Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/1-eZJSfC30b3QvxL-XP8UwTskPxY.roa
File: 1-eZJSfC30b3QvxL-XP8UwTskPxY.roa (raw, json)
Hash identifier: hKS3TB/OL2BJEJrJ28GfXRgymAt2sJpytOObKzyVN1M=
Subject key identifier: F9:E6:49:49:F0:B7:D1:BD:D0:BF:12:FE:5C:FF:14:C1:3B:24:3F:16
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 018E37EEDDD8938E3B5057FDF5A964D2E0BA
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/1-eZJSfC30b3QvxL-XP8UwTskPxY.roa
Signing time: Wed 13 Mar 2024 13:09:44 +0000
ROA not before: Wed 13 Mar 2024 13:09:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8359
IP address blocks: 5.144.96.0/19 maxlen: 19
62.118.0.0/16 maxlen: 24
62.168.224.0/19 maxlen: 19
80.83.237.0/24 maxlen: 24
81.91.32.0/19 maxlen: 19
81.91.41.0/24 maxlen: 24
81.195.0.0/16 maxlen: 24
82.96.192.0/18 maxlen: 18
83.237.0.0/16 maxlen: 16
85.140.0.0/15 maxlen: 24
85.235.32.0/19 maxlen: 19
89.175.0.0/16 maxlen: 16
89.175.248.0/21 maxlen: 21
91.76.0.0/14 maxlen: 14
93.90.224.0/20 maxlen: 20
93.90.224.0/22 maxlen: 22
94.140.128.0/19 maxlen: 19
95.169.128.0/19 maxlen: 19
109.198.224.0/19 maxlen: 19
141.105.24.0/21 maxlen: 21
176.222.17.0/24 maxlen: 24
178.141.0.0/16 maxlen: 16
178.155.0.0/17 maxlen: 17
185.168.236.0/22 maxlen: 22
193.104.128.0/24 maxlen: 24
195.34.0.0/19 maxlen: 19
195.34.15.0/24 maxlen: 24
195.34.32.0/19 maxlen: 19
195.34.36.0/24 maxlen: 24
195.34.38.0/24 maxlen: 24
195.34.42.0/24 maxlen: 24
212.188.0.0/17 maxlen: 17
213.87.0.0/16 maxlen: 16
213.87.64.0/22 maxlen: 22
213.87.70.0/23 maxlen: 23
213.87.76.0/23 maxlen: 23
213.87.80.0/20 maxlen: 20
213.87.100.0/24 maxlen: 24
213.87.104.0/24 maxlen: 24
213.87.105.0/24 maxlen: 24
213.87.106.0/23 maxlen: 23
213.87.128.0/19 maxlen: 19
213.87.160.0/22 maxlen: 22
213.87.200.0/22 maxlen: 22
213.87.204.0/22 maxlen: 22
213.87.208.0/23 maxlen: 23
213.87.240.0/22 maxlen: 22
213.87.244.0/23 maxlen: 23
213.87.246.0/24 maxlen: 24
213.87.248.0/22 maxlen: 22
213.147.32.0/19 maxlen: 19
213.176.228.0/22 maxlen: 22
217.74.244.0/22 maxlen: 22
217.74.248.0/21 maxlen: 21
2a00:1fa0::/29 maxlen: 29
2a00:1fa0::/33 maxlen: 33
2a00:1fa0:8000::/33 maxlen: 33
2a00:1fa2::/33 maxlen: 33
2a00:1fa3::/33 maxlen: 33
2a00:1fa3:8000::/40 maxlen: 40
2a02:28::/29 maxlen: 29
2a02:28::/32 maxlen: 32
2a02:28:1::/48 maxlen: 48
2a02:28:a::/48 maxlen: 48
2a02:29::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 02 May 2024 09:33:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:37:ee:dd:d8:93:8e:3b:50:57:fd:f5:a9:64:d2:e0:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Mar 13 13:09:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9e64949f0b7d1bdd0bf12fe5cff14c13b243f16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f5:59:20:92:af:b6:df:59:8e:fe:77:d4:7e:
87:47:4c:17:af:b3:fe:8f:ea:8b:de:e2:05:44:ff:
32:4b:cc:62:76:90:65:1e:55:c0:3b:0d:68:55:19:
7c:b9:06:bc:25:4d:0d:76:ca:47:87:4c:72:04:23:
c3:a0:83:fb:74:af:81:6b:1b:94:8d:4e:79:30:2b:
54:f4:f3:40:99:bf:e7:8a:34:db:62:47:44:fb:ef:
30:80:30:a1:15:5d:65:ad:85:bd:4a:14:a5:0d:4a:
70:64:11:d4:54:75:8e:9e:cc:5e:f0:f8:81:10:3c:
36:35:f4:76:25:33:0b:f4:45:18:44:e0:d6:59:35:
70:b8:06:d5:74:14:b2:22:a8:d7:08:8c:57:8a:e7:
39:a9:4c:39:fe:c2:c3:22:c7:fe:cd:77:75:e0:b2:
0c:3f:cc:e6:fd:88:fc:7e:08:4f:05:13:2a:23:7d:
45:fc:0c:23:aa:94:c2:c2:07:7e:3b:d7:6e:64:12:
75:7d:e8:a4:71:69:08:d2:f2:91:57:65:5c:f2:35:
27:b8:f4:82:2c:da:1a:b6:ec:05:a9:1f:6d:a4:85:
d2:d2:53:68:57:b9:57:8f:ae:76:05:03:3e:97:aa:
84:cf:08:4f:70:b6:d8:03:b7:1a:40:3a:79:57:a9:
de:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:E6:49:49:F0:B7:D1:BD:D0:BF:12:FE:5C:FF:14:C1:3B:24:3F:16
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/1-eZJSfC30b3QvxL-XP8UwTskPxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.96.0/19
62.118.0.0/16
62.168.224.0/19
80.83.237.0/24
81.91.32.0/19
81.195.0.0/16
82.96.192.0/18
83.237.0.0/16
85.140.0.0/15
85.235.32.0/19
89.175.0.0/16
91.76.0.0/14
93.90.224.0/20
94.140.128.0/19
95.169.128.0/19
109.198.224.0/19
141.105.24.0/21
176.222.17.0/24
178.141.0.0/16
178.155.0.0/17
185.168.236.0/22
193.104.128.0/24
195.34.0.0/18
212.188.0.0/17
213.87.0.0/16
213.147.32.0/19
213.176.228.0/22
217.74.244.0-217.74.255.255
IPv6:
2a00:1fa0::/29
2a02:28::/29
Signature Algorithm: sha256WithRSAEncryption
1a:e8:f8:47:d6:dd:ec:33:e3:97:f7:9d:5a:7d:17:21:2b:92:
23:24:b4:87:73:ee:28:5e:5e:85:7f:d4:87:71:30:ad:ef:38:
a5:40:cd:1d:5e:00:9e:22:77:95:42:c4:24:ce:47:8d:2e:21:
e2:4d:d4:ad:17:08:a8:9a:16:3a:ea:f2:c4:89:a3:a7:40:96:
6b:49:2d:10:b5:13:ed:b7:0a:70:40:89:74:2c:04:b0:03:97:
7b:33:f8:6b:39:1f:f1:c3:4c:99:d4:ae:b4:6b:1a:1b:db:cb:
32:3a:42:98:60:b8:b2:ba:dd:aa:1d:c7:f8:4b:5d:92:a5:c4:
5a:4b:87:f4:62:ba:3d:77:71:f7:fd:ac:3c:a7:12:36:eb:c4:
e5:bf:5e:19:7c:e3:fe:af:d7:32:a9:d1:5a:b0:20:cb:6c:84:
aa:02:ff:6a:36:28:f0:b6:6c:15:ec:a0:33:71:3f:95:19:ad:
2e:c0:94:19:4a:a0:42:f0:00:59:23:3d:57:3c:3a:38:16:03:
66:fe:87:a4:ef:9a:0a:a8:89:0d:20:b9:cb:3d:61:95:d9:fc:
57:11:00:be:ab:36:90:25:5d:17:56:fc:92:76:b7:e8:f8:81:
b8:c7:00:49:8a:d5:a1:d6:03:2f:6e:9c:ef:1d:06:1c:d1:2e:
c1:59:e2:20
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAY437t3Yk447UFf99alk0uC6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjQwMzEzMTMwOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWU2NDk0OWYwYjdkMWJkZDBiZjEyZmU1Y2ZmMTRjMTNiMjQzZjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPVZIJKvtt9Zjv531H6HR0wXr7P+
j+qL3uIFRP8yS8xidpBlHlXAOw1oVRl8uQa8JU0NdspHh0xyBCPDoIP7dK+BaxuU
jU55MCtU9PNAmb/nijTbYkdE++8wgDChFV1lrYW9ShSlDUpwZBHUVHWOnsxe8PiB
EDw2NfR2JTML9EUYRODWWTVwuAbVdBSyIqjXCIxXiuc5qUw5/sLDIsf+zXd14LIM
P8zm/Yj8fghPBRMqI31F/AwjqpTCwgd+O9duZBJ1feikcWkI0vKRV2Vc8jUnuPSC
LNoatuwFqR9tpIXS0lNoV7lXj652BQM+l6qEzwhPcLbYA7caQDp5V6ne9wIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFPnmSUnwt9G90L8S/lz/FME7JD8WMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvMS1lWkpTZkMzMGIzUXZ4TC1YUDhVd1Rza1B4WS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzkvNDUxZjA0LWUzYzktNDRlYS1hNmExLTQyODQ1ODY3OWNl
NC8xL3J2NGNoWlFKckYzblFVeEktR2M1a1R2bXQtVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB2gYIKwYBBQUHAQcBAf8Egcowgccwga4EAgABMIGnAwQF
BZBgAwMAPnYDBAU+qOADBABQU+0DBAVRWyADAwBRwwMEBlJgwAMDAFPtAwMBVYwD
BAVV6yADAwBZrwMDAltMAwQEXVrgAwQFXoyAAwQFX6mAAwQFbcbgAwQDjWkYAwQA
sN4RAwMAso0DBAeymwADBAK5qOwDBADBaIADBAbDIgADBAfUvAADAwDVVwMEBdWT
IAMEAtWw5DALAwQC2Ur0AwMA2UowFAQCAAIwDgMFAyoAH6ADBQMqAgAoMA0GCSqG
SIb3DQEBCwUAA4IBAQAa6PhH1t3sM+OX951afRchK5IjJLSHc+4oXl6Ff9SHcTCt
7zilQM0dXgCeIneVQsQkzkeNLiHiTdStFwiomhY66vLEiaOnQJZrSS0QtRPttwpw
QIl0LASwA5d7M/hrOR/xw0yZ1K60axob28syOkKYYLiyut2qHcf4S12SpcRaS4f0
Yro9d3H3/aw8pxI268Tlv14ZfOP+r9cyqdFasCDLbISqAv9qNijwtmwV7KAzcT+V
Ga0uwJQZSqBC8ABZIz1XPDo4FgNm/oek75oKqIkNILnLPWGV2fxXEQC+qzaQJV0X
VvySdrfo+IG4xwBJitWh1gMvbpzvHQYc0S7BWeIg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:44 2024 by rpki-client on console-fra.rpki-client.org