Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/b7_sXl63oHajPq4bV6SP2pel9uk.roa
File: b7_sXl63oHajPq4bV6SP2pel9uk.roa (raw, json)
Hash identifier: Q2ysnVi+PfuTXTUoppXNxJMaEb0BL8lrk7Ix3PubZG8=
Subject key identifier: 6F:BF:EC:5E:5E:B7:A0:76:A3:3E:AE:1B:57:A4:8F:DA:97:A5:F6:E9
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01927F92FC79330CA418FF111F9A300B7498
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/b7_sXl63oHajPq4bV6SP2pel9uk.roa
Signing time: Sat 12 Oct 2024 07:13:12 +0000
ROA not before: Sat 12 Oct 2024 07:13:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.134.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.175.128.0/17 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
77.90.48.0/24 maxlen: 24
77.90.52.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.249.128.0/17 maxlen: 32
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Sun 13 Oct 2024 04:18:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7f:92:fc:79:33:0c:a4:18:ff:11:1f:9a:30:0b:74:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Oct 12 07:13:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6fbfec5e5eb7a076a33eae1b57a48fda97a5f6e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:f0:f6:8b:f5:89:eb:67:f7:5b:d5:e6:b4:0d:
e1:7d:da:f4:a9:85:8d:34:dd:87:21:7c:c4:1d:6a:
63:58:6f:82:24:fc:d1:a9:e4:15:57:e6:7f:41:5c:
8c:5f:fc:e1:80:26:9b:f8:3d:ba:02:45:e0:1a:e8:
4d:6c:9c:82:a7:b8:11:e0:77:2b:f8:79:d6:8a:1c:
bf:3b:c7:c7:02:7a:04:13:a9:f8:1f:e0:f0:2d:2e:
8f:0f:6c:0a:bd:22:38:eb:8f:43:ea:93:12:66:35:
a5:ce:5a:95:1c:78:dc:c5:84:8f:86:53:7c:c5:71:
b9:3e:8e:5e:63:34:59:e6:91:72:e3:24:90:ee:bb:
8a:b4:7d:89:e6:53:80:84:62:d0:07:22:f7:03:08:
73:97:cd:d0:30:ba:89:42:8b:20:6a:62:7c:ae:fe:
f4:a8:32:aa:69:9f:20:96:b4:44:a2:a4:7a:99:78:
9d:b8:c9:98:18:8b:66:0f:44:a3:20:d1:ba:37:3b:
6c:e6:b6:34:6f:7b:36:3f:ae:cc:08:b7:f9:21:50:
95:0a:b9:0f:1b:91:ea:26:1b:b0:85:7a:0c:63:7d:
4a:02:18:fd:fc:a1:1c:70:e4:28:90:ec:11:d5:c4:
c4:54:9a:8f:2a:d2:8f:ac:61:54:42:60:46:be:c9:
b3:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:BF:EC:5E:5E:B7:A0:76:A3:3E:AE:1B:57:A4:8F:DA:97:A5:F6:E9
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/b7_sXl63oHajPq4bV6SP2pel9uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/17
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
10:d1:83:25:80:05:d4:6e:c8:bd:a6:fc:21:bf:75:1f:cb:5d:
96:4a:b7:30:2e:6f:a4:ae:7a:49:af:8c:bb:bb:f3:90:87:60:
db:12:6c:e9:08:d4:a1:f0:fb:f6:18:17:e0:e1:75:e5:07:fa:
86:f5:5c:2c:b5:2b:82:d3:77:a8:49:4a:24:79:9c:e1:bf:42:
6e:81:a8:8b:7a:a4:16:11:dc:05:dc:cb:bd:bf:ae:d5:40:a1:
c9:23:e1:e0:b7:4a:8d:9a:fa:eb:bd:ab:55:41:fb:0e:df:31:
a0:94:1a:d3:ba:68:56:0b:09:87:93:db:b7:d2:98:4b:f1:55:
a2:35:11:f5:d3:4c:92:02:8f:46:ea:e7:36:75:e2:61:29:4e:
5d:71:e3:23:17:3c:87:ba:de:33:2f:b5:b3:93:fc:07:6f:a5:
00:4f:56:6d:79:5a:0a:bf:2d:ce:f2:fa:92:b3:18:c6:1b:69:
e6:17:ae:9f:1e:7e:b9:d9:24:0a:3e:d4:87:de:7a:35:04:73:
15:30:db:de:11:bd:1b:52:7f:b5:6b:48:5f:8c:5e:69:72:2d:
7d:35:7d:97:5a:2a:03:05:26:d8:5c:d1:09:e5:40:5c:e4:a7:
f2:35:3e:90:58:fe:37:d9:4d:e1:a1:3d:c6:fb:1e:72:c4:ec:
50:6d:e0:0b
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZJ/kvx5MwykGP8RH5owC3SYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMDEyMDcxMzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmJmZWM1ZTVlYjdhMDc2YTMzZWFlMWI1N2E0OGZkYTk3YTVmNmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vD2i/WJ62f3W9XmtA3hfdr0qYWN
NN2HIXzEHWpjWG+CJPzRqeQVV+Z/QVyMX/zhgCab+D26AkXgGuhNbJyCp7gR4Hcr
+HnWihy/O8fHAnoEE6n4H+DwLS6PD2wKvSI4649D6pMSZjWlzlqVHHjcxYSPhlN8
xXG5Po5eYzRZ5pFy4ySQ7ruKtH2J5lOAhGLQByL3Awhzl83QMLqJQosgamJ8rv70
qDKqaZ8glrREoqR6mXiduMmYGItmD0SjING6Nzts5rY0b3s2P67MCLf5IVCVCrkP
G5HqJhuwhXoMY31KAhj9/KEccOQokOwR1cTEVJqPKtKPrGFUQmBGvsmznQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFG+/7F5et6B2oz6uG1ekj9qXpfbpMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvYjdfc1hsNjNvSGFqUHE0YlY2U1AycGVsOXVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTB9BAIAATB3AwQFBVOA
AwQHBa+AAwMBBeYDBAZNWgADBANT81ADBAVVXQADBANVdqADBANX74ADBAVZakAD
BAZZkAADBAReZ6ADBAde+YADBAJf1yADBASyEpADBAK5DZwDBAG5L4wDBAC5eUcD
BADBHPsDBAHDbg4DBATZRaAwMAQCAAIwKgMFAyoAEtgDBQMqABnQAwUAKgDNwAMF
AyoBvUADBQMqAgegAwUDKgIvwDANBgkqhkiG9w0BAQsFAAOCAQEAENGDJYAF1G7I
vab8Ib91H8tdlkq3MC5vpK56Sa+Mu7vzkIdg2xJs6QjUofD79hgX4OF15Qf6hvVc
LLUrgtN3qElKJHmc4b9CboGoi3qkFhHcBdzLvb+u1UChySPh4LdKjZr6672rVUH7
Dt8xoJQa07poVgsJh5Pbt9KYS/FVojUR9dNMkgKPRurnNnXiYSlOXXHjIxc8h7re
My+1s5P8B2+lAE9WbXlaCr8tzvL6krMYxhtp5heunx5+udkkCj7Uh956NQRzFTDb
3hG9G1J/tWtIX4xeaXItfTV9l1oqAwUm2FzRCeVAXOSn8jU+kFj+N9lN4aE9xvse
csTsUG3gCw==
-----END CERTIFICATE-----
Generated at Sun Oct 13 09:11:21 2024 by rpki-client on console-ams.rpki-client.org