Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/UFBdSGjwxKfCD91W6gyjfX5LAN8.roa
File: UFBdSGjwxKfCD91W6gyjfX5LAN8.roa (raw, json)
Hash identifier: ayHVN39vHC0WCckQhKBxxrrue/MfFLH1NmFhuCpJGOE=
Subject key identifier: 50:50:5D:48:68:F0:C4:A7:C2:0F:DD:56:EA:0C:A3:7D:7E:4B:00:DF
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 018E2E25FD3D9A9121E10B0970957B8FBE0A
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/UFBdSGjwxKfCD91W6gyjfX5LAN8.roa
Signing time: Mon 11 Mar 2024 15:33:45 +0000
ROA not before: Mon 11 Mar 2024 15:33:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/20 maxlen: 32
5.83.151.0/24 maxlen: 32
5.175.128.0/17 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
77.90.14.0/24 maxlen: 24
77.90.15.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.249.128.0/17 maxlen: 32
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Sat 16 Mar 2024 23:17:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2e:25:fd:3d:9a:91:21:e1:0b:09:70:95:7b:8f:be:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 11 15:33:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50505d4868f0c4a7c20fdd56ea0ca37d7e4b00df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:aa:e9:72:49:a0:bd:f2:5a:24:3a:78:fb:af:
c3:2a:9d:73:50:68:da:18:a5:71:ae:11:8d:dc:9b:
37:70:00:c4:6f:ae:e6:ac:94:d9:b5:30:0e:cb:13:
a4:8e:41:3b:d2:e6:1a:4b:f3:25:48:db:80:f6:6c:
de:0b:95:32:d5:d7:86:c5:a8:de:78:46:a1:13:96:
5b:57:c6:e3:c6:8c:a6:a3:4d:d7:de:79:3f:d6:99:
99:55:10:f0:9b:2e:6e:b0:42:63:02:1a:2b:c8:4d:
13:23:ee:d2:07:77:c3:07:1d:0b:d7:71:71:4d:eb:
0b:1c:d3:31:bb:cd:02:39:67:c7:74:f1:18:86:ae:
9c:c5:d9:ca:61:f6:e6:c0:bc:bc:a8:55:fd:57:43:
49:cd:b5:a8:db:38:27:ee:55:d1:43:c8:26:5f:eb:
91:12:00:6e:6b:07:54:f4:5e:f3:4b:16:93:1c:db:
43:ff:54:e1:01:23:56:82:3e:b1:6b:17:31:90:dc:
5b:6f:3c:cb:6c:d5:13:4f:8c:01:7b:d8:ad:a6:88:
18:83:6d:25:e3:08:84:eb:cd:7a:ee:53:a7:53:12:
9b:f3:69:81:5c:08:2b:f8:7d:1f:54:f9:08:b6:40:
bd:8a:5f:e4:ef:a3:af:33:8b:9b:36:07:18:e8:f2:
b5:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:50:5D:48:68:F0:C4:A7:C2:0F:DD:56:EA:0C:A3:7D:7E:4B:00:DF
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/UFBdSGjwxKfCD91W6gyjfX5LAN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/20
5.83.151.0/24
5.175.128.0/17
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
1f:2b:06:79:b7:cb:5d:28:6a:a5:9c:47:7c:2b:41:3b:d2:2f:
84:51:75:f0:0b:51:3c:7a:81:c5:e4:74:66:ad:09:fc:a5:21:
45:5f:70:ce:6a:f0:bf:a9:e3:33:92:82:96:c2:61:49:c6:d3:
8d:5b:d6:63:17:ed:0d:99:93:ea:96:41:b9:6e:31:ea:25:57:
ab:d9:bb:e6:c8:6b:2a:4c:d9:cc:ea:83:41:84:53:9c:dc:90:
e0:04:b4:c7:21:7b:54:7b:c8:ff:17:ab:35:fa:37:80:cc:47:
fc:e0:6b:3c:18:27:9d:89:bf:32:75:40:c4:2c:b7:77:b4:b8:
59:e0:21:de:80:32:91:e5:e6:30:1c:b3:d7:59:86:aa:1d:6c:
f4:72:a2:9e:2a:70:f6:e2:7d:87:1f:c5:d2:ee:48:ba:0f:72:
0a:e6:3b:f9:9b:55:d1:61:a2:7d:eb:3e:b0:fd:8b:3c:6b:a8:
25:6d:b6:b6:29:3e:56:10:cb:fc:c2:94:b2:af:45:13:47:3d:
ca:85:93:8d:b1:3c:b5:71:eb:e9:ea:8d:70:86:1d:25:5b:87:
3e:34:1d:cd:c0:0b:fe:6e:a3:23:4c:67:e5:d9:c7:eb:7a:a0:
28:8c:63:db:44:4e:3e:97:62:4b:ff:b3:85:4a:99:6c:95:89:
57:e9:4e:a0
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAY4uJf09mpEh4QsJcJV7j74KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwMzExMTUzMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDUwNWQ0ODY4ZjBjNGE3YzIwZmRkNTZlYTBjYTM3ZDdlNGIwMGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqrpckmgvfJaJDp4+6/DKp1zUGja
GKVxrhGN3Js3cADEb67mrJTZtTAOyxOkjkE70uYaS/MlSNuA9mzeC5Uy1deGxaje
eEahE5ZbV8bjxoymo03X3nk/1pmZVRDwmy5usEJjAhoryE0TI+7SB3fDBx0L13Fx
TesLHNMxu80COWfHdPEYhq6cxdnKYfbmwLy8qFX9V0NJzbWo2zgn7lXRQ8gmX+uR
EgBuawdU9F7zSxaTHNtD/1ThASNWgj6xaxcxkNxbbzzLbNUTT4wBe9itpogYg20l
4wiE68167lOnUxKb82mBXAgr+H0fVPkItkC9il/k76OvM4ubNgcY6PK1kwIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFFBQXUho8MSnwg/dVuoMo31+SwDfMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvVUZCZFNHand4S2ZDRDkxVzZneWpmWDVMQU44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBgwQCAAEwfQMEBAVT
gAMEAAVTlwMEBwWvgAMDAQXmAwQGTVoAAwQDU/NQAwQFVV0AAwQDVXagAwQDV++A
AwQFWWpAAwQGWZAAAwQEXmegAwQHXvmAAwQCX9cgAwQEshKQAwQCuQ2cAwQBuS+M
AwQAuXlHAwQAwRz7AwQBw24OAwQE2UWgMDAEAgACMCoDBQMqABLYAwUDKgAZ0AMF
ACoAzcADBQMqAb1AAwUDKgIHoAMFAyoCL8AwDQYJKoZIhvcNAQELBQADggEBAB8r
Bnm3y10oaqWcR3wrQTvSL4RRdfALUTx6gcXkdGatCfylIUVfcM5q8L+p4zOSgpbC
YUnG041b1mMX7Q2Zk+qWQbluMeolV6vZu+bIaypM2czqg0GEU5zckOAEtMche1R7
yP8XqzX6N4DMR/zgazwYJ52JvzJ1QMQst3e0uFngId6AMpHl5jAcs9dZhqodbPRy
op4qcPbifYcfxdLuSLoPcgrmO/mbVdFhon3rPrD9izxrqCVttrYpPlYQy/zClLKv
RRNHPcqFk42xPLVx6+nqjXCGHSVbhz40Hc3AC/5uoyNMZ+XZx+t6oCiMY9tETj6X
Ykv/s4VKmWyViVfpTqA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:54 2024 by rpki-client on console-ams.rpki-client.org