Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/0h8YszjJfesUeJUHqikBXIgCxLA.roa
File: 0h8YszjJfesUeJUHqikBXIgCxLA.roa (raw, json)
Hash identifier: mDtcSe/UzPsWOF4bjqazSUmWJcDO96lA/z9xWs8pqDk=
Subject key identifier: D2:1F:18:B3:38:C9:7D:EB:14:78:95:07:AA:29:01:5C:88:02:C4:B0
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019000545EC2AFC6D99190E8E710FD7A7812
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/0h8YszjJfesUeJUHqikBXIgCxLA.roa
Signing time: Mon 10 Jun 2024 04:07:27 +0000
ROA not before: Mon 10 Jun 2024 04:07:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/20 maxlen: 32
5.83.151.0/24 maxlen: 32
5.175.128.0/17 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
77.90.3.0/24 maxlen: 24
77.90.4.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.249.128.0/17 maxlen: 32
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Mon 10 Jun 2024 20:46:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:00:54:5e:c2:af:c6:d9:91:90:e8:e7:10:fd:7a:78:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jun 10 04:07:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d21f18b338c97deb14789507aa29015c8802c4b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f8:2e:46:b7:b8:49:9a:48:fd:c0:9e:4e:3f:
08:9c:b7:77:32:38:03:84:33:0c:09:69:80:17:5e:
d0:9f:29:64:49:8d:11:ba:0b:e6:2f:0d:5f:dc:47:
f6:cc:2b:69:00:80:9f:3b:89:f0:78:dd:af:d8:5e:
40:b2:c3:ff:9c:05:66:0b:b2:08:93:1b:11:fe:39:
73:8f:85:52:df:b6:5d:a0:fc:86:e7:0c:9f:5f:1d:
56:24:15:ba:5f:c6:f4:7a:63:42:a3:c6:77:32:27:
dd:a7:84:63:1b:24:f3:a0:ac:79:21:c4:0d:bd:30:
31:12:a4:02:00:9c:75:f3:3d:25:d7:c6:8c:fe:74:
4b:68:a8:15:96:47:cb:43:40:38:8a:f0:cf:21:72:
3a:78:4d:0e:b1:74:4a:cd:f3:b4:7f:5f:9c:e4:5d:
5c:15:8a:c5:b3:fd:5e:ce:7b:90:83:04:6d:44:22:
0f:28:79:9b:9b:9b:a6:ac:57:76:83:95:ce:91:2a:
04:3d:8e:d3:4d:e2:44:24:46:8c:aa:8d:8d:2e:93:
55:30:09:b2:64:a6:2e:9f:bb:87:15:65:bf:a6:fc:
ec:9d:e8:83:5d:02:ea:91:fb:8b:b6:d7:2e:f9:52:
e5:cb:ed:36:31:54:13:24:df:13:a7:87:fb:03:5e:
fb:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:1F:18:B3:38:C9:7D:EB:14:78:95:07:AA:29:01:5C:88:02:C4:B0
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/0h8YszjJfesUeJUHqikBXIgCxLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/20
5.83.151.0/24
5.175.128.0/17
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
63:e0:6e:4b:81:09:8d:77:58:d3:79:7a:38:e9:0d:e6:4c:95:
79:cf:a5:74:84:b2:83:1d:25:a1:86:62:0d:4c:f7:c1:a4:62:
1b:7e:eb:46:4d:dd:c9:66:48:54:20:01:e5:ea:76:a1:f9:0c:
78:f6:90:ee:a9:54:e4:41:91:e3:0b:a9:d2:e5:f9:13:ab:63:
0a:dd:ae:50:9b:90:d6:d7:69:b5:9e:53:36:81:7a:dd:a8:d4:
04:df:8c:0e:03:dc:d2:b3:98:0b:af:18:7f:78:5c:f3:44:ef:
0e:0f:15:e4:be:73:7c:1e:a0:68:94:7d:38:40:61:a2:67:39:
ff:43:9a:3d:ac:8f:08:9b:c4:14:ec:6e:36:4b:a7:ee:ad:13:
45:c7:9c:15:da:ae:65:83:76:e8:be:2b:5e:a2:35:dd:3b:d9:
9b:d6:60:9a:d2:da:63:7f:9c:49:fe:75:0c:b6:93:0b:75:e3:
89:77:cf:7f:aa:68:28:8b:3c:0a:e6:0d:a9:0f:6e:35:a5:a5:
c2:6b:a0:00:0f:2c:ac:91:5b:08:58:92:7b:f3:28:a4:92:13:
4f:ad:90:ea:fa:83:06:70:ea:f9:a2:49:6c:40:08:5d:f6:cf:
01:96:df:e5:ec:60:8c:5f:f4:aa:cc:96:97:57:bb:4a:54:8b:
18:34:4f:51
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAZAAVF7Cr8bZkZDo5xD9engSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwNjEwMDQwNzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjFmMThiMzM4Yzk3ZGViMTQ3ODk1MDdhYTI5MDE1Yzg4MDJjNGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPguRre4SZpI/cCeTj8InLd3MjgD
hDMMCWmAF17QnylkSY0RugvmLw1f3Ef2zCtpAICfO4nweN2v2F5AssP/nAVmC7II
kxsR/jlzj4VS37ZdoPyG5wyfXx1WJBW6X8b0emNCo8Z3Mifdp4RjGyTzoKx5IcQN
vTAxEqQCAJx18z0l18aM/nRLaKgVlkfLQ0A4ivDPIXI6eE0OsXRKzfO0f1+c5F1c
FYrFs/1eznuQgwRtRCIPKHmbm5umrFd2g5XOkSoEPY7TTeJEJEaMqo2NLpNVMAmy
ZKYun7uHFWW/pvzsneiDXQLqkfuLttcu+VLly+02MVQTJN8Tp4f7A177SwIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFNIfGLM4yX3rFHiVB6opAVyIAsSwMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvMGg4WXN6akpmZXNVZUpVSHFpa0JYSWdDeExBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBgwQCAAEwfQMEBAVT
gAMEAAVTlwMEBwWvgAMDAQXmAwQGTVoAAwQDU/NQAwQFVV0AAwQDVXagAwQDV++A
AwQFWWpAAwQGWZAAAwQEXmegAwQHXvmAAwQCX9cgAwQEshKQAwQCuQ2cAwQBuS+M
AwQAuXlHAwQAwRz7AwQBw24OAwQE2UWgMDAEAgACMCoDBQMqABLYAwUDKgAZ0AMF
ACoAzcADBQMqAb1AAwUDKgIHoAMFAyoCL8AwDQYJKoZIhvcNAQELBQADggEBAGPg
bkuBCY13WNN5ejjpDeZMlXnPpXSEsoMdJaGGYg1M98GkYht+60ZN3clmSFQgAeXq
dqH5DHj2kO6pVORBkeMLqdLl+ROrYwrdrlCbkNbXabWeUzaBet2o1ATfjA4D3NKz
mAuvGH94XPNE7w4PFeS+c3weoGiUfThAYaJnOf9Dmj2sjwibxBTsbjZLp+6tE0XH
nBXarmWDdui+K16iNd072ZvWYJrS2mN/nEn+dQy2kwt144l3z3+qaCiLPArmDakP
bjWlpcJroAAPLKyRWwhYknvzKKSSE0+tkOr6gwZw6vmiSWxACF32zwGW3+XsYIxf
9KrMlpdXu0pUixg0T1E=
-----END CERTIFICATE-----
Generated at Mon Jun 10 22:36:09 2024 by rpki-client on console-ams.rpki-client.org