Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/O7J4in7Sfz_KOWwQiRMbgvtWapY.roa
File: O7J4in7Sfz_KOWwQiRMbgvtWapY.roa (raw, json)
Hash identifier: k93jrDpHYIY86zOik7RkRPGLUrSF4ADgblWWzl6wJc4=
Subject key identifier: 3B:B2:78:8A:7E:D2:7F:3F:CA:39:6C:10:89:13:1B:82:FB:56:6A:96
Certificate issuer: /CN=7028ec9ccd6d861f5f1afdad0046f33c9103ba06
Certificate serial: 019251273E57CF7CE17FB83B1F55AB57CA1F
Authority key identifier: 70:28:EC:9C:CD:6D:86:1F:5F:1A:FD:AD:00:46:F3:3C:91:03:BA:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cCjsnM1thh9fGv2tAEbzPJEDugY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/O7J4in7Sfz_KOWwQiRMbgvtWapY.roa
Signing time: Thu 03 Oct 2024 06:52:59 +0000
ROA not before: Thu 03 Oct 2024 06:52:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31721
IP address blocks: 5.191.3.0/24 maxlen: 24
5.191.15.0/24 maxlen: 24
5.191.16.0/24 maxlen: 24
5.191.17.0/24 maxlen: 24
5.191.18.0/24 maxlen: 24
5.191.19.0/24 maxlen: 24
5.191.22.0/24 maxlen: 24
5.191.24.0/24 maxlen: 24
5.191.25.0/24 maxlen: 24
5.191.26.0/24 maxlen: 24
5.191.27.0/24 maxlen: 24
5.191.28.0/24 maxlen: 24
5.191.29.0/24 maxlen: 24
5.191.30.0/24 maxlen: 24
5.191.31.0/24 maxlen: 24
5.191.32.0/24 maxlen: 24
5.191.33.0/24 maxlen: 24
5.191.34.0/24 maxlen: 24
5.191.44.0/24 maxlen: 24
5.191.45.0/24 maxlen: 24
5.191.46.0/24 maxlen: 24
5.191.47.0/24 maxlen: 24
5.191.48.0/24 maxlen: 24
5.191.49.0/24 maxlen: 24
5.191.50.0/24 maxlen: 24
5.191.51.0/24 maxlen: 24
5.191.52.0/24 maxlen: 24
5.191.53.0/24 maxlen: 24
5.191.54.0/24 maxlen: 24
5.191.55.0/24 maxlen: 24
5.191.56.0/24 maxlen: 24
5.191.57.0/24 maxlen: 24
5.191.58.0/24 maxlen: 24
5.191.59.0/24 maxlen: 24
5.191.60.0/24 maxlen: 24
5.191.61.0/24 maxlen: 24
5.191.62.0/24 maxlen: 24
5.191.63.0/24 maxlen: 24
5.191.64.0/20 maxlen: 20
5.191.90.0/24 maxlen: 24
5.191.100.0/24 maxlen: 24
5.191.101.0/24 maxlen: 24
5.191.102.0/24 maxlen: 24
5.191.103.0/24 maxlen: 24
5.191.104.0/24 maxlen: 24
5.191.105.0/24 maxlen: 24
5.191.106.0/24 maxlen: 24
5.191.107.0/24 maxlen: 24
5.191.108.0/24 maxlen: 24
5.191.109.0/24 maxlen: 24
5.191.110.0/24 maxlen: 24
5.191.111.0/24 maxlen: 24
5.191.112.0/24 maxlen: 24
5.191.113.0/24 maxlen: 24
5.191.114.0/24 maxlen: 24
5.191.115.0/24 maxlen: 24
5.191.116.0/24 maxlen: 24
5.191.117.0/24 maxlen: 24
5.191.118.0/24 maxlen: 24
5.191.119.0/24 maxlen: 24
5.191.120.0/24 maxlen: 24
5.191.121.0/24 maxlen: 24
5.191.122.0/24 maxlen: 24
5.191.123.0/24 maxlen: 24
5.191.124.0/24 maxlen: 24
5.191.125.0/24 maxlen: 24
5.191.126.0/24 maxlen: 24
5.191.127.0/24 maxlen: 24
5.191.128.0/24 maxlen: 24
5.191.129.0/24 maxlen: 24
5.191.130.0/24 maxlen: 24
5.191.131.0/24 maxlen: 24
5.191.132.0/24 maxlen: 24
5.191.133.0/24 maxlen: 24
5.191.134.0/24 maxlen: 24
5.191.135.0/24 maxlen: 24
5.191.136.0/24 maxlen: 24
5.191.137.0/24 maxlen: 24
5.191.138.0/24 maxlen: 24
5.191.139.0/24 maxlen: 24
5.191.140.0/24 maxlen: 24
5.191.141.0/24 maxlen: 24
5.191.142.0/24 maxlen: 24
5.191.192.0/20 maxlen: 20
5.191.208.0/20 maxlen: 20
5.191.224.0/20 maxlen: 20
217.168.176.0/20 maxlen: 20
Validation: Failed, certificate revoked on Thu 03 Oct 2024 10:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:51:27:3e:57:cf:7c:e1:7f:b8:3b:1f:55:ab:57:ca:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7028ec9ccd6d861f5f1afdad0046f33c9103ba06
Validity
Not Before: Oct 3 06:52:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bb2788a7ed27f3fca396c1089131b82fb566a96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:aa:7d:5e:72:c8:dc:3d:d0:e9:ec:fc:e3:76:
22:62:11:73:0c:4d:e0:af:e6:9c:9c:fe:ad:77:c0:
e8:ee:fc:0e:96:90:8a:2f:ce:98:e6:76:b2:5d:47:
eb:42:93:5d:df:a0:a9:5a:7b:df:32:8b:35:f1:4f:
6a:8b:3e:eb:06:50:85:5a:27:7a:33:6e:f6:e7:1a:
e1:7a:8c:6a:30:12:60:6b:f2:db:44:97:7b:f6:2f:
62:7f:b7:8f:18:61:22:c4:34:10:07:58:4b:fe:67:
81:79:9b:d2:57:bb:b4:0b:3a:4a:3a:87:5d:9b:a0:
d7:f4:39:eb:ce:81:86:92:9b:52:92:9f:76:a5:44:
d7:74:c6:15:d4:59:b1:a0:4e:44:e9:95:fe:e1:2d:
b3:8f:5f:ec:08:a4:b8:ad:59:0c:8e:d8:90:e9:19:
1a:a4:68:f5:d1:34:cf:50:70:a9:49:9f:e7:31:be:
74:5a:3e:4e:ad:92:e1:6d:35:d8:e7:a5:6b:78:f5:
af:0f:ee:9e:bd:34:c7:a0:16:1b:0d:33:10:55:fa:
a3:7d:49:84:c8:ed:02:d9:0c:19:9a:90:22:02:db:
34:a4:85:4a:48:04:97:5c:3a:49:48:1c:f2:e7:53:
3a:f5:82:03:3d:56:f0:db:9f:57:85:4f:93:a6:c8:
4f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:B2:78:8A:7E:D2:7F:3F:CA:39:6C:10:89:13:1B:82:FB:56:6A:96
X509v3 Authority Key Identifier:
keyid:70:28:EC:9C:CD:6D:86:1F:5F:1A:FD:AD:00:46:F3:3C:91:03:BA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cCjsnM1thh9fGv2tAEbzPJEDugY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/O7J4in7Sfz_KOWwQiRMbgvtWapY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/cCjsnM1thh9fGv2tAEbzPJEDugY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.191.3.0/24
5.191.15.0-5.191.19.255
5.191.22.0/24
5.191.24.0-5.191.34.255
5.191.44.0-5.191.79.255
5.191.90.0/24
5.191.100.0-5.191.142.255
5.191.192.0-5.191.239.255
217.168.176.0/20
Signature Algorithm: sha256WithRSAEncryption
6c:38:99:c5:aa:3e:ab:e1:76:d1:72:ef:61:39:34:af:eb:2e:
2d:90:40:b2:41:b2:15:41:3a:81:e4:e4:15:f7:7b:47:4a:54:
d7:c9:6b:93:26:28:d6:48:eb:0e:aa:c0:56:a1:37:8b:ad:10:
38:e2:13:58:9e:4a:65:51:b1:b5:70:47:9f:16:d3:5d:37:f0:
86:a3:8c:6e:4f:db:2b:8c:60:cb:67:37:7d:5f:e6:f9:76:53:
c2:6e:7c:e5:56:fc:39:a6:78:e6:ba:6f:8e:9a:91:cb:35:f1:
76:bc:96:e8:4c:ba:ca:8f:02:31:ac:46:f0:a5:4e:18:f2:97:
5e:54:e6:e9:02:26:2c:e3:77:17:5a:17:c4:b9:f0:29:e7:fb:
45:44:f7:15:ab:bf:c7:ef:92:b4:af:80:09:a3:78:16:06:48:
a5:e6:2c:33:2d:f1:9e:01:7b:1c:e0:99:1a:70:cf:15:36:05:
1e:ff:9c:ac:70:4d:27:fe:9f:10:81:75:ac:7e:fa:69:da:74:
0f:b0:79:fa:a9:2a:dc:69:0f:80:7c:39:61:01:b9:c4:7d:68:
6f:f7:08:c8:ed:27:c2:79:da:99:0b:6d:05:95:c3:8f:1e:60:
5e:5c:26:12:ef:e0:17:34:49:d8:91:2a:b3:93:8d:12:ea:64:
09:cf:25:2f
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZJRJz5Xz3zhf7g7H1WrV8ofMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMjhlYzljY2Q2ZDg2MWY1ZjFhZmRhZDAwNDZmMzNjOTEw
M2JhMDYwHhcNMjQxMDAzMDY1MjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmIyNzg4YTdlZDI3ZjNmY2EzOTZjMTA4OTEzMWI4MmZiNTY2YTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKp9XnLI3D3Q6ez843YiYhFzDE3g
r+acnP6td8Do7vwOlpCKL86Y5nayXUfrQpNd36CpWnvfMos18U9qiz7rBlCFWid6
M2725xrheoxqMBJga/LbRJd79i9if7ePGGEixDQQB1hL/meBeZvSV7u0CzpKOodd
m6DX9DnrzoGGkptSkp92pUTXdMYV1FmxoE5E6ZX+4S2zj1/sCKS4rVkMjtiQ6Rka
pGj10TTPUHCpSZ/nMb50Wj5OrZLhbTXY56VrePWvD+6evTTHoBYbDTMQVfqjfUmE
yO0C2QwZmpAiAts0pIVKSASXXDpJSBzy51M69YIDPVbw259XhU+TpshPnwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFDuyeIp+0n8/yjlsEIkTG4L7VmqWMB8GA1UdIwQY
MBaAFHAo7JzNbYYfXxr9rQBG8zyRA7oGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0Nqc25NMXRoaDlmR3YydEFFYnpQSkVEdWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zYzMxNTQtNzgwMy00ZWM2LWJmNzAt
Y2NkZDA2NTYzYTVmLzEvTzdKNGluN1Nmel9LT1d3UWlSTWJndnRXYXBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8zYzMxNTQtNzgwMy00ZWM2LWJmNzAtY2NkZDA2NTYzYTVm
LzEvY0Nqc25NMXRoaDlmR3YydEFFYnpQSkVEdWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQABb8DMAwD
BAAFvw8DBAIFvxADBAAFvxYwDAMEAwW/GAMEAAW/IjAMAwQCBb8sAwQEBb9AAwQA
Bb9aMAwDBAIFv2QDBAAFv44wDAMEBgW/wAMEBAW/4AMEBNmosDANBgkqhkiG9w0B
AQsFAAOCAQEAbDiZxao+q+F20XLvYTk0r+suLZBAskGyFUE6geTkFfd7R0pU18lr
kyYo1kjrDqrAVqE3i60QOOITWJ5KZVGxtXBHnxbTXTfwhqOMbk/bK4xgy2c3fV/m
+XZTwm585Vb8OaZ45rpvjpqRyzXxdryW6Ey6yo8CMaxG8KVOGPKXXlTm6QImLON3
F1oXxLnwKef7RUT3Fau/x++StK+ACaN4FgZIpeYsMy3xngF7HOCZGnDPFTYFHv+c
rHBNJ/6fEIF1rH76adp0D7B5+qkq3GkPgHw5YQG5xH1ob/cIyO0nwnnamQttBZXD
jx5gXlwmEu/gFzRJ2JEqs5ONEupkCc8lLw==
-----END CERTIFICATE-----
Generated at Thu Oct 3 13:08:42 2024 by rpki-client on console-fra.rpki-client.org