Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/S3oGBKx4vTmtZOcWrZ52NURgXao.roa
File: S3oGBKx4vTmtZOcWrZ52NURgXao.roa (raw, json)
Hash identifier: eooXZ0ZUedCRX6hIVsGh+OMY5/NdnUeTcGnPu6B1ED0=
Subject key identifier: 4B:7A:06:04:AC:78:BD:39:AD:64:E7:16:AD:9E:76:35:44:60:5D:AA
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 018ED17D331DD357E2CB67735B6835D66C48
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/S3oGBKx4vTmtZOcWrZ52NURgXao.roa
Signing time: Fri 12 Apr 2024 08:47:06 +0000
ROA not before: Fri 12 Apr 2024 08:47:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/20 maxlen: 32
5.83.151.0/24 maxlen: 32
5.175.128.0/17 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.249.128.0/17 maxlen: 32
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Wed 17 Apr 2024 04:06:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d1:7d:33:1d:d3:57:e2:cb:67:73:5b:68:35:d6:6c:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 12 08:47:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b7a0604ac78bd39ad64e716ad9e763544605daa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:62:bb:80:96:2f:6f:5a:ba:bc:62:37:50:52:
67:04:18:66:58:b1:ee:c2:ab:4a:a7:43:32:bd:30:
ec:72:02:2b:70:3c:3d:7c:11:46:ea:87:0a:1a:3e:
6f:ec:50:95:fb:06:53:9c:59:c5:a5:96:7f:b1:ea:
76:17:32:76:1f:db:01:5c:9a:23:69:c6:e8:47:0a:
a7:c3:3b:f8:fe:c3:a4:97:ed:18:9e:f9:66:e2:79:
4a:5c:c3:ec:1d:12:17:e1:2b:66:07:12:ec:65:f6:
88:34:61:c0:32:30:24:b3:64:ab:90:30:0d:f7:5e:
9a:34:a8:46:32:26:e7:0b:f6:db:f5:10:34:13:db:
b7:31:a5:6b:a2:f7:a0:ec:fc:31:ac:35:1b:4f:47:
2c:94:b7:d9:ee:83:03:33:b0:5b:5f:f0:86:3f:68:
25:0f:2c:66:e1:ff:cd:42:30:0e:4b:04:32:6b:89:
f9:05:b7:65:6f:a3:5f:fc:5b:89:e7:74:a6:44:8c:
81:4a:a2:56:b6:90:26:29:95:1e:4c:eb:0a:85:d0:
47:44:39:cf:78:fc:08:51:75:18:21:fe:c7:e2:35:
bc:f0:fd:aa:9f:3e:69:8f:00:bd:fb:9e:26:56:17:
a2:8b:c5:5f:07:b9:eb:70:47:33:2d:95:62:b6:51:
cb:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:7A:06:04:AC:78:BD:39:AD:64:E7:16:AD:9E:76:35:44:60:5D:AA
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/S3oGBKx4vTmtZOcWrZ52NURgXao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/20
5.83.151.0/24
5.175.128.0/17
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
e3:1e:aa:f2:1d:2c:f7:65:64:94:a4:4d:90:d2:44:33:c3:4d:
17:19:5e:cb:52:a4:04:3f:40:6f:58:98:56:5f:09:21:b7:ae:
43:e6:07:40:e7:4f:a4:91:f6:0c:2e:6e:0e:3b:26:47:b4:ce:
3e:9f:35:94:2d:bf:f0:9b:31:bf:25:ca:d8:1b:86:07:49:5f:
1a:f9:53:1f:10:57:a2:23:d6:04:af:d9:cb:44:2a:9a:9c:dc:
cc:13:a6:06:10:38:9f:2d:6c:5c:98:c7:ad:c9:63:56:de:b7:
7d:04:8a:98:24:1e:51:40:3b:0d:c4:24:89:25:52:82:fc:71:
db:85:54:79:54:bf:f6:b5:5a:fc:3d:c1:00:eb:ae:71:20:12:
84:72:f3:0c:bc:40:d8:25:ba:6f:29:5a:08:ff:05:4e:83:af:
a2:b8:ba:9d:f4:ad:5d:6b:2c:b4:2a:53:c5:c7:25:d7:fa:0a:
bd:22:ef:bb:3f:cc:6e:60:8a:30:f9:b2:f9:a0:ca:38:24:7c:
4b:50:e7:ce:32:7a:15:c3:e0:83:5f:0c:7b:38:39:23:06:b7:
a1:a6:cd:89:c5:00:00:df:56:fb:52:fd:d5:bd:ae:52:21:77:
74:07:fb:3c:15:91:11:e3:c9:a8:3d:c3:44:c4:16:5d:01:70:
6b:73:56:65
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAY7RfTMd01fiy2dzW2g11mxIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwNDEyMDg0NzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjdhMDYwNGFjNzhiZDM5YWQ2NGU3MTZhZDllNzYzNTQ0NjA1ZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGK7gJYvb1q6vGI3UFJnBBhmWLHu
wqtKp0MyvTDscgIrcDw9fBFG6ocKGj5v7FCV+wZTnFnFpZZ/sep2FzJ2H9sBXJoj
acboRwqnwzv4/sOkl+0Ynvlm4nlKXMPsHRIX4StmBxLsZfaINGHAMjAks2SrkDAN
916aNKhGMibnC/bb9RA0E9u3MaVroveg7PwxrDUbT0cslLfZ7oMDM7BbX/CGP2gl
Dyxm4f/NQjAOSwQya4n5Bbdlb6Nf/FuJ53SmRIyBSqJWtpAmKZUeTOsKhdBHRDnP
ePwIUXUYIf7H4jW88P2qnz5pjwC9+54mVheii8VfB7nrcEczLZVitlHLcQIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFEt6BgSseL05rWTnFq2edjVEYF2qMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvUzNvR0JLeDR2VG10Wk9jV3JaNTJOVVJnWGFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBgwQCAAEwfQMEBAVT
gAMEAAVTlwMEBwWvgAMDAQXmAwQGTVoAAwQDU/NQAwQFVV0AAwQDVXagAwQDV++A
AwQFWWpAAwQGWZAAAwQEXmegAwQHXvmAAwQCX9cgAwQEshKQAwQCuQ2cAwQBuS+M
AwQAuXlHAwQAwRz7AwQBw24OAwQE2UWgMDAEAgACMCoDBQMqABLYAwUDKgAZ0AMF
ACoAzcADBQMqAb1AAwUDKgIHoAMFAyoCL8AwDQYJKoZIhvcNAQELBQADggEBAOMe
qvIdLPdlZJSkTZDSRDPDTRcZXstSpAQ/QG9YmFZfCSG3rkPmB0DnT6SR9gwubg47
Jke0zj6fNZQtv/CbMb8lytgbhgdJXxr5Ux8QV6Ij1gSv2ctEKpqc3MwTpgYQOJ8t
bFyYx63JY1bet30EipgkHlFAOw3EJIklUoL8cduFVHlUv/a1Wvw9wQDrrnEgEoRy
8wy8QNglum8pWgj/BU6Dr6K4up30rV1rLLQqU8XHJdf6Cr0i77s/zG5gijD5svmg
yjgkfEtQ584yehXD4INfDHs4OSMGt6GmzYnFAADfVvtS/dW9rlIhd3QH+zwVkRHj
yag9w0TEFl0BcGtzVmU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:30 2024 by rpki-client on console-fra.rpki-client.org