Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/CcjeX6rmO-TD50PlD_mFDuy7FrE.roa
File: CcjeX6rmO-TD50PlD_mFDuy7FrE.roa (raw, json)
Hash identifier: qVyeK3riEL+MH1r4+mTG5h909kPZ/dqXcofRzzGKIf8=
Subject key identifier: 09:C8:DE:5F:AA:E6:3B:E4:C3:E7:43:E5:0F:F9:85:0E:EC:BB:16:B1
Certificate issuer: /CN=7028ec9ccd6d861f5f1afdad0046f33c9103ba06
Certificate serial: 018A4659CB338DCD7B1F6A2D821BC09FAD3C
Authority key identifier: 70:28:EC:9C:CD:6D:86:1F:5F:1A:FD:AD:00:46:F3:3C:91:03:BA:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cCjsnM1thh9fGv2tAEbzPJEDugY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/CcjeX6rmO-TD50PlD_mFDuy7FrE.roa
Signing time: Wed 30 Aug 2023 12:10:04 +0000
ROA not before: Wed 30 Aug 2023 12:10:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31721
IP address blocks: 5.191.104.0/24 maxlen: 24
5.191.105.0/24 maxlen: 24
5.191.102.0/24 maxlen: 24
5.191.103.0/24 maxlen: 24
5.191.101.0/24 maxlen: 24
5.191.100.0/24 maxlen: 24
5.191.109.0/24 maxlen: 24
5.191.110.0/24 maxlen: 24
5.191.108.0/24 maxlen: 24
5.191.106.0/24 maxlen: 24
5.191.107.0/24 maxlen: 24
5.191.111.0/24 maxlen: 24
5.191.112.0/24 maxlen: 24
5.191.118.0/24 maxlen: 24
5.191.116.0/24 maxlen: 24
5.191.117.0/24 maxlen: 24
5.191.115.0/24 maxlen: 24
5.191.113.0/24 maxlen: 24
5.191.114.0/24 maxlen: 24
5.191.125.0/24 maxlen: 24
5.191.123.0/24 maxlen: 24
5.191.124.0/24 maxlen: 24
5.191.122.0/24 maxlen: 24
5.191.120.0/24 maxlen: 24
5.191.121.0/24 maxlen: 24
5.191.119.0/24 maxlen: 24
5.191.132.0/24 maxlen: 24
5.191.130.0/24 maxlen: 24
5.191.131.0/24 maxlen: 24
5.191.129.0/24 maxlen: 24
5.191.127.0/24 maxlen: 24
5.191.128.0/24 maxlen: 24
5.191.126.0/24 maxlen: 24
5.191.137.0/24 maxlen: 24
5.191.138.0/24 maxlen: 24
5.191.136.0/24 maxlen: 24
5.191.134.0/24 maxlen: 24
5.191.135.0/24 maxlen: 24
5.191.133.0/24 maxlen: 24
5.191.139.0/24 maxlen: 24
5.191.142.0/24 maxlen: 24
5.191.141.0/24 maxlen: 24
5.191.140.0/24 maxlen: 24
5.191.44.0/24 maxlen: 24
5.191.50.0/24 maxlen: 24
5.191.51.0/24 maxlen: 24
5.191.49.0/24 maxlen: 24
5.191.47.0/24 maxlen: 24
5.191.48.0/24 maxlen: 24
5.191.45.0/24 maxlen: 24
5.191.46.0/24 maxlen: 24
5.191.54.0/24 maxlen: 24
5.191.55.0/24 maxlen: 24
5.191.52.0/24 maxlen: 24
5.191.53.0/24 maxlen: 24
5.191.57.0/24 maxlen: 24
5.191.58.0/24 maxlen: 24
5.191.56.0/24 maxlen: 24
5.191.64.0/24 maxlen: 24
5.191.62.0/24 maxlen: 24
5.191.63.0/24 maxlen: 24
5.191.61.0/24 maxlen: 24
5.191.59.0/24 maxlen: 24
5.191.60.0/24 maxlen: 24
5.191.69.0/24 maxlen: 24
5.191.68.0/24 maxlen: 24
5.191.66.0/24 maxlen: 24
5.191.67.0/24 maxlen: 24
5.191.65.0/24 maxlen: 24
5.191.90.0/24 maxlen: 24
5.191.3.0/24 maxlen: 24
5.191.17.0/24 maxlen: 24
5.191.16.0/24 maxlen: 24
5.191.15.0/24 maxlen: 24
5.191.24.0/24 maxlen: 24
5.191.22.0/24 maxlen: 24
5.191.19.0/24 maxlen: 24
5.191.18.0/24 maxlen: 24
5.191.26.0/24 maxlen: 24
5.191.27.0/24 maxlen: 24
5.191.25.0/24 maxlen: 24
5.191.31.0/24 maxlen: 24
5.191.29.0/24 maxlen: 24
5.191.30.0/24 maxlen: 24
5.191.28.0/24 maxlen: 24
5.191.33.0/24 maxlen: 24
5.191.34.0/24 maxlen: 24
5.191.32.0/24 maxlen: 24
217.168.176.0/20 maxlen: 20
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:46:59:cb:33:8d:cd:7b:1f:6a:2d:82:1b:c0:9f:ad:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7028ec9ccd6d861f5f1afdad0046f33c9103ba06
Validity
Not Before: Aug 30 12:10:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09c8de5faae63be4c3e743e50ff9850eecbb16b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:52:8e:0a:fe:5d:92:54:88:70:dc:3e:bb:ae:
cc:16:56:79:a0:24:e4:78:ed:0c:e8:f6:65:ed:dc:
36:68:84:7e:46:9f:95:8c:20:8e:dd:a1:36:6c:df:
f6:77:94:15:f2:e3:5f:98:96:1a:34:78:05:c8:6a:
07:3e:15:fa:28:53:35:69:17:06:ea:4a:d1:ed:bd:
4d:01:6d:43:a5:26:02:ad:d0:a7:e0:65:32:9b:67:
e0:fd:76:9c:e3:91:30:0c:e0:8d:31:b4:68:cb:ed:
94:30:8f:d1:76:d6:9f:a5:d6:5b:4b:8b:f0:04:c7:
35:63:7f:01:e0:79:28:48:a9:44:f2:21:e8:ed:e1:
20:f7:8d:fa:b0:ec:a3:51:d3:5a:b9:17:c8:b5:7d:
f8:f6:f1:22:9c:0c:7b:e6:1a:42:f9:de:f2:35:98:
d2:03:dc:73:9a:e2:ff:8c:7a:0e:00:b9:a3:e3:42:
e1:9f:1e:31:1f:ec:2a:f6:ab:8c:16:68:12:aa:33:
59:23:e5:bd:d3:72:59:6c:9c:ec:8c:2d:da:f8:e9:
97:07:69:a7:af:da:63:90:fe:88:ee:95:07:5f:69:
7c:7b:17:a9:46:3b:1b:ff:ec:44:fc:12:c2:00:25:
48:c4:c5:02:5c:42:67:3e:d9:8c:5b:3e:46:dc:f0:
9b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:C8:DE:5F:AA:E6:3B:E4:C3:E7:43:E5:0F:F9:85:0E:EC:BB:16:B1
X509v3 Authority Key Identifier:
keyid:70:28:EC:9C:CD:6D:86:1F:5F:1A:FD:AD:00:46:F3:3C:91:03:BA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cCjsnM1thh9fGv2tAEbzPJEDugY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/CcjeX6rmO-TD50PlD_mFDuy7FrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/cCjsnM1thh9fGv2tAEbzPJEDugY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.191.3.0/24
5.191.15.0-5.191.19.255
5.191.22.0/24
5.191.24.0-5.191.34.255
5.191.44.0-5.191.69.255
5.191.90.0/24
5.191.100.0-5.191.142.255
217.168.176.0/20
Signature Algorithm: sha256WithRSAEncryption
b6:3f:5f:3a:4c:02:e1:a4:01:07:14:5e:49:3a:83:35:01:a9:
61:f7:db:e2:8e:b4:56:94:4d:b4:94:78:ce:ed:01:58:13:da:
c5:65:49:8e:3f:f9:42:1f:ed:65:1c:fa:18:0f:0a:da:22:8d:
71:86:1a:2d:82:7f:d2:79:8e:06:df:e3:68:9e:4b:df:0d:83:
32:76:33:94:08:d0:51:24:17:bc:af:ae:3e:7b:7c:05:9e:ff:
16:a1:2a:83:57:64:40:5f:0e:4d:21:66:a8:dc:d7:fb:6f:9c:
3e:09:ae:df:4e:eb:a6:ef:e6:01:d3:68:7a:5f:75:c0:fb:f5:
83:36:a7:50:43:d4:d5:9e:b6:0f:d8:22:5a:e1:5c:c1:99:9b:
44:bf:34:82:17:46:72:00:e1:3f:02:77:1a:5b:79:e6:b9:6d:
f5:4d:f5:b5:fa:75:f8:59:1d:a5:2d:ea:7f:29:c8:c4:a5:87:
03:27:15:69:95:7a:23:b9:61:c7:2f:d3:54:04:a8:78:4a:77:
6d:c3:47:ed:e0:14:30:84:a7:02:c8:1e:cf:25:88:ab:a6:b5:
3c:b0:42:a0:ab:19:30:b4:6d:4e:dd:2e:6c:cd:3f:a1:94:66:
25:2b:4e:8a:8a:7c:cf:53:61:5b:b1:c5:a3:55:df:92:93:72:
b6:cb:c5:f3
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYpGWcszjc17H2otghvAn608MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMjhlYzljY2Q2ZDg2MWY1ZjFhZmRhZDAwNDZmMzNjOTEw
M2JhMDYwHhcNMjMwODMwMTIxMDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWM4ZGU1ZmFhZTYzYmU0YzNlNzQzZTUwZmY5ODUwZWVjYmIxNmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlKOCv5dklSIcNw+u67MFlZ5oCTk
eO0M6PZl7dw2aIR+Rp+VjCCO3aE2bN/2d5QV8uNfmJYaNHgFyGoHPhX6KFM1aRcG
6krR7b1NAW1DpSYCrdCn4GUym2fg/Xac45EwDOCNMbRoy+2UMI/RdtafpdZbS4vw
BMc1Y38B4HkoSKlE8iHo7eEg9436sOyjUdNauRfItX349vEinAx75hpC+d7yNZjS
A9xzmuL/jHoOALmj40Lhnx4xH+wq9quMFmgSqjNZI+W903JZbJzsjC3a+OmXB2mn
r9pjkP6I7pUHX2l8exepRjsb/+xE/BLCACVIxMUCXEJnPtmMWz5G3PCbeQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFAnI3l+q5jvkw+dD5Q/5hQ7suxaxMB8GA1UdIwQY
MBaAFHAo7JzNbYYfXxr9rQBG8zyRA7oGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0Nqc25NMXRoaDlmR3YydEFFYnpQSkVEdWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zYzMxNTQtNzgwMy00ZWM2LWJmNzAt
Y2NkZDA2NTYzYTVmLzEvQ2NqZVg2cm1PLVRENTBQbERfbUZEdXk3RnJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8zYzMxNTQtNzgwMy00ZWM2LWJmNzAtY2NkZDA2NTYzYTVm
LzEvY0Nqc25NMXRoaDlmR3YydEFFYnpQSkVEdWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQABb8DMAwD
BAAFvw8DBAIFvxADBAAFvxYwDAMEAwW/GAMEAAW/IjAMAwQCBb8sAwQBBb9EAwQA
Bb9aMAwDBAIFv2QDBAAFv44DBATZqLAwDQYJKoZIhvcNAQELBQADggEBALY/XzpM
AuGkAQcUXkk6gzUBqWH32+KOtFaUTbSUeM7tAVgT2sVlSY4/+UIf7WUc+hgPCtoi
jXGGGi2Cf9J5jgbf42ieS98NgzJ2M5QI0FEkF7yvrj57fAWe/xahKoNXZEBfDk0h
Zqjc1/tvnD4Jrt9O66bv5gHTaHpfdcD79YM2p1BD1NWetg/YIlrhXMGZm0S/NIIX
RnIA4T8Cdxpbeea5bfVN9bX6dfhZHaUt6n8pyMSlhwMnFWmVeiO5Yccv01QEqHhK
d23DR+3gFDCEpwLIHs8liKumtTywQqCrGTC0bU7dLmzNP6GUZiUrToqKfM9TYVux
xaNV35KTcrbLxfM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:00 2024 by rpki-client on console-ams.rpki-client.org