Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/LsJSrS6I_YzvLRg2nII5wWgYxkQ.roa
File: LsJSrS6I_YzvLRg2nII5wWgYxkQ.roa (raw, json)
Hash identifier: Ju+RaYFJEuSzAEUlZesJmxZJ1r+vevK6bUT4cNxZkvY=
Subject key identifier: 2E:C2:52:AD:2E:88:FD:8C:EF:2D:18:36:9C:82:39:C1:68:18:C6:44
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 018C3AAA18B61231ECBA49961529CEB5DE0E
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/LsJSrS6I_YzvLRg2nII5wWgYxkQ.roa
Signing time: Tue 05 Dec 2023 15:47:54 +0000
ROA not before: Tue 05 Dec 2023 15:47:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.151.0/24 maxlen: 32
5.231.233.0/24 maxlen: 32
95.215.32.0/22 maxlen: 32
89.144.0.0/18 maxlen: 32
5.175.255.0/24 maxlen: 32
94.103.160.0/20 maxlen: 32
5.230.11.0/24 maxlen: 32
5.83.128.0/20 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.102.0/24 maxlen: 32
94.249.128.0/17 maxlen: 32
87.239.128.0/21 maxlen: 32
5.175.128.0/17 maxlen: 32
193.28.251.0/24 maxlen: 32
85.93.0.0/19 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
5.230.224.0/24 maxlen: 32
89.106.64.0/19 maxlen: 32
77.90.0.0/18 maxlen: 32
77.90.11.0/24 maxlen: 24
77.90.10.0/24 maxlen: 24
77.90.8.0/24 maxlen: 24
77.90.14.0/24 maxlen: 24
77.90.15.0/24 maxlen: 24
77.90.13.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
77.90.12.0/24 maxlen: 24
85.93.20.0/24 maxlen: 32
217.69.160.0/20 maxlen: 32
195.110.14.0/23 maxlen: 32
2a02:7a0::/29 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a00:12d8::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3a:aa:18:b6:12:31:ec:ba:49:96:15:29:ce:b5:de:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Dec 5 15:47:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ec252ad2e88fd8cef2d18369c8239c16818c644
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cf:f3:62:ad:89:cd:57:b3:2c:82:aa:20:6c:
a6:63:d2:aa:0e:93:62:ec:33:9c:42:bf:02:41:18:
0d:6e:d1:d1:bc:f7:54:14:23:6d:d0:5f:d8:4a:97:
87:3c:af:1b:c3:f1:a8:cd:8c:11:7f:41:69:ac:67:
ae:6b:58:f7:76:bf:c3:2f:56:44:7f:e4:8f:b4:73:
48:8a:a1:e2:92:c7:74:a0:fb:ec:13:e3:fb:0f:f7:
88:14:8d:bf:56:58:be:f0:b0:0e:a1:65:5f:e4:d8:
cb:0b:ef:ec:00:6d:d9:d6:57:63:0d:4f:19:2b:7b:
60:40:00:1b:5b:c2:79:7c:40:c7:b0:7b:13:cf:96:
df:01:40:f5:75:4a:4b:b6:0e:21:1e:28:13:71:65:
ac:2a:0f:61:fc:9a:94:2b:bb:e9:4d:33:04:3d:8d:
d0:f9:b7:fe:0b:61:9f:54:67:31:60:c7:03:67:a4:
c0:57:2e:9a:30:de:79:ac:20:84:6f:ab:af:80:28:
d0:e9:67:55:2a:e8:76:7b:06:3c:a2:82:9a:f6:7d:
57:da:28:cf:72:a6:7f:da:8a:fc:1e:e8:32:3f:4a:
1d:f3:be:26:14:ac:40:e3:85:d4:db:68:a5:81:92:
1f:50:bb:35:30:9e:ff:74:e7:fc:2e:ac:92:8e:ab:
f0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:C2:52:AD:2E:88:FD:8C:EF:2D:18:36:9C:82:39:C1:68:18:C6:44
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/LsJSrS6I_YzvLRg2nII5wWgYxkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/20
5.83.151.0/24
5.175.128.0/17
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
3e:30:4a:b4:a9:8f:0c:51:01:0a:fb:95:8c:51:bb:e0:62:51:
9c:cb:a9:74:db:6d:10:ad:f6:85:48:f9:23:c8:56:36:63:36:
58:af:97:18:ee:02:e0:96:92:43:bd:fc:0e:8d:33:94:17:75:
b3:f0:09:f1:cb:d2:f2:f4:14:d0:e3:96:5d:c3:2b:3c:36:bf:
9a:a8:14:5a:e3:97:74:7f:14:db:0d:80:25:2f:14:f6:e5:62:
2a:9d:f5:8e:cc:c6:29:48:16:77:c8:d0:eb:a0:9e:0e:c1:50:
1c:e8:7e:a8:9c:a2:3e:1c:0f:aa:35:7e:28:b5:54:b9:0e:94:
a5:51:70:0c:b5:32:50:3e:ca:1c:b1:46:ba:e4:2b:aa:50:57:
59:37:2b:e8:90:5e:33:20:c4:68:8e:c0:1d:07:c8:75:75:bd:
fd:30:6f:55:1b:20:1e:b3:52:7e:44:01:a7:48:30:ef:38:ad:
a7:a3:64:c2:43:0b:49:d5:9a:1e:65:4f:09:a6:6c:bb:8f:6d:
91:e4:05:f6:4a:bf:4b:da:d4:1d:fe:a5:c8:aa:bc:60:67:6f:
d2:15:d5:57:0c:e4:68:19:b3:b9:a0:dc:52:3b:cb:49:fe:f6:
2b:0f:0d:b5:d4:1c:a9:a1:05:67:79:07:12:8f:ee:28:70:85:
0f:aa:91:c3
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYw6qhi2EjHsukmWFSnOtd4OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjMxMjA1MTU0NzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWMyNTJhZDJlODhmZDhjZWYyZDE4MzY5YzgyMzljMTY4MThjNjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAts/zYq2JzVezLIKqIGymY9KqDpNi
7DOcQr8CQRgNbtHRvPdUFCNt0F/YSpeHPK8bw/GozYwRf0FprGeua1j3dr/DL1ZE
f+SPtHNIiqHiksd0oPvsE+P7D/eIFI2/Vli+8LAOoWVf5NjLC+/sAG3Z1ldjDU8Z
K3tgQAAbW8J5fEDHsHsTz5bfAUD1dUpLtg4hHigTcWWsKg9h/JqUK7vpTTMEPY3Q
+bf+C2GfVGcxYMcDZ6TAVy6aMN55rCCEb6uvgCjQ6WdVKuh2ewY8ooKa9n1X2ijP
cqZ/2or8HugyP0od874mFKxA44XU22ilgZIfULs1MJ7/dOf8LqySjqvwjQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFC7CUq0uiP2M7y0YNpyCOcFoGMZEMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvTHNKU3JTNklfWXp2TFJnMm5JSTV3V2dZeGtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTB9BAIAATB3AwQEBVOA
AwQABVOXAwQHBa+AAwMBBeYDBAZNWgADBANT81ADBAVVXQADBANX74ADBAVZakAD
BAZZkAADBAReZ6ADBAde+YADBAJf1yADBASyEpADBAK5DZwDBAG5L4wDBAC5eUcD
BADBHPsDBAHDbg4DBATZRaAwMAQCAAIwKgMFAyoAEtgDBQMqABnQAwUAKgDNwAMF
AyoBvUADBQMqAgegAwUDKgIvwDANBgkqhkiG9w0BAQsFAAOCAQEAPjBKtKmPDFEB
CvuVjFG74GJRnMupdNttEK32hUj5I8hWNmM2WK+XGO4C4JaSQ738Do0zlBd1s/AJ
8cvS8vQU0OOWXcMrPDa/mqgUWuOXdH8U2w2AJS8U9uViKp31jszGKUgWd8jQ66Ce
DsFQHOh+qJyiPhwPqjV+KLVUuQ6UpVFwDLUyUD7KHLFGuuQrqlBXWTcr6JBeMyDE
aI7AHQfIdXW9/TBvVRsgHrNSfkQBp0gw7zitp6NkwkMLSdWaHmVPCaZsu49tkeQF
9kq/S9rUHf6lyKq8YGdv0hXVVwzkaBmzuaDcUjvLSf72Kw8NtdQcqaEFZ3kHEo/u
KHCFD6qRww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:30 2024 by rpki-client on console-fra.rpki-client.org