Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/lKhd-j3hDhcBQNu79KRd-FECg_E.roa
File: lKhd-j3hDhcBQNu79KRd-FECg_E.roa (raw, json)
Hash identifier: KZjYEaUrPe4gRnukGgEKfVGt4X36yCS93N/0R6+230o=
Subject key identifier: 94:A8:5D:FA:3D:E1:0E:17:01:40:DB:BB:F4:A4:5D:F8:51:02:83:F1
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0193B422D8E65BFDEBA3C3DE03125D6AE562
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/lKhd-j3hDhcBQNu79KRd-FECg_E.roa
Signing time: Wed 11 Dec 2024 05:13:22 +0000
ROA not before: Wed 11 Dec 2024 05:13:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.145.0/24 maxlen: 24
5.83.149.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.83.157.0/24 maxlen: 24
5.175.128.0/24 maxlen: 32
5.175.129.0/24 maxlen: 32
5.175.130.0/24 maxlen: 32
5.175.131.0/24 maxlen: 32
5.175.133.0/24 maxlen: 32
5.175.138.0/24 maxlen: 24
5.175.218.0/24 maxlen: 32
5.175.219.0/24 maxlen: 32
5.175.220.0/24 maxlen: 32
5.175.225.0/24 maxlen: 32
5.175.226.0/24 maxlen: 32
5.175.227.0/24 maxlen: 32
5.175.228.0/24 maxlen: 32
5.175.229.0/24 maxlen: 32
5.175.230.0/24 maxlen: 32
5.175.231.0/24 maxlen: 32
5.175.232.0/24 maxlen: 32
5.175.234.0/24 maxlen: 24
5.175.235.0/24 maxlen: 32
5.175.240.0/24 maxlen: 32
5.175.241.0/24 maxlen: 32
5.175.242.0/24 maxlen: 32
5.175.243.0/24 maxlen: 32
5.175.244.0/24 maxlen: 32
5.175.251.0/24 maxlen: 32
5.175.252.0/24 maxlen: 32
5.175.253.0/24 maxlen: 32
5.175.254.0/24 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.26.0/24 maxlen: 24
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
77.90.55.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
85.118.162.0/24 maxlen: 24
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.249.128.0/17 maxlen: 32
94.249.148.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Wed 11 Dec 2024 18:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b4:22:d8:e6:5b:fd:eb:a3:c3:de:03:12:5d:6a:e5:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Dec 11 05:13:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94a85dfa3de10e170140dbbbf4a45df8510283f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:bd:3f:34:15:5f:9e:34:b2:5b:b4:79:d3:2a:
f5:98:5c:d6:25:41:67:07:9d:bf:59:53:27:2e:58:
3a:d3:a4:61:cb:82:4f:99:71:25:8d:90:b0:2f:e7:
61:11:82:b3:d7:d6:25:69:f8:bb:d8:10:0e:25:4e:
50:55:e8:68:03:4b:8e:03:e5:60:ee:7a:b8:c6:77:
27:90:f4:f2:eb:ce:80:cf:ee:40:dd:15:5d:37:5a:
a7:db:af:c7:e3:ba:13:f3:62:80:cb:c9:b6:87:ee:
30:b2:8d:10:f8:03:d6:57:d2:ec:00:ec:0d:94:f2:
2e:ab:c8:15:fb:ed:c0:ce:29:c7:ee:99:80:ba:bd:
17:03:72:df:40:70:85:e9:de:3f:a8:88:77:38:fa:
b3:3b:1e:c5:41:02:03:71:63:90:e0:22:55:17:26:
16:86:50:7c:a9:f2:f2:d7:b9:ed:f4:94:c2:e0:7b:
eb:93:6d:c3:e1:d1:ce:6d:11:7d:94:c7:55:7c:64:
1f:23:42:48:dd:2a:8f:98:ba:db:dc:fe:87:ac:f5:
dc:ff:3d:d8:67:b8:1f:40:6f:ce:96:90:52:9a:95:
e2:23:61:92:c5:1c:f8:34:30:ca:af:64:46:0d:ed:
f7:77:60:aa:40:83:c7:c9:ae:ea:37:ac:b8:6b:6b:
6d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:A8:5D:FA:3D:E1:0E:17:01:40:DB:BB:F4:A4:5D:F8:51:02:83:F1
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/lKhd-j3hDhcBQNu79KRd-FECg_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/22
5.175.133.0/24
5.175.138.0/24
5.175.218.0-5.175.220.255
5.175.225.0-5.175.232.255
5.175.234.0/23
5.175.240.0-5.175.244.255
5.175.251.0-5.175.255.255
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
5c:18:15:78:c5:09:88:cc:c4:88:15:67:ab:fc:44:46:57:05:
d0:92:b9:54:6e:d5:5e:ee:c5:24:15:e0:53:9a:ae:f3:5f:36:
80:aa:d4:39:22:9f:92:08:86:58:53:af:68:0c:aa:fa:49:54:
51:fc:9b:99:f1:1c:52:4c:4e:7a:28:98:6b:5c:c5:2c:90:50:
6d:3b:77:0e:d7:04:b1:e3:e4:56:45:1e:36:1c:dc:1d:b1:ee:
9f:1f:74:1d:80:5b:d3:0c:78:b6:cd:54:c7:f4:e8:57:95:14:
51:89:e2:a8:ae:3f:78:9d:b0:bf:d3:b7:38:a1:fb:11:ca:0f:
8c:e8:2c:94:39:cf:b3:20:59:b5:81:f5:4f:2e:45:4a:ec:b9:
1b:ca:fe:97:02:ed:10:b1:24:bc:e9:f0:a5:21:04:18:97:f4:
30:11:a8:66:71:a0:05:50:ba:1b:60:a0:a8:22:04:e3:76:a0:
83:03:1f:32:8b:9a:40:ae:ce:c5:c6:9c:1d:ea:cf:3c:e4:c3:
3f:54:07:ff:5b:a7:c4:02:0a:25:92:92:41:32:e3:2f:c2:e6:
27:42:0e:b0:33:e0:39:1b:fa:f0:86:8f:1f:ba:8e:81:2f:f1:
64:92:91:72:9c:a3:1b:3b:7c:8a:51:c5:66:bb:8d:34:e2:de:
aa:27:09:35
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgISAZO0ItjmW/3ro8PeAxJdauViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMjExMDUxMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGE4NWRmYTNkZTEwZTE3MDE0MGRiYmJmNGE0NWRmODUxMDI4M2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4L0/NBVfnjSyW7R50yr1mFzWJUFn
B52/WVMnLlg606Rhy4JPmXEljZCwL+dhEYKz19Ylafi72BAOJU5QVehoA0uOA+Vg
7nq4xncnkPTy686Az+5A3RVdN1qn26/H47oT82KAy8m2h+4wso0Q+APWV9LsAOwN
lPIuq8gV++3AzinH7pmAur0XA3LfQHCF6d4/qIh3OPqzOx7FQQIDcWOQ4CJVFyYW
hlB8qfLy17nt9JTC4Hvrk23D4dHObRF9lMdVfGQfI0JI3SqPmLrb3P6HrPXc/z3Y
Z7gfQG/OlpBSmpXiI2GSxRz4NDDKr2RGDe33d2CqQIPHya7qN6y4a2tt+wIDAQAB
o4IC+zCCAvcwHQYDVR0OBBYEFJSoXfo94Q4XAUDbu/SkXfhRAoPxMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvbEtoZC1qM2hEaGNCUU51NzlLUmQtRkVDZ19FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDwYIKwYBBQUHAQcBAf8Egf8wgfwwgccEAgABMIHAAwQF
BVOAAwQCBa+AAwQABa+FAwQABa+KMAwDBAEFr9oDBAAFr9wwDAMEAAWv4QMEAAWv
6AMEAQWv6jAMAwQEBa/wAwQABa/0MAsDBAAFr/sDAwQFoAMDAQXmAwQGTVoAAwQD
U/NQAwQFVV0AAwQDVXagAwQDV++AAwQFWWpAAwQGWZAAAwQEXmegAwQHXvmAAwQC
X9cgAwQEshKQAwQCuQ2cAwQBuS+MAwQAuXlHAwQAwRz7AwQBw24OAwQE2UWgMDAE
AgACMCoDBQMqABLYAwUDKgAZ0AMFACoAzcADBQMqAb1AAwUDKgIHoAMFAyoCL8Aw
DQYJKoZIhvcNAQELBQADggEBAFwYFXjFCYjMxIgVZ6v8REZXBdCSuVRu1V7uxSQV
4FOarvNfNoCq1Dkin5IIhlhTr2gMqvpJVFH8m5nxHFJMTnoomGtcxSyQUG07dw7X
BLHj5FZFHjYc3B2x7p8fdB2AW9MMeLbNVMf06FeVFFGJ4qiuP3idsL/Ttzih+xHK
D4zoLJQ5z7MgWbWB9U8uRUrsuRvK/pcC7RCxJLzp8KUhBBiX9DARqGZxoAVQuhtg
oKgiBON2oIMDHzKLmkCuzsXGnB3qzzzkwz9UB/9bp8QCCiWSkkEy4y/C5idCDrAz
4Dkb+vCGjx+6joEv8WSSkXKcoxs7fIpRxWa7jTTi3qonCTU=
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:20:26 2025 by rpki-client