Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/r5z1_UGodmTQbVCc8fkN_-z-rs4.roa
File: r5z1_UGodmTQbVCc8fkN_-z-rs4.roa (raw, json)
Hash identifier: NFhYZoTsGdR/5eBv7YG4N6nSy5uMKAY5hMP4+srsF4s=
Subject key identifier: AF:9C:F5:FD:41:A8:76:64:D0:6D:50:9C:F1:F9:0D:FF:EC:FE:AE:CE
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 018BD28D702606078AC19187616306DA788E
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/r5z1_UGodmTQbVCc8fkN_-z-rs4.roa
Signing time: Wed 15 Nov 2023 10:36:06 +0000
ROA not before: Wed 15 Nov 2023 10:36:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5511
IP address blocks: 193.251.220.0/22 maxlen: 24
193.251.240.0/20 maxlen: 24
90.84.48.0/20 maxlen: 24
81.52.128.0/21 maxlen: 24
90.84.128.0/20 maxlen: 24
81.52.136.0/22 maxlen: 24
81.52.140.0/23 maxlen: 24
90.84.151.0/24 maxlen: 24
90.84.148.0/24 maxlen: 24
193.251.148.0/23 maxlen: 23
193.251.160.0/20 maxlen: 24
193.251.169.0/24 maxlen: 24
81.52.236.0/22 maxlen: 24
90.84.255.0/24 maxlen: 24
81.52.160.0/24 maxlen: 24
81.52.168.0/23 maxlen: 24
81.52.166.0/23 maxlen: 24
81.52.176.0/20 maxlen: 24
80.12.71.0/24 maxlen: 32
80.12.76.0/24 maxlen: 24
80.12.79.0/24 maxlen: 24
81.52.190.0/24 maxlen: 24
193.251.128.0/19 maxlen: 24
80.12.98.0/24 maxlen: 24
80.12.96.0/22 maxlen: 24
81.52.202.0/24 maxlen: 24
80.12.96.0/23 maxlen: 24
2a01:c000::/19 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d2:8d:70:26:06:07:8a:c1:91:87:61:63:06:da:78:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Nov 15 10:36:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af9cf5fd41a87664d06d509cf1f90dffecfeaece
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:71:66:ef:9a:d9:8d:4c:a4:ba:3c:c7:15:09:
33:d9:1f:8e:b9:a1:21:8c:4b:33:ac:02:ea:26:07:
2a:5f:5a:71:b3:d2:6f:de:80:66:a5:a8:31:1c:0b:
90:39:38:7d:fc:90:14:e8:35:9f:aa:37:d4:35:14:
d1:87:86:3a:3d:d5:d2:32:7a:bf:55:d4:a8:3a:5a:
d2:13:a2:f5:67:52:9c:9d:3a:c7:73:d6:e7:eb:eb:
60:14:6a:b4:5d:53:43:69:46:cf:67:9e:08:42:60:
a4:88:fe:16:b7:7a:1d:cb:9a:ca:ae:ad:8c:09:9c:
85:b8:2a:6a:f5:d0:6e:92:48:be:21:4c:da:3f:d5:
e2:56:24:ed:27:c1:97:c0:47:92:70:f5:de:dd:69:
d1:85:94:8a:6f:07:bd:4e:5f:a5:31:0e:e6:c6:d5:
76:ea:da:89:2c:e0:60:78:85:a0:1c:25:e4:d0:7c:
bd:99:40:23:56:b0:ef:d9:39:9e:c3:8d:c0:26:20:
67:3e:2f:d9:50:2a:86:d7:14:9d:8c:06:da:c3:33:
9b:45:4c:83:be:bf:18:cd:55:ad:31:06:4b:66:9b:
4e:c1:7b:46:15:af:ac:5c:a7:02:27:05:00:6b:dd:
e5:ec:0f:d6:f3:eb:e4:36:32:dd:71:4c:ed:a9:38:
fc:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:9C:F5:FD:41:A8:76:64:D0:6D:50:9C:F1:F9:0D:FF:EC:FE:AE:CE
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/r5z1_UGodmTQbVCc8fkN_-z-rs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.12.71.0/24
80.12.76.0/24
80.12.79.0/24
80.12.96.0/22
81.52.128.0-81.52.141.255
81.52.160.0/24
81.52.166.0-81.52.169.255
81.52.176.0/20
81.52.202.0/24
81.52.236.0/22
90.84.48.0/20
90.84.128.0/20
90.84.148.0/24
90.84.151.0/24
90.84.255.0/24
193.251.128.0-193.251.175.255
193.251.220.0/22
193.251.240.0/20
IPv6:
2a01:c000::/19
Signature Algorithm: sha256WithRSAEncryption
3d:74:fa:df:7a:ba:11:25:cb:c5:42:39:63:71:02:58:db:6c:
81:74:d4:cd:aa:24:68:96:c0:3c:7d:dc:d1:ce:0b:00:a6:9d:
59:2b:cb:75:98:f8:e2:39:d2:25:6a:e9:93:e1:b2:c5:a8:03:
70:e3:7c:8e:62:9b:c4:a0:56:89:a5:13:96:2b:74:eb:49:05:
4f:3d:5a:61:0a:c0:94:81:4e:ef:00:5e:e0:a8:15:eb:77:91:
5e:32:aa:f8:14:0e:7d:b4:6c:a7:f8:ba:54:92:f2:cc:de:cf:
b4:08:5a:e3:0b:81:0a:8f:15:c5:88:e2:47:a9:b1:8b:9a:8f:
be:61:83:a2:00:e0:b9:fd:70:fe:c6:5e:99:aa:37:bf:e5:d8:
8e:00:3f:dc:83:8e:04:5a:4d:7a:d4:6c:78:cb:06:a7:96:42:
4c:5f:2c:6b:cc:29:28:3d:e6:92:67:d8:fc:d9:14:51:c5:af:
04:55:68:45:02:8f:3c:c1:56:d3:2e:2a:26:a3:a8:fd:3d:3a:
44:4b:99:57:b7:f4:5f:15:8b:e3:be:f6:9b:54:45:d1:ac:01:
f4:84:ba:bf:71:70:4b:4b:cd:e5:82:e6:e3:a2:30:28:e2:84:
b1:6b:76:ed:6f:a8:c3:60:3f:88:9b:7c:97:e6:b0:7e:4f:8f:
4f:63:bf:15
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAYvSjXAmBgeKwZGHYWMG2niOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMxMTE1MTAzNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjljZjVmZDQxYTg3NjY0ZDA2ZDUwOWNmMWY5MGRmZmVjZmVhZWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3Fm75rZjUykujzHFQkz2R+OuaEh
jEszrALqJgcqX1pxs9Jv3oBmpagxHAuQOTh9/JAU6DWfqjfUNRTRh4Y6PdXSMnq/
VdSoOlrSE6L1Z1KcnTrHc9bn6+tgFGq0XVNDaUbPZ54IQmCkiP4Wt3ody5rKrq2M
CZyFuCpq9dBukki+IUzaP9XiViTtJ8GXwEeScPXe3WnRhZSKbwe9Tl+lMQ7mxtV2
6tqJLOBgeIWgHCXk0Hy9mUAjVrDv2Tmew43AJiBnPi/ZUCqG1xSdjAbawzObRUyD
vr8YzVWtMQZLZptOwXtGFa+sXKcCJwUAa93l7A/W8+vkNjLdcUztqTj8nwIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFK+c9f1BqHZk0G1QnPH5Df/s/q7OMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvcjV6MV9VR29kbVRRYlZDYzhma05fLXotcnM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBiwQCAAEwgYQDBABQ
DEcDBABQDEwDBABQDE8DBAJQDGAwDAMEB1E0gAMEAVE0jAMEAFE0oDAMAwQBUTSm
AwQBUTSoAwQEUTSwAwQAUTTKAwQCUTTsAwQEWlQwAwQEWlSAAwQAWlSUAwQAWlSX
AwQAWlT/MAwDBAfB+4ADBATB+6ADBALB+9wDBATB+/AwDAQCAAIwBgMEBSoBwDAN
BgkqhkiG9w0BAQsFAAOCAQEAPXT633q6ESXLxUI5Y3ECWNtsgXTUzaokaJbAPH3c
0c4LAKadWSvLdZj44jnSJWrpk+GyxagDcON8jmKbxKBWiaUTlit060kFTz1aYQrA
lIFO7wBe4KgV63eRXjKq+BQOfbRsp/i6VJLyzN7PtAha4wuBCo8VxYjiR6mxi5qP
vmGDogDguf1w/sZemao3v+XYjgA/3IOOBFpNetRseMsGp5ZCTF8sa8wpKD3mkmfY
/NkUUcWvBFVoRQKPPMFW0y4qJqOo/T06REuZV7f0XxWL4772m1RF0awB9IS6v3Fw
S0vN5YLm46IwKOKEsWt27W+ow2A/iJt8l+awfk+PT2O/FQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:52 2024 by rpki-client on console-fra.rpki-client.org