Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/28CngbIgGwdGdmznWtiGh4aGmUw.roa
File: 28CngbIgGwdGdmznWtiGh4aGmUw.roa (raw, json)
Hash identifier: 9kK7IQ+oXBdLqr150uUH8ei+en9Fm60IwXp16uFMqT0=
Subject key identifier: DB:C0:A7:81:B2:20:1B:07:46:76:6C:E7:5A:D8:86:87:86:86:99:4C
Certificate issuer: /CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Certificate serial: 018D3247A1372FE94E7B6F4440FB4AF1FCE8
Authority key identifier: 2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/28CngbIgGwdGdmznWtiGh4aGmUw.roa
Signing time: Mon 22 Jan 2024 17:46:11 +0000
ROA not before: Mon 22 Jan 2024 17:46:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50810
IP address blocks: 5.201.128.0/18 maxlen: 18
5.201.128.0/21 maxlen: 21
5.201.138.0/24 maxlen: 24
5.201.142.0/23 maxlen: 23
5.201.144.0/21 maxlen: 21
5.201.144.0/23 maxlen: 23
5.201.152.0/22 maxlen: 22
5.201.156.0/22 maxlen: 22
5.201.160.0/23 maxlen: 23
5.201.168.0/22 maxlen: 22
5.201.174.0/24 maxlen: 24
37.156.16.0/21 maxlen: 21
37.156.24.0/22 maxlen: 22
37.156.30.0/23 maxlen: 23
37.156.31.0/24 maxlen: 24
89.37.0.0/20 maxlen: 20
89.37.0.0/24 maxlen: 24
89.37.8.0/22 maxlen: 22
89.37.8.0/24 maxlen: 24
89.37.14.0/24 maxlen: 24
89.37.15.0/24 maxlen: 24
89.43.0.0/21 maxlen: 21
89.43.4.0/22 maxlen: 22
89.43.8.0/22 maxlen: 22
89.43.10.0/23 maxlen: 23
89.43.12.0/23 maxlen: 23
92.114.16.0/20 maxlen: 24
92.114.20.0/23 maxlen: 23
92.114.20.0/24 maxlen: 24
92.114.21.0/24 maxlen: 24
92.114.22.0/23 maxlen: 23
92.114.24.0/21 maxlen: 21
92.114.25.0/24 maxlen: 24
92.114.28.0/22 maxlen: 22
94.101.128.0/20 maxlen: 24
94.101.128.0/21 maxlen: 21
94.101.136.0/22 maxlen: 22
94.101.139.0/24 maxlen: 24
94.101.140.0/23 maxlen: 23
94.101.142.0/23 maxlen: 23
94.101.142.0/24 maxlen: 24
185.22.30.0/23 maxlen: 23
185.103.84.0/22 maxlen: 22
185.103.84.0/24 maxlen: 24
185.103.85.0/24 maxlen: 24
185.135.228.0/22 maxlen: 22
185.136.100.0/22 maxlen: 22
185.162.40.0/22 maxlen: 22
185.175.76.0/23 maxlen: 23
185.175.78.0/23 maxlen: 23
185.176.32.0/22 maxlen: 22
185.182.220.0/22 maxlen: 22
185.182.220.0/24 maxlen: 24
185.182.221.0/24 maxlen: 24
185.182.222.0/23 maxlen: 23
188.213.64.0/20 maxlen: 21
188.213.72.0/24 maxlen: 24
188.213.73.0/24 maxlen: 24
188.213.74.0/24 maxlen: 24
188.213.75.0/24 maxlen: 24
188.213.76.0/22 maxlen: 22
2a00:5ca0::/29 maxlen: 29
2a00:5ca0::/31 maxlen: 31
2a00:5ca0::/32 maxlen: 32
2a00:5ca2::/31 maxlen: 31
2a00:5ca4::/31 maxlen: 31
Validation: Failed, certificate revoked on Fri 26 Jan 2024 13:27:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:32:47:a1:37:2f:e9:4e:7b:6f:44:40:fb:4a:f1:fc:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Validity
Not Before: Jan 22 17:46:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbc0a781b2201b0746766ce75ad886878686994c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e4:e2:c9:d5:31:bd:e4:1a:e6:fe:f6:02:8e:
10:3a:d2:0f:c8:07:12:b0:69:fa:c7:0e:00:6a:60:
75:d1:59:e3:a6:3d:78:c8:30:4c:56:12:d5:25:a4:
1c:a6:a7:af:e0:22:87:12:f5:06:36:fd:b6:5c:7c:
27:21:eb:2f:48:49:9e:59:b6:61:0f:21:c9:d6:6c:
61:4f:67:e5:54:91:3e:fc:77:02:87:e8:d1:a6:32:
a0:e1:9c:02:61:c2:e3:58:49:2b:98:56:28:52:d2:
51:43:2e:a4:bd:99:e3:86:f6:95:f1:1d:a0:cc:bd:
22:f5:4e:dc:fd:b7:2b:a3:b0:c1:38:85:6d:e5:91:
8c:22:75:db:46:11:ce:72:1b:45:a0:80:f7:9b:2f:
ef:2a:e6:83:2e:09:e0:64:e8:b0:82:83:6d:c2:48:
f0:17:d3:5a:7d:91:48:e3:e6:1d:0c:f7:2a:1f:87:
19:ac:f1:bc:41:03:5e:32:f0:4d:4b:12:50:9b:aa:
01:c4:79:89:76:5d:44:a7:61:00:2f:7f:48:b7:be:
a0:81:28:4b:2e:f0:ae:fd:26:8e:70:d8:71:69:db:
a6:8b:4f:63:b1:bf:75:97:16:80:86:f0:45:63:43:
1c:56:40:a6:3a:b0:f1:cb:5a:34:81:22:78:5e:93:
a4:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:C0:A7:81:B2:20:1B:07:46:76:6C:E7:5A:D8:86:87:86:86:99:4C
X509v3 Authority Key Identifier:
keyid:2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/28CngbIgGwdGdmznWtiGh4aGmUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.201.128.0/18
37.156.16.0-37.156.27.255
37.156.30.0/23
89.37.0.0/20
89.43.0.0-89.43.13.255
92.114.16.0/20
94.101.128.0/20
185.22.30.0/23
185.103.84.0/22
185.135.228.0/22
185.136.100.0/22
185.162.40.0/22
185.175.76.0/22
185.176.32.0/22
185.182.220.0/22
188.213.64.0/20
IPv6:
2a00:5ca0::/29
Signature Algorithm: sha256WithRSAEncryption
41:1e:92:7c:7d:a0:0c:db:48:d7:04:6a:a6:d8:e1:bc:b0:ee:
90:43:0b:62:f6:b2:ea:91:88:e1:a6:4e:9e:37:8e:ab:0e:39:
08:c1:39:b1:45:63:8c:ff:d5:5d:5a:4a:5b:31:97:78:25:aa:
c1:63:49:4e:13:4e:1b:67:42:b9:6c:c0:54:4a:42:21:aa:1e:
fd:96:0e:e6:47:06:8c:21:ac:59:f5:28:da:d4:e6:ea:f7:87:
83:29:cb:56:fe:88:34:0c:df:83:05:1f:94:7a:cb:9f:b7:55:
db:fb:cb:d7:82:e2:89:9d:92:3f:04:8d:06:fa:92:80:41:6f:
85:98:20:7d:2d:72:c7:f2:49:55:a4:21:b0:32:22:b1:10:62:
94:b8:7b:3f:ae:0d:07:8e:a9:a1:81:0e:61:ef:ee:3f:06:53:
84:bc:0b:5b:aa:ec:74:89:32:d9:9e:f9:e5:54:7a:f9:d4:d6:
75:d6:73:50:44:e7:97:9a:39:d7:f4:64:cf:f2:5a:df:15:9e:
bd:9b:d2:b4:dd:a7:8a:25:9c:30:c1:84:f6:3d:a3:00:45:d6:
c4:00:21:99:42:28:74:17:39:20:52:21:13:13:8e:aa:c9:27:
d4:73:b9:32:ec:c8:f0:bc:5b:66:bc:75:41:80:12:09:5f:d8:
85:69:c1:7f
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAY0yR6E3L+lOe29EQPtK8fzoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmE0MzRjNGI1ZDIzOWM0ZTZlNDFiN2U1ODVjOGQ1OGY4
OTk1YWIwHhcNMjQwMTIyMTc0NjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmMwYTc4MWIyMjAxYjA3NDY3NjZjZTc1YWQ4ODY4Nzg2ODY5OTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuTiydUxveQa5v72Ao4QOtIPyAcS
sGn6xw4AamB10Vnjpj14yDBMVhLVJaQcpqev4CKHEvUGNv22XHwnIesvSEmeWbZh
DyHJ1mxhT2flVJE+/HcCh+jRpjKg4ZwCYcLjWEkrmFYoUtJRQy6kvZnjhvaV8R2g
zL0i9U7c/bcro7DBOIVt5ZGMInXbRhHOchtFoID3my/vKuaDLgngZOiwgoNtwkjw
F9NafZFI4+YdDPcqH4cZrPG8QQNeMvBNSxJQm6oBxHmJdl1Ep2EAL39It76ggShL
LvCu/SaOcNhxadumi09jsb91lxaAhvBFY0McVkCmOrDxy1o0gSJ4XpOk+QIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFNvAp4GyIBsHRnZs51rYhoeGhplMMB8GA1UdIwQY
MBaAFC9qQ0xLXSOcTm5Bt+WFyNWPiZWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWIt
NDBiNmQ2N2ZjZDk0LzEvMjhDbmdiSWdHd2RHZG16bld0aUdoNGFHbVV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWItNDBiNmQ2N2ZjZDk0
LzEvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjB1BAIAATBvAwQGBcmA
MAwDBAQlnBADBAIlnBgDBAElnB4DBARZJQAwCwMDAFkrAwQBWSsMAwQEXHIQAwQE
XmWAAwQBuRYeAwQCuWdUAwQCuYfkAwQCuYhkAwQCuaIoAwQCua9MAwQCubAgAwQC
ubbcAwQEvNVAMA0EAgACMAcDBQMqAFygMA0GCSqGSIb3DQEBCwUAA4IBAQBBHpJ8
faAM20jXBGqm2OG8sO6QQwti9rLqkYjhpk6eN46rDjkIwTmxRWOM/9VdWkpbMZd4
JarBY0lOE04bZ0K5bMBUSkIhqh79lg7mRwaMIaxZ9Sja1Obq94eDKctW/og0DN+D
BR+Uesuft1Xb+8vXguKJnZI/BI0G+pKAQW+FmCB9LXLH8klVpCGwMiKxEGKUuHs/
rg0HjqmhgQ5h7+4/BlOEvAtbqux0iTLZnvnlVHr51NZ11nNQROeXmjnX9GTP8lrf
FZ69m9K03aeKJZwwwYT2PaMARdbEACGZQih0FzkgUiETE46qySfUc7ky7MjwvFtm
vHVBgBIJX9iFacF/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:19 2024 by rpki-client on console-ams.rpki-client.org