Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/If5FirTL8H28OxAlrzXBFk4tKiE.roa
File: If5FirTL8H28OxAlrzXBFk4tKiE.roa (raw, json)
Hash identifier: Batk9I69OyZQjD+KHf54TQpS1PhFs4S2OMBBcTdyZNk=
Subject key identifier: 21:FE:45:8A:B4:CB:F0:7D:BC:3B:10:25:AF:35:C1:16:4E:2D:2A:21
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 018F5D8CD6C48BB3F51C47308BF58267DE5B
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/If5FirTL8H28OxAlrzXBFk4tKiE.roa
Signing time: Thu 09 May 2024 13:31:02 +0000
ROA not before: Thu 09 May 2024 13:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 5.157.136.0/24 maxlen: 24
5.157.139.0/24 maxlen: 24
5.157.160.0/22 maxlen: 22
37.35.36.0/24 maxlen: 24
37.35.37.0/24 maxlen: 24
37.35.39.0/24 maxlen: 24
62.216.92.0/24 maxlen: 24
62.216.93.0/24 maxlen: 24
91.225.14.0/24 maxlen: 24
91.225.15.0/24 maxlen: 24
91.235.123.0/24 maxlen: 24
146.66.208.0/24 maxlen: 24
146.66.209.0/24 maxlen: 24
146.66.212.0/22 maxlen: 22
146.66.212.0/23 maxlen: 23
146.66.212.0/24 maxlen: 24
146.66.213.0/24 maxlen: 24
146.66.214.0/24 maxlen: 24
146.66.215.0/24 maxlen: 24
146.66.220.0/24 maxlen: 24
146.66.221.0/24 maxlen: 24
146.66.222.0/24 maxlen: 24
146.66.223.0/24 maxlen: 24
178.157.76.0/24 maxlen: 24
178.157.94.0/24 maxlen: 24
178.157.108.0/24 maxlen: 24
178.157.124.0/24 maxlen: 24
178.157.126.0/24 maxlen: 24
185.76.60.0/24 maxlen: 24
185.76.62.0/24 maxlen: 24
188.74.128.0/24 maxlen: 24
188.74.152.0/24 maxlen: 24
188.74.155.0/24 maxlen: 24
188.74.171.0/24 maxlen: 24
188.74.181.0/24 maxlen: 24
188.74.190.0/24 maxlen: 24
188.74.208.0/24 maxlen: 24
188.74.209.0/24 maxlen: 24
188.74.212.0/22 maxlen: 22
188.74.245.0/24 maxlen: 24
188.119.165.0/24 maxlen: 24
188.119.166.0/24 maxlen: 24
188.119.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Aug 2024 13:19:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5d:8c:d6:c4:8b:b3:f5:1c:47:30:8b:f5:82:67:de:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: May 9 13:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21fe458ab4cbf07dbc3b1025af35c1164e2d2a21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:4e:52:0c:6e:e8:6e:1a:80:9b:39:18:bf:b4:
06:11:fa:0b:83:95:1b:27:e6:3d:6d:83:ed:cc:f5:
fa:2e:25:4f:87:50:33:b6:8d:30:42:03:53:a8:38:
1c:89:b7:e5:d5:62:48:63:b9:69:3b:88:31:91:e6:
34:5e:0e:a5:8a:ea:a0:0f:18:69:e3:6d:aa:e4:48:
11:f3:cd:ad:83:8d:3b:bb:b4:82:5a:96:07:79:06:
97:de:12:6f:ef:f2:64:e9:00:d8:83:94:ed:67:ad:
a1:9c:af:b5:9a:c1:18:89:2d:d5:db:af:15:32:93:
1f:3b:fa:0b:62:85:7f:46:8b:cf:48:2d:21:5a:71:
79:15:79:8f:77:42:30:ba:e6:85:9d:b0:11:91:fe:
77:1f:83:a0:21:34:98:81:ae:08:fe:69:93:84:83:
06:74:e7:eb:c2:23:a7:fb:54:f7:c0:49:12:23:af:
82:37:88:b5:b8:5c:21:0d:65:74:cd:1b:ed:5f:cf:
a1:d0:2c:85:d7:06:b4:34:6e:10:c2:45:5f:fe:e2:
1c:a2:4b:6c:05:81:9b:b1:a4:02:60:3e:83:fd:b1:
bb:90:55:e8:dc:d6:93:45:a2:70:71:11:93:dc:cc:
7f:15:b0:8b:8e:c8:38:61:ee:48:c4:13:1b:0f:e8:
2f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:FE:45:8A:B4:CB:F0:7D:BC:3B:10:25:AF:35:C1:16:4E:2D:2A:21
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/If5FirTL8H28OxAlrzXBFk4tKiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.136.0/24
5.157.139.0/24
5.157.160.0/22
37.35.36.0/23
37.35.39.0/24
62.216.92.0/23
91.225.14.0/23
91.235.123.0/24
146.66.208.0/23
146.66.212.0/22
146.66.220.0/22
178.157.76.0/24
178.157.94.0/24
178.157.108.0/24
178.157.124.0/24
178.157.126.0/24
185.76.60.0/24
185.76.62.0/24
188.74.128.0/24
188.74.152.0/24
188.74.155.0/24
188.74.171.0/24
188.74.181.0/24
188.74.190.0/24
188.74.208.0/23
188.74.212.0/22
188.74.245.0/24
188.119.165.0-188.119.166.255
188.119.181.0/24
Signature Algorithm: sha256WithRSAEncryption
55:61:69:50:a6:35:65:b1:b1:a7:4b:98:9f:d2:14:02:e0:08:
4b:c9:be:c0:9f:e2:4f:54:99:0b:2f:a7:cf:6f:e9:f5:a2:56:
24:c8:c5:f5:88:9b:4f:1e:a5:ff:16:31:7a:65:f4:e2:d4:54:
c1:31:21:c7:a8:33:a2:b8:db:72:ae:bc:91:ed:05:f5:df:c9:
f4:5f:76:b9:d6:bb:9c:57:61:48:36:68:cf:05:10:7d:65:07:
47:8f:e1:45:af:a1:55:9c:79:df:fe:87:32:6e:ce:82:eb:fb:
c7:28:37:5c:87:7e:bc:b3:65:99:57:d9:1e:9a:dc:8e:6b:e6:
cc:94:7d:e4:5c:a5:e7:ac:44:1f:48:24:ea:7c:fe:d9:8b:d8:
28:38:b7:2d:e5:60:ab:fa:d7:ba:c1:26:8e:88:06:fd:be:48:
52:94:99:83:75:b8:46:11:2c:db:99:b2:81:28:91:be:ae:81:
9f:a6:0a:2b:39:10:6f:09:4c:2d:31:09:cc:5d:9d:13:82:d7:
e5:67:1d:9f:73:38:8f:5b:f6:4d:ad:0e:7a:c5:a3:25:97:21:
bf:84:ca:c3:c0:d4:fa:a3:ea:62:66:8e:6a:26:f2:e6:3f:88:
7d:6f:bf:2c:8f:68:03:1e:3b:ab:56:1b:2b:c5:79:74:bc:8c:
14:9c:01:b2
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAY9djNbEi7P1HEcwi/WCZ95bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjQwNTA5MTMzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWZlNDU4YWI0Y2JmMDdkYmMzYjEwMjVhZjM1YzExNjRlMmQyYTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxk5SDG7obhqAmzkYv7QGEfoLg5Ub
J+Y9bYPtzPX6LiVPh1Azto0wQgNTqDgcibfl1WJIY7lpO4gxkeY0Xg6liuqgDxhp
422q5EgR882tg407u7SCWpYHeQaX3hJv7/Jk6QDYg5TtZ62hnK+1msEYiS3V268V
MpMfO/oLYoV/RovPSC0hWnF5FXmPd0IwuuaFnbARkf53H4OgITSYga4I/mmThIMG
dOfrwiOn+1T3wEkSI6+CN4i1uFwhDWV0zRvtX8+h0CyF1wa0NG4QwkVf/uIcokts
BYGbsaQCYD6D/bG7kFXo3NaTRaJwcRGT3Mx/FbCLjsg4Ye5IxBMbD+gvRwIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFCH+RYq0y/B9vDsQJa81wRZOLSohMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvSWY1RmlyVEw4SDI4T3hBbHJ6WEJGazR0S2lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBvQQCAAEwgbYDBAAF
nYgDBAAFnYsDBAIFnaADBAElIyQDBAAlIycDBAE+2FwDBAFb4Q4DBABb63sDBAGS
QtADBAKSQtQDBAKSQtwDBACynUwDBACynV4DBACynWwDBACynXwDBACynX4DBAC5
TDwDBAC5TD4DBAC8SoADBAC8SpgDBAC8SpsDBAC8SqsDBAC8SrUDBAC8Sr4DBAG8
StADBAK8StQDBAC8SvUwDAMEALx3pQMEALx3pgMEALx3tTANBgkqhkiG9w0BAQsF
AAOCAQEAVWFpUKY1ZbGxp0uYn9IUAuAIS8m+wJ/iT1SZCy+nz2/p9aJWJMjF9Yib
Tx6l/xYxemX04tRUwTEhx6gzorjbcq68ke0F9d/J9F92uda7nFdhSDZozwUQfWUH
R4/hRa+hVZx53/6HMm7Oguv7xyg3XId+vLNlmVfZHprcjmvmzJR95Fyl56xEH0gk
6nz+2YvYKDi3LeVgq/rXusEmjogG/b5IUpSZg3W4RhEs25mygSiRvq6Bn6YKKzkQ
bwlMLTEJzF2dE4LX5Wcdn3M4j1v2Ta0OesWjJZchv4TKw8DU+qPqYmaOaiby5j+I
fW+/LI9oAx47q1YbK8V5dLyMFJwBsg==
-----END CERTIFICATE-----
Generated at Thu Aug 29 17:04:57 2024 by rpki-client on console-ams.rpki-client.org