Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ERrA_qNrQwDeU7e3HgCAO8Va6EQ.roa
File: ERrA_qNrQwDeU7e3HgCAO8Va6EQ.roa (raw, json)
Hash identifier: vtlT3C64PXlsmc9tW0HhEp7xkRuLyp3T6osjS5XBWqA=
Subject key identifier: 11:1A:C0:FE:A3:6B:43:00:DE:53:B7:B7:1E:00:80:3B:C5:5A:E8:44
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0192C7066167E60C8502714705740F813B31
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ERrA_qNrQwDeU7e3HgCAO8Va6EQ.roa
Signing time: Sat 26 Oct 2024 04:12:17 +0000
ROA not before: Sat 26 Oct 2024 04:12:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.129.0/24 maxlen: 24
5.83.134.0/24 maxlen: 24
5.83.138.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.175.128.0/17 maxlen: 32
5.175.136.0/24 maxlen: 24
5.175.139.0/24 maxlen: 24
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.25.0/24 maxlen: 24
5.231.26.0/24 maxlen: 24
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
77.90.45.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.249.128.0/17 maxlen: 32
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Sun 27 Oct 2024 04:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c7:06:61:67:e6:0c:85:02:71:47:05:74:0f:81:3b:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Oct 26 04:12:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=111ac0fea36b4300de53b7b71e00803bc55ae844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:dc:b4:0d:ba:7e:1b:67:48:22:12:68:6a:f9:
79:eb:1e:c3:ba:ba:85:59:98:b2:f9:a5:4d:a1:a6:
c5:80:eb:1d:4e:66:3f:13:76:6c:e9:68:12:ad:9f:
9f:b4:78:65:9c:9a:f2:64:76:48:d6:a2:c7:27:86:
97:72:25:d4:fc:75:4f:85:93:44:8f:98:3e:2d:af:
0c:3d:48:e8:62:41:54:92:fc:26:08:81:81:ff:ce:
94:58:8e:f8:51:ee:8f:cc:ac:4b:1f:de:a8:c0:be:
39:43:af:6e:d3:97:31:b1:a6:f6:1a:e5:3f:5f:23:
8b:64:ec:33:93:69:e1:59:52:fa:b8:9c:86:5e:d4:
5f:dd:bf:f6:71:09:84:d8:91:f8:6e:c0:41:e9:54:
06:ec:3b:8d:a8:00:f8:d4:85:d9:fd:3c:96:a7:5c:
72:f3:d8:b1:c2:14:1d:1c:05:5d:cc:14:80:6d:94:
4d:cb:91:2a:20:e0:3f:f5:c4:d2:15:2e:1c:95:17:
9e:ce:87:b9:23:fe:ee:85:a7:a2:24:3e:e9:d2:ff:
8a:0d:82:5f:b2:27:ce:5b:9b:f7:77:10:1f:cc:db:
78:27:72:c3:73:f9:c0:7a:4d:d0:2d:6e:f0:b1:8a:
b8:52:81:8a:b4:b1:ed:bf:1d:17:2d:37:29:4b:07:
dd:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:1A:C0:FE:A3:6B:43:00:DE:53:B7:B7:1E:00:80:3B:C5:5A:E8:44
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ERrA_qNrQwDeU7e3HgCAO8Va6EQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/17
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
83:5d:70:9d:78:11:7c:f4:34:f3:6a:3b:27:06:7c:ca:14:22:
4a:a2:3e:91:04:45:ca:8e:d9:54:8b:61:76:43:78:52:76:26:
61:2f:cd:c3:0e:c9:a1:64:d0:1c:51:3f:c0:a4:87:53:20:18:
07:46:48:ee:2e:62:62:b7:b9:4b:c5:81:62:5d:3f:0a:41:03:
c6:bf:f5:75:de:54:70:32:37:1d:a3:e1:71:39:d1:38:d8:d6:
31:b1:25:05:f5:82:1e:c0:64:cf:a7:28:fe:b3:fb:88:fa:e8:
2b:38:cd:9e:fb:a8:d3:50:5c:21:5b:96:2f:42:79:66:b1:ce:
00:38:ac:2e:ce:7e:3b:56:b3:2e:b6:54:0e:e5:ad:03:c4:45:
e9:8f:9b:6f:95:63:dc:0e:21:80:96:9b:a1:7f:1f:57:3e:28:
93:c0:be:37:e9:30:89:93:91:9a:e6:24:01:d5:4b:c5:bf:39:
a2:2d:4d:f5:d4:8d:40:32:15:31:3f:31:4a:e1:8e:d8:d1:d1:
9a:c6:f7:91:15:75:3a:3f:96:66:70:d0:da:49:25:b2:cd:8a:
1d:6f:2b:84:7d:02:90:19:92:5c:3b:1a:85:0a:8d:7a:8f:6e:
e9:08:e6:0d:03:b8:b0:23:29:b1:54:00:a6:32:a0:c1:d9:4b:
bd:4b:9f:53
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZLHBmFn5gyFAnFHBXQPgTsxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMDI2MDQxMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTFhYzBmZWEzNmI0MzAwZGU1M2I3YjcxZTAwODAzYmM1NWFlODQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9y0Dbp+G2dIIhJoavl56x7DurqF
WZiy+aVNoabFgOsdTmY/E3Zs6WgSrZ+ftHhlnJryZHZI1qLHJ4aXciXU/HVPhZNE
j5g+La8MPUjoYkFUkvwmCIGB/86UWI74Ue6PzKxLH96owL45Q69u05cxsab2GuU/
XyOLZOwzk2nhWVL6uJyGXtRf3b/2cQmE2JH4bsBB6VQG7DuNqAD41IXZ/TyWp1xy
89ixwhQdHAVdzBSAbZRNy5EqIOA/9cTSFS4clReezoe5I/7uhaeiJD7p0v+KDYJf
sifOW5v3dxAfzNt4J3LDc/nAek3QLW7wsYq4UoGKtLHtvx0XLTcpSwfdXwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFBEawP6ja0MA3lO3tx4AgDvFWuhEMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvRVJyQV9xTnJRd0RlVTdlM0hnQ0FPOFZhNkVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTB9BAIAATB3AwQFBVOA
AwQHBa+AAwMBBeYDBAZNWgADBANT81ADBAVVXQADBANVdqADBANX74ADBAVZakAD
BAZZkAADBAReZ6ADBAde+YADBAJf1yADBASyEpADBAK5DZwDBAG5L4wDBAC5eUcD
BADBHPsDBAHDbg4DBATZRaAwMAQCAAIwKgMFAyoAEtgDBQMqABnQAwUAKgDNwAMF
AyoBvUADBQMqAgegAwUDKgIvwDANBgkqhkiG9w0BAQsFAAOCAQEAg11wnXgRfPQ0
82o7JwZ8yhQiSqI+kQRFyo7ZVIthdkN4UnYmYS/Nww7JoWTQHFE/wKSHUyAYB0ZI
7i5iYre5S8WBYl0/CkEDxr/1dd5UcDI3HaPhcTnRONjWMbElBfWCHsBkz6co/rP7
iProKzjNnvuo01BcIVuWL0J5ZrHOADisLs5+O1azLrZUDuWtA8RF6Y+bb5Vj3A4h
gJaboX8fVz4ok8C+N+kwiZORmuYkAdVLxb85oi1N9dSNQDIVMT8xSuGO2NHRmsb3
kRV1Oj+WZnDQ2kklss2KHW8rhH0CkBmSXDsahQqNeo9u6QjmDQO4sCMpsVQApjKg
wdlLvUufUw==
-----END CERTIFICATE-----
Generated at Sun Oct 27 06:31:41 2024 by rpki-client on console-ams.rpki-client.org