Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/xgefE87vWYk7KnpXH7ntzJFsyMI.roa
File: xgefE87vWYk7KnpXH7ntzJFsyMI.roa (raw, json)
Hash identifier: 76n7fsDE5OUBk9yy4aK6xciae+7U3DXQgvv58sRJMFI=
Subject key identifier: C6:07:9F:13:CE:EF:59:89:3B:2A:7A:57:1F:B9:ED:CC:91:6C:C8:C2
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0192BFF4622B424D20EA20A0C1544B69AE0D
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/xgefE87vWYk7KnpXH7ntzJFsyMI.roa
Signing time: Thu 24 Oct 2024 19:15:17 +0000
ROA not before: Thu 24 Oct 2024 19:15:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.129.0/24 maxlen: 24
5.83.134.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.175.128.0/17 maxlen: 32
5.175.135.0/24 maxlen: 24
5.175.136.0/24 maxlen: 24
5.175.139.0/24 maxlen: 24
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.25.0/24 maxlen: 24
5.231.26.0/24 maxlen: 24
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
77.90.45.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.249.128.0/17 maxlen: 32
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Fri 25 Oct 2024 11:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bf:f4:62:2b:42:4d:20:ea:20:a0:c1:54:4b:69:ae:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Oct 24 19:15:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6079f13ceef59893b2a7a571fb9edcc916cc8c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:95:74:9e:71:5d:5d:74:b8:1d:c6:8f:db:7a:
f6:24:81:04:db:26:16:dd:f9:5c:4b:7c:0c:93:51:
af:6f:2d:8d:3c:2b:99:34:bb:ad:66:c4:70:ae:f8:
b5:74:84:fc:4f:c2:58:35:d1:94:d0:88:4b:a3:5e:
10:df:3c:27:dd:12:16:ae:29:05:27:d7:74:a2:53:
d5:fc:ca:dc:70:52:1b:28:31:a9:41:37:c6:ee:e4:
eb:45:fd:71:88:ab:88:2d:18:3d:d7:8f:06:87:e1:
90:73:a4:5e:10:42:8c:b3:cf:d9:4d:80:3c:e7:b7:
2e:9b:dd:60:2e:33:53:91:b5:5b:c6:51:b6:2d:31:
77:a2:46:cd:b6:7d:15:f1:65:1d:0d:72:9e:aa:13:
2a:fe:3c:aa:45:7d:a5:2c:85:a3:2c:6d:18:87:28:
57:ec:26:a3:bb:44:95:fc:97:c6:35:b8:c5:62:bd:
f4:28:fd:52:24:76:16:9f:27:88:4d:aa:0d:18:e7:
1b:19:bd:ec:8c:47:a3:c5:96:c2:57:cf:8e:13:11:
80:a3:e9:6d:13:0c:27:e7:3b:e9:cf:77:39:cb:23:
ce:88:f1:52:27:75:94:df:dc:7a:39:5f:5c:8b:15:
63:0c:5a:e9:d0:36:70:5c:01:14:d7:11:a3:e2:48:
3e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:07:9F:13:CE:EF:59:89:3B:2A:7A:57:1F:B9:ED:CC:91:6C:C8:C2
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/xgefE87vWYk7KnpXH7ntzJFsyMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/17
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
c1:ee:15:34:1c:ca:ec:d0:22:b6:18:01:69:85:48:9e:cc:80:
21:9d:b1:18:92:72:0f:c3:f8:22:86:f2:b4:29:fa:9b:10:4f:
1e:5c:fb:75:9b:cb:0a:24:c9:6e:3d:9a:23:18:53:ad:43:6d:
fd:51:d0:84:70:45:32:4a:8d:f2:c3:2a:e3:18:29:5a:85:39:
a5:dc:29:36:ad:6c:39:b6:42:c0:22:90:3c:3b:a0:23:40:b1:
5c:37:32:06:bd:90:45:88:8a:2a:6d:f6:82:14:0e:1e:37:cf:
36:4d:c4:55:45:ec:bc:fa:68:db:00:54:cc:2e:e2:1e:9e:4d:
9a:e4:28:14:a3:cb:14:bc:9b:44:19:1c:97:c0:9e:38:f4:3f:
df:61:1a:36:69:fe:4e:12:06:e1:3c:e5:16:77:d8:21:ff:ef:
e6:38:84:bb:c9:1c:98:79:fe:e1:50:f4:08:ea:90:8e:dd:e3:
29:07:29:dd:82:e2:a2:d1:08:eb:df:88:20:6c:6d:3b:96:4c:
d7:84:9e:ea:b2:6b:03:03:ae:a7:64:64:3f:83:66:2d:2d:1f:
6a:ff:69:3b:0a:0b:d7:55:b5:29:e6:59:d5:be:fe:11:2b:31:
b0:c7:08:0f:8d:16:3c:5e:08:9f:a4:31:23:a5:f5:a0:79:32:
8b:c9:b5:43
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZK/9GIrQk0g6iCgwVRLaa4NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMDI0MTkxNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjA3OWYxM2NlZWY1OTg5M2IyYTdhNTcxZmI5ZWRjYzkxNmNjOGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZV0nnFdXXS4HcaP23r2JIEE2yYW
3flcS3wMk1Gvby2NPCuZNLutZsRwrvi1dIT8T8JYNdGU0IhLo14Q3zwn3RIWrikF
J9d0olPV/MrccFIbKDGpQTfG7uTrRf1xiKuILRg9148Gh+GQc6ReEEKMs8/ZTYA8
57cum91gLjNTkbVbxlG2LTF3okbNtn0V8WUdDXKeqhMq/jyqRX2lLIWjLG0YhyhX
7Caju0SV/JfGNbjFYr30KP1SJHYWnyeITaoNGOcbGb3sjEejxZbCV8+OExGAo+lt
Ewwn5zvpz3c5yyPOiPFSJ3WU39x6OV9cixVjDFrp0DZwXAEU1xGj4kg+nQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFMYHnxPO71mJOyp6Vx+57cyRbMjCMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEveGdlZkU4N3ZXWWs3S25wWEg3bnR6SkZzeU1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTB9BAIAATB3AwQFBVOA
AwQHBa+AAwMBBeYDBAZNWgADBANT81ADBAVVXQADBANVdqADBANX74ADBAVZakAD
BAZZkAADBAReZ6ADBAde+YADBAJf1yADBASyEpADBAK5DZwDBAG5L4wDBAC5eUcD
BADBHPsDBAHDbg4DBATZRaAwMAQCAAIwKgMFAyoAEtgDBQMqABnQAwUAKgDNwAMF
AyoBvUADBQMqAgegAwUDKgIvwDANBgkqhkiG9w0BAQsFAAOCAQEAwe4VNBzK7NAi
thgBaYVInsyAIZ2xGJJyD8P4IobytCn6mxBPHlz7dZvLCiTJbj2aIxhTrUNt/VHQ
hHBFMkqN8sMq4xgpWoU5pdwpNq1sObZCwCKQPDugI0CxXDcyBr2QRYiKKm32ghQO
HjfPNk3EVUXsvPpo2wBUzC7iHp5NmuQoFKPLFLybRBkcl8CeOPQ/32EaNmn+ThIG
4TzlFnfYIf/v5jiEu8kcmHn+4VD0COqQjt3jKQcp3YLiotEI69+IIGxtO5ZM14Se
6rJrAwOup2RkP4NmLS0fav9pOwoL11W1KeZZ1b7+ESsxsMcID40WPF4In6QxI6X1
oHkyi8m1Qw==
-----END CERTIFICATE-----
Generated at Fri Oct 25 15:00:20 2024 by rpki-client on console-ams.rpki-client.org