Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/I78bI6ODShFrehjnF9So3M9U_90.roa
File: I78bI6ODShFrehjnF9So3M9U_90.roa (raw, json)
Hash identifier: I+ezXdHXdDQZjUlPcW+tXMslDuu862VtNooqg9VtUck=
Subject key identifier: 23:BF:1B:23:A3:83:4A:11:6B:7A:18:E7:17:D4:A8:DC:CF:54:FF:DD
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019217E9F5A3519ECCFEF56DE3145A5210F6
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/I78bI6ODShFrehjnF9So3M9U_90.roa
Signing time: Sun 22 Sep 2024 04:07:41 +0000
ROA not before: Sun 22 Sep 2024 04:07:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.175.128.0/17 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
77.90.29.0/24 maxlen: 24
77.90.55.0/24 maxlen: 24
77.90.57.0/24 maxlen: 24
77.90.60.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
87.239.131.0/24 maxlen: 24
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.249.128.0/17 maxlen: 32
94.249.138.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Mon 23 Sep 2024 04:05:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:17:e9:f5:a3:51:9e:cc:fe:f5:6d:e3:14:5a:52:10:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Sep 22 04:07:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23bf1b23a3834a116b7a18e717d4a8dccf54ffdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b4:af:d4:bd:90:37:6f:1d:e6:9e:52:31:7e:
17:c8:00:c7:27:a2:39:75:7c:8c:8b:54:a9:99:16:
f5:71:cf:db:6a:0d:66:57:50:a5:56:37:55:62:e8:
d8:a5:e0:88:6d:f8:3c:62:19:4e:51:72:23:ef:fb:
07:fe:01:a8:f4:19:1a:17:5e:1e:3d:35:88:d5:13:
3c:75:b7:66:de:7b:47:29:c0:e0:27:bf:c1:3d:2d:
4f:fa:ff:b3:bb:a5:91:e8:49:3b:a7:d2:3b:8e:5a:
b5:78:08:0d:05:40:af:a3:14:6c:ef:48:7b:bb:3a:
58:8b:22:e7:86:3e:dc:54:6c:44:60:e1:6a:92:68:
19:c8:dd:a1:d9:a9:01:9d:5b:40:c7:9d:cc:71:0f:
89:1d:86:b7:2f:8c:aa:a5:c2:08:e1:c1:35:b3:0d:
4b:61:80:43:cb:8a:e1:44:e0:54:93:3b:d9:a3:19:
db:aa:26:99:33:c1:b6:eb:e8:db:ec:8f:a3:4e:55:
25:81:5d:b3:68:97:9a:7e:34:bb:e0:c1:11:d1:90:
3b:33:89:22:19:54:22:a7:2f:ac:60:e9:a2:85:8c:
a9:3d:dc:f4:69:33:fd:b2:5a:5d:e4:d3:cd:8b:8f:
64:17:60:25:69:4f:0b:ec:6f:83:5c:f5:9b:24:71:
6e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:BF:1B:23:A3:83:4A:11:6B:7A:18:E7:17:D4:A8:DC:CF:54:FF:DD
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/I78bI6ODShFrehjnF9So3M9U_90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/17
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
9d:97:1d:37:31:94:31:91:fe:eb:4f:f2:38:31:de:ac:d9:fd:
a4:aa:42:e8:74:84:3b:8d:47:be:82:58:53:68:0e:0d:d0:91:
84:d3:44:3a:b2:63:1e:6c:26:a6:4b:90:1b:4d:cb:05:5c:9a:
62:1f:38:1f:eb:b7:99:5d:9c:5b:f2:f6:c2:6d:9e:1f:60:34:
1e:6e:62:03:f7:29:e0:e1:fe:54:29:29:ad:89:ce:8d:e7:48:
b8:66:54:d5:dc:12:c8:a4:9e:a4:64:b0:21:68:91:20:61:fe:
79:3f:ab:a4:8c:6a:1c:37:ff:a3:52:f9:e5:23:5a:11:c4:96:
8c:15:47:d3:49:4e:d1:87:f4:11:fd:f2:df:82:e9:12:e5:d7:
f0:c1:89:5b:55:61:1d:42:6c:49:93:42:d4:00:99:0a:07:e4:
1b:37:eb:2f:56:5c:bf:bb:5a:d6:df:7b:09:29:9f:ce:8d:80:
b8:63:10:c6:4c:62:93:2f:fe:25:e0:af:e6:ee:3e:82:f7:af:
0d:f5:e6:54:f4:74:a7:e1:f3:9b:23:a5:e0:3a:b7:32:d0:31:
d7:4c:e9:a2:19:e0:4d:95:f2:42:4c:a6:2d:72:39:00:5e:cd:
64:f7:08:ad:d1:fe:da:65:24:3c:03:9f:bd:b5:1a:69:d5:51:
43:dd:ed:1f
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZIX6fWjUZ7M/vVt4xRaUhD2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwOTIyMDQwNzQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2JmMWIyM2EzODM0YTExNmI3YTE4ZTcxN2Q0YThkY2NmNTRmZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLSv1L2QN28d5p5SMX4XyADHJ6I5
dXyMi1SpmRb1cc/bag1mV1ClVjdVYujYpeCIbfg8YhlOUXIj7/sH/gGo9BkaF14e
PTWI1RM8dbdm3ntHKcDgJ7/BPS1P+v+zu6WR6Ek7p9I7jlq1eAgNBUCvoxRs70h7
uzpYiyLnhj7cVGxEYOFqkmgZyN2h2akBnVtAx53McQ+JHYa3L4yqpcII4cE1sw1L
YYBDy4rhROBUkzvZoxnbqiaZM8G26+jb7I+jTlUlgV2zaJeafjS74MER0ZA7M4ki
GVQipy+sYOmihYypPdz0aTP9slpd5NPNi49kF2AlaU8L7G+DXPWbJHFuIQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFCO/GyOjg0oRa3oY5xfUqNzPVP/dMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvSTc4Ykk2T0RTaEZyZWhqbkY5U28zTTlVXzkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTB9BAIAATB3AwQFBVOA
AwQHBa+AAwMBBeYDBAZNWgADBANT81ADBAVVXQADBANVdqADBANX74ADBAVZakAD
BAZZkAADBAReZ6ADBAde+YADBAJf1yADBASyEpADBAK5DZwDBAG5L4wDBAC5eUcD
BADBHPsDBAHDbg4DBATZRaAwMAQCAAIwKgMFAyoAEtgDBQMqABnQAwUAKgDNwAMF
AyoBvUADBQMqAgegAwUDKgIvwDANBgkqhkiG9w0BAQsFAAOCAQEAnZcdNzGUMZH+
60/yODHerNn9pKpC6HSEO41HvoJYU2gODdCRhNNEOrJjHmwmpkuQG03LBVyaYh84
H+u3mV2cW/L2wm2eH2A0Hm5iA/cp4OH+VCkprYnOjedIuGZU1dwSyKSepGSwIWiR
IGH+eT+rpIxqHDf/o1L55SNaEcSWjBVH00lO0Yf0Ef3y34LpEuXX8MGJW1VhHUJs
SZNC1ACZCgfkGzfrL1Zcv7ta1t97CSmfzo2AuGMQxkxiky/+JeCv5u4+gvevDfXm
VPR0p+HzmyOl4Dq3MtAx10zpohngTZXyQkymLXI5AF7NZPcIrdH+2mUkPAOfvbUa
adVRQ93tHw==
-----END CERTIFICATE-----
Generated at Mon Sep 23 06:26:21 2024 by rpki-client on console-fra.rpki-client.org