Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/lUrqzAehbHJStZiScAi5hjYpBjY.roa
File: lUrqzAehbHJStZiScAi5hjYpBjY.roa (raw, json)
Hash identifier: POCfFc0Vnhkx79D0Yx9I2vKGnb1ZGDjo3LLd9Hruh/E=
Subject key identifier: 95:4A:EA:CC:07:A1:6C:72:52:B5:98:92:70:08:B9:86:36:29:06:36
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019172AE79A41B9E46EFBD313740FDACC316
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/lUrqzAehbHJStZiScAi5hjYpBjY.roa
Signing time: Wed 21 Aug 2024 02:05:22 +0000
ROA not before: Wed 21 Aug 2024 02:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.83.157.0/24 maxlen: 24
5.175.128.0/17 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
77.90.28.0/24 maxlen: 24
77.90.30.0/24 maxlen: 24
77.90.31.0/24 maxlen: 24
77.90.35.0/24 maxlen: 24
77.90.36.0/24 maxlen: 24
77.90.37.0/24 maxlen: 24
77.90.38.0/24 maxlen: 24
77.90.41.0/24 maxlen: 24
77.90.42.0/24 maxlen: 24
77.90.59.0/24 maxlen: 24
77.90.60.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.249.128.0/17 maxlen: 32
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Wed 21 Aug 2024 18:49:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:72:ae:79:a4:1b:9e:46:ef:bd:31:37:40:fd:ac:c3:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Aug 21 02:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=954aeacc07a16c7252b598927008b98636290636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bc:58:ea:12:9d:5a:ca:0a:cd:b9:38:d4:91:
84:84:fa:25:a8:95:e3:b1:11:22:1a:d6:e8:9f:0e:
96:eb:cc:81:02:92:e6:3a:a2:83:f3:22:25:61:e8:
58:b9:fe:ac:d0:7e:dd:28:14:1a:ce:dd:71:fd:09:
c7:c3:fd:a2:9b:1a:19:7f:ef:22:06:1c:57:62:94:
9c:17:cc:ed:1c:c4:a6:ce:0b:4c:7f:6b:ad:da:4f:
eb:46:73:17:49:ed:79:33:fb:e1:2d:64:11:c4:23:
3f:c4:dc:5d:17:d4:b4:98:51:50:c8:75:8c:d8:b2:
23:68:34:8a:73:71:c1:75:b4:fb:76:86:8f:7a:df:
7e:74:82:29:77:5a:42:91:f7:75:c7:4a:9c:f2:ce:
23:25:c3:9c:55:33:f1:e2:f0:d7:70:0a:8c:9e:95:
4a:d6:31:e4:94:97:82:b3:55:92:ed:8e:34:9c:50:
51:33:42:19:81:fe:c5:f3:f7:8e:01:4b:73:cc:25:
ac:51:c0:5c:95:c4:71:2d:b3:11:15:7f:71:0a:df:
d7:63:c3:e5:76:d5:f2:ac:48:c4:8b:05:62:e8:c6:
27:97:2e:73:20:15:63:39:7f:be:8d:fb:78:19:1c:
97:09:10:42:b9:d6:c3:9c:bd:72:13:14:20:84:78:
42:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:4A:EA:CC:07:A1:6C:72:52:B5:98:92:70:08:B9:86:36:29:06:36
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/lUrqzAehbHJStZiScAi5hjYpBjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/17
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
ad:68:df:3f:12:94:cf:08:e2:b2:1d:05:7a:11:65:97:45:08:
1f:5e:73:ff:1e:b6:10:e1:f1:15:93:59:c2:46:8c:ed:7a:fc:
cf:81:da:5a:cb:d6:a6:d1:b1:ee:4f:54:04:37:81:d5:3a:19:
6d:58:91:ed:4f:00:fe:ac:99:9e:2e:85:12:5e:cf:2e:5e:74:
53:ec:7f:62:71:c8:e7:22:36:5f:58:e4:26:f7:d2:f5:37:67:
f9:48:75:20:02:fa:ce:93:3c:d8:e9:c0:81:b5:de:f0:d7:d7:
ad:80:1d:6f:12:4c:97:b5:dd:5b:4a:c6:41:2a:4f:d6:4a:ca:
e5:4f:5c:b4:d6:d6:43:b5:f3:27:c7:f9:a4:41:21:d5:92:1c:
a3:35:c7:6e:93:90:73:bf:e1:0b:5c:18:e8:4f:9d:70:fb:d3:
73:e7:c1:b1:a9:03:97:33:e8:5e:9b:83:66:72:03:66:90:f5:
af:66:64:d5:53:c6:b7:22:cc:e4:79:66:79:1a:2a:91:9f:d8:
e4:72:86:e0:26:f9:38:0b:a6:81:cc:bb:12:a3:f4:66:46:1e:
44:84:3e:61:a2:33:13:ec:ad:d9:23:6a:1b:35:a1:71:b0:25:
9f:34:f1:7f:77:2e:93:02:25:e9:7c:50:e1:ba:0c:34:d0:77:
84:5a:0b:76
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZFyrnmkG55G770xN0D9rMMWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwODIxMDIwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTRhZWFjYzA3YTE2YzcyNTJiNTk4OTI3MDA4Yjk4NjM2MjkwNjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrxY6hKdWsoKzbk41JGEhPolqJXj
sREiGtbonw6W68yBApLmOqKD8yIlYehYuf6s0H7dKBQazt1x/QnHw/2imxoZf+8i
BhxXYpScF8ztHMSmzgtMf2ut2k/rRnMXSe15M/vhLWQRxCM/xNxdF9S0mFFQyHWM
2LIjaDSKc3HBdbT7doaPet9+dIIpd1pCkfd1x0qc8s4jJcOcVTPx4vDXcAqMnpVK
1jHklJeCs1WS7Y40nFBRM0IZgf7F8/eOAUtzzCWsUcBclcRxLbMRFX9xCt/XY8Pl
dtXyrEjEiwVi6MYnly5zIBVjOX++jft4GRyXCRBCudbDnL1yExQghHhC9wIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFJVK6swHoWxyUrWYknAIuYY2KQY2MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvbFVycXpBZWhiSEpTdFppU2NBaTVoallwQmpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTB9BAIAATB3AwQFBVOA
AwQHBa+AAwMBBeYDBAZNWgADBANT81ADBAVVXQADBANVdqADBANX74ADBAVZakAD
BAZZkAADBAReZ6ADBAde+YADBAJf1yADBASyEpADBAK5DZwDBAG5L4wDBAC5eUcD
BADBHPsDBAHDbg4DBATZRaAwMAQCAAIwKgMFAyoAEtgDBQMqABnQAwUAKgDNwAMF
AyoBvUADBQMqAgegAwUDKgIvwDANBgkqhkiG9w0BAQsFAAOCAQEArWjfPxKUzwji
sh0FehFll0UIH15z/x62EOHxFZNZwkaM7Xr8z4HaWsvWptGx7k9UBDeB1ToZbViR
7U8A/qyZni6FEl7PLl50U+x/YnHI5yI2X1jkJvfS9Tdn+Uh1IAL6zpM82OnAgbXe
8NfXrYAdbxJMl7XdW0rGQSpP1krK5U9ctNbWQ7XzJ8f5pEEh1ZIcozXHbpOQc7/h
C1wY6E+dcPvTc+fBsakDlzPoXpuDZnIDZpD1r2Zk1VPGtyLM5HlmeRoqkZ/Y5HKG
4Cb5OAumgcy7EqP0ZkYeRIQ+YaIzE+yt2SNqGzWhcbAlnzTxf3cukwIl6XxQ4boM
NNB3hFoLdg==
-----END CERTIFICATE-----
Generated at Wed Aug 21 22:37:05 2024 by rpki-client on console-fra.rpki-client.org