Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/QmKRvHj5hHE9-QFZ5_l3IsJb6os.roa
File: QmKRvHj5hHE9-QFZ5_l3IsJb6os.roa (raw, json)
Hash identifier: 3yKu5tFgtpX+G4KpmcN+a1cOd3AmfPqA0cXEq0/3uUI=
Subject key identifier: 42:62:91:BC:78:F9:84:71:3D:F9:01:59:E7:F9:77:22:C2:5B:EA:8B
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 018CC64AAF2B653EB0E011A9636728F1D29D
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/QmKRvHj5hHE9-QFZ5_l3IsJb6os.roa
Signing time: Mon 01 Jan 2024 18:30:32 +0000
ROA not before: Mon 01 Jan 2024 18:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198193
IP address blocks: 5.181.96.0/23 maxlen: 23
5.61.208.0/23 maxlen: 23
84.247.19.0/24 maxlen: 24
185.88.202.0/23 maxlen: 23
185.88.200.0/23 maxlen: 23
85.204.170.0/23 maxlen: 23
85.204.168.0/23 maxlen: 23
46.253.139.0/24 maxlen: 24
185.86.208.0/23 maxlen: 23
185.75.22.0/23 maxlen: 23
185.66.172.0/24 maxlen: 24
185.66.174.0/24 maxlen: 24
185.206.121.0/24 maxlen: 24
46.251.250.0/24 maxlen: 24
185.225.8.0/24 maxlen: 24
158.255.239.0/24 maxlen: 24
217.61.240.0/24 maxlen: 24
37.252.98.0/24 maxlen: 24
37.252.100.0/24 maxlen: 24
37.252.101.0/24 maxlen: 24
89.32.64.0/24 maxlen: 24
89.32.65.0/24 maxlen: 24
89.32.66.0/24 maxlen: 24
89.32.67.0/24 maxlen: 24
89.44.36.0/22 maxlen: 22
89.44.35.0/24 maxlen: 24
162.33.204.0/22 maxlen: 22
162.33.200.0/22 maxlen: 22
95.156.203.0/24 maxlen: 24
5.187.35.0/24 maxlen: 24
5.187.36.0/23 maxlen: 23
31.214.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 19:49:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:af:2b:65:3e:b0:e0:11:a9:63:67:28:f1:d2:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Jan 1 18:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=426291bc78f984713df90159e7f97722c25bea8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e5:18:07:be:fe:bf:53:a9:d6:87:8c:67:f7:
28:63:db:b5:20:e6:83:aa:0e:68:23:a9:ff:20:88:
cf:8e:da:a4:a3:fe:98:ea:cc:0b:0e:33:ed:61:69:
f0:0b:47:4b:3b:97:3f:12:94:20:30:78:d7:d9:5f:
86:92:4c:55:ee:99:a5:f6:dd:f0:10:92:f1:9b:4c:
d2:b0:16:c3:cf:65:1a:41:0a:4b:ff:b5:4c:fa:89:
72:34:53:10:dd:77:31:0a:d8:67:2e:63:ac:ab:10:
59:75:f6:0b:21:ac:3c:ee:57:88:4c:46:39:5d:02:
38:8b:6e:f3:10:56:10:b0:ef:2b:f6:fb:d2:49:a6:
e0:e3:70:1f:12:40:d0:0c:65:b5:0a:5a:3a:98:cb:
bb:84:34:f1:2a:3a:f0:a6:9a:fd:02:88:f4:ec:48:
74:69:ad:3f:f8:f9:ff:1b:e6:dd:fc:b6:6f:fa:60:
bd:d4:25:90:cc:1a:a4:1b:5d:57:d6:7b:17:27:63:
ab:7b:71:4a:e2:45:ed:70:e0:b7:0b:2c:ab:22:00:
8c:70:58:80:1c:f0:61:1d:a2:32:ae:e2:a3:2c:a9:
f9:75:fc:79:96:0f:6d:8d:0b:42:4a:e8:4f:13:0f:
e3:21:b3:2f:91:ab:87:77:f9:a6:17:c9:d9:3b:11:
6c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:62:91:BC:78:F9:84:71:3D:F9:01:59:E7:F9:77:22:C2:5B:EA:8B
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/QmKRvHj5hHE9-QFZ5_l3IsJb6os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.208.0/23
5.181.96.0/23
5.187.35.0-5.187.37.255
31.214.155.0/24
37.252.98.0/24
37.252.100.0/23
46.251.250.0/24
46.253.139.0/24
84.247.19.0/24
85.204.168.0/22
89.32.64.0/22
89.44.35.0-89.44.39.255
95.156.203.0/24
158.255.239.0/24
162.33.200.0/21
185.66.172.0/24
185.66.174.0/24
185.75.22.0/23
185.86.208.0/23
185.88.200.0/22
185.206.121.0/24
185.225.8.0/24
217.61.240.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:2a:eb:ba:49:e5:4a:48:bd:c2:cf:b3:14:07:8f:5a:5b:0b:
7e:62:e9:10:f7:6b:30:cf:84:e7:4d:c0:50:d7:31:08:21:07:
e8:dc:ea:bf:bf:24:a2:e6:8d:da:e0:61:e9:c9:ed:56:38:8f:
77:19:06:4f:2f:38:d9:98:cd:07:f4:a6:95:f2:7f:60:a2:ba:
61:27:69:2b:f4:30:aa:52:fc:0c:06:79:cf:c5:20:fb:28:73:
9a:56:cb:d7:02:62:4d:00:2a:90:ea:d1:3d:26:fa:f2:ee:3d:
fd:ac:2b:91:fe:d3:97:b7:ac:56:b4:0a:97:a9:65:cc:c7:df:
87:a6:2d:3a:b7:fd:90:4a:c1:6f:e8:7b:28:ab:eb:34:57:72:
bf:a6:c0:e1:5c:38:bc:f6:73:a3:4a:b1:ea:ae:07:5c:83:6b:
b8:c4:9f:3e:64:d6:8a:ba:67:28:4e:87:3a:03:e7:c5:83:9b:
3c:28:8a:b1:42:27:3a:d4:b0:32:80:41:4a:8d:cd:72:16:c0:
ca:0c:00:85:76:70:af:ef:40:f7:b7:78:01:af:58:79:86:9f:
90:81:a3:2e:bb:42:13:be:45:8e:3b:21:66:1e:29:81:a6:a7:
5a:bf:2c:d4:e2:35:34:b4:25:3c:d8:39:77:a1:98:02:a5:e9:
a7:29:36:7d
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYzGSq8rZT6w4BGpY2co8dKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjQwMTAxMTgzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjYyOTFiYzc4Zjk4NDcxM2RmOTAxNTllN2Y5NzcyMmMyNWJlYThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuUYB77+v1Op1oeMZ/coY9u1IOaD
qg5oI6n/IIjPjtqko/6Y6swLDjPtYWnwC0dLO5c/EpQgMHjX2V+GkkxV7pml9t3w
EJLxm0zSsBbDz2UaQQpL/7VM+olyNFMQ3XcxCthnLmOsqxBZdfYLIaw87leITEY5
XQI4i27zEFYQsO8r9vvSSabg43AfEkDQDGW1Clo6mMu7hDTxKjrwppr9Aoj07Eh0
aa0/+Pn/G+bd/LZv+mC91CWQzBqkG11X1nsXJ2Ore3FK4kXtcOC3CyyrIgCMcFiA
HPBhHaIyruKjLKn5dfx5lg9tjQtCSuhPEw/jIbMvkauHd/mmF8nZOxFsuQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFEJikbx4+YRxPfkBWef5dyLCW+qLMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvUW1LUnZIajVoSEU5LVFGWjVfbDNJc0piNm9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZoDBAEF
PdADBAEFtWAwDAMEAAW7IwMEAQW7JAMEAB/WmwMEACX8YgMEASX8ZAMEAC77+gME
AC79iwMEAFT3EwMEAlXMqAMEAlkgQDAMAwQAWSwjAwQDWSwgAwQAX5zLAwQAnv/v
AwQDoiHIAwQAuUKsAwQAuUKuAwQBuUsWAwQBuVbQAwQCuVjIAwQAuc55AwQAueEI
AwQA2T3wMA0GCSqGSIb3DQEBCwUAA4IBAQB6Kuu6SeVKSL3Cz7MUB49aWwt+YukQ
92swz4TnTcBQ1zEIIQfo3Oq/vySi5o3a4GHpye1WOI93GQZPLzjZmM0H9KaV8n9g
orphJ2kr9DCqUvwMBnnPxSD7KHOaVsvXAmJNACqQ6tE9Jvry7j39rCuR/tOXt6xW
tAqXqWXMx9+Hpi06t/2QSsFv6Hsoq+s0V3K/psDhXDi89nOjSrHqrgdcg2u4xJ8+
ZNaKumcoToc6A+fFg5s8KIqxQic61LAygEFKjc1yFsDKDACFdnCv70D3t3gBr1h5
hp+QgaMuu0ITvkWOOyFmHimBpqdavyzU4jU0tCU82Dl3oZgCpemnKTZ9
-----END CERTIFICATE-----
Generated at Fri Feb 2 00:47:27 2024 by rpki-client on console-ams.rpki-client.org