Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Mawo9hwVmoHUV100ObsESx1c68g.roa
File: Mawo9hwVmoHUV100ObsESx1c68g.roa (raw, json)
Hash identifier: yd+qPOtcnUUh9WDFWFCWI54rpixvCx8KFQ9B8epIIUw=
Subject key identifier: 31:AC:28:F6:1C:15:9A:81:D4:57:5D:34:39:BB:04:4B:1D:5C:EB:C8
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01921D0E385AAC9F3777671762B52ECEA03B
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Mawo9hwVmoHUV100ObsESx1c68g.roa
Signing time: Mon 23 Sep 2024 04:05:24 +0000
ROA not before: Mon 23 Sep 2024 04:05:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.134.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.175.128.0/17 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
77.90.29.0/24 maxlen: 24
77.90.55.0/24 maxlen: 24
77.90.57.0/24 maxlen: 24
77.90.60.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
87.239.131.0/24 maxlen: 24
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.249.128.0/17 maxlen: 32
94.249.138.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Mon 23 Sep 2024 13:49:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1d:0e:38:5a:ac:9f:37:77:67:17:62:b5:2e:ce:a0:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Sep 23 04:05:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31ac28f61c159a81d4575d3439bb044b1d5cebc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:40:c3:5b:55:5b:33:fc:35:35:cc:90:50:73:
26:84:1d:98:73:90:c8:d0:1f:49:af:e0:a1:6e:e9:
2c:d4:13:40:85:0e:75:6e:70:65:48:92:11:d6:be:
c4:ed:72:3a:86:eb:8c:d6:39:fd:ef:09:ea:83:fc:
f7:10:17:32:bc:c7:54:d2:90:45:bd:18:70:7b:a3:
b9:b9:d9:15:1b:b9:32:81:45:e1:28:2b:44:e7:36:
6b:f5:49:07:66:62:cb:d2:2d:a5:e9:b8:cb:0a:72:
6d:9f:2e:ce:9d:ea:6d:7a:42:8d:24:cb:8b:f5:2f:
50:af:c0:6f:88:0d:a3:a3:2e:be:71:17:0d:50:29:
87:1c:8d:06:7a:8f:22:2c:ce:d4:b0:4f:97:ea:d7:
e9:aa:87:e0:3d:14:ab:dc:b4:e0:78:72:27:5a:59:
69:60:94:d1:0b:0a:bc:93:c0:00:09:76:ee:ff:f6:
56:c3:46:7a:b9:2e:6f:f4:c3:4e:84:6e:2c:39:f6:
6b:95:4b:a1:8d:ba:26:7c:dc:7c:5a:ee:f5:2b:0c:
fd:73:49:3f:7c:28:b1:3d:34:3d:1b:b0:50:1d:75:
84:79:82:f2:47:98:1f:e2:e2:d6:ce:20:09:5d:19:
20:54:58:43:bf:09:80:88:56:67:cd:40:a9:50:62:
9a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:AC:28:F6:1C:15:9A:81:D4:57:5D:34:39:BB:04:4B:1D:5C:EB:C8
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Mawo9hwVmoHUV100ObsESx1c68g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/17
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
1b:4e:60:ae:c8:ba:25:17:7c:32:c3:55:da:e5:0e:7c:33:43:
7b:33:53:f5:bc:f3:19:70:23:f4:d7:ce:7a:a9:3d:2a:b1:4c:
4d:42:c8:68:18:4f:e4:54:25:1b:c0:de:82:94:13:59:0b:c3:
da:3c:42:2d:a1:c6:29:f3:89:dd:42:fa:77:6b:b4:a5:45:e5:
12:22:46:47:7a:7f:44:72:89:81:52:2d:b2:ab:ec:52:54:21:
4b:03:d1:8a:f5:c0:34:67:30:89:fd:3e:59:50:ff:cf:40:29:
99:e5:e1:3c:ad:b2:f5:85:b7:4a:77:92:ca:ee:74:66:96:2d:
cc:7a:47:22:62:4a:f1:b4:5e:98:69:0b:d2:a8:e8:2c:71:eb:
6b:e8:fa:00:48:88:b6:77:dd:1f:03:be:08:92:ba:a0:1c:24:
a6:b6:96:e2:81:2e:85:2e:5c:d1:35:f0:5a:17:1d:82:32:60:
fe:1a:7d:0e:82:cd:6c:c0:97:a5:23:ae:62:81:4b:e2:2b:b6:
38:7d:88:57:c7:4c:cd:1f:c8:b7:74:37:c3:f0:27:9f:11:27:
d7:fe:2b:8b:dc:06:2e:8b:3f:4c:18:e8:27:88:69:53:6b:3a:
a6:87:74:e6:54:a2:0a:c9:e3:20:94:3b:83:4c:30:37:b2:b4:
32:9b:5d:4b
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZIdDjharJ83d2cXYrUuzqA7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwOTIzMDQwNTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWFjMjhmNjFjMTU5YTgxZDQ1NzVkMzQzOWJiMDQ0YjFkNWNlYmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2EDDW1VbM/w1NcyQUHMmhB2Yc5DI
0B9Jr+Chbuks1BNAhQ51bnBlSJIR1r7E7XI6huuM1jn97wnqg/z3EBcyvMdU0pBF
vRhwe6O5udkVG7kygUXhKCtE5zZr9UkHZmLL0i2l6bjLCnJtny7OneptekKNJMuL
9S9Qr8BviA2joy6+cRcNUCmHHI0Geo8iLM7UsE+X6tfpqofgPRSr3LTgeHInWllp
YJTRCwq8k8AACXbu//ZWw0Z6uS5v9MNOhG4sOfZrlUuhjbomfNx8Wu71Kwz9c0k/
fCixPTQ9G7BQHXWEeYLyR5gf4uLWziAJXRkgVFhDvwmAiFZnzUCpUGKa6wIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFDGsKPYcFZqB1FddNDm7BEsdXOvIMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvTWF3bzlod1Ztb0hVVjEwME9ic0VTeDFjNjhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTB9BAIAATB3AwQFBVOA
AwQHBa+AAwMBBeYDBAZNWgADBANT81ADBAVVXQADBANVdqADBANX74ADBAVZakAD
BAZZkAADBAReZ6ADBAde+YADBAJf1yADBASyEpADBAK5DZwDBAG5L4wDBAC5eUcD
BADBHPsDBAHDbg4DBATZRaAwMAQCAAIwKgMFAyoAEtgDBQMqABnQAwUAKgDNwAMF
AyoBvUADBQMqAgegAwUDKgIvwDANBgkqhkiG9w0BAQsFAAOCAQEAG05grsi6JRd8
MsNV2uUOfDNDezNT9bzzGXAj9NfOeqk9KrFMTULIaBhP5FQlG8DegpQTWQvD2jxC
LaHGKfOJ3UL6d2u0pUXlEiJGR3p/RHKJgVItsqvsUlQhSwPRivXANGcwif0+WVD/
z0ApmeXhPK2y9YW3SneSyu50ZpYtzHpHImJK8bRemGkL0qjoLHHra+j6AEiItnfd
HwO+CJK6oBwkpraW4oEuhS5c0TXwWhcdgjJg/hp9DoLNbMCXpSOuYoFL4iu2OH2I
V8dMzR/It3Q3w/AnnxEn1/4ri9wGLos/TBjoJ4hpU2s6pod05lSiCsnjIJQ7g0ww
N7K0MptdSw==
-----END CERTIFICATE-----
Generated at Mon Sep 23 18:04:05 2024 by rpki-client on console-ams.rpki-client.org