxlen: 24
178.214.128.0/19 maxlen: 19
90.156.0.0/17 maxlen: 24
77.88.128.0/18 maxlen: 24
84.234.0.0/20 maxlen: 24
193.58.232.0/24 maxlen: 24
194.146.128.0/22 maxlen: 24
91.142.192.0/20 maxlen: 24
193.105.180.0/24 maxlen: 24
84.38.96.0/20 maxlen: 24
87.99.0.0/18 maxlen: 24
5.57.128.0/18 maxlen: 20
195.225.248.0/22 maxlen: 24
91.215.228.0/22 maxlen: 24
95.155.64.0/18 maxlen: 24
194.33.185.0/24 maxlen: 24
194.6.204.0/22 maxlen: 24
195.222.100.0/22 maxlen: 24
195.74.56.0/22 maxlen: 24
87.239.72.0/21 maxlen: 21
91.145.128.0/18 maxlen: 25
85.202.208.0/20 maxlen: 24
193.239.224.0/23 maxlen: 24
195.128.180.0/23 maxlen: 24
83.142.56.0/21 maxlen: 21
193.138.140.0/22 maxlen: 22
91.195.232.0/23 maxlen: 24
91.202.172.0/22 maxlen: 24
2a00:1d18::/32 maxlen: 32
2a02:2270::/32 maxlen: 36
Validation: Failed, certificate revoked on Wed 31 Jan 2024 11:04:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:85:db:49:54:f2:c3:57:05:f1:e9:92:55:80:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 1 18:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d25a5d536a9266dc5a9e4f35abe2e7f2561836cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:7c:67:03:94:94:f9:29:f8:23:ab:fa:3b:5e:
9b:c8:ef:95:78:17:31:c8:df:2c:77:84:9d:7e:fc:
0f:53:af:95:44:86:fb:00:4f:c9:a4:2e:ed:71:7b:
32:23:ad:f3:3d:e1:a6:e2:d1:c7:29:1b:73:15:12:
d6:70:a8:1e:79:ba:02:11:42:c4:4d:7c:2b:e8:35:
b3:f2:94:d2:5d:89:84:5f:c2:55:e1:69:4e:54:91:
e7:b0:8e:49:1d:45:be:5f:3c:84:1f:ea:7b:17:a0:
ab:e0:e3:9e:10:b3:9a:f5:ea:ca:f4:8f:2a:2c:1f:
87:5c:c9:68:ae:56:c1:e2:b4:e7:cb:3d:a2:cf:89:
a1:4c:4d:cc:36:56:cc:00:79:3d:90:a0:98:2e:05:
57:db:4f:59:57:7e:77:2d:44:00:3b:69:1f:a3:5b:
d2:07:f3:ed:ea:b7:b7:6b:37:ed:35:88:2e:76:98:
c8:cd:60:5f:21:b6:b5:2a:28:f5:0b:30:d2:98:71:
64:16:6a:f1:4c:4f:87:e1:59:72:fc:8e:ae:a6:af:
67:ee:51:35:17:c4:3a:86:67:b2:52:55:d9:ab:94:
2d:cf:fe:72:ea:ed:89:3e:b9:6d:38:7a:00:8c:d6:
9e:a8:a2:4c:05:e6:07:92:cd:34:47:ed:31:f2:58:
7d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:5A:5D:53:6A:92:66:DC:5A:9E:4F:35:AB:E2:E7:F2:56:18:36:CD
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/0lpdU2qSZtxank81q-Ln8lYYNs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.128.0/18
62.69.192.0/18
77.87.136.0/21
77.88.128.0/18
80.238.64.0/19
83.142.56.0/21
83.143.96.0/21
84.38.96.0/20
84.234.0.0/20
84.234.32.0/20
85.202.208.0/20
87.99.0.0/18
87.239.72.0/21
89.187.224.0/19
89.200.152.0/21
90.156.0.0/17
91.142.192.0/20
91.145.128.0/18
91.146.192.0/18
91.150.128.0/19
91.195.232.0/23
91.202.172.0/22
91.215.228.0/22
91.220.225.0/24
93.181.128.0/18
95.155.64.0/18
178.214.128.0/19
178.252.0.0/18
185.2.36.0/22
188.114.95.0/24
193.19.122.0/23
193.58.232.0/24
193.105.180.0/24
193.107.196.0/22
193.138.140.0/22
193.151.64.0/22
193.227.100.0/24
193.238.40.0/22
193.239.224.0/23
194.6.204.0/22
194.33.185.0/24
194.146.128.0/22
194.150.238.0/23
194.187.180.0/22
194.242.0.0/23
195.74.56.0/22
195.128.180.0/23
195.222.100.0/22
195.225.248.0/22
217.197.64.0/20
IPv6:
2a00:1d18::/32
2a02:2270::/32
Signature Algorithm: sha256WithRSAEncryption
79:f2:dd:94:e3:ad:2f:ec:4a:69:d5:dd:8c:d0:55:79:80:7f:
23:9c:a8:b6:9a:dc:75:e3:b7:cb:41:aa:b6:df:c9:93:7f:3a:
1c:f8:db:a1:4f:ca:92:36:0a:f6:18:3d:d0:ac:ef:37:36:8c:
3b:30:0a:f0:1a:ef:df:54:45:28:50:52:d5:a5:b1:e3:1e:84:
c3:89:40:04:9e:f4:bd:79:38:72:37:ae:bc:20:60:ab:5c:5d:
8d:03:09:98:a9:ef:98:88:c2:16:59:8e:b1:b8:e6:95:c8:08:
6c:5f:5c:27:e4:16:5a:a4:fb:f5:90:2d:19:65:7d:e1:0a:32:
db:98:21:c4:33:48:b7:6b:ec:ed:15:0a:3c:2c:6c:98:50:e7:
47:24:28:2d:e6:24:c0:e2:ba:6e:72:ac:82:f6:97:27:49:de:
41:04:a8:27:45:86:11:95:33:9c:81:43:9a:50:ab:d3:4d:cf:
f2:56:8f:ed:97:40:be:65:2e:58:71:d0:a4:82:2d:51:5f:aa:
ab:94:80:c6:46:80:0a:09:6f:4f:5c:c9:b8:52:08:78:a8:0c:
14:39:97:e7:12:5c:98:c0:90:1f:6f:db:68:20:81:54:8f:0d:
50:c2:2c:29:9c:8a:dd:6a:ec:71:54:31:77:07:d4:00:ff:7a:
3e:8d:02:f6
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgISAYzGS4XbSVTyw1cF8emSVYAkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjQwMTAxMTgzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjVhNWQ1MzZhOTI2NmRjNWE5ZTRmMzVhYmUyZTdmMjU2MTgzNmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnxnA5SU+Sn4I6v6O16byO+VeBcx
yN8sd4SdfvwPU6+VRIb7AE/JpC7tcXsyI63zPeGm4tHHKRtzFRLWcKgeeboCEULE
TXwr6DWz8pTSXYmEX8JV4WlOVJHnsI5JHUW+XzyEH+p7F6Cr4OOeELOa9erK9I8q
LB+HXMlorlbB4rTnyz2iz4mhTE3MNlbMAHk9kKCYLgVX209ZV353LUQAO2kfo1vS
B/Pt6re3azftNYgudpjIzWBfIba1Kij1CzDSmHFkFmrxTE+H4Vly/I6upq9n7lE1
F8Q6hmeyUlXZq5Qtz/5y6u2JPrltOHoAjNaeqKJMBeYHks00R+0x8lh92wIDAQAB
o4IDTzCCA0swHQYDVR0OBBYEFNJaXVNqkmbcWp5PNavi5/JWGDbNMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvMGxwZFUycVNadHhhbms4MXEtTG44bFlZTnMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBYwYIKwYBBQUHAQcBAf8EggFSMIIBTjCCATQEAgABMIIB
LAMEBgU5gAMEBj5FwAMEA01XiAMEBk1YgAMEBVDuQAMEA1OOOAMEA1OPYAMEBFQm
YAMEBFTqAAMEBFTqIAMEBFXK0AMEBldjAAMEA1fvSAMEBVm74AMEA1nImAMEB1qc
AAMEBFuOwAMEBluRgAMEBluSwAMEBVuWgAMEAVvD6AMEAlvKrAMEAlvX5AMEAFvc
4QMEBl21gAMEBl+bQAMEBbLWgAMEBrL8AAMEArkCJAMEALxyXwMEAcETegMEAME6
6AMEAMFptAMEAsFrxAMEAsGKjAMEAsGXQAMEAMHjZAMEAsHuKAMEAcHv4AMEAsIG
zAMEAMIhuQMEAsKSgAMEAcKW7gMEAsK7tAMEAcLyAAMEAsNKOAMEAcOAtAMEAsPe
ZAMEAsPh+AMEBNnFQDAUBAIAAjAOAwUAKgAdGAMFACoCInAwDQYJKoZIhvcNAQEL
BQADggEBAHny3ZTjrS/sSmnV3YzQVXmAfyOcqLaa3HXjt8tBqrbfyZN/Ohz426FP
ypI2CvYYPdCs7zc2jDswCvAa799URShQUtWlseMehMOJQASe9L15OHI3rrwgYKtc
XY0DCZip75iIwhZZjrG45pXICGxfXCfkFlqk+/WQLRllfeEKMtuYIcQzSLdr7O0V
CjwsbJhQ50ckKC3mJMDium5yrIL2lydJ3kEEqCdFhhGVM5yBQ5pQq9NNz/JWj+2X
QL5lLlhx0KSCLVFfqquUgMZGgAoJb09cybhSCHioDBQ5l+cSXJjAkB9v22gggVSP
DVDCLCmcit1q7HFUMXcH1AD/ej6NAvY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:21 2024 by rpki-client on console-ams.rpki-client.org