Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/k5JY2MRcVZg9z1-b-50cPXD5lc0.roa
File: k5JY2MRcVZg9z1-b-50cPXD5lc0.roa (raw, json)
Hash identifier: Er/A2nzwv7bl47g+TPX/mrYu33fUnGVAoauOWhv4b+Y=
Subject key identifier: 93:92:58:D8:C4:5C:55:98:3D:CF:5F:9B:FB:9D:1C:3D:70:F9:95:CD
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 018C20DFB774166F62C70BB155ACC598CA57
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/k5JY2MRcVZg9z1-b-50cPXD5lc0.roa
Signing time: Thu 30 Nov 2023 15:36:21 +0000
ROA not before: Thu 30 Nov 2023 15:36:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34177
IP address blocks: 185.132.116.0/22 maxlen: 22
83.142.144.0/21 maxlen: 21
91.90.96.0/21 maxlen: 21
62.193.32.0/19 maxlen: 19
82.210.0.0/19 maxlen: 19
78.31.40.0/21 maxlen: 21
83.118.192.0/19 maxlen: 19
80.245.16.0/20 maxlen: 20
178.16.160.0/20 maxlen: 20
176.57.32.0/21 maxlen: 21
95.141.96.0/20 maxlen: 20
82.210.32.0/19 maxlen: 19
94.228.176.0/20 maxlen: 20
185.213.160.0/22 maxlen: 22
62.244.112.0/22 maxlen: 22
5.133.68.0/22 maxlen: 22
195.200.160.0/19 maxlen: 19
62.244.117.0/24 maxlen: 24
62.244.119.0/24 maxlen: 24
212.106.96.0/19 maxlen: 19
185.18.208.0/22 maxlen: 22
195.15.128.0/18 maxlen: 18
185.5.108.0/22 maxlen: 22
185.81.52.0/22 maxlen: 22
62.244.84.0/22 maxlen: 22
62.244.88.0/23 maxlen: 23
62.244.86.0/23 maxlen: 23
62.244.89.0/24 maxlen: 24
62.244.96.0/22 maxlen: 22
185.19.48.0/22 maxlen: 22
159.180.224.0/19 maxlen: 19
78.109.240.0/20 maxlen: 20
185.41.4.0/22 maxlen: 22
2001:ab8::/29 maxlen: 32
2a01:4e00::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:20:df:b7:74:16:6f:62:c7:0b:b1:55:ac:c5:98:ca:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Nov 30 15:36:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=939258d8c45c55983dcf5f9bfb9d1c3d70f995cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:89:77:4f:63:e1:8f:0f:bd:72:cf:00:e2:25:
36:f0:89:8a:fc:4a:90:c9:51:90:7e:52:b4:a1:a5:
42:64:d0:0d:a3:1f:d0:8d:d3:91:de:24:81:ac:c9:
1a:ae:d5:67:8d:b3:e6:cc:6a:fb:e3:fd:33:2e:c1:
91:97:c2:9f:51:a5:0d:ca:8b:68:b4:da:ff:c6:f3:
b9:ac:65:0a:35:df:ed:1f:09:23:e4:87:6a:13:f2:
8f:6a:9d:75:5e:f6:8c:fa:8f:2c:ee:a8:3a:b9:d9:
e9:4a:e5:3c:f8:6f:b6:3e:55:1b:5f:2b:2a:cb:b5:
d7:c8:33:ac:f3:7c:20:6d:f0:9a:87:65:53:0d:ff:
72:52:9b:0f:23:31:d2:4a:b4:f0:a4:1d:cc:66:fa:
98:bf:25:be:13:d9:02:a6:80:92:4b:08:39:2f:4c:
5d:3e:d9:4c:73:1d:e6:78:a3:ec:2d:90:58:9a:79:
0a:1f:cb:78:98:bf:d3:3a:bb:5b:6a:b2:e7:1f:14:
9b:2a:e5:68:a4:38:3c:22:cc:16:e0:90:19:97:01:
9b:c8:09:b1:84:e0:ec:f1:e6:85:28:2e:d1:a8:b4:
fc:2b:27:2e:c3:41:de:db:da:41:2d:c3:f4:e4:a9:
6e:b9:4d:13:40:38:10:0a:e4:15:fc:2b:96:73:7d:
1d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:92:58:D8:C4:5C:55:98:3D:CF:5F:9B:FB:9D:1C:3D:70:F9:95:CD
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/k5JY2MRcVZg9z1-b-50cPXD5lc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.68.0/22
62.193.32.0/19
62.244.84.0-62.244.89.255
62.244.96.0/22
62.244.112.0/22
62.244.117.0/24
62.244.119.0/24
78.31.40.0/21
78.109.240.0/20
80.245.16.0/20
82.210.0.0/18
83.118.192.0/19
83.142.144.0/21
91.90.96.0/21
94.228.176.0/20
95.141.96.0/20
159.180.224.0/19
176.57.32.0/21
178.16.160.0/20
185.5.108.0/22
185.18.208.0/22
185.19.48.0/22
185.41.4.0/22
185.81.52.0/22
185.132.116.0/22
185.213.160.0/22
195.15.128.0/18
195.200.160.0/19
212.106.96.0/19
IPv6:
2001:ab8::/29
2a01:4e00::/32
Signature Algorithm: sha256WithRSAEncryption
91:26:1a:cb:34:0c:14:66:73:fb:66:77:bd:16:38:f3:ea:33:
40:4e:f8:f5:50:59:41:91:5d:78:d6:10:42:06:0d:2d:d6:22:
c6:f5:02:ce:6f:21:32:a5:6d:df:5b:a6:96:97:7d:1f:99:27:
fd:d9:33:6f:da:75:3e:0e:fa:52:4c:7a:b2:51:f5:14:e8:bd:
be:83:31:5b:74:b2:88:0e:5c:d4:18:07:87:cb:40:6d:d7:3a:
9c:b2:bf:e9:62:d1:7e:c9:8d:16:ad:b6:da:9b:0e:c8:63:40:
ea:a2:84:42:f2:be:c2:ea:04:3d:21:39:86:11:7d:07:25:df:
d5:79:da:01:58:a7:cf:30:ee:b2:a3:8d:df:c1:93:fc:c3:92:
24:58:7e:c0:80:aa:a0:ed:bd:58:8b:68:e2:92:60:53:82:0b:
e4:30:48:59:94:1a:ba:6f:d0:0d:c9:17:7b:0c:14:4c:d8:2d:
f6:4f:3b:e6:c5:03:bb:a0:6d:eb:42:3b:76:3f:01:85:2d:cb:
41:9d:b6:67:d4:07:45:d6:cb:f3:ce:cc:b1:88:54:ae:27:1e:
38:a7:88:70:56:b1:18:f5:a9:1c:b2:b0:8f:6f:62:96:6c:26:
e2:3f:75:c6:93:99:60:1a:2c:c6:be:03:3d:cd:07:fb:b3:b8:
2a:bf:7b:49
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAYwg37d0Fm9ixwuxVazFmMpXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjMxMTMwMTUzNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzkyNThkOGM0NWM1NTk4M2RjZjVmOWJmYjlkMWMzZDcwZjk5NWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxol3T2Phjw+9cs8A4iU28ImK/EqQ
yVGQflK0oaVCZNANox/QjdOR3iSBrMkartVnjbPmzGr74/0zLsGRl8KfUaUNyoto
tNr/xvO5rGUKNd/tHwkj5IdqE/KPap11XvaM+o8s7qg6udnpSuU8+G+2PlUbXysq
y7XXyDOs83wgbfCah2VTDf9yUpsPIzHSSrTwpB3MZvqYvyW+E9kCpoCSSwg5L0xd
PtlMcx3meKPsLZBYmnkKH8t4mL/TOrtbarLnHxSbKuVopDg8IswW4JAZlwGbyAmx
hODs8eaFKC7RqLT8Kycuw0He29pBLcP05KluuU0TQDgQCuQV/CuWc30d1QIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFJOSWNjEXFWYPc9fm/udHD1w+ZXNMB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvazVKWTJNUmNWWmc5ejEtYi01MGNQWEQ1bGMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHpBggrBgEFBQcBBwEB/wSB2TCB1jCBvQQCAAEwgbYDBAIF
hUQDBAU+wSAwDAMEAj70VAMEAT70WAMEAj70YAMEAj70cAMEAD70dQMEAD70dwME
A04fKAMEBE5t8AMEBFD1EAMEBlLSAAMEBVN2wAMEA1OOkAMEA1taYAMEBF7ksAME
BF+NYAMEBZ+04AMEA7A5IAMEBLIQoAMEArkFbAMEArkS0AMEArkTMAMEArkpBAME
ArlRNAMEArmEdAMEArnVoAMEBsMPgAMEBcPIoAMEBdRqYDAUBAIAAjAOAwUDIAEK
uAMFACoBTgAwDQYJKoZIhvcNAQELBQADggEBAJEmGss0DBRmc/tmd70WOPPqM0BO
+PVQWUGRXXjWEEIGDS3WIsb1As5vITKlbd9bppaXfR+ZJ/3ZM2/adT4O+lJMerJR
9RTovb6DMVt0sogOXNQYB4fLQG3XOpyyv+li0X7JjRatttqbDshjQOqihELyvsLq
BD0hOYYRfQcl39V52gFYp88w7rKjjd/Bk/zDkiRYfsCAqqDtvViLaOKSYFOCC+Qw
SFmUGrpv0A3JF3sMFEzYLfZPO+bFA7ugbetCO3Y/AYUty0GdtmfUB0XWy/POzLGI
VK4nHjiniHBWsRj1qRyysI9vYpZsJuI/dcaTmWAaLMa+Az3NB/uzuCq/e0k=
-----END CERTIFICATE-----
Generated at Fri Dec 1 09:16:54 2023 by rpki-client on console-fra.rpki-client.org