Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/5s3cZuLpogujVTBTkzfMbRvv_EA.roa
File: 5s3cZuLpogujVTBTkzfMbRvv_EA.roa (raw, json)
Hash identifier: 74ZPOK/gtN62VQwunzxmxBKHsLBtLd7n0Gwylt3i2PE=
Subject key identifier: E6:CD:DC:66:E2:E9:A2:0B:A3:55:30:53:93:37:CC:6D:1B:EF:FC:40
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 018FE3362603AD733AC3EAE34C10392B7901
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/5s3cZuLpogujVTBTkzfMbRvv_EA.roa
Signing time: Tue 04 Jun 2024 12:25:27 +0000
ROA not before: Tue 04 Jun 2024 12:25:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45012
IP address blocks: 5.44.100.0/23 maxlen: 24
5.44.102.0/23 maxlen: 24
5.44.104.0/22 maxlen: 24
5.44.108.0/22 maxlen: 24
31.47.240.0/20 maxlen: 24
37.218.248.0/22 maxlen: 22
37.218.252.0/24 maxlen: 24
37.218.254.0/24 maxlen: 24
37.228.153.0/24 maxlen: 24
37.228.154.0/24 maxlen: 24
37.228.155.0/24 maxlen: 24
37.228.156.0/24 maxlen: 24
37.228.158.0/24 maxlen: 24
37.228.159.0/24 maxlen: 24
46.243.88.0/21 maxlen: 24
77.75.248.0/24 maxlen: 24
77.75.249.0/24 maxlen: 24
77.75.250.0/24 maxlen: 24
77.75.251.0/24 maxlen: 24
77.75.252.0/24 maxlen: 24
77.75.253.0/24 maxlen: 24
77.75.254.0/24 maxlen: 24
77.75.255.0/24 maxlen: 24
81.88.16.0/24 maxlen: 24
81.88.28.0/22 maxlen: 24
81.88.32.0/20 maxlen: 24
85.158.176.0/24 maxlen: 24
85.158.177.0/24 maxlen: 24
85.158.181.0/24 maxlen: 24
85.158.182.0/24 maxlen: 24
85.158.183.0/24 maxlen: 24
89.22.100.0/22 maxlen: 24
89.22.106.0/24 maxlen: 24
89.22.108.0/24 maxlen: 24
89.22.110.0/23 maxlen: 24
89.22.112.0/22 maxlen: 24
89.22.116.0/22 maxlen: 24
89.22.122.0/23 maxlen: 24
89.22.124.0/22 maxlen: 24
91.151.20.0/23 maxlen: 23
91.203.108.0/22 maxlen: 24
91.203.212.0/22 maxlen: 24
91.220.49.0/24 maxlen: 24
93.90.178.0/24 maxlen: 24
93.90.180.0/23 maxlen: 24
109.237.128.0/20 maxlen: 24
128.127.65.0/24 maxlen: 24
128.127.66.0/24 maxlen: 24
178.20.96.0/21 maxlen: 24
178.250.8.0/24 maxlen: 24
178.250.9.0/24 maxlen: 24
178.250.10.0/24 maxlen: 24
178.250.11.0/24 maxlen: 24
178.250.12.0/24 maxlen: 24
178.250.14.0/24 maxlen: 24
178.250.15.0/24 maxlen: 24
178.250.170.0/24 maxlen: 24
178.250.174.0/24 maxlen: 24
185.3.232.0/22 maxlen: 24
185.39.220.0/24 maxlen: 24
185.39.221.0/24 maxlen: 24
185.39.222.0/24 maxlen: 24
185.61.40.0/22 maxlen: 22
185.80.92.0/24 maxlen: 24
185.80.93.0/24 maxlen: 24
185.80.94.0/23 maxlen: 23
185.137.168.0/22 maxlen: 24
185.207.228.0/22 maxlen: 24
185.207.228.0/24 maxlen: 24
185.207.230.0/24 maxlen: 24
188.64.46.0/23 maxlen: 24
192.162.87.0/24 maxlen: 24
193.22.255.0/24 maxlen: 24
194.145.226.0/24 maxlen: 24
195.5.120.0/23 maxlen: 24
195.82.152.0/23 maxlen: 24
2a00:fa40:2000::/36 maxlen: 64
2a00:fa40:3000::/36 maxlen: 36
2a00:fa40:4000::/36 maxlen: 36
2a01:64c0::/32 maxlen: 32
2a02:2b80::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 11 Jun 2024 12:43:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e3:36:26:03:ad:73:3a:c3:ea:e3:4c:10:39:2b:79:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Jun 4 12:25:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6cddc66e2e9a20ba35530539337cc6d1beffc40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:57:ac:5c:5a:60:2a:f3:e3:b2:60:2e:1c:4d:
b9:13:12:65:c3:b7:b5:39:05:4c:4d:b2:f2:96:ad:
a5:d6:40:0b:b8:fc:16:37:31:a0:4e:83:a0:31:69:
f2:38:31:7f:97:77:ec:37:6e:01:d2:77:d0:e9:17:
59:04:5c:47:07:08:8f:68:db:72:72:61:e0:ff:03:
4b:a2:77:f4:5c:00:70:21:25:d0:60:1e:2a:db:9d:
6f:c2:d1:84:f6:1b:f5:5f:6a:30:cc:a9:d4:ff:85:
29:e5:e8:79:d9:90:b5:8d:20:61:7a:da:bc:0f:5e:
e2:1a:7e:ff:94:e8:a0:2c:a7:38:05:75:fc:ba:ba:
e6:fd:65:34:92:04:b3:cb:0d:59:85:58:96:51:29:
41:dc:d7:3d:27:d0:cd:51:d0:83:2c:59:4d:12:37:
36:7d:9b:c7:7d:09:83:a9:1a:15:d3:c8:bd:89:80:
f3:ea:21:53:ef:6d:00:7a:17:ee:79:b6:56:5e:27:
7a:2e:78:89:71:9e:0d:10:b8:26:7d:a3:e1:10:74:
8b:b0:b0:56:f3:53:ef:38:af:2c:2d:49:b1:50:7e:
59:06:03:e7:7f:e2:ac:a2:f3:f8:81:36:a7:e2:82:
3a:1e:ce:21:84:b8:a2:7b:3e:3d:a3:ee:9b:50:07:
da:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:CD:DC:66:E2:E9:A2:0B:A3:55:30:53:93:37:CC:6D:1B:EF:FC:40
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/5s3cZuLpogujVTBTkzfMbRvv_EA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.100.0-5.44.111.255
31.47.240.0/20
37.218.248.0-37.218.252.255
37.218.254.0/24
37.228.153.0-37.228.156.255
37.228.158.0/23
46.243.88.0/21
77.75.248.0/21
81.88.16.0/24
81.88.28.0-81.88.47.255
85.158.176.0/23
85.158.181.0-85.158.183.255
89.22.100.0/22
89.22.106.0/24
89.22.108.0/24
89.22.110.0-89.22.119.255
89.22.122.0-89.22.127.255
91.151.20.0/23
91.203.108.0/22
91.203.212.0/22
91.220.49.0/24
93.90.178.0/24
93.90.180.0/23
109.237.128.0/20
128.127.65.0-128.127.66.255
178.20.96.0/21
178.250.8.0-178.250.12.255
178.250.14.0/23
178.250.170.0/24
178.250.174.0/24
185.3.232.0/22
185.39.220.0-185.39.222.255
185.61.40.0/22
185.80.92.0/22
185.137.168.0/22
185.207.228.0/22
188.64.46.0/23
192.162.87.0/24
193.22.255.0/24
194.145.226.0/24
195.5.120.0/23
195.82.152.0/23
IPv6:
2a00:fa40:2000::-2a00:fa40:4fff:ffff:ffff:ffff:ffff:ffff
2a01:64c0::/32
2a02:2b80::/32
Signature Algorithm: sha256WithRSAEncryption
47:ed:d9:d5:e3:b0:4d:c3:78:d8:05:7c:bd:6e:41:68:1e:ea:
03:96:44:91:46:ba:42:d9:23:97:f3:d2:2c:e0:fa:36:59:e2:
4d:4b:5f:b8:24:04:28:9c:89:79:7f:f7:95:96:37:d6:80:b5:
b9:81:69:20:87:f7:2e:d6:66:12:60:30:cb:f8:3d:ec:02:1c:
ee:fc:78:df:6a:56:52:db:2b:20:24:5f:66:17:12:6f:7f:4d:
bc:6d:3d:c1:48:6f:0a:95:66:5b:52:b3:14:0d:66:a0:16:78:
c5:9a:0c:00:ef:e9:fc:57:e8:a7:50:9e:4f:f0:2e:2c:94:24:
20:4f:ca:b8:61:88:3b:89:98:a3:3a:4f:fa:56:02:6c:00:21:
d4:a4:87:d4:3f:d3:9e:d8:ec:aa:b4:a3:e1:4f:96:3d:da:19:
ec:b7:f3:65:91:26:4f:a0:0f:22:6d:e8:dc:fe:83:3b:07:f9:
0e:5b:4f:ff:b9:97:aa:90:b0:ea:67:e9:cd:b8:86:f3:17:71:
d1:88:27:d8:b5:63:80:fc:13:b0:ee:07:e2:13:85:a7:bf:92:
aa:4d:e5:a0:f2:8e:5c:b9:d6:a8:54:dd:d6:0e:28:13:fe:d1:
29:88:d7:12:24:20:04:60:34:9f:17:5d:f1:11:46:ec:bb:82:
2b:55:0a:f2
-----BEGIN CERTIFICATE-----
MIIGdTCCBV2gAwIBAgISAY/jNiYDrXM6w+rjTBA5K3kBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjQwNjA0MTIyNTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmNkZGM2NmUyZTlhMjBiYTM1NTMwNTM5MzM3Y2M2ZDFiZWZmYzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplesXFpgKvPjsmAuHE25ExJlw7e1
OQVMTbLylq2l1kALuPwWNzGgToOgMWnyODF/l3fsN24B0nfQ6RdZBFxHBwiPaNty
cmHg/wNLonf0XABwISXQYB4q251vwtGE9hv1X2owzKnU/4Up5eh52ZC1jSBhetq8
D17iGn7/lOigLKc4BXX8urrm/WU0kgSzyw1ZhViWUSlB3Nc9J9DNUdCDLFlNEjc2
fZvHfQmDqRoV08i9iYDz6iFT720AehfuebZWXid6LniJcZ4NELgmfaPhEHSLsLBW
81PvOK8sLUmxUH5ZBgPnf+KsovP4gTan4oI6Hs4hhLiiez49o+6bUAfabwIDAQAB
o4IDgTCCA30wHQYDVR0OBBYEFObN3Gbi6aILo1UwU5M3zG0b7/xAMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvNXMzY1p1THBvZ3VqVlRCVGt6Zk1iUnZ2X0VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBlQYIKwYBBQUHAQcBAf8EggGEMIIBgDCCAVQEAgABMIIB
TDAMAwQCBSxkAwQEBSxgAwQEHy/wMAwDBAMl2vgDBAAl2vwDBAAl2v4wDAMEACXk
mQMEACXknAMEASXkngMEAy7zWAMEA01L+AMEAFFYEDAMAwQCUVgcAwQEUVggAwQB
VZ6wMAwDBABVnrUDBANVnrADBAJZFmQDBABZFmoDBABZFmwwDAMEAVkWbgMEA1kW
cDAMAwQBWRZ6AwQHWRYAAwQBW5cUAwQCW8tsAwQCW8vUAwQAW9wxAwQAXVqyAwQB
XVq0AwQEbe2AMAwDBACAf0EDBACAf0IDBAOyFGAwDAMEA7L6CAMEALL6DAMEAbL6
DgMEALL6qgMEALL6rgMEArkD6DAMAwQCuSfcAwQAuSfeAwQCuT0oAwQCuVBcAwQC
uYmoAwQCuc/kAwQBvEAuAwQAwKJXAwQAwRb/AwQAwpHiAwQBwwV4AwQBw1KYMCYE
AgACMCAwEAMGBSoA+kAgAwYEKgD6QEADBQAqAWTAAwUAKgIrgDANBgkqhkiG9w0B
AQsFAAOCAQEAR+3Z1eOwTcN42AV8vW5BaB7qA5ZEkUa6Qtkjl/PSLOD6NlniTUtf
uCQEKJyJeX/3lZY31oC1uYFpIIf3LtZmEmAwy/g97AIc7vx432pWUtsrICRfZhcS
b39NvG09wUhvCpVmW1KzFA1moBZ4xZoMAO/p/Ffop1CeT/AuLJQkIE/KuGGIO4mY
ozpP+lYCbAAh1KSH1D/TntjsqrSj4U+WPdoZ7LfzZZEmT6APIm3o3P6DOwf5DltP
/7mXqpCw6mfpzbiG8xdx0Ygn2LVjgPwTsO4H4hOFp7+Sqk3loPKOXLnWqFTd1g4o
E/7RKYjXEiQgBGA0nxdd8RFG7LuCK1UK8g==
-----END CERTIFICATE-----
Generated at Tue Jun 11 16:28:26 2024 by rpki-client on console-ams.rpki-client.org