Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/__5UP4nxgDjoh2Tb5C0eWCB_yWQ.roa
File: __5UP4nxgDjoh2Tb5C0eWCB_yWQ.roa (raw, json)
Hash identifier: D8JB2sXg1l15YN+8YGwqAMNux+iRMGEd7JqzXLnSP2w=
Subject key identifier: FF:FE:54:3F:89:F1:80:38:E8:87:64:DB:E4:2D:1E:58:20:7F:C9:64
Certificate issuer: /CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Certificate serial: 0191EB42CC3F6E7D60871013080454568517
Authority key identifier: 69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/__5UP4nxgDjoh2Tb5C0eWCB_yWQ.roa
Signing time: Fri 13 Sep 2024 12:01:49 +0000
ROA not before: Fri 13 Sep 2024 12:01:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59711
IP address blocks: 5.149.248.0/23 maxlen: 23
5.149.254.0/23 maxlen: 23
77.83.196.0/24 maxlen: 24
77.83.197.0/24 maxlen: 24
77.83.198.0/24 maxlen: 24
79.141.164.0/23 maxlen: 23
79.141.174.0/23 maxlen: 23
89.150.40.0/24 maxlen: 24
89.150.48.0/24 maxlen: 24
89.150.57.0/24 maxlen: 24
91.193.18.0/24 maxlen: 24
185.40.86.0/24 maxlen: 24
185.80.52.0/23 maxlen: 23
185.80.54.0/23 maxlen: 23
185.81.114.0/23 maxlen: 23
185.81.114.0/24 maxlen: 24
185.81.115.0/24 maxlen: 24
185.104.192.0/24 maxlen: 24
185.104.193.0/24 maxlen: 24
185.104.194.0/24 maxlen: 24
185.117.88.0/23 maxlen: 23
185.117.90.0/23 maxlen: 23
185.123.102.0/24 maxlen: 24
185.174.133.0/24 maxlen: 24
185.174.135.0/24 maxlen: 24
185.235.137.0/24 maxlen: 24
185.235.138.0/24 maxlen: 24
193.42.36.0/24 maxlen: 24
193.42.39.0/24 maxlen: 24
195.95.155.0/24 maxlen: 24
2a01:8640::/48 maxlen: 48
2a01:8640:2::/48 maxlen: 48
2a01:8640:6::/48 maxlen: 48
2a01:8640:9::/48 maxlen: 48
2a01:8640:a::/48 maxlen: 48
2a01:8640:f::/48 maxlen: 48
2a01:8640:11::/48 maxlen: 48
2a01:8640:12::/48 maxlen: 48
2a01:8640:13::/48 maxlen: 48
2a01:8640:14::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 09 Oct 2024 22:25:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:eb:42:cc:3f:6e:7d:60:87:10:13:08:04:54:56:85:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Validity
Not Before: Sep 13 12:01:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fffe543f89f18038e88764dbe42d1e58207fc964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ab:30:7d:f4:cd:42:81:03:7a:ac:3f:6b:fc:
05:b9:b8:0b:37:35:f9:4b:e3:3c:f2:2e:1b:51:65:
8b:07:df:b2:bc:df:34:9a:04:48:9b:c0:5a:e0:89:
86:81:62:f3:73:27:7e:36:f6:21:c4:3e:a6:84:4c:
0c:6c:4a:14:f8:79:8b:ec:4f:14:9a:5d:6d:7f:63:
a1:b0:be:d1:92:bd:fc:71:3b:a1:c3:8d:13:30:9d:
eb:a0:25:a8:e5:b5:99:48:81:64:cd:8e:64:0c:46:
d0:f8:58:ca:8a:c8:de:96:99:36:97:c4:ab:dd:52:
f4:bb:e2:e7:81:3d:45:56:4d:a1:5d:f5:9c:0b:ce:
14:2c:5b:5e:d3:60:7b:28:4c:b5:b2:2f:e0:b5:82:
e2:ef:63:50:6b:53:47:60:69:01:cc:35:7d:93:99:
61:dc:09:fc:a0:c5:14:4d:93:c3:a7:35:a4:5c:79:
a7:c4:67:08:8e:93:03:01:7d:29:30:e2:af:2c:95:
6b:3c:31:3a:f2:66:bd:f1:5f:cc:4b:00:24:e1:d4:
e0:94:88:64:7b:80:8f:c2:c6:77:90:3a:4d:7d:7d:
fb:fa:af:56:93:23:3e:2f:58:09:8a:cd:95:aa:0b:
21:c9:aa:d1:de:3a:85:60:f9:e1:ed:25:67:c1:88:
65:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:FE:54:3F:89:F1:80:38:E8:87:64:DB:E4:2D:1E:58:20:7F:C9:64
X509v3 Authority Key Identifier:
keyid:69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/__5UP4nxgDjoh2Tb5C0eWCB_yWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.248.0/23
5.149.254.0/23
77.83.196.0-77.83.198.255
79.141.164.0/23
79.141.174.0/23
89.150.40.0/24
89.150.48.0/24
89.150.57.0/24
91.193.18.0/24
185.40.86.0/24
185.80.52.0/22
185.81.114.0/23
185.104.192.0-185.104.194.255
185.117.88.0/22
185.123.102.0/24
185.174.133.0/24
185.174.135.0/24
185.235.137.0-185.235.138.255
193.42.36.0/24
193.42.39.0/24
195.95.155.0/24
IPv6:
2a01:8640::/48
2a01:8640:2::/48
2a01:8640:6::/48
2a01:8640:9::-2a01:8640:a:ffff:ffff:ffff:ffff:ffff
2a01:8640:f::/48
2a01:8640:11::-2a01:8640:14:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
69:a7:64:b5:48:d0:2a:bb:ee:be:5e:d3:df:a8:a3:14:31:bb:
17:7b:59:e0:47:bd:36:8a:df:46:0b:ae:03:01:52:c8:96:05:
e6:92:b7:f7:bc:41:6f:ec:63:66:1a:25:a1:9d:41:c2:0b:8d:
87:d1:6c:c6:af:05:2b:18:99:d6:40:d0:5c:4d:01:b0:93:4e:
3d:2d:21:00:42:2f:92:f2:08:70:1e:6b:db:e9:7a:a4:c7:81:
a0:61:0f:12:a3:e7:a2:2f:24:28:17:d4:dd:f2:eb:83:75:a2:
ae:e3:b8:35:13:20:87:9c:46:8a:28:b1:5a:58:d2:b0:47:ac:
44:31:4a:31:5e:a8:ba:95:85:23:27:29:78:fe:fb:e5:ca:c0:
9f:5b:11:50:d7:f7:67:c9:0e:e8:b4:b5:63:f9:82:b2:5b:7d:
c0:73:65:03:da:88:bd:5c:0d:f0:7e:19:e4:8f:ce:22:96:9d:
3c:b7:57:13:d2:dd:76:7c:89:5d:5a:01:f9:f7:75:ac:10:24:
30:07:f8:5b:25:9c:22:15:8b:0f:ee:00:69:2b:c3:ab:8c:d0:
dc:fc:15:fc:e4:80:69:78:21:04:9b:c3:ba:09:22:e9:4e:39:
82:e0:bd:5d:03:ee:3d:87:80:6e:2f:3c:97:51:59:28:e9:ad:
58:e2:64:96
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAZHrQsw/bn1ghxATCARUVoUXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MTI0MmMzM2JjMmUyZTllNDU4NTBhMGZjNjRhYjJjNzUw
NmE0YjgwHhcNMjQwOTEzMTIwMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmZlNTQzZjg5ZjE4MDM4ZTg4NzY0ZGJlNDJkMWU1ODIwN2ZjOTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaswffTNQoEDeqw/a/wFubgLNzX5
S+M88i4bUWWLB9+yvN80mgRIm8Ba4ImGgWLzcyd+NvYhxD6mhEwMbEoU+HmL7E8U
ml1tf2OhsL7Rkr38cTuhw40TMJ3roCWo5bWZSIFkzY5kDEbQ+FjKisjelpk2l8Sr
3VL0u+LngT1FVk2hXfWcC84ULFte02B7KEy1si/gtYLi72NQa1NHYGkBzDV9k5lh
3An8oMUUTZPDpzWkXHmnxGcIjpMDAX0pMOKvLJVrPDE68ma98V/MSwAk4dTglIhk
e4CPwsZ3kDpNfX37+q9WkyM+L1gJis2VqgshyarR3jqFYPnh7SVnwYhlTQIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFP/+VD+J8YA46Idk2+QtHlggf8lkMB8GA1UdIwQY
MBaAFGkSQsM7wuLp5FhQoPxkqyx1BqS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjkt
MzYyZmZlOGVlMjcwLzEvX181VVA0bnhnRGpvaDJUYjVDMGVXQ0JfeVdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjktMzYyZmZlOGVlMjcw
LzEvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBwYIKwYBBQUHAQcBAf8EgfcwgfQwgZ0EAgABMIGWAwQB
BZX4AwQBBZX+MAwDBAJNU8QDBABNU8YDBAFPjaQDBAFPja4DBABZligDBABZljAD
BABZljkDBABbwRIDBAC5KFYDBAK5UDQDBAG5UXIwDAMEBrlowAMEALlowgMEArl1
WAMEALl7ZgMEALmuhQMEALmuhzAMAwQAueuJAwQAueuKAwQAwSokAwQAwSonAwQA
w1+bMFIEAgACMEwDBwAqAYZAAAADBwAqAYZAAAIDBwAqAYZAAAYwEgMHACoBhkAA
CQMHACoBhkAACgMHACoBhkAADzASAwcAKgGGQAARAwcAKgGGQAAUMA0GCSqGSIb3
DQEBCwUAA4IBAQBpp2S1SNAqu+6+XtPfqKMUMbsXe1ngR702it9GC64DAVLIlgXm
krf3vEFv7GNmGiWhnUHCC42H0WzGrwUrGJnWQNBcTQGwk049LSEAQi+S8ghwHmvb
6Xqkx4GgYQ8So+eiLyQoF9Td8uuDdaKu47g1EyCHnEaKKLFaWNKwR6xEMUoxXqi6
lYUjJyl4/vvlysCfWxFQ1/dnyQ7otLVj+YKyW33Ac2UD2oi9XA3wfhnkj84ilp08
t1cT0t12fIldWgH593WsECQwB/hbJZwiFYsP7gBpK8OrjNDc/BX85IBpeCEEm8O6
CSLpTjmC4L1dA+49h4BuLzyXUVko6a1Y4mSW
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:15 2025 by rpki-client