Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/Urc7JiFaL5Qc7gUuUKpQMBzjEHw.roa
File: Urc7JiFaL5Qc7gUuUKpQMBzjEHw.roa (raw, json)
Hash identifier: BU2YNsDio4S8Y2VhEWSl6AffNNQMEjB9E9ywFv5qqNQ=
Subject key identifier: 52:B7:3B:26:21:5A:2F:94:1C:EE:05:2E:50:AA:50:30:1C:E3:10:7C
Certificate issuer: /CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Certificate serial: 0192044E3BFFA64C7325338F33EE70ABA2FA
Authority key identifier: F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/Urc7JiFaL5Qc7gUuUKpQMBzjEHw.roa
Signing time: Wed 18 Sep 2024 08:44:48 +0000
ROA not before: Wed 18 Sep 2024 08:44:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5607
IP address blocks: 2.120.0.0/13 maxlen: 13
2.216.0.0/13 maxlen: 13
5.64.0.0/13 maxlen: 13
46.64.0.0/15 maxlen: 15
51.19.0.0/16 maxlen: 16
51.146.0.0/16 maxlen: 16
51.182.0.0/15 maxlen: 15
51.186.0.0/15 maxlen: 15
51.190.0.0/15 maxlen: 15
51.194.0.0/16 maxlen: 16
51.198.0.0/15 maxlen: 15
51.198.0.0/16 maxlen: 16
51.198.0.0/18 maxlen: 18
51.198.72.0/21 maxlen: 21
51.198.80.0/20 maxlen: 20
51.198.96.0/19 maxlen: 19
51.198.128.0/17 maxlen: 17
51.199.0.0/17 maxlen: 17
51.199.128.0/18 maxlen: 18
51.199.192.0/19 maxlen: 19
51.199.224.0/20 maxlen: 20
51.199.240.0/21 maxlen: 21
51.199.248.0/22 maxlen: 22
51.241.0.0/16 maxlen: 16
78.86.0.0/16 maxlen: 16
78.105.0.0/16 maxlen: 16
87.80.0.0/15 maxlen: 15
90.192.0.0/11 maxlen: 11
93.96.0.0/17 maxlen: 17
93.96.128.0/18 maxlen: 18
93.96.224.0/19 maxlen: 19
93.96.224.0/23 maxlen: 23
93.96.228.0/23 maxlen: 23
94.0.0.0/12 maxlen: 12
94.192.0.0/14 maxlen: 14
149.241.0.0/16 maxlen: 16
151.224.0.0/13 maxlen: 13
176.24.0.0/14 maxlen: 14
176.248.0.0/13 maxlen: 13
176.255.240.0/24 maxlen: 24
176.255.241.0/24 maxlen: 24
176.255.242.0/24 maxlen: 24
188.220.0.0/14 maxlen: 14
2a02:c78::/29 maxlen: 29
2a02:c7a::/32 maxlen: 32
2a02:c7a:1200::/48 maxlen: 48
2a02:c7a:1202::/48 maxlen: 48
2a02:c7b::/32 maxlen: 32
2a02:c7c::/30 maxlen: 30
2a02:c7c::/33 maxlen: 33
2a02:c7c:8000::/33 maxlen: 33
2a02:c7d::/33 maxlen: 33
2a02:c7d:8000::/33 maxlen: 33
2a02:c7e::/33 maxlen: 33
2a02:c7e:8000::/33 maxlen: 33
2a02:c7f::/33 maxlen: 33
2a02:c7f:8000::/33 maxlen: 33
2a06:5900::/32 maxlen: 32
2a06:5901::/33 maxlen: 33
2a06:5902::/31 maxlen: 31
2a06:5904::/31 maxlen: 31
2a06:5906::/31 maxlen: 31
Validation: Failed, certificate revoked on Mon 18 Nov 2024 11:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:04:4e:3b:ff:a6:4c:73:25:33:8f:33:ee:70:ab:a2:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Validity
Not Before: Sep 18 08:44:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52b73b26215a2f941cee052e50aa50301ce3107c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:44:58:ca:82:4b:70:34:7f:78:5a:0a:38:b5:
18:59:be:a4:af:0e:6c:5d:0f:48:89:b8:1f:8a:f6:
78:8a:a1:01:74:c4:2e:3a:b8:c0:b8:37:35:f9:70:
79:16:09:2a:ee:c9:98:42:ac:fd:60:e3:f8:8f:be:
31:6b:c4:07:03:72:39:39:01:9f:ad:a4:57:1f:90:
ed:32:cf:f7:90:4c:6a:29:44:ca:fc:e3:98:03:e8:
15:23:c3:63:51:35:57:41:48:38:18:f5:07:e0:0e:
96:d2:63:5f:cf:c9:c9:59:d8:a4:30:8d:ef:a5:99:
df:3b:c9:c1:26:5e:66:b5:16:c9:ee:d7:0d:8b:2f:
86:70:a6:9a:e0:48:c1:2b:4c:ea:b7:7b:2f:b9:5a:
da:b4:9e:66:e0:ac:08:f2:bd:92:cb:40:d1:b5:80:
c4:d5:5b:67:53:80:58:03:9c:5e:05:df:ed:b3:23:
44:92:20:e9:c6:aa:c9:23:6c:38:61:ba:0f:b2:87:
68:7c:fc:f2:f6:17:bf:11:dd:bc:35:b1:71:1a:bf:
1c:04:93:59:72:7e:1b:e5:87:d9:71:56:fb:9c:b6:
be:74:22:0f:cb:04:70:5f:4d:9c:ea:e2:e8:42:bd:
fc:1b:a1:82:da:18:80:22:c0:76:ec:39:73:5e:cf:
75:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B7:3B:26:21:5A:2F:94:1C:EE:05:2E:50:AA:50:30:1C:E3:10:7C
X509v3 Authority Key Identifier:
keyid:F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/Urc7JiFaL5Qc7gUuUKpQMBzjEHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.120.0.0/13
2.216.0.0/13
5.64.0.0/13
46.64.0.0/15
51.19.0.0/16
51.146.0.0/16
51.182.0.0/15
51.186.0.0/15
51.190.0.0/15
51.194.0.0/16
51.198.0.0/15
51.241.0.0/16
78.86.0.0/16
78.105.0.0/16
87.80.0.0/15
90.192.0.0/11
93.96.0.0-93.96.191.255
93.96.224.0/19
94.0.0.0/12
94.192.0.0/14
149.241.0.0/16
151.224.0.0/13
176.24.0.0/14
176.248.0.0/13
188.220.0.0/14
IPv6:
2a02:c78::/29
2a06:5900::-2a06:5901:7fff:ffff:ffff:ffff:ffff:ffff
2a06:5902::-2a06:5907:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
24:63:6a:8b:b9:d7:0f:e1:eb:49:d9:33:e3:10:b0:f4:51:b5:
46:e2:92:d0:ea:d9:d5:69:df:9c:ad:e2:be:47:da:94:2e:9b:
5e:53:9c:6f:11:5a:2d:db:3b:9c:68:e7:fc:f5:07:eb:fd:ff:
31:99:11:da:f9:9d:e9:55:c4:b0:00:82:c0:7c:2c:14:d4:cb:
a4:f8:13:d7:9f:2d:ad:01:1c:31:ac:b4:c0:ea:0f:d5:bc:d7:
76:5d:f7:e7:0c:c6:39:b4:c4:d4:59:29:1f:df:09:1a:f7:0e:
8a:8b:72:9b:e0:db:c8:c0:80:bc:54:48:62:e4:fe:f7:fa:ee:
21:0f:7d:66:69:9f:31:dc:8f:ee:93:42:34:e2:8e:ad:1c:c8:
d2:98:97:7d:a0:18:5a:1c:8a:14:10:ee:a9:1e:94:fc:b6:06:
59:b9:f8:26:bc:7e:26:6d:28:95:1e:b6:77:7c:2a:1f:d9:ed:
7c:27:28:b7:e9:96:51:38:8e:69:4c:e2:08:f7:3c:75:a2:23:
36:84:84:25:92:d4:fa:38:fc:94:28:12:8b:84:0b:d1:e7:8e:
30:05:c8:0f:a9:84:37:cc:a8:88:83:a1:ba:04:e5:f7:39:25:
73:56:50:3d:55:63:90:92:c4:29:0a:17:fc:b6:a3:55:86:13:
29:80:9d:ed
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgISAZIETjv/pkxzJTOPM+5wq6L6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3MWQ0YTQzNzRkZjIyMmFjMzIzNWI5NjAyMjA2ZDk2YmYx
ZGFjODIwHhcNMjQwOTE4MDg0NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmI3M2IyNjIxNWEyZjk0MWNlZTA1MmU1MGFhNTAzMDFjZTMxMDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ERYyoJLcDR/eFoKOLUYWb6krw5s
XQ9IibgfivZ4iqEBdMQuOrjAuDc1+XB5Fgkq7smYQqz9YOP4j74xa8QHA3I5OQGf
raRXH5DtMs/3kExqKUTK/OOYA+gVI8NjUTVXQUg4GPUH4A6W0mNfz8nJWdikMI3v
pZnfO8nBJl5mtRbJ7tcNiy+GcKaa4EjBK0zqt3svuVratJ5m4KwI8r2Sy0DRtYDE
1VtnU4BYA5xeBd/tsyNEkiDpxqrJI2w4YboPsodofPzy9he/Ed28NbFxGr8cBJNZ
cn4b5YfZcVb7nLa+dCIPywRwX02c6uLoQr38G6GC2hiAIsB27DlzXs91XQIDAQAB
o4ICvTCCArkwHQYDVR0OBBYEFFK3OyYhWi+UHO4FLlCqUDAc4xB8MB8GA1UdIwQY
MBaAFPcdSkN03yIqwyNblgIgbZa/HayCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUt
ZTlhYzJiMDAzMTZhLzEvVXJjN0ppRmFMNVFjN2dVdVVLcFFNQnpqRUh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUtZTlhYzJiMDAzMTZh
LzEvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHSBggrBgEFBQcBBwEB/wSBwjCBvzCBjQQCAAEwgYYDAwMC
eAMDAwLYAwMDBUADAwEuQAMDADMTAwMAM5IDAwEztgMDATO6AwMBM74DAwAzwgMD
ATPGAwMAM/EDAwBOVgMDAE5pAwMBV1ADAwVawDALAwMFXWADBAZdYIADBAVdYOAD
AwReAAMDAl7AAwMAlfEDAwOX4AMDArAYAwMDsPgDAwK83DAtBAIAAjAnAwUDKgIM
eDAOAwQAKgZZAwYHKgZZAQAwDgMFASoGWQIDBQMqBlkAMA0GCSqGSIb3DQEBCwUA
A4IBAQAkY2qLudcP4etJ2TPjELD0UbVG4pLQ6tnVad+creK+R9qULpteU5xvEVot
2zucaOf89Qfr/f8xmRHa+Z3pVcSwAILAfCwU1Muk+BPXny2tARwxrLTA6g/VvNd2
XffnDMY5tMTUWSkf3wka9w6Ki3Kb4NvIwIC8VEhi5P73+u4hD31maZ8x3I/uk0I0
4o6tHMjSmJd9oBhaHIoUEO6pHpT8tgZZufgmvH4mbSiVHrZ3fCof2e18Jyi36ZZR
OI5pTOII9zx1oiM2hIQlktT6OPyUKBKLhAvR544wBcgPqYQ3zKiIg6G6BOX3OSVz
VlA9VWOQksQpChf8tqNVhhMpgJ3t
-----END CERTIFICATE-----
Generated at Mon Nov 18 16:23:40 2024 by rpki-client on console-ams.rpki-client.org