Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/HijlY5GaW3vHmZVq3VjrYwUHNEQ.roa
File: HijlY5GaW3vHmZVq3VjrYwUHNEQ.roa (raw, json)
Hash identifier: rVQwqymR4nZ8vEE3ZIuFR7XhgOD+TGgtlcADSICgOKc=
Subject key identifier: 1E:28:E5:63:91:9A:5B:7B:C7:99:95:6A:DD:58:EB:63:05:07:34:44
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0192E1025D913052BDE38FCC5FB593434183
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/HijlY5GaW3vHmZVq3VjrYwUHNEQ.roa
Signing time: Thu 31 Oct 2024 05:18:01 +0000
ROA not before: Thu 31 Oct 2024 05:18:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.134.0/24 maxlen: 24
5.83.145.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.175.128.0/17 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.25.0/24 maxlen: 24
5.231.26.0/24 maxlen: 24
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
77.90.45.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.249.128.0/17 maxlen: 32
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Thu 31 Oct 2024 12:21:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e1:02:5d:91:30:52:bd:e3:8f:cc:5f:b5:93:43:41:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Oct 31 05:18:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e28e563919a5b7bc799956add58eb6305073444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:91:ba:88:2b:ed:a1:b0:fd:79:e4:07:a6:74:
9c:bc:52:8b:63:83:67:0d:ba:7b:e7:d0:0c:22:fc:
96:cf:6e:17:7a:d0:bc:23:79:1e:b3:b6:c6:c6:d8:
70:05:6e:a0:17:87:d5:6a:e2:ce:c4:75:66:97:b0:
b0:5d:c0:3d:2d:18:b9:10:d9:5c:06:be:fd:00:d2:
0b:bb:af:df:ac:96:6e:6e:0d:8d:52:d3:9c:bb:8f:
fc:c3:f4:ce:85:fe:9c:ef:a0:bb:f5:8f:a5:b2:76:
e5:6e:4b:e5:33:e2:4c:90:58:ea:de:52:e0:93:a5:
e6:13:b3:54:48:c5:cd:99:d0:38:09:8c:38:63:26:
b6:b7:4e:d4:99:46:dc:8a:41:47:aa:76:b3:55:3b:
3f:98:ba:ea:e3:d6:6d:11:af:e7:a6:ff:fa:c0:ef:
0d:02:3b:91:ea:75:46:74:fa:33:35:e2:e6:92:6e:
99:de:18:c4:ad:4f:f1:06:28:e0:bc:8d:da:4c:cf:
50:c2:94:e9:07:6d:eb:98:c4:f7:bb:06:aa:a7:ec:
70:bc:78:e5:6e:36:86:f3:47:12:9c:ee:3c:47:6d:
47:a7:00:5c:2b:74:d0:c5:75:50:b0:ce:27:eb:61:
db:c4:76:fe:01:33:d6:81:d6:c1:e9:9e:57:7f:89:
4e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:28:E5:63:91:9A:5B:7B:C7:99:95:6A:DD:58:EB:63:05:07:34:44
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/HijlY5GaW3vHmZVq3VjrYwUHNEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/17
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
08:6f:dc:05:17:77:fb:c5:dc:74:8f:d8:1a:4a:93:68:3f:86:
c0:d5:0c:52:ba:68:8f:ac:77:85:83:a6:cc:96:94:7a:47:9d:
95:63:fb:04:4d:c6:60:a8:ac:d1:41:cb:04:0c:f2:af:fb:8d:
eb:f2:03:58:35:7f:eb:1f:1c:4a:46:da:4b:54:92:27:1f:0b:
7c:5d:9b:09:9a:ba:87:7d:2f:34:9f:c3:1d:61:46:4c:e2:ef:
4f:c5:6f:fe:d6:2c:92:a8:12:51:ed:13:e3:45:38:ec:22:ec:
98:c4:c4:cb:31:ee:c4:f1:c0:f6:c1:d8:10:a3:cc:7b:42:12:
fb:f9:36:1c:ba:b4:02:eb:2a:16:1f:ff:13:92:66:8e:93:32:
de:ad:f5:01:c8:80:4f:59:b5:77:8c:c1:2a:bc:9c:8e:09:29:
74:6e:f6:82:6b:c9:3d:28:7d:bd:28:4a:52:81:1e:42:4e:47:
a0:8b:14:3f:1b:10:ed:ab:2e:36:e0:d4:4c:ac:ef:9a:b4:86:
db:88:5b:45:3b:26:26:dd:2f:2d:35:96:19:23:f8:14:90:60:
c3:32:bc:9f:14:b1:32:78:29:53:41:18:9e:b8:5f:84:0f:f0:
fb:14:d0:ad:98:4b:f6:2d:cf:47:d5:a0:fb:05:a9:07:21:1e:
03:74:93:2f
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZLhAl2RMFK944/MX7WTQ0GDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMDMxMDUxODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTI4ZTU2MzkxOWE1YjdiYzc5OTk1NmFkZDU4ZWI2MzA1MDczNDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJG6iCvtobD9eeQHpnScvFKLY4Nn
Dbp759AMIvyWz24XetC8I3kes7bGxthwBW6gF4fVauLOxHVml7CwXcA9LRi5ENlc
Br79ANILu6/frJZubg2NUtOcu4/8w/TOhf6c76C79Y+lsnblbkvlM+JMkFjq3lLg
k6XmE7NUSMXNmdA4CYw4Yya2t07UmUbcikFHqnazVTs/mLrq49ZtEa/npv/6wO8N
AjuR6nVGdPozNeLmkm6Z3hjErU/xBijgvI3aTM9QwpTpB23rmMT3uwaqp+xwvHjl
bjaG80cSnO48R21HpwBcK3TQxXVQsM4n62HbxHb+ATPWgdbB6Z5Xf4lO5wIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFB4o5WORmlt7x5mVat1Y62MFBzREMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvSGlqbFk1R2FXM3ZIbVpWcTNWanJZd1VITkVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTB9BAIAATB3AwQFBVOA
AwQHBa+AAwMBBeYDBAZNWgADBANT81ADBAVVXQADBANVdqADBANX74ADBAVZakAD
BAZZkAADBAReZ6ADBAde+YADBAJf1yADBASyEpADBAK5DZwDBAG5L4wDBAC5eUcD
BADBHPsDBAHDbg4DBATZRaAwMAQCAAIwKgMFAyoAEtgDBQMqABnQAwUAKgDNwAMF
AyoBvUADBQMqAgegAwUDKgIvwDANBgkqhkiG9w0BAQsFAAOCAQEACG/cBRd3+8Xc
dI/YGkqTaD+GwNUMUrpoj6x3hYOmzJaUekedlWP7BE3GYKis0UHLBAzyr/uN6/ID
WDV/6x8cSkbaS1SSJx8LfF2bCZq6h30vNJ/DHWFGTOLvT8Vv/tYskqgSUe0T40U4
7CLsmMTEyzHuxPHA9sHYEKPMe0IS+/k2HLq0AusqFh//E5JmjpMy3q31AciAT1m1
d4zBKrycjgkpdG72gmvJPSh9vShKUoEeQk5HoIsUPxsQ7asuNuDUTKzvmrSG24hb
RTsmJt0vLTWWGSP4FJBgwzK8nxSxMngpU0EYnrhfhA/w+xTQrZhL9i3PR9Wg+wWp
ByEeA3STLw==
-----END CERTIFICATE-----
Generated at Thu Oct 31 15:31:01 2024 by rpki-client on console-fra.rpki-client.org