Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/q5wbizUKWJ4BFGzYfaVNoT4vb8o.roa
File: q5wbizUKWJ4BFGzYfaVNoT4vb8o.roa (raw, json)
Hash identifier: 1uLLxb+SvWmBATM1A6fHn50hNz8WZXfHxpc5we4cy68=
Subject key identifier: AB:9C:1B:8B:35:0A:58:9E:01:14:6C:D8:7D:A5:4D:A1:3E:2F:6F:CA
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 018ED2F665E0F8D0024A368EBD3BBDFC0162
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/q5wbizUKWJ4BFGzYfaVNoT4vb8o.roa
Signing time: Fri 12 Apr 2024 15:39:07 +0000
ROA not before: Fri 12 Apr 2024 15:39:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3356
IP address blocks: 5.159.208.0/21 maxlen: 24
5.181.72.0/22 maxlen: 24
31.192.96.0/21 maxlen: 24
45.8.100.0/22 maxlen: 24
45.132.108.0/22 maxlen: 24
45.137.44.0/22 maxlen: 24
80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
83.150.252.0/22 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
176.58.0.0/21 maxlen: 24
185.79.184.0/22 maxlen: 24
185.90.0.0/22 maxlen: 24
185.94.204.0/22 maxlen: 24
185.99.76.0/22 maxlen: 24
185.145.88.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.182.200.0/23 maxlen: 24
185.204.212.0/22 maxlen: 24
185.229.4.0/22 maxlen: 24
185.246.132.0/22 maxlen: 24
185.247.200.0/22 maxlen: 24
185.248.252.0/24 maxlen: 24
185.248.254.0/24 maxlen: 24
188.94.16.0/21 maxlen: 24
193.24.3.0/24 maxlen: 24
193.24.6.0/24 maxlen: 24
193.24.13.0/24 maxlen: 24
193.24.31.0/24 maxlen: 24
195.26.32.0/19 maxlen: 24
195.88.8.0/23 maxlen: 24
212.11.68.0/22 maxlen: 24
212.11.72.0/22 maxlen: 24
217.145.128.0/20 maxlen: 24
2a00:f1c0::/32 maxlen: 32
2a04:e9c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 15 Apr 2024 08:08:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d2:f6:65:e0:f8:d0:02:4a:36:8e:bd:3b:bd:fc:01:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Apr 12 15:39:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab9c1b8b350a589e01146cd87da54da13e2f6fca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2d:bd:f7:aa:29:9b:48:5d:1d:8a:df:7f:48:
21:4b:9d:d3:6e:2b:55:8c:0b:bb:5b:a1:ae:97:15:
6c:28:fc:f4:14:ad:93:28:60:6e:f6:ea:ad:c3:8c:
fe:14:1a:88:9c:5e:ca:be:1a:71:cf:f5:db:06:21:
3d:e5:91:b3:d1:ee:f9:4d:51:7a:70:d0:8d:5b:dd:
db:54:dc:86:76:9a:1f:21:e1:ad:1e:0e:77:bc:b5:
63:03:c1:49:d2:52:18:1e:5d:ec:0a:20:23:e4:40:
03:2f:4b:4a:0e:98:41:bf:41:34:bc:d3:5f:fd:83:
ba:8f:1c:51:14:fe:59:90:a4:86:60:ad:3b:0c:ad:
69:a8:28:33:96:af:69:72:ed:75:0f:a4:f8:de:43:
ca:d0:06:92:e0:ec:a2:12:41:72:f6:ec:ca:0d:4d:
b3:5a:d0:94:40:96:b6:bc:2f:6d:19:02:f5:f2:27:
2a:6a:70:6d:fd:b4:91:e5:cc:53:f3:fe:ca:64:b3:
10:3a:dd:05:4c:48:f5:e5:99:eb:69:e2:83:4e:f7:
4b:28:4c:b0:c4:5c:63:29:2f:86:78:e2:6e:24:90:
c4:01:d0:27:e8:10:80:76:6a:69:2a:1c:29:f8:7f:
dd:02:aa:b3:df:49:04:d8:de:af:f1:83:23:a9:7a:
25:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:9C:1B:8B:35:0A:58:9E:01:14:6C:D8:7D:A5:4D:A1:3E:2F:6F:CA
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/q5wbizUKWJ4BFGzYfaVNoT4vb8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.208.0/21
5.181.72.0/22
31.192.96.0/21
45.8.100.0/22
45.132.108.0/22
45.137.44.0/22
80.74.240.0/20
83.150.252.0/22
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
176.58.0.0/21
185.79.184.0/22
185.90.0.0/22
185.94.204.0/22
185.99.76.0/22
185.145.88.0/22
185.178.216.0/22
185.182.200.0/23
185.204.212.0/22
185.229.4.0/22
185.246.132.0/22
185.247.200.0/22
185.248.252.0/24
185.248.254.0/24
188.94.16.0/21
193.24.3.0/24
193.24.6.0/24
193.24.13.0/24
193.24.31.0/24
195.26.32.0/19
195.88.8.0/23
212.11.68.0-212.11.75.255
217.145.128.0/20
IPv6:
2a00:f1c0::/32
2a04:e9c0::/29
Signature Algorithm: sha256WithRSAEncryption
a1:33:c9:9c:95:71:89:2e:0e:f2:6f:3a:87:f4:48:b8:aa:5d:
61:c8:bb:0b:65:e4:1d:c7:c4:21:3c:e4:9d:04:f6:9d:5a:0b:
2d:d8:63:09:3a:d2:14:a1:79:aa:c9:a2:b3:a2:f4:3b:65:56:
df:d9:4c:28:08:f7:d8:5f:ba:5a:4b:a9:67:60:41:ba:90:62:
c0:d9:4f:d6:fe:d3:00:d4:f6:0a:68:fe:87:29:f4:f7:33:ce:
eb:26:56:a4:73:45:2d:a4:33:e0:8c:a1:92:77:6e:84:ff:dc:
c9:eb:cd:69:0e:47:20:74:90:d2:7d:7d:74:69:dd:b3:ea:40:
23:67:54:70:4a:b6:0c:a6:89:81:a3:fe:b1:c6:7a:a8:8f:2e:
c4:c8:11:cc:1a:50:89:17:41:27:8c:fd:c6:04:c2:97:cf:d3:
88:43:6c:ef:56:98:b8:19:28:61:26:65:0b:24:5a:7d:84:49:
1d:23:90:d7:d4:7d:7c:25:e8:50:80:2b:32:18:d4:a0:79:55:
af:1f:1d:4f:22:d4:56:1f:63:d9:3a:a4:f5:35:04:04:b1:e4:
74:e0:c9:0a:4f:20:da:ec:64:e2:68:e9:56:33:65:ea:f6:d3:
43:d7:d7:5b:82:a3:c6:2f:d1:26:a2:dd:82:bb:29:89:d6:4c:
a3:6b:7f:86
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAY7S9mXg+NACSjaOvTu9/AFiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwNDEyMTUzOTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjljMWI4YjM1MGE1ODllMDExNDZjZDg3ZGE1NGRhMTNlMmY2ZmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtS2996opm0hdHYrff0ghS53TbitV
jAu7W6GulxVsKPz0FK2TKGBu9uqtw4z+FBqInF7Kvhpxz/XbBiE95ZGz0e75TVF6
cNCNW93bVNyGdpofIeGtHg53vLVjA8FJ0lIYHl3sCiAj5EADL0tKDphBv0E0vNNf
/YO6jxxRFP5ZkKSGYK07DK1pqCgzlq9pcu11D6T43kPK0AaS4OyiEkFy9uzKDU2z
WtCUQJa2vC9tGQL18icqanBt/bSR5cxT8/7KZLMQOt0FTEj15ZnraeKDTvdLKEyw
xFxjKS+GeOJuJJDEAdAn6BCAdmppKhwp+H/dAqqz30kE2N6v8YMjqXolwQIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFKucG4s1ClieARRs2H2lTaE+L2/KMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvcTV3Yml6VUtXSjRCRkd6WWZhVk5vVDR2YjhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBwYIKwYBBQUHAQcBAf8EgfcwgfQwgdsEAgABMIHUAwQD
BZ/QAwQCBbVIAwQDH8BgAwQCLQhkAwQCLYRsAwQCLYksAwQEUErwAwQCU5b8AwQF
VV9gAwQDXCp4AwQDX4FAAwQDsDoAAwQCuU+4AwQCuVoAAwQCuV7MAwQCuWNMAwQC
uZFYAwQCubLYAwQBubbIAwQCuczUAwQCueUEAwQCufaEAwQCuffIAwQAufj8AwQA
ufj+AwQDvF4QAwQAwRgDAwQAwRgGAwQAwRgNAwQAwRgfAwQFwxogAwQBw1gIMAwD
BALUC0QDBALUC0gDBATZkYAwFAQCAAIwDgMFACoA8cADBQMqBOnAMA0GCSqGSIb3
DQEBCwUAA4IBAQChM8mclXGJLg7ybzqH9Ei4ql1hyLsLZeQdx8QhPOSdBPadWgst
2GMJOtIUoXmqyaKzovQ7ZVbf2UwoCPfYX7paS6lnYEG6kGLA2U/W/tMA1PYKaP6H
KfT3M87rJlakc0UtpDPgjKGSd26E/9zJ681pDkcgdJDSfX10ad2z6kAjZ1RwSrYM
pomBo/6xxnqojy7EyBHMGlCJF0EnjP3GBMKXz9OIQ2zvVpi4GShhJmULJFp9hEkd
I5DX1H18JehQgCsyGNSgeVWvHx1PItRWH2PZOqT1NQQEseR04MkKTyDa7GTiaOlW
M2Xq9tND19dbgqPGL9Emot2CuymJ1kyja3+G
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:55 2024 by rpki-client on console-ams.rpki-client.org