Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/po35MAzcVYZurE2ZREinozg8Bts.roa
File: po35MAzcVYZurE2ZREinozg8Bts.roa (raw, json)
Hash identifier: eQQkXMLrbMCPd60Sx2x3McCz2GGMuNYk/Tr/u5vhHvs=
Subject key identifier: A6:8D:F9:30:0C:DC:55:86:6E:AC:4D:99:44:48:A7:A3:38:3C:06:DB
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EEB4BEFB58392A1B8E64E4B3956DCBD8B
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/po35MAzcVYZurE2ZREinozg8Bts.roa
Signing time: Wed 17 Apr 2024 09:03:26 +0000
ROA not before: Wed 17 Apr 2024 09:03:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15468
IP address blocks: 5.143.176.0/20 maxlen: 21
5.143.184.0/21 maxlen: 21
31.172.192.0/19 maxlen: 19
31.172.192.0/20 maxlen: 20
31.172.192.0/21 maxlen: 21
31.172.200.0/21 maxlen: 21
31.172.208.0/20 maxlen: 20
31.172.208.0/21 maxlen: 21
31.172.216.0/21 maxlen: 21
62.148.128.0/19 maxlen: 19
62.148.128.0/20 maxlen: 20
62.148.144.0/20 maxlen: 20
94.242.128.0/18 maxlen: 18
94.242.128.0/19 maxlen: 19
94.242.128.0/20 maxlen: 20
94.242.144.0/20 maxlen: 20
94.242.144.0/24 maxlen: 24
94.242.145.0/24 maxlen: 24
94.242.148.0/24 maxlen: 24
94.242.149.0/24 maxlen: 24
94.242.150.0/24 maxlen: 24
94.242.151.0/24 maxlen: 24
94.242.160.0/19 maxlen: 19
94.242.160.0/20 maxlen: 20
94.242.176.0/20 maxlen: 20
95.107.16.0/20 maxlen: 20
95.107.16.0/21 maxlen: 21
95.107.24.0/21 maxlen: 21
95.107.112.0/20 maxlen: 20
95.107.112.0/21 maxlen: 21
95.107.120.0/21 maxlen: 21
109.225.0.0/18 maxlen: 18
109.225.0.0/19 maxlen: 19
109.225.0.0/20 maxlen: 20
109.225.16.0/20 maxlen: 20
109.225.32.0/19 maxlen: 19
212.106.32.0/19 maxlen: 19
212.106.32.0/20 maxlen: 20
212.106.32.0/21 maxlen: 21
212.106.40.0/21 maxlen: 21
212.106.48.0/20 maxlen: 20
212.106.48.0/21 maxlen: 21
212.106.56.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 23 Apr 2024 10:45:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:eb:4b:ef:b5:83:92:a1:b8:e6:4e:4b:39:56:dc:bd:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 17 09:03:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a68df9300cdc55866eac4d994448a7a3383c06db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:74:14:f2:90:1c:bd:dd:00:56:25:5d:78:4c:
ff:90:ae:ac:86:08:e9:36:b7:0e:e4:a6:45:2a:9e:
d5:33:a1:0e:e6:a9:73:9a:d5:e9:16:d0:fe:6e:b4:
46:85:98:ce:b6:45:27:f9:a5:d6:85:6b:0f:17:c5:
97:31:b5:52:c8:b4:45:26:96:62:c8:b4:d8:bb:a2:
61:fb:3c:df:c6:af:65:da:c1:59:41:d2:eb:d8:d2:
e8:f3:8e:05:22:ea:e6:ac:d8:24:df:08:fe:3d:81:
3d:6f:ae:9e:ba:65:ef:7f:6e:2b:26:95:e3:da:05:
0c:d7:0d:19:96:45:fb:14:bd:c6:6f:c2:64:76:9a:
ac:73:3a:be:54:71:08:24:02:64:fd:88:d7:93:2e:
ce:33:ef:de:72:c8:74:8a:75:6d:cd:3c:a6:67:5e:
0c:c7:34:4c:c3:1f:41:e4:0e:a4:7d:aa:9c:ac:ce:
3b:72:c4:7d:36:91:fb:5d:6a:54:1b:af:d1:c6:fb:
fc:48:eb:60:2a:3f:b0:f2:71:cd:9a:6b:bb:1e:5a:
9f:71:53:ab:95:58:36:0b:6a:9c:85:08:1a:b9:b4:
a4:90:71:f1:cf:15:cb:15:74:12:26:91:ba:11:31:
ad:09:1a:88:98:53:fd:d9:08:33:07:2a:21:ca:d5:
81:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:8D:F9:30:0C:DC:55:86:6E:AC:4D:99:44:48:A7:A3:38:3C:06:DB
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/po35MAzcVYZurE2ZREinozg8Bts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.143.176.0/20
31.172.192.0/19
62.148.128.0/19
94.242.128.0/18
95.107.16.0/20
95.107.112.0/20
109.225.0.0/18
212.106.32.0/19
Signature Algorithm: sha256WithRSAEncryption
96:76:c2:13:28:ac:b5:34:ff:e0:c6:be:97:c4:cb:ff:70:fd:
68:83:8f:96:c3:48:30:98:ca:5b:f9:28:b6:9c:ad:07:41:ab:
da:03:cb:db:e8:f4:15:19:9c:6b:1f:df:b1:1c:c4:8a:64:00:
f1:8a:a4:60:7d:93:af:d6:48:af:57:8f:2d:3a:ab:c0:64:3f:
1b:bb:70:d4:47:d9:5b:79:32:d4:2f:db:46:d8:9c:c5:ce:f1:
4b:2d:96:13:fd:0a:9d:9a:e7:97:77:9d:c3:67:22:7e:50:7a:
cb:75:7c:db:d3:ac:6b:46:3a:27:c7:7a:8e:10:fe:71:da:0d:
9b:76:f6:7e:03:b6:0d:ac:4d:8f:bd:75:66:1c:b1:dc:7d:6f:
de:ad:a2:aa:35:86:d4:aa:75:87:f7:09:56:3a:61:e9:3a:dc:
15:cc:96:9d:28:b8:3d:88:4f:71:fc:64:32:02:43:ab:62:5f:
1d:a5:a2:0d:eb:0d:ab:40:6d:a2:c3:f6:61:70:76:35:51:5b:
94:ff:59:b4:fc:1c:86:00:a3:e1:1e:0d:06:88:00:a2:7f:9a:
dc:b8:93:24:3f:fc:fc:5d:b2:5b:a4:d7:d2:a4:cd:be:68:0c:
70:42:5f:ae:79:5c:a0:9c:ea:c1:40:57:de:21:09:35:b3:63:
e7:ce:70:2c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY7rS++1g5KhuOZOSzlW3L2LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDE3MDkwMzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjhkZjkzMDBjZGM1NTg2NmVhYzRkOTk0NDQ4YTdhMzM4M2MwNmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHQU8pAcvd0AViVdeEz/kK6shgjp
NrcO5KZFKp7VM6EO5qlzmtXpFtD+brRGhZjOtkUn+aXWhWsPF8WXMbVSyLRFJpZi
yLTYu6Jh+zzfxq9l2sFZQdLr2NLo844FIurmrNgk3wj+PYE9b66eumXvf24rJpXj
2gUM1w0ZlkX7FL3Gb8Jkdpqsczq+VHEIJAJk/YjXky7OM+/ecsh0inVtzTymZ14M
xzRMwx9B5A6kfaqcrM47csR9NpH7XWpUG6/Rxvv8SOtgKj+w8nHNmmu7HlqfcVOr
lVg2C2qchQgaubSkkHHxzxXLFXQSJpG6ETGtCRqImFP92QgzByohytWBuQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKaN+TAM3FWGbqxNmURIp6M4PAbbMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvcG8zNU1BemNWWVp1ckUyWlJFaW5vemc4QnRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQEBY+wAwQF
H6zAAwQFPpSAAwQGXvKAAwQEX2sQAwQEX2twAwQGbeEAAwQF1GogMA0GCSqGSIb3
DQEBCwUAA4IBAQCWdsITKKy1NP/gxr6XxMv/cP1og4+Ww0gwmMpb+Si2nK0HQava
A8vb6PQVGZxrH9+xHMSKZADxiqRgfZOv1kivV48tOqvAZD8bu3DUR9lbeTLUL9tG
2JzFzvFLLZYT/QqdmueXd53DZyJ+UHrLdXzb06xrRjonx3qOEP5x2g2bdvZ+A7YN
rE2PvXVmHLHcfW/eraKqNYbUqnWH9wlWOmHpOtwVzJadKLg9iE9x/GQyAkOrYl8d
paIN6w2rQG2iw/ZhcHY1UVuU/1m0/ByGAKPhHg0GiACif5rcuJMkP/z8XbJbpNfS
pM2+aAxwQl+ueVygnOrBQFfeIQk1s2PnznAs
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:56 2024 by rpki-client on console-fra.rpki-client.org