Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/X8smguS2vhaNfednmkkjC-fJX2o.roa
File: X8smguS2vhaNfednmkkjC-fJX2o.roa (raw, json)
Hash identifier: GldfjnRD01GL+wJtWddrjqf0TrNGTpZlz+hhoYTera4=
Subject key identifier: 5F:CB:26:82:E4:B6:BE:16:8D:7D:E7:67:9A:49:23:0B:E7:C9:5F:6A
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 01913698DF5167AFC3CA553696436022A65E
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/X8smguS2vhaNfednmkkjC-fJX2o.roa
Signing time: Fri 09 Aug 2024 10:04:33 +0000
ROA not before: Fri 09 Aug 2024 10:04:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 5.42.218.0/24 maxlen: 24
31.41.253.0/24 maxlen: 24
45.87.124.0/24 maxlen: 24
45.87.125.0/24 maxlen: 24
45.87.127.0/24 maxlen: 24
45.128.124.0/24 maxlen: 24
45.128.128.0/24 maxlen: 24
45.129.198.0/24 maxlen: 24
62.3.7.0/24 maxlen: 24
62.3.31.0/24 maxlen: 24
77.72.83.0/24 maxlen: 24
77.72.84.0/24 maxlen: 24
84.252.69.0/24 maxlen: 24
88.151.112.0/24 maxlen: 24
88.218.184.0/24 maxlen: 24
88.218.185.0/24 maxlen: 24
88.218.186.0/24 maxlen: 24
88.218.187.0/24 maxlen: 24
91.190.158.0/24 maxlen: 24
91.209.31.0/24 maxlen: 24
91.210.68.0/24 maxlen: 24
91.212.169.0/24 maxlen: 24
91.228.215.0/24 maxlen: 24
91.239.212.0/24 maxlen: 24
91.239.213.0/24 maxlen: 24
146.19.120.0/24 maxlen: 24
146.255.186.0/24 maxlen: 24
176.116.17.0/24 maxlen: 24
176.126.102.0/24 maxlen: 24
185.109.236.0/24 maxlen: 24
185.109.237.0/24 maxlen: 24
185.128.224.0/24 maxlen: 24
185.209.50.0/24 maxlen: 24
185.211.168.0/24 maxlen: 24
185.211.171.0/24 maxlen: 24
185.214.164.0/24 maxlen: 24
185.214.165.0/24 maxlen: 24
185.214.167.0/24 maxlen: 24
193.0.62.0/24 maxlen: 24
193.17.65.0/24 maxlen: 24
193.228.129.0/24 maxlen: 24
194.59.222.0/24 maxlen: 24
194.60.76.0/24 maxlen: 24
195.35.105.0/24 maxlen: 24
195.64.103.0/24 maxlen: 24
195.69.161.0/24 maxlen: 24
195.211.164.0/24 maxlen: 24
212.107.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Aug 2024 21:26:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:36:98:df:51:67:af:c3:ca:55:36:96:43:60:22:a6:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Aug 9 10:04:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fcb2682e4b6be168d7de7679a49230be7c95f6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8e:52:a4:b4:b6:14:6b:d7:eb:f7:6b:09:95:
1b:b1:82:e1:89:27:6e:b0:cd:a2:18:61:1b:14:46:
f6:2e:cb:3f:d7:d1:1e:a6:08:17:8e:88:90:b4:1c:
7a:66:3c:92:6b:db:5f:28:c4:40:c8:f0:5c:33:9f:
f2:9a:cc:04:0a:2c:4d:89:7b:ca:5e:19:3c:30:01:
6c:06:ac:8d:05:8e:d8:6b:e8:d7:60:c6:43:36:7e:
60:53:84:c1:50:e5:fb:54:54:ad:88:b3:41:21:51:
04:00:29:60:ef:6e:67:5e:9b:a5:e5:58:71:10:f7:
96:96:bc:bf:79:77:e2:b5:e6:6d:bd:ea:11:91:04:
9f:9b:39:da:08:05:f0:3f:1d:28:5b:f5:34:45:f5:
b4:7c:18:39:8b:26:d0:04:a8:30:cf:90:32:0c:f8:
36:f1:99:fd:fb:eb:fa:74:02:52:70:2f:08:85:ba:
52:a0:ce:30:d5:e3:fe:cd:9a:78:75:21:a0:0a:d1:
b3:31:cd:2d:c5:a1:bd:f6:4b:12:bb:de:ca:6b:5a:
ab:8d:d0:2e:2f:75:34:c4:6e:a9:ad:a8:da:fb:47:
9d:97:1d:e9:c7:51:dc:b1:cc:79:aa:6a:5f:38:88:
c7:dc:f9:d4:5b:9f:61:ed:62:10:72:ac:e3:8e:e1:
3f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:CB:26:82:E4:B6:BE:16:8D:7D:E7:67:9A:49:23:0B:E7:C9:5F:6A
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/X8smguS2vhaNfednmkkjC-fJX2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.218.0/24
31.41.253.0/24
45.87.124.0/23
45.87.127.0/24
45.128.124.0/24
45.128.128.0/24
45.129.198.0/24
62.3.7.0/24
62.3.31.0/24
77.72.83.0-77.72.84.255
84.252.69.0/24
88.151.112.0/24
88.218.184.0/22
91.190.158.0/24
91.209.31.0/24
91.210.68.0/24
91.212.169.0/24
91.228.215.0/24
91.239.212.0/23
146.19.120.0/24
146.255.186.0/24
176.116.17.0/24
176.126.102.0/24
185.109.236.0/23
185.128.224.0/24
185.209.50.0/24
185.211.168.0/24
185.211.171.0/24
185.214.164.0/23
185.214.167.0/24
193.0.62.0/24
193.17.65.0/24
193.228.129.0/24
194.59.222.0/24
194.60.76.0/24
195.35.105.0/24
195.64.103.0/24
195.69.161.0/24
195.211.164.0/24
212.107.25.0/24
Signature Algorithm: sha256WithRSAEncryption
77:ad:96:c4:bc:b5:93:9a:5a:be:0e:87:9f:fb:87:a4:1a:7c:
82:8b:87:a9:72:03:d4:49:6f:74:b0:d4:f6:8e:ad:d9:f3:36:
62:31:35:06:e9:88:dd:4d:92:69:8c:98:f6:6c:9a:9d:f5:79:
9c:fa:8e:69:c4:2e:0a:62:57:8f:ed:ac:fa:fa:0e:d8:57:00:
e3:ad:3c:02:ce:3f:1b:36:af:84:91:5b:93:b6:1e:a5:b8:98:
1a:00:23:c5:d6:ba:e4:0b:45:81:d1:47:1c:58:2a:35:12:b5:
94:cc:d4:75:fa:c2:51:52:d0:33:f3:7e:a2:55:c8:28:68:34:
ae:0c:b9:d5:44:fc:6f:45:5b:0d:9d:2d:08:e7:14:0f:e0:1a:
74:3d:ef:81:96:27:42:c9:22:b6:3f:eb:4a:ca:87:a7:99:96:
c8:f3:b8:6d:4c:22:29:b7:6d:c8:f5:f7:ac:f5:ee:c6:1b:91:
bb:a7:09:3e:2f:33:8b:75:d7:cd:ae:22:fa:e1:ed:d2:06:2b:
48:1e:f6:96:f7:df:c9:59:a8:53:9c:5b:e6:6e:67:4a:04:14:
26:4d:47:fa:59:13:e2:b6:ab:ed:ac:6a:66:27:f0:42:58:f0:
f0:eb:a2:46:3e:39:2a:79:c5:d5:2e:64:64:a5:6d:ed:bc:61:
27:8a:50:8d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgISAZE2mN9RZ6/DylU2lkNgIqZeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwODA5MTAwNDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmNiMjY4MmU0YjZiZTE2OGQ3ZGU3Njc5YTQ5MjMwYmU3Yzk1ZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw45SpLS2FGvX6/drCZUbsYLhiSdu
sM2iGGEbFEb2Lss/19EepggXjoiQtBx6ZjySa9tfKMRAyPBcM5/ymswECixNiXvK
Xhk8MAFsBqyNBY7Ya+jXYMZDNn5gU4TBUOX7VFStiLNBIVEEAClg725nXpul5Vhx
EPeWlry/eXfiteZtveoRkQSfmznaCAXwPx0oW/U0RfW0fBg5iybQBKgwz5AyDPg2
8Zn9++v6dAJScC8IhbpSoM4w1eP+zZp4dSGgCtGzMc0txaG99ksSu97Ka1qrjdAu
L3U0xG6praja+0edlx3px1Hcscx5qmpfOIjH3PnUW59h7WIQcqzjjuE/AwIDAQAB
o4IDAzCCAv8wHQYDVR0OBBYEFF/LJoLktr4WjX3nZ5pJIwvnyV9qMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvWDhzbWd1UzJ2aGFOZmVkbm1ra2pDLWZKWDJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFwYIKwYBBQUHAQcBAf8EggEGMIIBAjCB/wQCAAEwgfgD
BAAFKtoDBAAfKf0DBAEtV3wDBAAtV38DBAAtgHwDBAAtgIADBAAtgcYDBAA+AwcD
BAA+Ax8wDAMEAE1IUwMEAE1IVAMEAFT8RQMEAFiXcAMEAljauAMEAFu+ngMEAFvR
HwMEAFvSRAMEAFvUqQMEAFvk1wMEAVvv1AMEAJITeAMEAJL/ugMEALB0EQMEALB+
ZgMEAblt7AMEALmA4AMEALnRMgMEALnTqAMEALnTqwMEAbnWpAMEALnWpwMEAMEA
PgMEAMERQQMEAMHkgQMEAMI73gMEAMI8TAMEAMMjaQMEAMNAZwMEAMNFoQMEAMPT
pAMEANRrGTANBgkqhkiG9w0BAQsFAAOCAQEAd62WxLy1k5pavg6Hn/uHpBp8gouH
qXID1ElvdLDU9o6t2fM2YjE1BumI3U2SaYyY9myanfV5nPqOacQuCmJXj+2s+voO
2FcA4608As4/GzavhJFbk7YepbiYGgAjxda65AtFgdFHHFgqNRK1lMzUdfrCUVLQ
M/N+olXIKGg0rgy51UT8b0VbDZ0tCOcUD+AadD3vgZYnQskitj/rSsqHp5mWyPO4
bUwiKbdtyPX3rPXuxhuRu6cJPi8zi3XXza4i+uHt0gYrSB72lvffyVmoU5xb5m5n
SgQUJk1H+lkT4rar7axqZifwQljw8OuiRj45KnnF1S5kZKVt7bxhJ4pQjQ==
-----END CERTIFICATE-----
Generated at Mon Aug 12 23:28:36 2024 by rpki-client on console-fra.rpki-client.org