Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/AtVA5FVyuaNJNk8YQDd10nDeaq0.roa
File: AtVA5FVyuaNJNk8YQDd10nDeaq0.roa (raw, json)
Hash identifier: gjoodz693fzGGbJKJiMCHEXop9SPSvpU4SMGjGkDfuI=
Subject key identifier: 02:D5:40:E4:55:72:B9:A3:49:36:4F:18:40:37:75:D2:70:DE:6A:AD
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0192593E0199BC4AA4A52E18019B7A51064A
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/AtVA5FVyuaNJNk8YQDd10nDeaq0.roa
Signing time: Fri 04 Oct 2024 20:34:48 +0000
ROA not before: Fri 04 Oct 2024 20:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.134.0/24 maxlen: 24
5.83.141.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.175.128.0/17 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
77.90.38.0/24 maxlen: 24
77.90.48.0/24 maxlen: 24
77.90.55.0/24 maxlen: 24
77.90.60.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.249.128.0/17 maxlen: 32
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Fri 04 Oct 2024 21:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:59:3e:01:99:bc:4a:a4:a5:2e:18:01:9b:7a:51:06:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Oct 4 20:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02d540e45572b9a349364f18403775d270de6aad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:93:1b:e4:c8:9f:e6:55:a4:db:43:08:4b:e4:
08:32:90:29:d2:a3:7c:f3:33:9a:b7:c2:cf:7d:d6:
b5:75:64:8c:2f:ca:e6:43:a1:3a:03:06:e4:65:66:
b3:de:60:8e:f0:f8:6f:ee:41:64:f4:1d:38:3c:2b:
e6:fa:87:1e:80:14:b4:3c:2c:f2:d6:05:8a:fa:9d:
cf:ee:a5:86:cf:f1:da:9c:f9:54:33:d7:27:2e:1c:
ab:a8:64:b7:b5:0c:d6:55:44:07:d0:b0:b6:8c:06:
80:ec:ee:0f:1a:49:59:ee:f5:2c:52:a5:87:2b:f1:
ac:e3:c1:cf:62:46:2f:ff:b9:a1:cd:2f:0d:5a:27:
80:b7:09:a7:df:82:93:df:e8:63:e8:02:ea:d4:cb:
cf:55:ea:c8:df:4d:5a:d2:80:e9:47:ca:3f:52:a7:
47:96:0e:d6:c2:a7:91:86:8b:93:69:1d:fc:04:25:
0c:bc:d2:06:c7:50:bd:e9:af:98:c5:09:9a:d5:6e:
06:c4:da:6a:be:84:65:18:50:17:5c:77:20:ca:23:
83:8c:d0:13:c4:ab:ff:6a:c1:8e:1b:4f:ae:9a:bc:
d6:a5:e0:f7:50:e4:32:a6:72:46:07:a0:36:46:9e:
70:e1:d2:0b:10:b4:6e:4f:8c:1f:31:a9:70:d2:cd:
22:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:D5:40:E4:55:72:B9:A3:49:36:4F:18:40:37:75:D2:70:DE:6A:AD
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/AtVA5FVyuaNJNk8YQDd10nDeaq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/17
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
71:43:82:23:a9:c5:2d:6c:fb:4e:ad:ba:91:21:81:4d:7f:92:
fa:05:84:08:51:e4:83:4e:01:8b:f7:57:81:87:b3:26:e7:60:
62:54:ad:a1:2b:47:98:d9:49:6a:7a:36:f2:13:f1:72:31:2e:
dd:e4:ef:55:8c:4b:cf:af:29:4f:cb:2e:b6:35:43:10:66:1c:
f3:ba:d1:82:20:69:d6:aa:48:b8:c2:1f:d8:e8:72:b9:26:95:
09:ad:3e:c6:b6:4f:72:e6:0b:c7:e4:4c:a3:f1:df:85:00:a8:
4b:96:1e:c0:0b:4a:3a:e3:17:ab:4a:4d:a6:64:c5:8f:ea:e7:
06:27:32:6d:9e:cb:1e:7c:e1:fa:d9:e5:8e:99:a1:2a:56:69:
87:a7:bf:72:a3:b6:2a:12:30:47:19:0f:99:3d:25:cc:c8:81:
26:c5:4e:69:e6:36:02:9c:67:15:6b:22:4e:08:dc:98:2b:dc:
37:49:ae:d4:02:61:e0:70:14:4d:20:ff:d2:68:0e:52:50:00:
2d:da:b0:5e:48:e0:08:48:99:51:6e:d4:8e:cf:b3:ef:bd:b6:
23:c2:e2:bf:67:d8:94:4b:ba:fe:54:12:7a:b2:91:ef:a3:f2:
d9:ad:19:54:14:d0:f8:3e:82:1c:41:1e:11:0d:6e:9c:c9:55:
da:c9:9b:97
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZJZPgGZvEqkpS4YAZt6UQZKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMDA0MjAzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmQ1NDBlNDU1NzJiOWEzNDkzNjRmMTg0MDM3NzVkMjcwZGU2YWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJMb5Mif5lWk20MIS+QIMpAp0qN8
8zOat8LPfda1dWSML8rmQ6E6AwbkZWaz3mCO8Phv7kFk9B04PCvm+ocegBS0PCzy
1gWK+p3P7qWGz/HanPlUM9cnLhyrqGS3tQzWVUQH0LC2jAaA7O4PGklZ7vUsUqWH
K/Gs48HPYkYv/7mhzS8NWieAtwmn34KT3+hj6ALq1MvPVerI301a0oDpR8o/UqdH
lg7WwqeRhouTaR38BCUMvNIGx1C96a+YxQma1W4GxNpqvoRlGFAXXHcgyiODjNAT
xKv/asGOG0+umrzWpeD3UOQypnJGB6A2Rp5w4dILELRuT4wfMalw0s0ijQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFALVQORVcrmjSTZPGEA3ddJw3mqtMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvQXRWQTVGVnl1YU5KTms4WVFEZDEwbkRlYXEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTB9BAIAATB3AwQFBVOA
AwQHBa+AAwMBBeYDBAZNWgADBANT81ADBAVVXQADBANVdqADBANX74ADBAVZakAD
BAZZkAADBAReZ6ADBAde+YADBAJf1yADBASyEpADBAK5DZwDBAG5L4wDBAC5eUcD
BADBHPsDBAHDbg4DBATZRaAwMAQCAAIwKgMFAyoAEtgDBQMqABnQAwUAKgDNwAMF
AyoBvUADBQMqAgegAwUDKgIvwDANBgkqhkiG9w0BAQsFAAOCAQEAcUOCI6nFLWz7
Tq26kSGBTX+S+gWECFHkg04Bi/dXgYezJudgYlStoStHmNlJano28hPxcjEu3eTv
VYxLz68pT8sutjVDEGYc87rRgiBp1qpIuMIf2OhyuSaVCa0+xrZPcuYLx+RMo/Hf
hQCoS5YewAtKOuMXq0pNpmTFj+rnBicybZ7LHnzh+tnljpmhKlZph6e/cqO2KhIw
RxkPmT0lzMiBJsVOaeY2ApxnFWsiTgjcmCvcN0mu1AJh4HAUTSD/0mgOUlAALdqw
XkjgCEiZUW7Ujs+z7722I8Liv2fYlEu6/lQSerKR76Py2a0ZVBTQ+D6CHEEeEQ1u
nMlV2smblw==
-----END CERTIFICATE-----
Generated at Fri Oct 4 22:43:17 2024 by rpki-client on console-fra.rpki-client.org