Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/DY6GzUAcFhYDcJ4aA8W_I7PFP8M.roa
File: DY6GzUAcFhYDcJ4aA8W_I7PFP8M.roa (raw, json)
Hash identifier: It9hbKHu7nHYiib2qgXZXdol6Bypn/nlEq4gE5jjYPI=
Subject key identifier: 0D:8E:86:CD:40:1C:16:16:03:70:9E:1A:03:C5:BF:23:B3:C5:3F:C3
Certificate issuer: /CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Certificate serial: 01933F1A0490FC30D5D645BB34A4CADAA9D3
Authority key identifier: F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/DY6GzUAcFhYDcJ4aA8W_I7PFP8M.roa
Signing time: Mon 18 Nov 2024 11:48:09 +0000
ROA not before: Mon 18 Nov 2024 11:48:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5607
IP address blocks: 2.120.0.0/13 maxlen: 13
2.216.0.0/13 maxlen: 13
5.64.0.0/13 maxlen: 13
46.64.0.0/15 maxlen: 15
51.19.0.0/16 maxlen: 16
51.146.0.0/16 maxlen: 16
51.182.0.0/15 maxlen: 15
51.186.0.0/15 maxlen: 15
51.190.0.0/15 maxlen: 15
51.194.0.0/16 maxlen: 16
51.198.0.0/18 maxlen: 18
51.198.72.0/21 maxlen: 21
51.198.80.0/20 maxlen: 20
51.198.96.0/19 maxlen: 19
51.198.128.0/17 maxlen: 17
51.199.0.0/17 maxlen: 17
51.199.128.0/18 maxlen: 18
51.199.192.0/19 maxlen: 19
51.199.224.0/20 maxlen: 20
51.199.240.0/21 maxlen: 21
51.199.248.0/22 maxlen: 22
51.241.0.0/16 maxlen: 16
78.86.0.0/16 maxlen: 16
78.105.0.0/16 maxlen: 16
87.80.0.0/15 maxlen: 15
90.192.0.0/11 maxlen: 11
93.96.0.0/17 maxlen: 17
93.96.128.0/18 maxlen: 18
93.96.224.0/19 maxlen: 19
93.96.224.0/23 maxlen: 23
93.96.228.0/23 maxlen: 23
94.0.0.0/12 maxlen: 12
94.192.0.0/14 maxlen: 14
149.241.0.0/16 maxlen: 16
151.224.0.0/13 maxlen: 13
176.24.0.0/14 maxlen: 14
176.248.0.0/13 maxlen: 13
176.255.240.0/24 maxlen: 24
176.255.241.0/24 maxlen: 24
176.255.242.0/24 maxlen: 24
188.220.0.0/14 maxlen: 14
2a02:c78::/29 maxlen: 29
2a02:c7a::/32 maxlen: 32
2a02:c7a:1200::/48 maxlen: 48
2a02:c7a:1202::/48 maxlen: 48
2a02:c7b::/32 maxlen: 32
2a02:c7c::/30 maxlen: 30
2a02:c7c::/33 maxlen: 33
2a02:c7c:8000::/33 maxlen: 33
2a02:c7d::/33 maxlen: 33
2a02:c7d:8000::/33 maxlen: 33
2a02:c7e::/33 maxlen: 33
2a02:c7e:8000::/33 maxlen: 33
2a02:c7f::/33 maxlen: 33
2a02:c7f:8000::/33 maxlen: 33
2a06:5900::/32 maxlen: 32
2a06:5901::/33 maxlen: 33
2a06:5902::/31 maxlen: 31
2a06:5904::/31 maxlen: 31
2a06:5906::/31 maxlen: 31
Validation: Failed, certificate revoked on Fri 22 Nov 2024 08:22:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3f:1a:04:90:fc:30:d5:d6:45:bb:34:a4:ca:da:a9:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Validity
Not Before: Nov 18 11:48:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d8e86cd401c161603709e1a03c5bf23b3c53fc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:59:0f:71:ee:e4:6e:9d:a8:75:e7:4f:fe:b8:
5e:23:57:2f:51:a9:7f:a6:16:ea:cb:dd:01:a8:e1:
e3:2a:e4:19:e6:26:66:e9:cb:67:65:05:fc:35:e9:
0f:38:77:37:7e:1f:44:57:61:8f:51:77:40:25:15:
33:97:02:c3:c5:56:44:c7:04:fc:1d:1b:0c:8c:e1:
8c:40:c6:4c:0e:ec:06:6d:5e:49:da:43:51:40:2b:
36:5f:16:56:55:9b:61:0f:4d:da:b4:31:ac:eb:e1:
10:b0:94:59:ec:82:87:89:59:b2:77:f2:59:ae:8d:
dd:a6:20:c9:cf:c2:4a:7c:3e:36:14:fc:57:cd:6f:
24:6e:c4:6a:ac:1c:93:49:0c:be:13:00:31:ec:70:
95:cc:c8:fb:76:bc:23:cd:73:f1:b9:ce:e7:83:92:
f8:5d:2a:83:81:d6:1e:a8:6d:d8:8f:9c:17:46:a0:
dc:94:55:fe:10:b9:e0:7e:33:25:31:0a:ac:50:1d:
e4:15:14:25:17:a7:30:bc:fc:39:fb:b7:a4:de:1a:
1c:3e:09:41:8f:c2:e7:2a:96:6a:78:4f:b6:ce:5c:
56:c7:22:74:88:ed:3a:0b:08:a2:c9:86:7e:38:27:
12:53:f5:d0:6e:c1:97:3d:c6:d3:43:d6:95:84:6b:
05:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:8E:86:CD:40:1C:16:16:03:70:9E:1A:03:C5:BF:23:B3:C5:3F:C3
X509v3 Authority Key Identifier:
keyid:F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/DY6GzUAcFhYDcJ4aA8W_I7PFP8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.120.0.0/13
2.216.0.0/13
5.64.0.0/13
46.64.0.0/15
51.19.0.0/16
51.146.0.0/16
51.182.0.0/15
51.186.0.0/15
51.190.0.0/15
51.194.0.0/16
51.198.0.0/18
51.198.72.0-51.199.251.255
51.241.0.0/16
78.86.0.0/16
78.105.0.0/16
87.80.0.0/15
90.192.0.0/11
93.96.0.0-93.96.191.255
93.96.224.0/19
94.0.0.0/12
94.192.0.0/14
149.241.0.0/16
151.224.0.0/13
176.24.0.0/14
176.248.0.0/13
188.220.0.0/14
IPv6:
2a02:c78::/29
2a06:5900::-2a06:5901:7fff:ffff:ffff:ffff:ffff:ffff
2a06:5902::-2a06:5907:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
95:c4:31:69:b5:1d:d4:65:e5:54:d5:4e:a6:1a:3b:4f:9b:ef:
a0:4d:73:4f:5c:10:8c:99:37:a7:7c:91:52:0c:d8:00:3a:c2:
e2:41:a4:d6:96:2e:0d:a8:bc:0a:e6:f2:e8:81:c8:2d:57:2b:
af:4c:e5:50:01:28:a5:09:53:3f:26:c4:e7:14:b8:d5:9a:21:
b1:f6:b1:be:5c:d3:15:09:84:17:0f:cc:49:ae:37:cf:80:5f:
9b:6f:d7:9b:f2:f3:93:90:cf:e1:65:86:81:9a:86:21:56:28:
ee:4a:5d:52:bf:69:b1:49:38:41:0c:6b:b6:95:0a:7e:ab:81:
6d:5c:7e:39:af:d9:b2:f4:a6:76:56:0a:7f:1e:85:9a:37:c2:
e7:89:20:fb:7c:a6:e1:cb:33:f4:56:5b:e9:b7:fa:24:02:47:
aa:50:6b:7e:4e:0f:89:f2:0b:d4:2d:2d:14:7d:17:f2:4c:ee:
71:8f:06:39:a6:fd:ef:1c:df:7b:c6:94:f7:61:38:a4:0b:f0:
fe:5e:08:17:65:1c:d3:4c:90:bf:08:41:c2:86:50:fb:c2:a4:
09:0b:3a:72:ce:47:72:87:24:a8:5c:f3:56:3b:a3:65:ed:e1:
a2:65:82:50:e6:94:e2:de:00:fc:a8:b2:8a:c2:0a:d6:80:ec:
66:92:e0:46
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAZM/GgSQ/DDV1kW7NKTK2qnTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3MWQ0YTQzNzRkZjIyMmFjMzIzNWI5NjAyMjA2ZDk2YmYx
ZGFjODIwHhcNMjQxMTE4MTE0ODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDhlODZjZDQwMWMxNjE2MDM3MDllMWEwM2M1YmYyM2IzYzUzZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlkPce7kbp2odedP/rheI1cvUal/
phbqy90BqOHjKuQZ5iZm6ctnZQX8NekPOHc3fh9EV2GPUXdAJRUzlwLDxVZExwT8
HRsMjOGMQMZMDuwGbV5J2kNRQCs2XxZWVZthD03atDGs6+EQsJRZ7IKHiVmyd/JZ
ro3dpiDJz8JKfD42FPxXzW8kbsRqrByTSQy+EwAx7HCVzMj7drwjzXPxuc7ng5L4
XSqDgdYeqG3Yj5wXRqDclFX+ELngfjMlMQqsUB3kFRQlF6cwvPw5+7ek3hocPglB
j8LnKpZqeE+2zlxWxyJ0iO06CwiiyYZ+OCcSU/XQbsGXPcbTQ9aVhGsF2QIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFA2Ohs1AHBYWA3CeGgPFvyOzxT/DMB8GA1UdIwQY
MBaAFPcdSkN03yIqwyNblgIgbZa/HayCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUt
ZTlhYzJiMDAzMTZhLzEvRFk2R3pVQWNGaFlEY0o0YUE4V19JN1BGUDhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUtZTlhYzJiMDAzMTZh
LzEvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBnAQCAAEwgZUDAwMC
eAMDAwLYAwMDBUADAwEuQAMDADMTAwMAM5IDAwEztgMDATO6AwMBM74DAwAzwgME
BjPGADAMAwQDM8ZIAwQCM8f4AwMAM/EDAwBOVgMDAE5pAwMBV1ADAwVawDALAwMF
XWADBAZdYIADBAVdYOADAwReAAMDAl7AAwMAlfEDAwOX4AMDArAYAwMDsPgDAwK8
3DAtBAIAAjAnAwUDKgIMeDAOAwQAKgZZAwYHKgZZAQAwDgMFASoGWQIDBQMqBlkA
MA0GCSqGSIb3DQEBCwUAA4IBAQCVxDFptR3UZeVU1U6mGjtPm++gTXNPXBCMmTen
fJFSDNgAOsLiQaTWli4NqLwK5vLogcgtVyuvTOVQASilCVM/JsTnFLjVmiGx9rG+
XNMVCYQXD8xJrjfPgF+bb9eb8vOTkM/hZYaBmoYhVijuSl1Sv2mxSThBDGu2lQp+
q4FtXH45r9my9KZ2Vgp/HoWaN8LniSD7fKbhyzP0Vlvpt/okAkeqUGt+Tg+J8gvU
LS0UfRfyTO5xjwY5pv3vHN97xpT3YTikC/D+XggXZRzTTJC/CEHChlD7wqQJCzpy
zkdyhySoXPNWO6Nl7eGiZYJQ5pTi3gD8qLKKwgrWgOxmkuBG
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:16:12 2024 by rpki-client on console-ams.rpki-client.org