Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/cFaygNjCbdUkJurz5IMuVHWX0do.roa
File: cFaygNjCbdUkJurz5IMuVHWX0do.roa (raw, json)
Hash identifier: /LgOIFith3aE2cfBz6M1hQJJSWvuxzOsdhXutnF8m0I=
Subject key identifier: 70:56:B2:80:D8:C2:6D:D5:24:26:EA:F3:E4:83:2E:54:75:97:D1:DA
Certificate issuer: /CN=7028ec9ccd6d861f5f1afdad0046f33c9103ba06
Certificate serial: 019251EF9708C92DB4F61A9E0FF68FE17AEC
Authority key identifier: 70:28:EC:9C:CD:6D:86:1F:5F:1A:FD:AD:00:46:F3:3C:91:03:BA:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cCjsnM1thh9fGv2tAEbzPJEDugY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/cFaygNjCbdUkJurz5IMuVHWX0do.roa
Signing time: Thu 03 Oct 2024 10:31:48 +0000
ROA not before: Thu 03 Oct 2024 10:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31721
IP address blocks: 5.191.0.0/20 maxlen: 20
5.191.3.0/24 maxlen: 24
5.191.15.0/24 maxlen: 24
5.191.16.0/20 maxlen: 20
5.191.16.0/24 maxlen: 24
5.191.17.0/24 maxlen: 24
5.191.18.0/24 maxlen: 24
5.191.19.0/24 maxlen: 24
5.191.22.0/24 maxlen: 24
5.191.24.0/24 maxlen: 24
5.191.25.0/24 maxlen: 24
5.191.26.0/24 maxlen: 24
5.191.27.0/24 maxlen: 24
5.191.28.0/24 maxlen: 24
5.191.29.0/24 maxlen: 24
5.191.30.0/24 maxlen: 24
5.191.31.0/24 maxlen: 24
5.191.32.0/20 maxlen: 20
5.191.32.0/24 maxlen: 24
5.191.33.0/24 maxlen: 24
5.191.34.0/24 maxlen: 24
5.191.44.0/24 maxlen: 24
5.191.45.0/24 maxlen: 24
5.191.46.0/24 maxlen: 24
5.191.47.0/24 maxlen: 24
5.191.48.0/20 maxlen: 20
5.191.48.0/24 maxlen: 24
5.191.49.0/24 maxlen: 24
5.191.50.0/24 maxlen: 24
5.191.51.0/24 maxlen: 24
5.191.52.0/24 maxlen: 24
5.191.53.0/24 maxlen: 24
5.191.54.0/24 maxlen: 24
5.191.55.0/24 maxlen: 24
5.191.56.0/24 maxlen: 24
5.191.57.0/24 maxlen: 24
5.191.58.0/24 maxlen: 24
5.191.59.0/24 maxlen: 24
5.191.60.0/24 maxlen: 24
5.191.61.0/24 maxlen: 24
5.191.62.0/24 maxlen: 24
5.191.63.0/24 maxlen: 24
5.191.64.0/20 maxlen: 20
5.191.80.0/20 maxlen: 20
5.191.90.0/24 maxlen: 24
5.191.96.0/20 maxlen: 20
5.191.100.0/24 maxlen: 24
5.191.101.0/24 maxlen: 24
5.191.102.0/24 maxlen: 24
5.191.103.0/24 maxlen: 24
5.191.104.0/24 maxlen: 24
5.191.105.0/24 maxlen: 24
5.191.106.0/24 maxlen: 24
5.191.107.0/24 maxlen: 24
5.191.108.0/24 maxlen: 24
5.191.109.0/24 maxlen: 24
5.191.110.0/24 maxlen: 24
5.191.111.0/24 maxlen: 24
5.191.112.0/20 maxlen: 20
5.191.112.0/24 maxlen: 24
5.191.113.0/24 maxlen: 24
5.191.114.0/24 maxlen: 24
5.191.115.0/24 maxlen: 24
5.191.116.0/24 maxlen: 24
5.191.117.0/24 maxlen: 24
5.191.118.0/24 maxlen: 24
5.191.119.0/24 maxlen: 24
5.191.120.0/24 maxlen: 24
5.191.121.0/24 maxlen: 24
5.191.122.0/24 maxlen: 24
5.191.123.0/24 maxlen: 24
5.191.124.0/24 maxlen: 24
5.191.125.0/24 maxlen: 24
5.191.126.0/24 maxlen: 24
5.191.127.0/24 maxlen: 24
5.191.128.0/20 maxlen: 20
5.191.128.0/24 maxlen: 24
5.191.129.0/24 maxlen: 24
5.191.130.0/24 maxlen: 24
5.191.131.0/24 maxlen: 24
5.191.132.0/24 maxlen: 24
5.191.133.0/24 maxlen: 24
5.191.134.0/24 maxlen: 24
5.191.135.0/24 maxlen: 24
5.191.136.0/24 maxlen: 24
5.191.137.0/24 maxlen: 24
5.191.138.0/24 maxlen: 24
5.191.139.0/24 maxlen: 24
5.191.140.0/24 maxlen: 24
5.191.141.0/24 maxlen: 24
5.191.142.0/24 maxlen: 24
5.191.144.0/20 maxlen: 20
5.191.160.0/20 maxlen: 20
5.191.176.0/20 maxlen: 20
5.191.192.0/20 maxlen: 20
5.191.208.0/20 maxlen: 20
5.191.224.0/20 maxlen: 20
217.168.176.0/20 maxlen: 20
Validation: Failed, certificate revoked on Mon 07 Oct 2024 07:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:51:ef:97:08:c9:2d:b4:f6:1a:9e:0f:f6:8f:e1:7a:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7028ec9ccd6d861f5f1afdad0046f33c9103ba06
Validity
Not Before: Oct 3 10:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7056b280d8c26dd52426eaf3e4832e547597d1da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:22:44:de:46:1d:84:de:f2:73:e8:bf:4d:ec:
71:c5:c6:2c:72:c0:5e:1b:68:20:d4:39:bd:d0:ab:
98:67:21:f1:e8:db:23:14:c3:0c:b2:fb:7c:9f:3a:
9e:94:77:02:ae:11:eb:5c:d1:a8:0d:e1:02:9a:4c:
52:bd:cf:5e:8e:44:c6:32:91:b5:69:f0:b6:c2:50:
1b:9c:9e:d1:33:f7:2b:6a:23:fe:a8:d4:87:d6:c8:
54:c6:96:fe:2a:df:d4:5a:32:29:ff:06:c7:98:d1:
31:a9:a6:b8:77:0d:fd:a8:f4:b1:da:a5:30:5e:9c:
c0:24:7c:5c:4a:4f:d8:5a:70:58:b8:db:37:77:34:
d5:63:a6:3e:06:81:e9:4d:1c:da:88:9d:ac:45:b0:
95:eb:0a:59:cd:a3:b1:93:be:c1:22:d7:7c:c9:27:
e8:d2:43:92:40:f5:d2:86:b0:6f:93:09:2a:d5:89:
38:44:2a:ec:d4:aa:81:49:87:12:33:76:29:8c:7e:
c5:93:10:c5:57:1c:f9:d2:d3:60:05:8b:f8:a6:d3:
ca:f1:a5:7e:0f:31:8c:f5:c1:29:86:0e:ca:23:8a:
f2:4e:c7:7e:83:aa:82:70:09:e6:49:69:3d:35:de:
5d:12:4c:c9:0f:d3:72:02:a6:22:aa:1b:02:d7:4d:
9f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:56:B2:80:D8:C2:6D:D5:24:26:EA:F3:E4:83:2E:54:75:97:D1:DA
X509v3 Authority Key Identifier:
keyid:70:28:EC:9C:CD:6D:86:1F:5F:1A:FD:AD:00:46:F3:3C:91:03:BA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cCjsnM1thh9fGv2tAEbzPJEDugY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/cFaygNjCbdUkJurz5IMuVHWX0do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/cCjsnM1thh9fGv2tAEbzPJEDugY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.191.0.0-5.191.239.255
217.168.176.0/20
Signature Algorithm: sha256WithRSAEncryption
86:85:6f:ab:11:c6:90:d6:02:ee:2c:97:23:9b:f9:c3:9a:41:
10:1b:82:21:06:3d:17:33:c5:66:5d:78:c6:b5:58:fc:08:9d:
59:bc:8b:88:c2:05:a6:ca:1e:22:e3:04:55:a3:c3:0f:dd:7a:
3b:64:2a:e3:89:05:09:b2:c4:b2:5a:8c:db:10:fe:d9:60:22:
01:1e:db:42:55:19:78:31:9e:2c:63:cb:6d:b6:79:8e:31:8e:
8a:e5:b9:b8:0c:68:99:69:75:5f:ae:95:6d:79:32:41:14:8a:
49:3e:e0:a4:4a:01:40:5f:ee:ab:05:b5:6c:d4:3b:3c:57:62:
40:00:ef:83:e0:92:88:4d:12:32:f2:13:37:e4:39:a2:79:d2:
47:77:0f:aa:46:f1:00:2b:de:9a:59:bf:80:5c:15:0f:7e:66:
d9:7d:28:a9:0b:ac:0c:fc:6f:53:a8:28:61:51:e6:bd:4f:c6:
ad:f5:60:72:3a:9e:a4:72:9a:f9:2d:1f:cb:39:dc:fa:66:9b:
e8:9b:91:7c:96:06:ad:da:e4:cb:42:c4:28:26:7b:54:01:26:
89:c5:ae:13:33:62:88:f4:97:94:c7:e7:b8:c7:9a:51:30:47:
8e:99:0e:a0:9e:20:d0:c2:f1:25:a2:f4:19:18:4e:3f:3c:04:
cb:6f:ec:18
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZJR75cIyS209hqeD/aP4XrsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMjhlYzljY2Q2ZDg2MWY1ZjFhZmRhZDAwNDZmMzNjOTEw
M2JhMDYwHhcNMjQxMDAzMTAzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDU2YjI4MGQ4YzI2ZGQ1MjQyNmVhZjNlNDgzMmU1NDc1OTdkMWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5yJE3kYdhN7yc+i/TexxxcYscsBe
G2gg1Dm90KuYZyHx6NsjFMMMsvt8nzqelHcCrhHrXNGoDeECmkxSvc9ejkTGMpG1
afC2wlAbnJ7RM/craiP+qNSH1shUxpb+Kt/UWjIp/wbHmNExqaa4dw39qPSx2qUw
XpzAJHxcSk/YWnBYuNs3dzTVY6Y+BoHpTRzaiJ2sRbCV6wpZzaOxk77BItd8ySfo
0kOSQPXShrBvkwkq1Yk4RCrs1KqBSYcSM3YpjH7FkxDFVxz50tNgBYv4ptPK8aV+
DzGM9cEphg7KI4ryTsd+g6qCcAnmSWk9Nd5dEkzJD9NyAqYiqhsC102fYwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFHBWsoDYwm3VJCbq8+SDLlR1l9HaMB8GA1UdIwQY
MBaAFHAo7JzNbYYfXxr9rQBG8zyRA7oGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0Nqc25NMXRoaDlmR3YydEFFYnpQSkVEdWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zYzMxNTQtNzgwMy00ZWM2LWJmNzAt
Y2NkZDA2NTYzYTVmLzEvY0ZheWdOakNiZFVrSnVyejVJTXVWSFdYMGRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8zYzMxNTQtNzgwMy00ZWM2LWJmNzAtY2NkZDA2NTYzYTVm
LzEvY0Nqc25NMXRoaDlmR3YydEFFYnpQSkVEdWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATMAsDAwAFvwME
BAW/4AMEBNmosDANBgkqhkiG9w0BAQsFAAOCAQEAhoVvqxHGkNYC7iyXI5v5w5pB
EBuCIQY9FzPFZl14xrVY/AidWbyLiMIFpsoeIuMEVaPDD916O2Qq44kFCbLEslqM
2xD+2WAiAR7bQlUZeDGeLGPLbbZ5jjGOiuW5uAxomWl1X66VbXkyQRSKST7gpEoB
QF/uqwW1bNQ7PFdiQADvg+CSiE0SMvITN+Q5onnSR3cPqkbxACvemlm/gFwVD35m
2X0oqQusDPxvU6goYVHmvU/GrfVgcjqepHKa+S0fyznc+mab6JuRfJYGrdrky0LE
KCZ7VAEmicWuEzNiiPSXlMfnuMeaUTBHjpkOoJ4g0MLxJaL0GRhOPzwEy2/sGA==
-----END CERTIFICATE-----
Generated at Mon Oct 7 10:00:43 2024 by rpki-client on console-fra.rpki-client.org