Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/r3HGpceva2u5RFsZeaJ7S0xErbc.roa
File: r3HGpceva2u5RFsZeaJ7S0xErbc.roa (raw, json)
Hash identifier: /olqMwJxHloA02WLV8I6hfV0GfOQUaEDtiXTf2tcVVg=
Subject key identifier: AF:71:C6:A5:C7:AF:6B:6B:B9:44:5B:19:79:A2:7B:4B:4C:44:AD:B7
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01937235D263378259B506D2B5197A21DCC0
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/r3HGpceva2u5RFsZeaJ7S0xErbc.roa
Signing time: Thu 28 Nov 2024 09:59:10 +0000
ROA not before: Thu 28 Nov 2024 09:59:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.138.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.154.0/24 maxlen: 24
5.83.156.0/24 maxlen: 24
5.83.157.0/24 maxlen: 24
5.175.128.0/24 maxlen: 32
5.175.129.0/24 maxlen: 32
5.175.130.0/24 maxlen: 32
5.175.131.0/24 maxlen: 32
5.175.133.0/24 maxlen: 32
5.175.218.0/24 maxlen: 32
5.175.219.0/24 maxlen: 32
5.175.220.0/24 maxlen: 32
5.175.225.0/24 maxlen: 32
5.175.226.0/24 maxlen: 32
5.175.227.0/24 maxlen: 32
5.175.228.0/24 maxlen: 32
5.175.229.0/24 maxlen: 32
5.175.230.0/24 maxlen: 32
5.175.231.0/24 maxlen: 32
5.175.232.0/24 maxlen: 32
5.175.235.0/24 maxlen: 32
5.175.240.0/24 maxlen: 32
5.175.241.0/24 maxlen: 32
5.175.242.0/24 maxlen: 32
5.175.243.0/24 maxlen: 32
5.175.244.0/24 maxlen: 32
5.175.251.0/24 maxlen: 32
5.175.252.0/24 maxlen: 32
5.175.253.0/24 maxlen: 32
5.175.254.0/24 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
77.90.29.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.249.128.0/17 maxlen: 32
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Fri 29 Nov 2024 05:17:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:72:35:d2:63:37:82:59:b5:06:d2:b5:19:7a:21:dc:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Nov 28 09:59:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af71c6a5c7af6b6bb9445b1979a27b4b4c44adb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:63:3c:c9:ec:8f:1e:dd:f8:58:8c:cf:1f:57:
d0:f5:1f:96:0d:a0:1a:f0:cc:59:8f:08:a7:83:ed:
27:38:ce:8a:60:12:54:19:7e:7f:aa:43:08:01:4a:
64:e5:8a:eb:8c:ce:88:59:eb:0d:db:4b:6f:72:27:
2c:f3:14:1f:fe:f7:2c:bf:85:9e:87:72:d4:f2:71:
12:24:3c:79:30:1c:e5:e5:00:20:24:eb:18:28:2f:
0e:01:27:b1:5b:8d:6c:1f:8f:ae:35:1b:4b:1e:00:
60:53:b0:a4:19:54:ba:47:02:e4:60:13:98:52:99:
be:8c:e9:43:25:32:21:c2:06:40:d0:14:bf:10:89:
39:99:42:07:03:90:2b:ff:16:1a:bb:d6:2d:de:f3:
28:df:3d:4f:a6:4a:51:da:fc:50:96:10:37:dd:11:
7a:be:02:f7:8d:56:cc:36:fe:08:b6:1a:ed:81:29:
76:69:c4:39:75:73:8d:1e:a0:ee:d7:64:b2:47:46:
69:c7:55:76:6c:1f:c2:e4:d8:60:00:e3:23:d5:91:
7f:42:3d:c8:28:a9:74:ba:99:4c:4d:f8:f7:6e:d5:
83:0f:9e:70:15:71:bd:d2:10:4d:d3:8c:42:37:3f:
56:6b:e6:39:66:8d:02:65:b6:cc:7f:0e:6d:41:6c:
6a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:71:C6:A5:C7:AF:6B:6B:B9:44:5B:19:79:A2:7B:4B:4C:44:AD:B7
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/r3HGpceva2u5RFsZeaJ7S0xErbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/22
5.175.133.0/24
5.175.218.0-5.175.220.255
5.175.225.0-5.175.232.255
5.175.235.0/24
5.175.240.0-5.175.244.255
5.175.251.0-5.175.255.255
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
9e:f1:d9:59:21:70:4c:9e:ab:00:c1:fe:d8:ee:0a:26:86:ed:
dd:99:d9:f8:0d:51:c9:cb:71:d3:da:a4:85:a9:cb:72:01:4a:
4a:9e:21:aa:2a:79:db:79:53:63:41:f0:ad:c1:0e:51:b6:63:
cf:6b:0e:85:e4:09:5c:fa:35:55:49:80:b2:8b:0d:36:2b:41:
01:0f:8c:40:79:7c:ba:c6:27:b6:5b:ed:f7:65:ac:97:9e:fa:
35:9b:38:51:2c:2d:19:ce:65:a3:20:9f:05:42:55:7c:13:ed:
43:e1:bc:03:ea:60:3e:90:e6:90:16:13:29:91:db:f9:10:b1:
2c:89:4d:3f:50:ff:97:b5:7f:ae:43:68:fc:be:85:cc:e4:4a:
77:47:7f:1a:a2:e8:f5:21:1f:52:c2:2b:7b:ff:9e:44:4b:dc:
01:a9:11:3b:97:2d:1d:b9:53:a8:4b:e5:02:2f:5c:b7:d3:79:
36:48:3f:9c:58:33:16:c0:69:5a:f0:be:74:c5:e2:b2:fc:45:
d5:95:6f:3f:aa:82:05:3a:f0:fa:94:57:0f:89:a5:5e:5b:81:
31:73:cf:bc:1b:44:29:30:2f:13:60:3d:84:b0:21:5a:1c:37:
d3:58:09:4a:21:41:0d:4a:d0:36:77:ce:8f:cd:5e:ac:8b:e0:
12:b2:06:10
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAZNyNdJjN4JZtQbStRl6IdzAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMTI4MDk1OTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjcxYzZhNWM3YWY2YjZiYjk0NDViMTk3OWEyN2I0YjRjNDRhZGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1GM8yeyPHt34WIzPH1fQ9R+WDaAa
8MxZjwing+0nOM6KYBJUGX5/qkMIAUpk5YrrjM6IWesN20tvcics8xQf/vcsv4We
h3LU8nESJDx5MBzl5QAgJOsYKC8OASexW41sH4+uNRtLHgBgU7CkGVS6RwLkYBOY
Upm+jOlDJTIhwgZA0BS/EIk5mUIHA5Ar/xYau9Yt3vMo3z1PpkpR2vxQlhA33RF6
vgL3jVbMNv4IthrtgSl2acQ5dXONHqDu12SyR0Zpx1V2bB/C5NhgAOMj1ZF/Qj3I
KKl0uplMTfj3btWDD55wFXG90hBN04xCNz9Wa+Y5Zo0CZbbMfw5tQWxqtwIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFK9xxqXHr2truURbGXmie0tMRK23MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvcjNIR3BjZXZhMnU1UkZzWmVhSjdTMHhFcmJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgcEEAgABMIG6AwQF
BVOAAwQCBa+AAwQABa+FMAwDBAEFr9oDBAAFr9wwDAMEAAWv4QMEAAWv6AMEAAWv
6zAMAwQEBa/wAwQABa/0MAsDBAAFr/sDAwQFoAMDAQXmAwQGTVoAAwQDU/NQAwQF
VV0AAwQDVXagAwQDV++AAwQFWWpAAwQGWZAAAwQEXmegAwQHXvmAAwQCX9cgAwQE
shKQAwQCuQ2cAwQBuS+MAwQAuXlHAwQAwRz7AwQBw24OAwQE2UWgMDAEAgACMCoD
BQMqABLYAwUDKgAZ0AMFACoAzcADBQMqAb1AAwUDKgIHoAMFAyoCL8AwDQYJKoZI
hvcNAQELBQADggEBAJ7x2VkhcEyeqwDB/tjuCiaG7d2Z2fgNUcnLcdPapIWpy3IB
SkqeIaoqedt5U2NB8K3BDlG2Y89rDoXkCVz6NVVJgLKLDTYrQQEPjEB5fLrGJ7Zb
7fdlrJee+jWbOFEsLRnOZaMgnwVCVXwT7UPhvAPqYD6Q5pAWEymR2/kQsSyJTT9Q
/5e1f65DaPy+hczkSndHfxqi6PUhH1LCK3v/nkRL3AGpETuXLR25U6hL5QIvXLfT
eTZIP5xYMxbAaVrwvnTF4rL8RdWVbz+qggU68PqUVw+JpV5bgTFzz7wbRCkwLxNg
PYSwIVocN9NYCUohQQ1K0DZ3zo/NXqyL4BKyBhA=
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:30:31 2025 by rpki-client