Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/IY-dZgdPXCTvN7JfpS4loJI1fO8.roa
File: IY-dZgdPXCTvN7JfpS4loJI1fO8.roa (raw, json)
Hash identifier: mZ6cGym/6Z4bwvylGz87y93uBiDYXX0TBoMSlelFAMU=
Subject key identifier: 21:8F:9D:66:07:4F:5C:24:EF:37:B2:5F:A5:2E:25:A0:92:35:7C:EF
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0193492C2560AF9702AC1A082356D3E90320
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/IY-dZgdPXCTvN7JfpS4loJI1fO8.roa
Signing time: Wed 20 Nov 2024 10:44:10 +0000
ROA not before: Wed 20 Nov 2024 10:44:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.151.0/24 maxlen: 32
5.83.153.0/24 maxlen: 24
5.83.154.0/24 maxlen: 24
5.83.156.0/24 maxlen: 24
5.175.128.0/24 maxlen: 32
5.175.129.0/24 maxlen: 32
5.175.130.0/24 maxlen: 32
5.175.131.0/24 maxlen: 32
5.175.133.0/24 maxlen: 32
5.175.218.0/24 maxlen: 32
5.175.219.0/24 maxlen: 32
5.175.220.0/24 maxlen: 32
5.175.225.0/24 maxlen: 32
5.175.226.0/24 maxlen: 32
5.175.227.0/24 maxlen: 32
5.175.228.0/24 maxlen: 32
5.175.229.0/24 maxlen: 32
5.175.230.0/24 maxlen: 32
5.175.231.0/24 maxlen: 32
5.175.232.0/24 maxlen: 32
5.175.235.0/24 maxlen: 32
5.175.240.0/24 maxlen: 32
5.175.241.0/24 maxlen: 32
5.175.242.0/24 maxlen: 32
5.175.243.0/24 maxlen: 32
5.175.244.0/24 maxlen: 32
5.175.251.0/24 maxlen: 32
5.175.252.0/24 maxlen: 32
5.175.253.0/24 maxlen: 32
5.175.254.0/24 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.70.0/24 maxlen: 24
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
77.90.1.0/24 maxlen: 24
77.90.20.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.249.128.0/17 maxlen: 32
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Wed 20 Nov 2024 16:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:49:2c:25:60:af:97:02:ac:1a:08:23:56:d3:e9:03:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Nov 20 10:44:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=218f9d66074f5c24ef37b25fa52e25a092357cef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ee:b7:ab:cf:c2:ef:b0:ff:66:8d:1e:8f:83:
d2:b8:e5:44:e7:35:2b:60:6a:b2:87:12:6a:f5:6a:
6c:b6:98:a7:f9:18:b2:56:1a:79:9d:b2:6f:aa:07:
0a:78:6b:17:9d:eb:9c:13:75:8f:83:62:1a:8d:fd:
8d:9a:ec:28:26:08:93:70:b2:63:dc:d4:11:17:3d:
2a:c9:ea:b1:7c:8d:a7:50:9a:ef:2c:88:1b:74:2e:
b4:70:c5:04:ba:36:1f:d6:24:4c:7f:ac:ea:22:36:
3a:ac:3e:6c:20:c0:07:c5:21:06:74:da:ee:89:83:
ff:bc:06:70:b8:5b:f0:a9:56:58:dc:ff:08:9f:75:
21:9e:77:2d:f0:37:f9:0a:37:6f:50:7d:47:f7:7f:
00:5b:47:02:24:bf:a2:d0:26:2f:2f:03:a6:eb:81:
54:3a:30:5c:4f:49:11:c7:d4:39:d4:d0:c1:45:82:
10:e0:11:b6:36:29:54:17:2d:20:c2:85:e9:cd:a9:
f6:03:b8:13:8a:1f:c7:be:26:d9:94:a7:0a:18:91:
cb:ce:3e:5b:cf:c7:6e:b2:35:52:88:f4:25:5c:a6:
92:04:23:e6:9a:1f:8f:7e:c1:c9:66:bf:db:15:cd:
fe:ff:7c:26:e5:32:97:22:ec:f9:b4:40:32:f9:0d:
87:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:8F:9D:66:07:4F:5C:24:EF:37:B2:5F:A5:2E:25:A0:92:35:7C:EF
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/IY-dZgdPXCTvN7JfpS4loJI1fO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/22
5.175.133.0/24
5.175.218.0-5.175.220.255
5.175.225.0-5.175.232.255
5.175.235.0/24
5.175.240.0-5.175.244.255
5.175.251.0-5.175.255.255
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
af:87:20:cb:5d:30:a9:6a:44:ae:f9:6b:7e:ef:17:8d:f2:85:
4f:62:da:55:70:32:4e:fd:55:39:41:84:f5:6f:fe:49:d0:3d:
7d:d3:ae:f4:c9:13:e3:55:bb:d3:05:6a:37:9c:b8:4b:80:3c:
70:79:fe:c5:c6:97:9b:8a:f4:76:87:67:26:5c:11:1c:a9:a8:
0a:d0:db:41:f3:fa:84:e8:23:7d:10:c2:c6:c1:0c:bc:a0:6b:
56:b3:a0:33:f1:66:82:6b:a3:27:b8:cd:ea:1b:76:a6:82:04:
a4:e7:43:49:eb:8d:95:65:65:72:cd:2c:c2:f7:34:d2:e3:15:
2a:79:15:55:53:be:4c:1a:a3:ad:61:75:c8:d2:35:75:e1:ec:
8a:95:79:e7:54:0b:76:36:97:95:45:21:72:d5:9e:1e:38:b2:
73:86:f2:cf:eb:32:ea:86:3e:00:4d:e7:99:5a:5c:e3:e8:f9:
10:c4:9a:2c:38:40:96:30:e6:3c:3c:80:b4:19:8c:e8:49:86:
62:99:7a:a4:9a:72:6c:cc:fb:fd:db:5a:13:c8:8d:1f:b8:21:
d2:d5:75:3a:ed:e7:78:c5:25:c9:a6:bc:85:af:a1:58:26:11:
d6:66:fa:87:0c:4b:4f:7e:2f:77:37:03:2b:37:4f:e3:f3:76:
39:ef:57:cc
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAZNJLCVgr5cCrBoII1bT6QMgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMTIwMTA0NDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMThmOWQ2NjA3NGY1YzI0ZWYzN2IyNWZhNTJlMjVhMDkyMzU3Y2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnu63q8/C77D/Zo0ej4PSuOVE5zUr
YGqyhxJq9Wpstpin+RiyVhp5nbJvqgcKeGsXneucE3WPg2Iajf2NmuwoJgiTcLJj
3NQRFz0qyeqxfI2nUJrvLIgbdC60cMUEujYf1iRMf6zqIjY6rD5sIMAHxSEGdNru
iYP/vAZwuFvwqVZY3P8In3Uhnnct8Df5CjdvUH1H938AW0cCJL+i0CYvLwOm64FU
OjBcT0kRx9Q51NDBRYIQ4BG2NilUFy0gwoXpzan2A7gTih/HvibZlKcKGJHLzj5b
z8dusjVSiPQlXKaSBCPmmh+PfsHJZr/bFc3+/3wm5TKXIuz5tEAy+Q2HVwIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFCGPnWYHT1wk7zeyX6UuJaCSNXzvMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvSVktZFpnZFBYQ1R2TjdKZnBTNGxvSkkxZk84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgcEEAgABMIG6AwQF
BVOAAwQCBa+AAwQABa+FMAwDBAEFr9oDBAAFr9wwDAMEAAWv4QMEAAWv6AMEAAWv
6zAMAwQEBa/wAwQABa/0MAsDBAAFr/sDAwQFoAMDAQXmAwQGTVoAAwQDU/NQAwQF
VV0AAwQDVXagAwQDV++AAwQFWWpAAwQGWZAAAwQEXmegAwQHXvmAAwQCX9cgAwQE
shKQAwQCuQ2cAwQBuS+MAwQAuXlHAwQAwRz7AwQBw24OAwQE2UWgMDAEAgACMCoD
BQMqABLYAwUDKgAZ0AMFACoAzcADBQMqAb1AAwUDKgIHoAMFAyoCL8AwDQYJKoZI
hvcNAQELBQADggEBAK+HIMtdMKlqRK75a37vF43yhU9i2lVwMk79VTlBhPVv/knQ
PX3TrvTJE+NVu9MFajecuEuAPHB5/sXGl5uK9HaHZyZcERypqArQ20Hz+oToI30Q
wsbBDLyga1azoDPxZoJroye4zeobdqaCBKTnQ0nrjZVlZXLNLML3NNLjFSp5FVVT
vkwao61hdcjSNXXh7IqVeedUC3Y2l5VFIXLVnh44snOG8s/rMuqGPgBN55laXOPo
+RDEmiw4QJYw5jw8gLQZjOhJhmKZeqSacmzM+/3bWhPIjR+4IdLVdTrt53jFJcmm
vIWvoVgmEdZm+ocMS09+L3c3Ays3T+PzdjnvV8w=
-----END CERTIFICATE-----
Generated at Wed Nov 20 19:50:11 2024 by rpki-client on console-ams.rpki-client.org