Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/rlmN1Tp0CDugkYeX5wqceaweSwE.roa
File: rlmN1Tp0CDugkYeX5wqceaweSwE.roa (raw, json)
Hash identifier: wEBCn2wifwjcGN3Fp2XN/vfJdznUpmn/l5lthJyFva0=
Subject key identifier: AE:59:8D:D5:3A:74:08:3B:A0:91:87:97:E7:0A:9C:79:AC:1E:4B:01
Certificate issuer: /CN=5f96676cf398d3994c4dd4a296594614dff586c7
Certificate serial: 018E098F88BF41194047319961CF029A17C8
Authority key identifier: 5F:96:67:6C:F3:98:D3:99:4C:4D:D4:A2:96:59:46:14:DF:F5:86:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X5ZnbPOY05lMTdSilllGFN_1hsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/rlmN1Tp0CDugkYeX5wqceaweSwE.roa
Signing time: Mon 04 Mar 2024 13:03:05 +0000
ROA not before: Mon 04 Mar 2024 13:03:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198417
IP address blocks: 31.14.64.0/24 maxlen: 24
31.14.218.0/24 maxlen: 24
31.14.232.0/24 maxlen: 24
31.14.253.0/24 maxlen: 24
37.153.137.0/24 maxlen: 24
86.105.194.0/24 maxlen: 24
86.105.197.0/24 maxlen: 24
86.106.21.0/24 maxlen: 24
86.106.82.0/24 maxlen: 24
86.106.178.0/24 maxlen: 24
86.107.188.0/24 maxlen: 24
89.32.124.0/24 maxlen: 24
89.32.128.0/24 maxlen: 24
89.32.201.0/24 maxlen: 24
89.32.205.0/24 maxlen: 24
89.34.218.0/24 maxlen: 24
89.38.56.0/24 maxlen: 24
89.38.71.0/24 maxlen: 24
89.39.151.0/24 maxlen: 24
89.40.68.0/24 maxlen: 24
89.40.131.0/24 maxlen: 24
89.41.30.0/24 maxlen: 24
89.42.34.0/24 maxlen: 24
89.43.39.0/24 maxlen: 24
89.44.106.0/24 maxlen: 24
89.45.9.0/24 maxlen: 24
89.47.35.0/24 maxlen: 24
92.114.34.0/24 maxlen: 24
92.114.99.0/24 maxlen: 24
93.113.88.0/24 maxlen: 24
93.113.108.0/24 maxlen: 24
93.114.141.0/24 maxlen: 24
93.114.250.0/24 maxlen: 24
94.177.64.0/24 maxlen: 24
94.177.119.0/24 maxlen: 24
159.20.112.0/24 maxlen: 24
159.20.113.0/24 maxlen: 24
159.20.114.0/24 maxlen: 24
159.20.115.0/24 maxlen: 24
159.20.116.0/24 maxlen: 24
176.223.162.0/24 maxlen: 24
176.223.180.0/24 maxlen: 24
188.208.18.0/24 maxlen: 24
188.240.16.0/24 maxlen: 24
188.240.46.0/24 maxlen: 24
2a10:3ec0::/29 maxlen: 29
2a10:3ec0:32::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 19 Jul 2024 13:35:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:09:8f:88:bf:41:19:40:47:31:99:61:cf:02:9a:17:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f96676cf398d3994c4dd4a296594614dff586c7
Validity
Not Before: Mar 4 13:03:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae598dd53a74083ba0918797e70a9c79ac1e4b01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a1:04:cf:77:a4:d9:ea:67:f6:73:9b:f4:d2:
ef:f0:39:05:07:cd:df:46:e1:76:5f:50:3e:63:fe:
5b:f4:23:bc:81:da:1d:eb:5a:a7:cc:cf:9d:1b:df:
2b:95:fa:4c:d2:c3:c6:c3:98:70:eb:80:ba:51:4f:
5c:99:2f:64:16:a8:b4:12:5f:bf:2c:66:92:10:87:
f2:01:ae:ef:3f:a9:04:cf:5f:ac:38:c2:71:3a:7b:
cb:c1:06:88:34:7c:f6:2c:f6:ad:36:04:ef:4c:67:
ca:17:55:f4:08:a9:6b:e3:2c:c5:ec:db:ca:ff:10:
e7:48:9b:f6:a0:8c:25:7b:68:4b:73:bc:74:ff:be:
b2:92:55:0f:9a:5a:27:e7:e8:fc:61:4b:92:b9:68:
5c:12:1a:68:17:af:70:14:97:64:11:64:5b:d0:56:
49:b3:f5:ac:94:9d:d9:fd:e4:19:f3:02:d5:ef:4c:
e7:43:f4:0f:95:96:2e:5f:6f:4d:c3:bd:d1:3c:0b:
7c:54:6a:19:98:8f:6a:11:74:75:37:8b:2a:4b:9b:
29:c1:22:57:ef:dc:65:95:dd:94:de:ed:15:15:fe:
3e:b9:bf:2f:08:0f:c7:f7:c5:ca:ed:76:3b:9b:7b:
57:81:2f:f2:bf:af:92:f3:4f:3b:23:90:06:41:22:
c2:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:59:8D:D5:3A:74:08:3B:A0:91:87:97:E7:0A:9C:79:AC:1E:4B:01
X509v3 Authority Key Identifier:
keyid:5F:96:67:6C:F3:98:D3:99:4C:4D:D4:A2:96:59:46:14:DF:F5:86:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X5ZnbPOY05lMTdSilllGFN_1hsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/rlmN1Tp0CDugkYeX5wqceaweSwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/X5ZnbPOY05lMTdSilllGFN_1hsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.64.0/24
31.14.218.0/24
31.14.232.0/24
31.14.253.0/24
37.153.137.0/24
86.105.194.0/24
86.105.197.0/24
86.106.21.0/24
86.106.82.0/24
86.106.178.0/24
86.107.188.0/24
89.32.124.0/24
89.32.128.0/24
89.32.201.0/24
89.32.205.0/24
89.34.218.0/24
89.38.56.0/24
89.38.71.0/24
89.39.151.0/24
89.40.68.0/24
89.40.131.0/24
89.41.30.0/24
89.42.34.0/24
89.43.39.0/24
89.44.106.0/24
89.45.9.0/24
89.47.35.0/24
92.114.34.0/24
92.114.99.0/24
93.113.88.0/24
93.113.108.0/24
93.114.141.0/24
93.114.250.0/24
94.177.64.0/24
94.177.119.0/24
159.20.112.0-159.20.116.255
176.223.162.0/24
176.223.180.0/24
188.208.18.0/24
188.240.16.0/24
188.240.46.0/24
IPv6:
2a10:3ec0::/29
Signature Algorithm: sha256WithRSAEncryption
9d:b1:08:11:4d:87:65:db:40:2b:df:0e:fd:d7:e5:83:9e:cc:
71:7e:16:0b:30:8c:21:e8:61:16:00:af:4e:24:ca:e8:9b:ed:
03:81:ab:e3:63:44:cc:a6:63:e5:12:1b:15:3d:78:e7:e4:be:
c7:3e:b5:fd:cd:5a:a1:eb:b0:66:ee:7e:45:ce:ed:dc:2c:1f:
f4:d2:f6:f2:96:f2:48:35:cb:9a:fd:bc:ba:7e:99:34:61:2a:
bf:a2:dc:49:74:3e:83:47:86:2f:b7:43:4a:4a:cd:d7:d9:73:
68:77:f6:8b:fa:7a:d0:96:ff:61:ee:77:81:d5:9b:d7:85:d3:
65:ee:ed:ae:d9:72:88:bf:f4:4c:c0:c6:27:40:b4:a0:02:cf:
94:db:68:55:b2:c4:69:81:9c:b3:9d:3e:ca:89:58:03:1d:c9:
02:3a:66:73:65:6e:09:a3:51:16:e4:66:0d:61:69:67:d7:12:
89:54:22:85:97:85:a9:99:00:00:1d:2a:e0:b8:60:d8:37:58:
1a:98:f6:d4:50:3a:b0:52:47:fa:46:d0:58:cc:88:94:db:f0:
2e:e9:c0:cd:e8:88:75:25:b9:48:61:6a:c3:94:93:d2:23:52:
de:51:59:c2:2e:30:6f:c8:5b:e3:fd:c0:70:cf:8f:c3:a8:31:
cc:a9:d0:9a
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAY4Jj4i/QRlARzGZYc8CmhfIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmOTY2NzZjZjM5OGQzOTk0YzRkZDRhMjk2NTk0NjE0ZGZm
NTg2YzcwHhcNMjQwMzA0MTMwMzA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTU5OGRkNTNhNzQwODNiYTA5MTg3OTdlNzBhOWM3OWFjMWU0YjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6EEz3ek2epn9nOb9NLv8DkFB83f
RuF2X1A+Y/5b9CO8gdod61qnzM+dG98rlfpM0sPGw5hw64C6UU9cmS9kFqi0El+/
LGaSEIfyAa7vP6kEz1+sOMJxOnvLwQaINHz2LPatNgTvTGfKF1X0CKlr4yzF7NvK
/xDnSJv2oIwle2hLc7x0/76yklUPmlon5+j8YUuSuWhcEhpoF69wFJdkEWRb0FZJ
s/WslJ3Z/eQZ8wLV70znQ/QPlZYuX29Nw73RPAt8VGoZmI9qEXR1N4sqS5spwSJX
79xlld2U3u0VFf4+ub8vCA/H98XK7XY7m3tXgS/yv6+S8087I5AGQSLChwIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFK5ZjdU6dAg7oJGHl+cKnHmsHksBMB8GA1UdIwQY
MBaAFF+WZ2zzmNOZTE3UopZZRhTf9YbHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDVabmJQT1kwNWxNVGRTaWxsbEdGTl8xaHNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82YTY4MDUtNWNlMC00MTI4LWEwNGMt
ZjYyZjM1YWY0MzcxLzEvcmxtTjFUcDBDRHVna1llWDV3cWNlYXdlU3dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82YTY4MDUtNWNlMC00MTI4LWEwNGMtZjYyZjM1YWY0Mzcx
LzEvWDVabmJQT1kwNWxNVGRTaWxsbEdGTl8xaHNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCCAQUEAgABMIH+
AwQAHw5AAwQAHw7aAwQAHw7oAwQAHw79AwQAJZmJAwQAVmnCAwQAVmnFAwQAVmoV
AwQAVmpSAwQAVmqyAwQAVmu8AwQAWSB8AwQAWSCAAwQAWSDJAwQAWSDNAwQAWSLa
AwQAWSY4AwQAWSZHAwQAWSeXAwQAWShEAwQAWSiDAwQAWSkeAwQAWSoiAwQAWSsn
AwQAWSxqAwQAWS0JAwQAWS8jAwQAXHIiAwQAXHJjAwQAXXFYAwQAXXFsAwQAXXKN
AwQAXXL6AwQAXrFAAwQAXrF3MAwDBASfFHADBACfFHQDBACw36IDBACw37QDBAC8
0BIDBAC88BADBAC88C4wDQQCAAIwBwMFAyoQPsAwDQYJKoZIhvcNAQELBQADggEB
AJ2xCBFNh2XbQCvfDv3X5YOezHF+FgswjCHoYRYAr04kyuib7QOBq+NjRMymY+US
GxU9eOfkvsc+tf3NWqHrsGbufkXO7dwsH/TS9vKW8kg1y5r9vLp+mTRhKr+i3El0
PoNHhi+3Q0pKzdfZc2h39ov6etCW/2Hud4HVm9eF02Xu7a7Zcoi/9EzAxidAtKAC
z5TbaFWyxGmBnLOdPsqJWAMdyQI6ZnNlbgmjURbkZg1haWfXEolUIoWXhamZAAAd
KuC4YNg3WBqY9tRQOrBSR/pG0FjMiJTb8C7pwM3oiHUluUhhasOUk9IjUt5RWcIu
MG/IW+P9wHDPj8OoMcyp0Jo=
-----END CERTIFICATE-----
Generated at Fri Jul 19 15:54:56 2024 by rpki-client on console-fra.rpki-client.org