Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/KXNInkgQ09LbcCj1tlS163lx8vs.roa
File: KXNInkgQ09LbcCj1tlS163lx8vs.roa (raw, json)
Hash identifier: 30uebCgCHpH6vovpsdDqi9kNAqWfMzxdge0x9fWaSzI=
Subject key identifier: 29:73:48:9E:48:10:D3:D2:DB:70:28:F5:B6:54:B5:EB:79:71:F2:FB
Certificate issuer: /CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Certificate serial: 018E2805394C61C0DEF9826CCD240BCDFB1E
Authority key identifier: 2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/KXNInkgQ09LbcCj1tlS163lx8vs.roa
Signing time: Sun 10 Mar 2024 11:00:14 +0000
ROA not before: Sun 10 Mar 2024 11:00:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50810
IP address blocks: 5.201.128.0/18 maxlen: 18
5.201.128.0/21 maxlen: 21
5.201.138.0/24 maxlen: 24
5.201.142.0/23 maxlen: 23
5.201.144.0/21 maxlen: 21
5.201.144.0/23 maxlen: 23
5.201.152.0/22 maxlen: 22
5.201.156.0/22 maxlen: 22
5.201.160.0/23 maxlen: 23
5.201.162.0/24 maxlen: 24
5.201.168.0/22 maxlen: 22
5.201.174.0/24 maxlen: 24
37.156.16.0/21 maxlen: 21
37.156.24.0/22 maxlen: 22
37.156.30.0/23 maxlen: 23
37.156.31.0/24 maxlen: 24
89.37.0.0/20 maxlen: 20
89.37.0.0/24 maxlen: 24
89.37.8.0/22 maxlen: 22
89.37.8.0/24 maxlen: 24
89.37.12.0/24 maxlen: 24
89.37.14.0/24 maxlen: 24
89.37.15.0/24 maxlen: 24
89.43.0.0/21 maxlen: 21
89.43.4.0/22 maxlen: 22
89.43.8.0/22 maxlen: 22
89.43.10.0/23 maxlen: 23
89.43.12.0/23 maxlen: 23
92.114.16.0/20 maxlen: 24
92.114.20.0/23 maxlen: 23
92.114.20.0/24 maxlen: 24
92.114.21.0/24 maxlen: 24
92.114.22.0/23 maxlen: 23
92.114.24.0/21 maxlen: 21
92.114.25.0/24 maxlen: 24
92.114.28.0/22 maxlen: 22
94.101.128.0/20 maxlen: 24
94.101.128.0/21 maxlen: 21
94.101.136.0/22 maxlen: 22
94.101.139.0/24 maxlen: 24
94.101.140.0/23 maxlen: 23
94.101.142.0/23 maxlen: 23
94.101.142.0/24 maxlen: 24
185.22.30.0/23 maxlen: 23
185.103.84.0/22 maxlen: 22
185.103.84.0/24 maxlen: 24
185.103.85.0/24 maxlen: 24
185.135.228.0/22 maxlen: 22
185.135.230.0/24 maxlen: 24
185.135.231.0/24 maxlen: 24
185.136.100.0/22 maxlen: 22
185.162.40.0/22 maxlen: 22
185.175.76.0/23 maxlen: 23
185.175.78.0/23 maxlen: 23
185.176.32.0/22 maxlen: 22
185.182.220.0/22 maxlen: 22
185.182.220.0/24 maxlen: 24
185.182.221.0/24 maxlen: 24
185.182.222.0/23 maxlen: 23
188.213.64.0/20 maxlen: 21
188.213.72.0/24 maxlen: 24
188.213.73.0/24 maxlen: 24
188.213.74.0/24 maxlen: 24
188.213.75.0/24 maxlen: 24
188.213.76.0/22 maxlen: 22
2a00:5ca0::/29 maxlen: 29
2a00:5ca0::/31 maxlen: 31
2a00:5ca0::/32 maxlen: 32
2a00:5ca2::/31 maxlen: 31
2a00:5ca4::/31 maxlen: 31
Validation: Failed, certificate revoked on Sun 19 May 2024 12:58:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:28:05:39:4c:61:c0:de:f9:82:6c:cd:24:0b:cd:fb:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Validity
Not Before: Mar 10 11:00:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2973489e4810d3d2db7028f5b654b5eb7971f2fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:66:fa:f4:2d:9b:26:66:72:e0:e0:3d:3a:5a:
6b:be:76:15:85:9b:74:f7:a3:b4:bf:f5:48:6b:54:
32:b8:f9:37:66:ca:a8:d5:b3:47:1d:56:91:a1:cb:
d3:38:ec:3c:5a:34:69:75:fb:a7:31:d0:39:89:19:
d7:b9:fd:8f:5f:4b:13:96:e7:38:30:43:0a:ee:de:
f3:96:ef:35:17:d6:fc:e5:9a:ff:12:f0:ac:de:59:
db:20:12:59:3f:39:ce:7b:18:9c:ff:56:29:07:5d:
73:5d:8d:49:32:43:18:81:12:22:73:af:89:22:78:
0a:e1:c2:84:a7:f3:f3:6d:a6:ff:29:c0:23:36:7b:
74:bb:92:fb:b8:cd:e3:e0:d0:68:7e:9d:c6:5c:9e:
df:bc:be:e4:32:3a:c1:30:6d:be:f3:7f:05:2c:7c:
6d:db:d2:6f:29:03:87:12:d5:7e:cf:2d:1f:70:a8:
9d:5b:bb:4c:2c:22:d0:d8:90:04:31:e8:19:ee:f7:
23:6e:1a:17:86:43:e8:bd:94:5d:03:d2:e6:cf:93:
be:c9:93:c4:23:b2:fe:32:7b:64:76:a5:2d:7c:36:
f9:d6:f9:0d:06:72:c5:5e:80:8e:d0:96:02:b3:12:
1a:8e:b5:cc:3c:e2:f3:7f:49:38:b2:c8:14:2f:7e:
e8:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:73:48:9E:48:10:D3:D2:DB:70:28:F5:B6:54:B5:EB:79:71:F2:FB
X509v3 Authority Key Identifier:
keyid:2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/KXNInkgQ09LbcCj1tlS163lx8vs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.201.128.0/18
37.156.16.0-37.156.27.255
37.156.30.0/23
89.37.0.0/20
89.43.0.0-89.43.13.255
92.114.16.0/20
94.101.128.0/20
185.22.30.0/23
185.103.84.0/22
185.135.228.0/22
185.136.100.0/22
185.162.40.0/22
185.175.76.0/22
185.176.32.0/22
185.182.220.0/22
188.213.64.0/20
IPv6:
2a00:5ca0::/29
Signature Algorithm: sha256WithRSAEncryption
84:30:36:6c:ed:47:0e:70:e2:47:57:a2:3e:74:da:9e:db:1e:
e3:ec:25:ba:20:d2:da:0b:0f:4b:04:8b:cb:fa:d0:37:2c:be:
99:26:1a:b0:1c:16:7d:30:96:14:ec:8d:4d:0a:ac:39:66:03:
67:09:b0:d1:f1:8c:0d:40:1f:3e:0d:53:5f:45:06:0a:fb:7f:
b7:17:a7:64:1c:46:95:09:1c:c2:18:38:25:bc:9d:73:03:c3:
d6:21:58:ab:02:bf:f5:1e:26:49:dc:50:53:64:a7:2e:31:20:
05:7e:ab:5f:aa:c8:f3:0c:6c:c1:91:28:6e:52:09:ee:cc:5c:
0f:a5:c1:b2:15:c3:7d:5e:77:84:2f:a4:16:02:4b:97:0a:7e:
34:3f:35:2f:ed:8b:ed:db:ed:11:04:5f:07:16:b5:1e:d2:0b:
ba:4e:d6:f8:70:55:6a:e6:fe:6a:2d:61:d2:10:00:e7:0c:00:
80:aa:a8:2e:a9:7e:d1:ca:c3:d7:29:a7:1c:f5:4f:a6:c2:23:
05:3a:d4:cf:0d:1b:9f:ce:cf:96:cf:ca:94:a8:cf:de:4f:95:
05:91:32:7b:fe:98:9b:f0:13:29:2d:c7:69:14:41:38:24:d7:
cb:f9:89:73:f2:8e:12:35:c3:e7:25:db:8f:f2:6c:42:01:6a:
05:e4:22:da
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAY4oBTlMYcDe+YJszSQLzfseMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmE0MzRjNGI1ZDIzOWM0ZTZlNDFiN2U1ODVjOGQ1OGY4
OTk1YWIwHhcNMjQwMzEwMTEwMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTczNDg5ZTQ4MTBkM2QyZGI3MDI4ZjViNjU0YjVlYjc5NzFmMmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2b69C2bJmZy4OA9OlprvnYVhZt0
96O0v/VIa1QyuPk3Zsqo1bNHHVaRocvTOOw8WjRpdfunMdA5iRnXuf2PX0sTluc4
MEMK7t7zlu81F9b85Zr/EvCs3lnbIBJZPznOexic/1YpB11zXY1JMkMYgRIic6+J
IngK4cKEp/Pzbab/KcAjNnt0u5L7uM3j4NBofp3GXJ7fvL7kMjrBMG2+838FLHxt
29JvKQOHEtV+zy0fcKidW7tMLCLQ2JAEMegZ7vcjbhoXhkPovZRdA9Lmz5O+yZPE
I7L+MntkdqUtfDb51vkNBnLFXoCO0JYCsxIajrXMPOLzf0k4ssgUL37ojQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFClzSJ5IENPS23Ao9bZUtet5cfL7MB8GA1UdIwQY
MBaAFC9qQ0xLXSOcTm5Bt+WFyNWPiZWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWIt
NDBiNmQ2N2ZjZDk0LzEvS1hOSW5rZ1EwOUxiY0NqMXRsUzE2M2x4OHZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWItNDBiNmQ2N2ZjZDk0
LzEvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjB1BAIAATBvAwQGBcmA
MAwDBAQlnBADBAIlnBgDBAElnB4DBARZJQAwCwMDAFkrAwQBWSsMAwQEXHIQAwQE
XmWAAwQBuRYeAwQCuWdUAwQCuYfkAwQCuYhkAwQCuaIoAwQCua9MAwQCubAgAwQC
ubbcAwQEvNVAMA0EAgACMAcDBQMqAFygMA0GCSqGSIb3DQEBCwUAA4IBAQCEMDZs
7UcOcOJHV6I+dNqe2x7j7CW6INLaCw9LBIvL+tA3LL6ZJhqwHBZ9MJYU7I1NCqw5
ZgNnCbDR8YwNQB8+DVNfRQYK+3+3F6dkHEaVCRzCGDglvJ1zA8PWIVirAr/1HiZJ
3FBTZKcuMSAFfqtfqsjzDGzBkShuUgnuzFwPpcGyFcN9XneEL6QWAkuXCn40PzUv
7Yvt2+0RBF8HFrUe0gu6Ttb4cFVq5v5qLWHSEADnDACAqqguqX7RysPXKacc9U+m
wiMFOtTPDRufzs+Wz8qUqM/eT5UFkTJ7/pib8BMpLcdpFEE4JNfL+Ylz8o4SNcPn
JduP8mxCAWoF5CLa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:12 2024 by rpki-client on console-fra.rpki-client.org