Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/hxUFeh4qXebRzmbaLt97H5iqstk.roa
File: hxUFeh4qXebRzmbaLt97H5iqstk.roa (raw, json)
Hash identifier: Ldq4YwNRrAnC4K91pxXEsJeOLYj+WQ/L1AK8N3hz6UM=
Subject key identifier: 87:15:05:7A:1E:2A:5D:E6:D1:CE:66:DA:2E:DF:7B:1F:98:AA:B2:D9
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 018D10AF9C63C06EE7FDF133D935D3F75C42
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/hxUFeh4qXebRzmbaLt97H5iqstk.roa
Signing time: Tue 16 Jan 2024 05:12:40 +0000
ROA not before: Tue 16 Jan 2024 05:12:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.151.0/24 maxlen: 32
5.231.233.0/24 maxlen: 32
95.215.32.0/22 maxlen: 32
89.144.0.0/18 maxlen: 32
5.175.255.0/24 maxlen: 32
94.103.160.0/20 maxlen: 32
5.230.11.0/24 maxlen: 32
5.83.128.0/20 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.102.0/24 maxlen: 32
94.249.128.0/17 maxlen: 32
87.239.128.0/21 maxlen: 32
5.175.128.0/17 maxlen: 32
193.28.251.0/24 maxlen: 32
85.93.0.0/19 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
5.230.224.0/24 maxlen: 32
89.106.64.0/19 maxlen: 32
77.90.0.0/18 maxlen: 32
77.90.11.0/24 maxlen: 24
77.90.10.0/24 maxlen: 24
77.90.14.0/24 maxlen: 24
77.90.15.0/24 maxlen: 24
77.90.13.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
77.90.12.0/24 maxlen: 24
85.93.20.0/24 maxlen: 32
217.69.160.0/20 maxlen: 32
195.110.14.0/23 maxlen: 32
2a02:7a0::/29 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a00:12d8::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Tue 16 Jan 2024 08:44:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:10:af:9c:63:c0:6e:e7:fd:f1:33:d9:35:d3:f7:5c:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jan 16 05:12:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8715057a1e2a5de6d1ce66da2edf7b1f98aab2d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d2:d1:f9:1c:0b:ad:4f:6c:fc:5e:4f:f0:2e:
a5:ab:06:5b:36:3a:21:3f:58:e9:10:b2:0b:f3:6b:
d2:e9:1a:c6:5c:04:71:29:c6:75:5e:9c:ba:ba:60:
ed:5a:89:40:21:08:60:65:80:a6:50:88:b7:6a:df:
d5:4e:cd:61:f6:cb:cc:9a:12:77:0e:16:9c:01:c6:
cb:4c:f1:17:3a:c4:fc:9a:07:ab:d5:3a:41:c0:59:
9e:cb:79:78:ee:5c:ba:50:dc:27:ac:22:5b:71:ec:
d6:1c:34:4f:9a:d7:c0:7a:fd:92:2c:f6:f2:f7:1f:
43:b3:70:f5:75:16:a0:7f:27:6d:af:b1:b0:f9:53:
b3:fd:7e:50:2f:93:47:ab:1d:12:39:b5:98:24:56:
66:15:e6:b8:fd:37:be:30:74:90:92:fc:af:5d:e0:
a5:6c:ad:74:00:9a:bf:e9:16:66:a1:c6:2e:de:7f:
db:bb:55:22:a8:52:12:c8:29:65:14:08:64:85:36:
d2:0e:2d:ca:0d:11:b8:44:f8:76:8a:41:a9:c4:5a:
f2:5f:f0:78:26:7c:a3:3e:1e:f8:ae:88:77:69:c6:
a7:ad:d6:00:d2:ff:c8:ba:19:cc:ee:fa:c1:8c:18:
e2:eb:72:e1:a0:bb:f3:97:e7:70:94:79:9b:12:a3:
f1:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:15:05:7A:1E:2A:5D:E6:D1:CE:66:DA:2E:DF:7B:1F:98:AA:B2:D9
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/hxUFeh4qXebRzmbaLt97H5iqstk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/20
5.83.151.0/24
5.175.128.0/17
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
11:cd:82:f5:83:77:86:e8:0a:e5:ee:03:e8:30:71:c0:c1:de:
4e:64:ef:9b:bb:d6:99:aa:7e:a2:50:5b:99:33:37:68:6f:3b:
9d:45:fd:fa:93:73:54:b9:4b:52:e7:ca:6b:ea:e8:72:6b:b4:
4d:14:73:95:df:ee:79:57:3a:c9:ae:c8:dc:bb:22:4b:55:e3:
9d:fa:ab:26:62:5a:95:be:aa:da:6c:70:a0:54:01:5c:ae:28:
60:c7:da:6b:77:f0:4f:98:4e:e7:f0:d0:6c:f4:8b:42:22:a8:
f7:b4:40:25:b5:78:d1:dc:3c:ec:26:45:fd:17:0d:be:34:0c:
8b:86:82:43:90:50:13:55:56:1e:66:b8:dc:93:49:85:17:5c:
27:d1:36:2a:c7:05:c7:02:e0:09:b1:5d:a3:c8:2a:39:7e:f2:
af:79:a8:64:8a:58:53:80:d4:b8:39:74:80:87:29:b9:f6:70:
b0:ec:20:82:77:8d:9a:16:91:f3:5a:08:ee:95:ea:f3:a8:ee:
92:4d:31:2e:48:3a:e4:92:4f:73:01:db:5d:b1:6a:b0:8a:e3:
48:09:16:a1:d7:85:b3:d1:b0:b1:2d:69:27:06:62:da:03:95:
b3:ac:82:ec:6e:e1:66:46:3e:a4:f5:e2:a4:a4:f3:9a:4b:a5:
7a:22:92:b9
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAY0Qr5xjwG7n/fEz2TXT91xCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwMTE2MDUxMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzE1MDU3YTFlMmE1ZGU2ZDFjZTY2ZGEyZWRmN2IxZjk4YWFiMmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdLR+RwLrU9s/F5P8C6lqwZbNjoh
P1jpELIL82vS6RrGXARxKcZ1Xpy6umDtWolAIQhgZYCmUIi3at/VTs1h9svMmhJ3
DhacAcbLTPEXOsT8mger1TpBwFmey3l47ly6UNwnrCJbcezWHDRPmtfAev2SLPby
9x9Ds3D1dRagfydtr7Gw+VOz/X5QL5NHqx0SObWYJFZmFea4/Te+MHSQkvyvXeCl
bK10AJq/6RZmocYu3n/bu1UiqFISyCllFAhkhTbSDi3KDRG4RPh2ikGpxFryX/B4
JnyjPh74roh3acanrdYA0v/IuhnM7vrBjBji63LhoLvzl+dwlHmbEqPxRQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFIcVBXoeKl3m0c5m2i7fex+YqrLZMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvaHhVRmVoNHFYZWJSem1iYUx0OTdINWlxc3RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTB9BAIAATB3AwQEBVOA
AwQABVOXAwQHBa+AAwMBBeYDBAZNWgADBANT81ADBAVVXQADBANX74ADBAVZakAD
BAZZkAADBAReZ6ADBAde+YADBAJf1yADBASyEpADBAK5DZwDBAG5L4wDBAC5eUcD
BADBHPsDBAHDbg4DBATZRaAwMAQCAAIwKgMFAyoAEtgDBQMqABnQAwUAKgDNwAMF
AyoBvUADBQMqAgegAwUDKgIvwDANBgkqhkiG9w0BAQsFAAOCAQEAEc2C9YN3hugK
5e4D6DBxwMHeTmTvm7vWmap+olBbmTM3aG87nUX9+pNzVLlLUufKa+rocmu0TRRz
ld/ueVc6ya7I3LsiS1XjnfqrJmJalb6q2mxwoFQBXK4oYMfaa3fwT5hO5/DQbPSL
QiKo97RAJbV40dw87CZF/RcNvjQMi4aCQ5BQE1VWHma43JNJhRdcJ9E2KscFxwLg
CbFdo8gqOX7yr3moZIpYU4DUuDl0gIcpufZwsOwggneNmhaR81oI7pXq86jukk0x
Lkg65JJPcwHbXbFqsIrjSAkWodeFs9GwsS1pJwZi2gOVs6yC7G7hZkY+pPXipKTz
mkuleiKSuQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:54 2024 by rpki-client on console-ams.rpki-client.org