Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/0nN-dB2X7XvwMMcrqYM7vgYJCeQ.roa
File: 0nN-dB2X7XvwMMcrqYM7vgYJCeQ.roa (raw, json)
Hash identifier: XnNkBQdogHvmINS576bsNciLCPKXcCU4IyOdP7txP/w=
Subject key identifier: D2:73:7E:74:1D:97:ED:7B:F0:30:C7:2B:A9:83:3B:BE:06:09:09:E4
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0191F9038D5F3597A8FB2EB8BDA2D8628483
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/0nN-dB2X7XvwMMcrqYM7vgYJCeQ.roa
Signing time: Mon 16 Sep 2024 04:07:25 +0000
ROA not before: Mon 16 Sep 2024 04:07:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.175.128.0/17 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
77.90.29.0/24 maxlen: 24
77.90.55.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
87.239.131.0/24 maxlen: 24
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.249.128.0/17 maxlen: 32
94.249.138.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Tue 17 Sep 2024 04:09:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f9:03:8d:5f:35:97:a8:fb:2e:b8:bd:a2:d8:62:84:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Sep 16 04:07:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2737e741d97ed7bf030c72ba9833bbe060909e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0b:26:da:35:6d:65:18:e2:66:41:d9:b6:69:
aa:41:29:34:c9:18:7e:e3:82:c2:30:b2:02:7d:f8:
9d:4b:7b:4e:5e:ae:db:1a:98:00:1e:b8:0d:83:56:
30:55:5c:ab:6a:75:f7:26:b2:01:36:36:0a:9c:ca:
28:dc:4e:73:4c:52:82:17:0c:20:e0:a7:b0:91:91:
13:25:af:5c:8d:07:e6:4c:29:06:f0:d2:e3:45:2d:
60:91:4d:27:10:ea:80:39:96:2e:e6:6b:f2:26:94:
86:a3:b7:5e:9b:4f:fd:9c:c1:82:07:63:77:84:1b:
8a:eb:87:23:77:4e:a7:ea:89:06:bb:9f:35:50:44:
c6:21:5b:05:22:ea:e1:ca:33:bc:d3:65:9c:4e:06:
5d:0d:88:2c:04:e2:fe:bf:0e:cc:74:b3:bd:3f:ff:
72:7b:bd:92:29:c8:d0:a4:9b:7f:4d:16:d6:00:3c:
70:69:fb:d8:76:a1:c9:0b:31:c2:13:c7:48:34:bd:
cb:cc:03:61:e7:12:7c:21:3a:aa:50:12:9e:ef:86:
1b:3f:2e:50:91:17:53:2f:74:5e:44:58:0a:1b:6c:
37:53:de:c0:d0:c3:12:48:72:1d:bb:57:e5:1a:11:
30:2c:20:0e:36:9d:2c:83:a6:85:5a:c4:29:64:a4:
85:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:73:7E:74:1D:97:ED:7B:F0:30:C7:2B:A9:83:3B:BE:06:09:09:E4
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/0nN-dB2X7XvwMMcrqYM7vgYJCeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/17
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
b4:80:6c:d0:42:29:fc:4f:88:3f:3f:36:d4:db:e3:ec:40:00:
ca:41:70:ac:b5:9e:99:bf:36:db:46:38:1b:2b:e9:0a:ac:1b:
58:b9:ad:7e:c6:c0:84:53:42:e6:17:ef:7e:d7:f5:5d:d3:d5:
86:62:6e:22:53:e5:3f:a6:d3:de:c6:b9:e1:b8:4c:fd:cb:9f:
3a:8a:eb:07:78:19:de:5f:7a:9b:f6:50:c6:7f:6a:d1:9c:58:
59:57:06:7c:a7:ed:e8:90:c9:bb:ef:3c:9b:97:25:77:14:ae:
d1:9e:1e:b0:9e:d0:80:2f:46:22:2f:e1:3b:93:c8:16:c6:7a:
7c:8c:4f:81:7d:db:b2:e0:86:58:bd:ad:1e:f8:c9:c2:bc:28:
21:19:40:94:e4:5c:c5:21:89:7a:92:4e:93:ee:d0:f6:15:3f:
8d:e9:78:cd:cf:38:04:80:8c:bf:5c:c6:c9:5e:0a:c6:12:eb:
d6:66:76:e4:c9:b2:17:96:ef:5b:74:a9:70:df:d9:54:d3:6f:
4d:a1:b5:3d:63:44:1a:ff:19:f2:8b:88:ab:df:ca:ef:af:7c:
55:93:2b:ab:ab:38:54:fa:2e:b8:8b:11:6b:7b:35:d1:4d:94:
29:44:67:ee:73:0d:1f:02:fa:0d:74:14:f4:19:87:cc:6c:c0:
8d:35:f8:e7
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZH5A41fNZeo+y64vaLYYoSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwOTE2MDQwNzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjczN2U3NDFkOTdlZDdiZjAzMGM3MmJhOTgzM2JiZTA2MDkwOWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygsm2jVtZRjiZkHZtmmqQSk0yRh+
44LCMLICffidS3tOXq7bGpgAHrgNg1YwVVyranX3JrIBNjYKnMoo3E5zTFKCFwwg
4KewkZETJa9cjQfmTCkG8NLjRS1gkU0nEOqAOZYu5mvyJpSGo7dem0/9nMGCB2N3
hBuK64cjd06n6okGu581UETGIVsFIurhyjO802WcTgZdDYgsBOL+vw7MdLO9P/9y
e72SKcjQpJt/TRbWADxwafvYdqHJCzHCE8dINL3LzANh5xJ8ITqqUBKe74YbPy5Q
kRdTL3ReRFgKG2w3U97A0MMSSHIdu1flGhEwLCAONp0sg6aFWsQpZKSF2wIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFNJzfnQdl+178DDHK6mDO74GCQnkMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvMG5OLWRCMlg3WHZ3TU1jcnFZTTd2Z1lKQ2VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTB9BAIAATB3AwQFBVOA
AwQHBa+AAwMBBeYDBAZNWgADBANT81ADBAVVXQADBANVdqADBANX74ADBAVZakAD
BAZZkAADBAReZ6ADBAde+YADBAJf1yADBASyEpADBAK5DZwDBAG5L4wDBAC5eUcD
BADBHPsDBAHDbg4DBATZRaAwMAQCAAIwKgMFAyoAEtgDBQMqABnQAwUAKgDNwAMF
AyoBvUADBQMqAgegAwUDKgIvwDANBgkqhkiG9w0BAQsFAAOCAQEAtIBs0EIp/E+I
Pz821Nvj7EAAykFwrLWemb8220Y4GyvpCqwbWLmtfsbAhFNC5hfvftf1XdPVhmJu
IlPlP6bT3sa54bhM/cufOorrB3gZ3l96m/ZQxn9q0ZxYWVcGfKft6JDJu+88m5cl
dxSu0Z4esJ7QgC9GIi/hO5PIFsZ6fIxPgX3bsuCGWL2tHvjJwrwoIRlAlORcxSGJ
epJOk+7Q9hU/jel4zc84BICMv1zGyV4KxhLr1mZ25MmyF5bvW3SpcN/ZVNNvTaG1
PWNEGv8Z8ouIq9/K7698VZMrq6s4VPouuIsRa3s10U2UKURn7nMNHwL6DXQU9BmH
zGzAjTX45w==
-----END CERTIFICATE-----
Generated at Tue Sep 17 06:37:42 2024 by rpki-client on console-ams.rpki-client.org