Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/VnO-ttv29PY9la_SvBGFcaaoEJg.roa
File: VnO-ttv29PY9la_SvBGFcaaoEJg.roa (raw, json)
Hash identifier: l7d6BlBZFqzzx9ZLr4M3xnE6fIyZGqox1AOEsX5oef4=
Subject key identifier: 56:73:BE:B6:DB:F6:F4:F6:3D:95:AF:D2:BC:11:85:71:A6:A8:10:98
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0191DA25FF17F153B9FE1C7715F751DB7793
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/VnO-ttv29PY9la_SvBGFcaaoEJg.roa
Signing time: Tue 10 Sep 2024 04:16:48 +0000
ROA not before: Tue 10 Sep 2024 04:16:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.175.128.0/17 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
77.90.29.0/24 maxlen: 24
77.90.44.0/24 maxlen: 24
77.90.45.0/24 maxlen: 24
77.90.46.0/24 maxlen: 24
77.90.47.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
87.239.131.0/24 maxlen: 24
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.249.128.0/17 maxlen: 32
94.249.138.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Tue 10 Sep 2024 18:24:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:da:25:ff:17:f1:53:b9:fe:1c:77:15:f7:51:db:77:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Sep 10 04:16:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5673beb6dbf6f4f63d95afd2bc118571a6a81098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:61:9b:57:72:5d:ce:87:54:a4:e7:b6:fe:ab:
61:a6:8d:08:fc:7c:92:1a:50:e9:37:1f:04:bb:c3:
23:dc:28:24:6f:c7:4d:93:5b:5e:33:9d:29:f8:bd:
0e:d0:a5:3a:b5:d1:60:12:71:c0:53:a2:16:10:ae:
35:62:59:59:f3:a6:a7:e9:c0:c2:c8:d1:c4:ee:da:
91:b5:cf:00:ab:b7:c6:4d:4b:17:b2:16:9b:e3:dc:
f1:c7:8f:7d:59:1b:9d:c5:89:8c:44:36:db:f1:6c:
82:20:58:f4:30:aa:76:c3:70:ca:80:01:94:a9:0c:
cb:bc:29:d4:1f:7c:ec:db:c8:8c:d8:50:73:7d:06:
3a:36:0f:63:e9:3e:64:3e:32:8c:f1:75:3f:ae:46:
2c:d8:e0:9d:5a:d8:12:9d:fe:4e:61:18:99:f9:5d:
bb:4e:55:cf:23:5c:c6:1c:2d:19:fa:f4:e3:e5:61:
4b:7d:bb:7c:5b:c1:4d:a8:e9:c9:bf:cd:ec:f9:fa:
b2:82:46:2b:e8:36:d1:43:e0:7e:1b:e6:6a:ae:6c:
ba:4d:3d:16:78:e8:74:2c:4c:42:9d:f3:59:37:ac:
c0:22:5f:04:76:77:64:47:4d:87:9d:46:05:3f:fa:
45:53:ef:59:ed:1c:76:d5:d5:22:d6:0d:7c:61:b3:
23:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:73:BE:B6:DB:F6:F4:F6:3D:95:AF:D2:BC:11:85:71:A6:A8:10:98
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/VnO-ttv29PY9la_SvBGFcaaoEJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/17
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
89:10:f9:88:64:fc:b6:79:e3:bb:00:76:20:cf:2b:c3:a6:30:
b4:a9:bd:75:2e:c8:de:77:87:ca:ed:be:e5:56:81:86:c0:f9:
d8:f8:ab:94:9e:3a:38:6f:49:c6:0b:13:ef:6a:0e:ce:e8:aa:
75:db:7f:91:cf:e5:86:ce:ca:37:45:bc:8b:5d:f4:c5:e2:26:
e8:e7:5d:28:f5:39:d3:d4:1a:ec:ec:93:24:d5:d1:d3:bf:de:
3e:3a:10:8a:b0:9e:78:72:a8:0f:40:89:cf:7b:9a:9e:49:9b:
2a:c0:5e:85:cf:0c:61:da:db:03:f6:08:71:b1:47:f7:55:7b:
95:81:72:e9:a4:d7:f8:d7:83:c2:8f:01:37:62:10:a8:2d:38:
91:f3:6d:b6:36:95:7f:4a:1a:47:74:09:42:04:41:29:bf:04:
42:70:b6:d4:85:d7:7e:c1:cb:6a:16:02:12:e6:a6:fb:50:72:
35:96:c1:22:05:12:67:10:45:74:0a:31:c5:af:fe:38:30:6e:
92:55:26:8f:0d:fb:97:fc:f1:da:31:1e:87:da:17:1c:d4:72:
2b:79:60:e7:6f:75:73:0f:e6:d4:9a:3b:4e:f0:04:a2:00:cd:
76:4b:f0:08:63:38:34:44:22:64:1e:99:41:42:70:39:f1:51:
25:f6:33:f5
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZHaJf8X8VO5/hx3FfdR23eTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwOTEwMDQxNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjczYmViNmRiZjZmNGY2M2Q5NWFmZDJiYzExODU3MWE2YTgxMDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmGbV3JdzodUpOe2/qthpo0I/HyS
GlDpNx8Eu8Mj3Cgkb8dNk1teM50p+L0O0KU6tdFgEnHAU6IWEK41YllZ86an6cDC
yNHE7tqRtc8Aq7fGTUsXshab49zxx499WRudxYmMRDbb8WyCIFj0MKp2w3DKgAGU
qQzLvCnUH3zs28iM2FBzfQY6Ng9j6T5kPjKM8XU/rkYs2OCdWtgSnf5OYRiZ+V27
TlXPI1zGHC0Z+vTj5WFLfbt8W8FNqOnJv83s+fqygkYr6DbRQ+B+G+Zqrmy6TT0W
eOh0LExCnfNZN6zAIl8EdndkR02HnUYFP/pFU+9Z7Rx21dUi1g18YbMj/wIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFFZzvrbb9vT2PZWv0rwRhXGmqBCYMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvVm5PLXR0djI5UFk5bGFfU3ZCR0ZjYWFvRUpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTB9BAIAATB3AwQFBVOA
AwQHBa+AAwMBBeYDBAZNWgADBANT81ADBAVVXQADBANVdqADBANX74ADBAVZakAD
BAZZkAADBAReZ6ADBAde+YADBAJf1yADBASyEpADBAK5DZwDBAG5L4wDBAC5eUcD
BADBHPsDBAHDbg4DBATZRaAwMAQCAAIwKgMFAyoAEtgDBQMqABnQAwUAKgDNwAMF
AyoBvUADBQMqAgegAwUDKgIvwDANBgkqhkiG9w0BAQsFAAOCAQEAiRD5iGT8tnnj
uwB2IM8rw6YwtKm9dS7I3neHyu2+5VaBhsD52PirlJ46OG9JxgsT72oOzuiqddt/
kc/lhs7KN0W8i130xeIm6OddKPU509Qa7OyTJNXR07/ePjoQirCeeHKoD0CJz3ua
nkmbKsBehc8MYdrbA/YIcbFH91V7lYFy6aTX+NeDwo8BN2IQqC04kfNttjaVf0oa
R3QJQgRBKb8EQnC21IXXfsHLahYCEuam+1ByNZbBIgUSZxBFdAoxxa/+ODBuklUm
jw37l/zx2jEeh9oXHNRyK3lg5291cw/m1Jo7TvAEogDNdkvwCGM4NEQiZB6ZQUJw
OfFRJfYz9Q==
-----END CERTIFICATE-----
Generated at Tue Sep 10 19:38:25 2024 by rpki-client on console-fra.rpki-client.org