Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/iqB5lSfxhJfToDXHyZ_LSdWbQ0Y.roa
File: iqB5lSfxhJfToDXHyZ_LSdWbQ0Y.roa (raw, json)
Hash identifier: iEAcDsNkImfo3nnUL1Vfw9L1Ja2QSt7BKP6hxKySt4Q=
Subject key identifier: 8A:A0:79:95:27:F1:84:97:D3:A0:35:C7:C9:9F:CB:49:D5:9B:43:46
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0191487CC1B5AC41D29DA823AA44DC218147
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/iqB5lSfxhJfToDXHyZ_LSdWbQ0Y.roa
Signing time: Mon 12 Aug 2024 21:27:01 +0000
ROA not before: Mon 12 Aug 2024 21:27:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 5.42.218.0/24 maxlen: 24
31.41.253.0/24 maxlen: 24
45.87.124.0/24 maxlen: 24
45.87.125.0/24 maxlen: 24
45.87.127.0/24 maxlen: 24
45.128.124.0/24 maxlen: 24
45.128.128.0/24 maxlen: 24
45.129.198.0/24 maxlen: 24
62.3.7.0/24 maxlen: 24
62.3.31.0/24 maxlen: 24
77.72.83.0/24 maxlen: 24
77.72.84.0/24 maxlen: 24
84.252.69.0/24 maxlen: 24
88.151.112.0/24 maxlen: 24
88.218.184.0/24 maxlen: 24
88.218.185.0/24 maxlen: 24
88.218.186.0/24 maxlen: 24
88.218.187.0/24 maxlen: 24
91.190.158.0/24 maxlen: 24
91.209.31.0/24 maxlen: 24
91.210.68.0/24 maxlen: 24
91.212.169.0/24 maxlen: 24
91.228.215.0/24 maxlen: 24
91.239.212.0/24 maxlen: 24
91.239.213.0/24 maxlen: 24
94.143.230.0/24 maxlen: 24
146.19.111.0/24 maxlen: 24
146.19.120.0/24 maxlen: 24
146.255.186.0/24 maxlen: 24
176.116.17.0/24 maxlen: 24
176.118.38.0/24 maxlen: 24
176.126.98.0/24 maxlen: 24
176.126.102.0/24 maxlen: 24
185.109.236.0/24 maxlen: 24
185.109.237.0/24 maxlen: 24
185.128.224.0/24 maxlen: 24
185.209.50.0/24 maxlen: 24
185.211.168.0/24 maxlen: 24
185.211.171.0/24 maxlen: 24
185.214.164.0/24 maxlen: 24
185.214.165.0/24 maxlen: 24
185.214.167.0/24 maxlen: 24
193.0.62.0/24 maxlen: 24
193.17.65.0/24 maxlen: 24
193.33.188.0/24 maxlen: 24
193.228.129.0/24 maxlen: 24
194.59.222.0/24 maxlen: 24
194.60.76.0/24 maxlen: 24
194.110.251.0/24 maxlen: 24
195.35.105.0/24 maxlen: 24
195.64.103.0/24 maxlen: 24
195.69.161.0/24 maxlen: 24
195.211.164.0/24 maxlen: 24
212.107.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Aug 2024 19:45:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:48:7c:c1:b5:ac:41:d2:9d:a8:23:aa:44:dc:21:81:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Aug 12 21:27:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8aa0799527f18497d3a035c7c99fcb49d59b4346
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e9:da:4f:51:e8:24:1a:39:0e:f6:57:9a:dd:
51:49:9a:03:a0:fc:8b:43:1e:27:c0:4d:f2:e9:aa:
d8:0e:f9:0d:8c:44:bb:9c:df:92:fd:6c:36:5a:29:
45:2f:19:26:11:af:65:98:db:6a:ad:d4:65:80:8d:
ac:d9:e2:69:ec:6b:c3:bd:7d:ab:fb:9e:65:51:0c:
81:a7:48:da:46:70:6a:bc:93:b7:ff:ef:dc:cf:36:
20:fe:9e:0a:e2:41:9b:34:7b:76:07:be:f0:9b:87:
65:47:d9:e4:a8:1a:98:d8:25:3f:a9:4a:ca:09:23:
df:ad:b1:72:68:6a:17:25:80:5f:ea:91:4d:e2:94:
16:49:a4:82:27:48:5e:e9:dd:d0:50:52:aa:02:cb:
c7:6d:76:4e:ef:53:34:b8:2c:78:e2:6b:8c:8e:ab:
bc:40:3c:17:b7:31:eb:dd:bf:be:ab:53:09:80:16:
a8:d5:39:e7:22:8d:56:c1:62:22:ab:8f:a0:1e:a5:
65:40:1f:10:bc:fa:66:3c:fa:68:1a:ff:f9:13:c0:
7e:70:6e:c1:42:cc:c6:b7:92:e3:4c:86:e3:22:14:
08:f7:79:00:46:28:ad:ec:e9:26:0e:cf:1a:e9:e6:
73:aa:13:f3:4b:82:46:54:d6:63:a2:2b:35:93:1f:
59:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A0:79:95:27:F1:84:97:D3:A0:35:C7:C9:9F:CB:49:D5:9B:43:46
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/iqB5lSfxhJfToDXHyZ_LSdWbQ0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.218.0/24
31.41.253.0/24
45.87.124.0/23
45.87.127.0/24
45.128.124.0/24
45.128.128.0/24
45.129.198.0/24
62.3.7.0/24
62.3.31.0/24
77.72.83.0-77.72.84.255
84.252.69.0/24
88.151.112.0/24
88.218.184.0/22
91.190.158.0/24
91.209.31.0/24
91.210.68.0/24
91.212.169.0/24
91.228.215.0/24
91.239.212.0/23
94.143.230.0/24
146.19.111.0/24
146.19.120.0/24
146.255.186.0/24
176.116.17.0/24
176.118.38.0/24
176.126.98.0/24
176.126.102.0/24
185.109.236.0/23
185.128.224.0/24
185.209.50.0/24
185.211.168.0/24
185.211.171.0/24
185.214.164.0/23
185.214.167.0/24
193.0.62.0/24
193.17.65.0/24
193.33.188.0/24
193.228.129.0/24
194.59.222.0/24
194.60.76.0/24
194.110.251.0/24
195.35.105.0/24
195.64.103.0/24
195.69.161.0/24
195.211.164.0/24
212.107.25.0/24
Signature Algorithm: sha256WithRSAEncryption
73:29:4d:77:cd:75:f1:7c:f4:a8:6d:b8:49:bc:cd:ef:7f:e3:
14:7f:b7:3c:fa:cc:4f:6d:a7:41:eb:4a:2e:89:90:1f:7d:24:
9d:1e:fe:cb:55:8e:81:fe:23:29:46:bd:06:93:8c:21:c9:0c:
87:02:43:d2:67:81:c3:be:35:b5:da:22:8e:c9:da:9a:4c:da:
d5:d0:0a:b1:58:c3:57:f4:83:29:20:c6:ed:f6:84:8e:de:5f:
98:9b:00:66:a1:0e:7a:bf:ad:90:dd:33:fc:54:e8:d1:0a:9c:
8b:dc:93:04:2b:c6:e8:37:b4:5a:dd:d7:23:2d:bc:25:06:ad:
c6:48:bd:02:c9:e2:ef:ea:4a:2b:d6:30:5e:f8:e2:da:97:03:
09:07:17:eb:c2:a4:bb:0e:67:c7:11:67:4f:41:83:8c:1b:00:
a4:fa:27:cc:e1:76:ca:f7:4a:58:03:9a:49:c9:0c:17:a8:cb:
78:bb:3c:11:b6:38:fc:79:01:ed:ed:9f:13:55:23:16:fa:82:
a1:eb:7e:c2:b5:03:63:b1:e2:47:a9:88:67:fe:e2:b6:0c:6a:
02:33:72:04:cb:10:3f:1c:01:53:d2:fd:ba:4b:0d:1b:28:7e:
12:17:cb:6c:54:a0:8a:eb:68:e4:91:5d:4b:67:fb:3e:91:ff:
d1:80:6c:7e
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgISAZFIfMG1rEHSnagjqkTcIYFHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwODEyMjEyNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWEwNzk5NTI3ZjE4NDk3ZDNhMDM1YzdjOTlmY2I0OWQ1OWI0MzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OnaT1HoJBo5DvZXmt1RSZoDoPyL
Qx4nwE3y6arYDvkNjES7nN+S/Ww2WilFLxkmEa9lmNtqrdRlgI2s2eJp7GvDvX2r
+55lUQyBp0jaRnBqvJO3/+/czzYg/p4K4kGbNHt2B77wm4dlR9nkqBqY2CU/qUrK
CSPfrbFyaGoXJYBf6pFN4pQWSaSCJ0he6d3QUFKqAsvHbXZO71M0uCx44muMjqu8
QDwXtzHr3b++q1MJgBao1TnnIo1WwWIiq4+gHqVlQB8QvPpmPPpoGv/5E8B+cG7B
QszGt5LjTIbjIhQI93kARiit7OkmDs8a6eZzqhPzS4JGVNZjois1kx9ZlwIDAQAB
o4IDKTCCAyUwHQYDVR0OBBYEFIqgeZUn8YSX06A1x8mfy0nVm0NGMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvaXFCNWxTZnhoSmZUb0RYSHlaX0xTZFdiUTBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPQYIKwYBBQUHAQcBAf8EggEsMIIBKDCCASQEAgABMIIB
HAMEAAUq2gMEAB8p/QMEAS1XfAMEAC1XfwMEAC2AfAMEAC2AgAMEAC2BxgMEAD4D
BwMEAD4DHzAMAwQATUhTAwQATUhUAwQAVPxFAwQAWJdwAwQCWNq4AwQAW76eAwQA
W9EfAwQAW9JEAwQAW9SpAwQAW+TXAwQBW+/UAwQAXo/mAwQAkhNvAwQAkhN4AwQA
kv+6AwQAsHQRAwQAsHYmAwQAsH5iAwQAsH5mAwQBuW3sAwQAuYDgAwQAudEyAwQA
udOoAwQAudOrAwQBudakAwQAudanAwQAwQA+AwQAwRFBAwQAwSG8AwQAweSBAwQA
wjveAwQAwjxMAwQAwm77AwQAwyNpAwQAw0BnAwQAw0WhAwQAw9OkAwQA1GsZMA0G
CSqGSIb3DQEBCwUAA4IBAQBzKU13zXXxfPSobbhJvM3vf+MUf7c8+sxPbadB60ou
iZAffSSdHv7LVY6B/iMpRr0Gk4whyQyHAkPSZ4HDvjW12iKOydqaTNrV0AqxWMNX
9IMpIMbt9oSO3l+YmwBmoQ56v62Q3TP8VOjRCpyL3JMEK8boN7Ra3dcjLbwlBq3G
SL0CyeLv6kor1jBe+OLalwMJBxfrwqS7DmfHEWdPQYOMGwCk+ifM4XbK90pYA5pJ
yQwXqMt4uzwRtjj8eQHt7Z8TVSMW+oKh637CtQNjseJHqYhn/uK2DGoCM3IEyxA/
HAFT0v26Sw0bKH4SF8tsVKCK62jkkV1LZ/s+kf/RgGx+
-----END CERTIFICATE-----
Generated at Wed Aug 14 22:30:41 2024 by rpki-client on console-fra.rpki-client.org