Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/H4hSU4xyhrF8SsjNybaiK82AZTg.roa
File: H4hSU4xyhrF8SsjNybaiK82AZTg.roa (raw, json)
Hash identifier: 0ztpEsw8hTZeGhZxDSy/fMqSyHLfODpowaLSCKsAWqE=
Subject key identifier: 1F:88:52:53:8C:72:86:B1:7C:4A:C8:CD:C9:B6:A2:2B:CD:80:65:38
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0191D4F6FF5953F8E848259734431205C355
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/H4hSU4xyhrF8SsjNybaiK82AZTg.roa
Signing time: Mon 09 Sep 2024 04:07:22 +0000
ROA not before: Mon 09 Sep 2024 04:07:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.175.128.0/17 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
77.90.10.0/24 maxlen: 24
77.90.11.0/24 maxlen: 24
77.90.29.0/24 maxlen: 24
77.90.30.0/24 maxlen: 24
77.90.31.0/24 maxlen: 24
77.90.35.0/24 maxlen: 24
77.90.36.0/24 maxlen: 24
77.90.37.0/24 maxlen: 24
77.90.38.0/24 maxlen: 24
77.90.40.0/24 maxlen: 24
77.90.41.0/24 maxlen: 24
77.90.42.0/24 maxlen: 24
77.90.44.0/24 maxlen: 24
77.90.45.0/24 maxlen: 24
77.90.46.0/24 maxlen: 24
77.90.47.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
87.239.131.0/24 maxlen: 24
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.249.128.0/17 maxlen: 32
94.249.138.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Mon 09 Sep 2024 07:19:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d4:f6:ff:59:53:f8:e8:48:25:97:34:43:12:05:c3:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Sep 9 04:07:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f8852538c7286b17c4ac8cdc9b6a22bcd806538
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7d:90:55:7d:18:fc:7e:8a:32:14:83:14:ec:
88:37:32:02:e1:b3:b1:25:07:b6:a2:85:31:80:fc:
a7:0f:fe:e5:10:dc:1e:8b:9c:5d:a1:e7:21:fe:fa:
dc:d8:b7:fc:33:13:b4:cc:55:cd:34:87:45:81:e6:
60:0b:e7:8f:61:1d:a9:44:26:f9:40:a2:b2:44:69:
fe:18:5a:82:01:91:2a:63:f4:11:22:ef:b3:fb:d4:
ef:ba:cf:a6:ab:84:fc:2c:8a:6b:f9:e5:c9:8c:d4:
d4:fa:7e:9e:34:db:c4:0c:9b:b4:63:31:eb:3f:7d:
1e:1d:c2:ee:41:cb:36:7e:f7:48:eb:cb:1b:00:0b:
54:3b:2f:a6:8a:a3:ca:5c:62:68:1f:ba:2f:9d:b0:
44:9d:43:69:6f:0f:f0:95:be:cf:3f:c9:50:65:de:
1f:bf:88:25:e4:4f:fb:01:a8:a6:c6:80:18:97:e9:
23:65:1d:41:78:74:84:52:5e:74:1d:bd:42:11:09:
66:d5:f9:cc:91:b8:1b:94:8a:3e:0d:c0:14:f9:2f:
ea:fc:1f:21:4e:9d:16:f2:ec:ca:fa:00:65:bf:94:
b3:11:36:3b:08:3c:7a:66:a3:53:e3:d1:c5:f7:0c:
bb:80:26:4f:f4:7b:cb:de:49:b5:3d:f3:f5:71:39:
fc:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:88:52:53:8C:72:86:B1:7C:4A:C8:CD:C9:B6:A2:2B:CD:80:65:38
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/H4hSU4xyhrF8SsjNybaiK82AZTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/17
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
15:62:c9:28:c6:96:d9:2a:92:20:00:07:17:1c:48:10:f5:33:
74:2d:75:06:10:eb:4e:cb:02:6f:47:15:b9:ec:1c:fc:25:7a:
87:ff:9d:c0:a0:79:7b:d9:80:a7:6a:83:35:02:d8:0b:ce:fa:
89:6d:67:6a:24:98:91:22:90:9a:e9:e0:c2:29:2a:63:35:38:
e4:77:0e:ee:9e:99:a7:6d:17:ad:a7:0c:4f:0c:bd:c9:0c:2e:
be:d9:03:60:be:03:8e:ac:67:b4:fe:9d:10:17:b8:3d:7e:c6:
40:d4:75:73:fb:3a:a1:ee:21:a7:94:48:d0:dc:00:94:50:b2:
29:92:58:0c:21:8e:6f:da:bd:f0:90:ba:c6:21:c9:8a:30:63:
4f:50:23:cf:d8:63:26:76:96:e0:3f:38:08:5a:08:a3:1d:b4:
ff:bc:78:19:a0:a1:d2:87:b8:79:06:65:5b:ae:88:9e:26:92:
cb:28:c1:17:17:f2:cc:76:e7:63:b3:94:80:05:bb:d2:e8:da:
2c:1c:99:2e:38:4b:a2:6b:56:28:15:72:f1:00:42:09:af:d1:
47:d5:42:61:3a:40:69:0b:94:1b:a6:2f:45:55:5b:3b:1d:0a:
16:1c:8d:87:90:9a:26:f2:a7:23:28:65:18:d2:e6:c7:68:ca:
35:21:b4:2f
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZHU9v9ZU/joSCWXNEMSBcNVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwOTA5MDQwNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjg4NTI1MzhjNzI4NmIxN2M0YWM4Y2RjOWI2YTIyYmNkODA2NTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr32QVX0Y/H6KMhSDFOyINzIC4bOx
JQe2ooUxgPynD/7lENwei5xdoech/vrc2Lf8MxO0zFXNNIdFgeZgC+ePYR2pRCb5
QKKyRGn+GFqCAZEqY/QRIu+z+9Tvus+mq4T8LIpr+eXJjNTU+n6eNNvEDJu0YzHr
P30eHcLuQcs2fvdI68sbAAtUOy+miqPKXGJoH7ovnbBEnUNpbw/wlb7PP8lQZd4f
v4gl5E/7AaimxoAYl+kjZR1BeHSEUl50Hb1CEQlm1fnMkbgblIo+DcAU+S/q/B8h
Tp0W8uzK+gBlv5SzETY7CDx6ZqNT49HF9wy7gCZP9HvL3km1PfP1cTn8twIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFB+IUlOMcoaxfErIzcm2oivNgGU4MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvSDRoU1U0eHlockY4U3NqTnliYWlLODJBWlRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTB9BAIAATB3AwQFBVOA
AwQHBa+AAwMBBeYDBAZNWgADBANT81ADBAVVXQADBANVdqADBANX74ADBAVZakAD
BAZZkAADBAReZ6ADBAde+YADBAJf1yADBASyEpADBAK5DZwDBAG5L4wDBAC5eUcD
BADBHPsDBAHDbg4DBATZRaAwMAQCAAIwKgMFAyoAEtgDBQMqABnQAwUAKgDNwAMF
AyoBvUADBQMqAgegAwUDKgIvwDANBgkqhkiG9w0BAQsFAAOCAQEAFWLJKMaW2SqS
IAAHFxxIEPUzdC11BhDrTssCb0cVuewc/CV6h/+dwKB5e9mAp2qDNQLYC876iW1n
aiSYkSKQmungwikqYzU45HcO7p6Zp20XracMTwy9yQwuvtkDYL4DjqxntP6dEBe4
PX7GQNR1c/s6oe4hp5RI0NwAlFCyKZJYDCGOb9q98JC6xiHJijBjT1Ajz9hjJnaW
4D84CFoIox20/7x4GaCh0oe4eQZlW66IniaSyyjBFxfyzHbnY7OUgAW70ujaLByZ
LjhLomtWKBVy8QBCCa/RR9VCYTpAaQuUG6YvRVVbOx0KFhyNh5CaJvKnIyhlGNLm
x2jKNSG0Lw==
-----END CERTIFICATE-----
Generated at Mon Sep 9 09:22:36 2024 by rpki-client on console-fra.rpki-client.org