Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/S05A6wel9mx1RMTcUX73W2QaFak.roa
File: S05A6wel9mx1RMTcUX73W2QaFak.roa (raw, json)
Hash identifier: /QBo8sXmoWiUAcZis/SKFYMobjao12Jogh0lY83I50o=
Subject key identifier: 4B:4E:40:EB:07:A5:F6:6C:75:44:C4:DC:51:7E:F7:5B:64:1A:15:A9
Certificate issuer: /CN=56a4987bf8c6b4cdd657bbc2d0a5e13e9b626cb9
Certificate serial: 018F344722E68C0B7ED5D7EEE8D74FEE3987
Authority key identifier: 56:A4:98:7B:F8:C6:B4:CD:D6:57:BB:C2:D0:A5:E1:3E:9B:62:6C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VqSYe_jGtM3WV7vC0KXhPptibLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/S05A6wel9mx1RMTcUX73W2QaFak.roa
Signing time: Wed 01 May 2024 13:10:28 +0000
ROA not before: Wed 01 May 2024 13:10:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25133
IP address blocks: 37.139.160.0/22 maxlen: 22
37.139.164.0/22 maxlen: 22
37.139.168.0/24 maxlen: 24
37.139.169.0/24 maxlen: 24
37.139.170.0/24 maxlen: 24
37.139.171.0/24 maxlen: 24
37.139.172.0/24 maxlen: 24
37.139.173.0/24 maxlen: 24
37.139.174.0/24 maxlen: 24
37.139.175.0/24 maxlen: 24
37.139.176.0/24 maxlen: 24
37.139.177.0/24 maxlen: 24
37.139.178.0/24 maxlen: 24
37.139.179.0/24 maxlen: 24
37.139.180.0/22 maxlen: 22
37.139.184.0/22 maxlen: 22
37.139.188.0/22 maxlen: 22
45.95.164.0/22 maxlen: 22
45.143.48.0/22 maxlen: 22
45.153.208.0/22 maxlen: 22
45.158.48.0/22 maxlen: 22
46.255.32.0/22 maxlen: 22
46.255.36.0/22 maxlen: 22
78.137.0.0/19 maxlen: 19
78.137.32.0/24 maxlen: 24
78.137.33.0/24 maxlen: 24
78.137.34.0/24 maxlen: 24
78.137.35.0/24 maxlen: 24
78.137.36.0/22 maxlen: 22
78.137.40.0/21 maxlen: 21
78.137.48.0/20 maxlen: 20
83.142.48.0/22 maxlen: 22
89.200.232.0/21 maxlen: 21
91.105.207.0/24 maxlen: 24
91.211.136.0/22 maxlen: 22
91.217.144.0/24 maxlen: 24
91.244.0.0/18 maxlen: 18
92.43.80.0/22 maxlen: 22
92.118.220.0/22 maxlen: 22
103.35.160.0/22 maxlen: 22
103.237.44.0/22 maxlen: 22
109.227.64.0/18 maxlen: 18
109.227.64.0/19 maxlen: 19
109.227.96.0/19 maxlen: 19
152.89.20.0/22 maxlen: 22
176.67.0.0/19 maxlen: 19
178.216.16.0/21 maxlen: 21
185.3.148.0/22 maxlen: 22
185.3.148.0/24 maxlen: 24
185.3.149.0/24 maxlen: 24
185.3.150.0/24 maxlen: 24
185.3.151.0/24 maxlen: 24
185.41.192.0/22 maxlen: 22
185.41.192.0/23 maxlen: 23
185.41.194.0/23 maxlen: 23
185.62.96.0/22 maxlen: 22
185.96.28.0/22 maxlen: 22
185.103.40.0/22 maxlen: 22
185.103.40.0/23 maxlen: 23
185.103.42.0/23 maxlen: 23
185.128.92.0/22 maxlen: 22
185.176.108.0/22 maxlen: 22
185.176.112.0/22 maxlen: 22
185.203.244.0/22 maxlen: 22
185.208.112.0/22 maxlen: 22
185.220.94.0/23 maxlen: 23
185.228.100.0/22 maxlen: 22
193.106.80.0/22 maxlen: 22
194.1.220.0/23 maxlen: 23
212.55.64.0/22 maxlen: 22
212.55.68.0/22 maxlen: 22
212.55.72.0/23 maxlen: 23
212.55.74.0/23 maxlen: 23
212.55.76.0/22 maxlen: 22
212.55.80.0/22 maxlen: 22
212.55.84.0/23 maxlen: 23
212.55.86.0/23 maxlen: 23
212.55.88.0/22 maxlen: 22
212.55.92.0/22 maxlen: 22
213.108.52.0/22 maxlen: 22
217.115.96.0/21 maxlen: 21
217.115.104.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 03 May 2024 08:21:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:34:47:22:e6:8c:0b:7e:d5:d7:ee:e8:d7:4f:ee:39:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56a4987bf8c6b4cdd657bbc2d0a5e13e9b626cb9
Validity
Not Before: May 1 13:10:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b4e40eb07a5f66c7544c4dc517ef75b641a15a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:56:6b:93:fd:ed:95:3a:19:ec:f4:2e:b5:db:
77:71:ee:04:0e:30:c7:68:f7:e1:28:70:ca:4c:6d:
75:a5:62:81:5a:90:59:6b:17:71:29:78:33:41:14:
32:f0:90:b6:4f:13:70:d8:a2:44:c2:f5:7a:d6:8e:
8a:7d:0f:be:d3:68:a4:39:7f:95:dd:5a:84:61:cc:
d9:fe:dc:00:0a:57:b7:2b:35:36:f4:3f:a6:11:7b:
6e:3b:d6:ae:8a:5b:a6:73:16:ab:66:48:81:6b:9e:
20:2a:57:86:8d:a2:28:1a:37:9d:ce:c8:51:fd:aa:
a2:c5:00:83:fd:3c:3b:74:5e:78:a6:06:e1:d3:8f:
b8:86:f9:57:e1:e7:31:29:ae:66:53:18:fb:c5:b6:
2b:33:dc:f0:71:a7:0b:f9:49:3a:56:08:17:32:ff:
8b:04:76:85:55:b9:af:1f:9e:a2:15:88:67:10:f3:
d0:6f:48:2f:a8:19:67:21:60:9c:e2:a7:71:7d:e5:
3b:e3:68:db:4f:12:2a:bc:25:22:f8:a6:7d:13:6d:
74:24:a1:c3:d1:8c:2e:63:4a:e3:33:b8:c4:13:9b:
e2:ea:08:2d:eb:20:bb:f4:d3:a1:3f:55:f1:85:7b:
0c:91:e9:42:ad:15:96:18:84:e4:db:b6:72:78:28:
c5:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:4E:40:EB:07:A5:F6:6C:75:44:C4:DC:51:7E:F7:5B:64:1A:15:A9
X509v3 Authority Key Identifier:
keyid:56:A4:98:7B:F8:C6:B4:CD:D6:57:BB:C2:D0:A5:E1:3E:9B:62:6C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VqSYe_jGtM3WV7vC0KXhPptibLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/S05A6wel9mx1RMTcUX73W2QaFak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/VqSYe_jGtM3WV7vC0KXhPptibLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.160.0/19
45.95.164.0/22
45.143.48.0/22
45.153.208.0/22
45.158.48.0/22
46.255.32.0/21
78.137.0.0/18
83.142.48.0/22
89.200.232.0/21
91.105.207.0/24
91.211.136.0/22
91.217.144.0/24
91.244.0.0/18
92.43.80.0/22
92.118.220.0/22
103.35.160.0/22
103.237.44.0/22
109.227.64.0/18
152.89.20.0/22
176.67.0.0/19
178.216.16.0/21
185.3.148.0/22
185.41.192.0/22
185.62.96.0/22
185.96.28.0/22
185.103.40.0/22
185.128.92.0/22
185.176.108.0-185.176.115.255
185.203.244.0/22
185.208.112.0/22
185.220.94.0/23
185.228.100.0/22
193.106.80.0/22
194.1.220.0/23
212.55.64.0/19
213.108.52.0/22
217.115.96.0/20
Signature Algorithm: sha256WithRSAEncryption
4d:c8:70:e4:49:76:3d:f0:e8:38:86:df:8a:50:34:e5:62:a7:
a0:46:3e:67:be:58:9b:6a:19:c4:b0:34:c1:8d:1c:ce:4b:db:
a1:b4:7a:e0:6c:bb:e3:fd:ab:32:72:5c:38:a2:bd:6e:fb:67:
92:b6:58:e4:a9:52:bb:e0:00:ad:b9:44:58:30:9f:11:85:10:
e0:dc:23:5b:40:cf:52:4c:21:c7:89:c7:e9:2d:2a:a4:98:3c:
91:62:e2:e8:51:bd:35:a7:68:1d:3f:c4:f2:54:c6:14:80:af:
4a:25:52:11:66:f2:46:cc:7e:fb:08:5b:6e:4e:6d:12:e5:a0:
bb:98:8f:f4:e8:05:61:a4:78:6f:cd:4d:c5:a4:6f:a1:01:da:
42:22:e1:6b:8d:8c:26:3a:5a:1a:54:d0:2c:3a:9f:e1:8c:1a:
3a:d4:08:26:99:ed:c2:7c:74:36:ac:2c:a6:a7:92:ae:68:82:
4c:96:5e:89:ff:92:c9:6d:ef:99:bf:92:43:13:96:54:54:a6:
51:42:8b:23:f0:f9:47:a4:b9:9c:e6:0c:7b:6d:4c:fb:14:1f:
46:1b:32:e1:77:87:79:81:cf:2d:d2:00:03:fd:d3:8f:e4:e8:
64:df:fc:0d:a6:8e:08:7b:89:12:14:0f:75:2c:f1:6b:de:f1:
cc:07:57:da
-----BEGIN CERTIFICATE-----
MIIF4zCCBMugAwIBAgISAY80RyLmjAt+1dfu6NdP7jmHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YTQ5ODdiZjhjNmI0Y2RkNjU3YmJjMmQwYTVlMTNlOWI2
MjZjYjkwHhcNMjQwNTAxMTMxMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjRlNDBlYjA3YTVmNjZjNzU0NGM0ZGM1MTdlZjc1YjY0MWExNWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2VZrk/3tlToZ7PQutdt3ce4EDjDH
aPfhKHDKTG11pWKBWpBZaxdxKXgzQRQy8JC2TxNw2KJEwvV61o6KfQ++02ikOX+V
3VqEYczZ/twACle3KzU29D+mEXtuO9auilumcxarZkiBa54gKleGjaIoGjedzshR
/aqixQCD/Tw7dF54pgbh04+4hvlX4ecxKa5mUxj7xbYrM9zwcacL+Uk6VggXMv+L
BHaFVbmvH56iFYhnEPPQb0gvqBlnIWCc4qdxfeU742jbTxIqvCUi+KZ9E210JKHD
0YwuY0rjM7jEE5vi6ggt6yC79NOhP1XxhXsMkelCrRWWGITk27ZyeCjFAQIDAQAB
o4IC7zCCAuswHQYDVR0OBBYEFEtOQOsHpfZsdUTE3FF+91tkGhWpMB8GA1UdIwQY
MBaAFFakmHv4xrTN1le7wtCl4T6bYmy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnFTWWVfakd0TTNXVjd2QzBLWGhQcHRpYkxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84ODA5ZGQtNjY3YS00MDQ3LTgxMDQt
ZGU1ODY5OGI2NDcwLzEvUzA1QTZ3ZWw5bXgxUk1UY1VYNzNXMlFhRmFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi84ODA5ZGQtNjY3YS00MDQ3LTgxMDQtZGU1ODY5OGI2NDcw
LzEvVnFTWWVfakd0TTNXVjd2QzBLWGhQcHRpYkxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAwYIKwYBBQUHAQcBAf8EgfMwgfAwge0EAgABMIHmAwQF
JYugAwQCLV+kAwQCLY8wAwQCLZnQAwQCLZ4wAwQDLv8gAwQGTokAAwQCU44wAwQD
WcjoAwQAW2nPAwQCW9OIAwQAW9mQAwQGW/QAAwQCXCtQAwQCXHbcAwQCZyOgAwQC
Z+0sAwQGbeNAAwQCmFkUAwQFsEMAAwQDstgQAwQCuQOUAwQCuSnAAwQCuT5gAwQC
uWAcAwQCuWcoAwQCuYBcMAwDBAK5sGwDBAK5sHADBAK5y/QDBAK50HADBAG53F4D
BAK55GQDBALBalADBAHCAdwDBAXUN0ADBALVbDQDBATZc2AwDQYJKoZIhvcNAQEL
BQADggEBAE3IcORJdj3w6DiG34pQNOVip6BGPme+WJtqGcSwNMGNHM5L26G0euBs
u+P9qzJyXDiivW77Z5K2WOSpUrvgAK25RFgwnxGFEODcI1tAz1JMIceJx+ktKqSY
PJFi4uhRvTWnaB0/xPJUxhSAr0olUhFm8kbMfvsIW25ObRLloLuYj/ToBWGkeG/N
TcWkb6EB2kIi4WuNjCY6WhpU0Cw6n+GMGjrUCCaZ7cJ8dDasLKankq5ogkyWXon/
kslt75m/kkMTllRUplFCiyPw+UekuZzmDHttTPsUH0YbMuF3h3mBzy3SAAP904/k
6GTf/A2mjgh7iRIUD3Us8Wve8cwHV9o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:22 2024 by rpki-client on console-ams.rpki-client.org