Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/lHwdW1LV9n41ENA61d-mwayeW_A.roa
File: lHwdW1LV9n41ENA61d-mwayeW_A.roa (raw, json)
Hash identifier: 6cZDK9qQ8Qcb1fl8foVR/pjBou77JNPAIgSqLr5HZCg=
Subject key identifier: 94:7C:1D:5B:52:D5:F6:7E:35:10:D0:3A:D5:DF:A6:C1:AC:9E:5B:F0
Certificate issuer: /CN=60a540ce450456345ec8e098ef4f53634d74bf1f
Certificate serial: 018FEE1856D947E47267138B12EBC8704884
Authority key identifier: 60:A5:40:CE:45:04:56:34:5E:C8:E0:98:EF:4F:53:63:4D:74:BF:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YKVAzkUEVjReyOCY709TY010vx8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/lHwdW1LV9n41ENA61d-mwayeW_A.roa
Signing time: Thu 06 Jun 2024 15:08:43 +0000
ROA not before: Thu 06 Jun 2024 15:08:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213122
IP address blocks: 5.252.165.0/24 maxlen: 24
5.252.166.0/24 maxlen: 24
5.252.167.0/24 maxlen: 24
31.216.59.0/24 maxlen: 24
45.87.60.0/24 maxlen: 24
45.87.61.0/24 maxlen: 24
45.87.62.0/24 maxlen: 24
45.87.63.0/24 maxlen: 24
45.130.152.0/24 maxlen: 24
45.130.153.0/24 maxlen: 24
45.130.154.0/24 maxlen: 24
45.130.155.0/24 maxlen: 24
45.143.144.0/24 maxlen: 24
45.143.145.0/24 maxlen: 24
45.143.146.0/24 maxlen: 24
45.143.147.0/24 maxlen: 24
89.36.230.0/24 maxlen: 24
89.37.100.0/24 maxlen: 24
89.46.43.0/24 maxlen: 24
103.104.248.0/24 maxlen: 24
103.104.249.0/24 maxlen: 24
103.104.251.0/24 maxlen: 24
103.202.52.0/24 maxlen: 24
103.202.53.0/24 maxlen: 24
103.202.54.0/24 maxlen: 24
103.202.55.0/24 maxlen: 24
185.162.74.0/24 maxlen: 24
185.162.75.0/24 maxlen: 24
188.210.236.0/24 maxlen: 24
194.49.68.0/24 maxlen: 24
194.49.69.0/24 maxlen: 24
194.49.78.0/24 maxlen: 24
194.49.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Oct 2024 22:58:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ee:18:56:d9:47:e4:72:67:13:8b:12:eb:c8:70:48:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60a540ce450456345ec8e098ef4f53634d74bf1f
Validity
Not Before: Jun 6 15:08:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=947c1d5b52d5f67e3510d03ad5dfa6c1ac9e5bf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:73:8b:d0:8e:0d:9c:21:1b:71:a3:b0:67:52:
93:80:f9:27:e3:bf:a3:a8:41:26:10:cb:f7:3a:5b:
e7:a6:9a:ad:00:a0:aa:38:90:d4:16:fc:99:65:21:
9d:c1:05:65:ae:b2:dc:b7:db:4e:03:13:8f:a0:0e:
55:a6:80:73:3b:b5:b9:2b:84:d3:74:34:a7:fc:be:
47:95:68:00:f4:0f:8e:67:58:ed:6f:dd:2b:ec:e6:
35:ce:8e:f5:c7:60:87:64:66:75:c6:11:c3:15:b0:
5c:7d:b9:de:f5:4c:da:2c:0e:ce:34:bc:3e:f6:a0:
b2:df:d4:f2:a5:98:e6:b8:39:7e:f2:73:86:67:63:
65:e6:07:1a:43:39:c3:cf:b4:8d:31:69:8f:f5:a4:
bf:0c:5d:e3:38:05:d9:44:ec:3a:dc:4f:f2:3c:97:
a8:3f:53:2a:4f:10:4e:a3:52:96:33:3d:69:5e:7d:
74:c8:cc:dd:b6:15:cf:3b:70:03:a9:0e:c9:61:9e:
28:69:a2:f3:9f:08:34:15:0f:9e:9e:0e:0f:04:7c:
92:38:38:bf:80:c5:d0:e9:b2:0a:a7:b2:8f:64:91:
78:2b:5f:3a:f9:8a:b2:09:0e:2b:89:ec:a1:11:ad:
44:4e:6d:b0:34:56:8b:21:d0:a7:01:e9:ba:0c:6a:
46:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:7C:1D:5B:52:D5:F6:7E:35:10:D0:3A:D5:DF:A6:C1:AC:9E:5B:F0
X509v3 Authority Key Identifier:
keyid:60:A5:40:CE:45:04:56:34:5E:C8:E0:98:EF:4F:53:63:4D:74:BF:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YKVAzkUEVjReyOCY709TY010vx8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/lHwdW1LV9n41ENA61d-mwayeW_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/YKVAzkUEVjReyOCY709TY010vx8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.165.0-5.252.167.255
31.216.59.0/24
45.87.60.0/22
45.130.152.0/22
45.143.144.0/22
89.36.230.0/24
89.37.100.0/24
89.46.43.0/24
103.104.248.0/23
103.104.251.0/24
103.202.52.0/22
185.162.74.0/23
188.210.236.0/24
194.49.68.0/23
194.49.78.0/23
Signature Algorithm: sha256WithRSAEncryption
19:3b:cd:70:d8:3a:73:66:8d:a7:3b:ce:2e:d1:67:89:b6:57:
b1:b6:62:f2:56:eb:5a:31:66:0e:59:74:c3:b0:7e:ea:94:42:
62:dc:b3:c3:fa:25:4f:a6:63:d0:a3:20:7d:5a:3e:5d:ff:e6:
ba:17:8b:d7:b5:94:6e:38:38:d2:b1:ef:62:bf:93:dc:69:c8:
a1:8c:83:9c:c7:6b:d3:a3:d3:22:be:e2:3d:41:30:8b:df:25:
de:bb:20:c4:d2:de:97:74:c4:df:b5:15:b9:c3:61:17:da:8c:
7a:7b:9f:f5:1a:74:e2:06:19:8f:4c:93:fa:9c:e8:82:28:d1:
dc:5d:b5:df:14:8d:f4:0f:c2:5d:f5:07:e8:4c:6d:69:af:47:
3d:c0:20:f2:96:61:46:09:1c:8f:61:f9:3f:54:bc:62:c1:9a:
51:49:8e:20:dc:c4:d3:7e:ee:e6:e2:6c:ff:77:f6:9b:83:af:
cf:4e:cd:d8:69:cc:ca:2f:9f:1d:af:85:40:90:d5:e9:43:80:
91:57:36:d8:0e:7d:2a:ad:3d:84:41:df:96:f4:46:c4:7d:c9:
ce:34:09:b6:e6:a5:4f:3d:0b:6f:46:41:81:22:b5:71:fa:e8:
bb:44:19:97:3a:85:72:39:f8:2a:b0:04:f9:3a:14:f1:1b:fd:
fe:36:97:6a
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAY/uGFbZR+RyZxOLEuvIcEiEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYTU0MGNlNDUwNDU2MzQ1ZWM4ZTA5OGVmNGY1MzYzNGQ3
NGJmMWYwHhcNMjQwNjA2MTUwODQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDdjMWQ1YjUyZDVmNjdlMzUxMGQwM2FkNWRmYTZjMWFjOWU1YmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHOL0I4NnCEbcaOwZ1KTgPkn47+j
qEEmEMv3OlvnppqtAKCqOJDUFvyZZSGdwQVlrrLct9tOAxOPoA5VpoBzO7W5K4TT
dDSn/L5HlWgA9A+OZ1jtb90r7OY1zo71x2CHZGZ1xhHDFbBcfbne9UzaLA7ONLw+
9qCy39TypZjmuDl+8nOGZ2Nl5gcaQznDz7SNMWmP9aS/DF3jOAXZROw63E/yPJeo
P1MqTxBOo1KWMz1pXn10yMzdthXPO3ADqQ7JYZ4oaaLznwg0FQ+eng4PBHySODi/
gMXQ6bIKp7KPZJF4K186+YqyCQ4rieyhEa1ETm2wNFaLIdCnAem6DGpGGQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFJR8HVtS1fZ+NRDQOtXfpsGsnlvwMB8GA1UdIwQY
MBaAFGClQM5FBFY0XsjgmO9PU2NNdL8fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUtWQXprVUVWalJleU9DWTcwOVRZMDEwdng4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xOTVhNDctYTJjYi00ZjAwLTg1MzEt
ZTQ3MzUzMWY2ZmU4LzEvbEh3ZFcxTFY5bjQxRU5BNjFkLW13YXllV19BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xOTVhNDctYTJjYi00ZjAwLTg1MzEtZTQ3MzUzMWY2ZmU4
LzEvWUtWQXprVUVWalJleU9DWTcwOVRZMDEwdng4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiMAwDBAAF/KUD
BAMF/KADBAAf2DsDBAItVzwDBAItgpgDBAItj5ADBABZJOYDBABZJWQDBABZLisD
BAFnaPgDBABnaPsDBAJnyjQDBAG5okoDBAC80uwDBAHCMUQDBAHCMU4wDQYJKoZI
hvcNAQELBQADggEBABk7zXDYOnNmjac7zi7RZ4m2V7G2YvJW61oxZg5ZdMOwfuqU
QmLcs8P6JU+mY9CjIH1aPl3/5roXi9e1lG44ONKx72K/k9xpyKGMg5zHa9Oj0yK+
4j1BMIvfJd67IMTS3pd0xN+1FbnDYRfajHp7n/UadOIGGY9Mk/qc6IIo0dxdtd8U
jfQPwl31B+hMbWmvRz3AIPKWYUYJHI9h+T9UvGLBmlFJjiDcxNN+7ubibP939puD
r89OzdhpzMovnx2vhUCQ1elDgJFXNtgOfSqtPYRB35b0RsR9yc40CbbmpU89C29G
QYEitXH66LtEGZc6hXI5+CqwBPk6FPEb/f42l2o=
-----END CERTIFICATE-----
Generated at Tue Oct 15 00:29:54 2024 by rpki-client on console-fra.rpki-client.org