Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/Z6lg83gqvJ9bP-eqlpUwlmQ2KMY.roa
File: Z6lg83gqvJ9bP-eqlpUwlmQ2KMY.roa (raw, json)
Hash identifier: il+wFBOMut2XLBtG9l5wO+BAjcWpHqvUVh+zMGXqquc=
Subject key identifier: 67:A9:60:F3:78:2A:BC:9F:5B:3F:E7:AA:96:95:30:96:64:36:28:C6
Certificate issuer: /CN=aebf394e2f1b251c88d988a87161084580786ef5
Certificate serial: 0190121267EAFCC22056DDFEEC209CCB30A2
Authority key identifier: AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/Z6lg83gqvJ9bP-eqlpUwlmQ2KMY.roa
Signing time: Thu 13 Jun 2024 14:48:34 +0000
ROA not before: Thu 13 Jun 2024 14:48:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 5.182.252.0/22 maxlen: 24
37.18.160.0/20 maxlen: 24
37.58.128.0/17 maxlen: 24
45.145.124.0/22 maxlen: 24
46.20.160.0/20 maxlen: 24
62.102.224.0/19 maxlen: 24
79.98.96.0/21 maxlen: 24
81.22.216.0/21 maxlen: 24
91.103.232.0/21 maxlen: 24
91.206.156.0/23 maxlen: 24
91.217.94.0/23 maxlen: 24
91.229.230.0/23 maxlen: 24
92.61.72.0/21 maxlen: 24
94.127.8.0/21 maxlen: 24
103.77.32.0/22 maxlen: 24
103.229.36.0/23 maxlen: 24
103.232.172.0/22 maxlen: 24
109.69.192.0/21 maxlen: 24
109.237.240.0/20 maxlen: 24
128.127.128.0/20 maxlen: 24
146.247.88.0/21 maxlen: 24
149.255.136.0/21 maxlen: 24
178.249.160.0/21 maxlen: 24
185.15.128.0/22 maxlen: 24
185.42.132.0/22 maxlen: 24
185.65.224.0/22 maxlen: 24
185.67.88.0/22 maxlen: 24
185.79.148.0/22 maxlen: 24
185.90.96.0/22 maxlen: 24
185.95.120.0/22 maxlen: 24
185.149.8.0/22 maxlen: 24
185.172.16.0/22 maxlen: 24
185.196.248.0/22 maxlen: 24
185.204.140.0/22 maxlen: 24
185.208.248.0/22 maxlen: 24
188.66.56.0/22 maxlen: 24
194.177.32.0/19 maxlen: 24
195.214.240.0/21 maxlen: 24
212.51.160.0/19 maxlen: 24
213.108.64.0/21 maxlen: 24
213.151.168.0/23 maxlen: 24
213.151.172.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Oct 2024 11:54:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:12:12:67:ea:fc:c2:20:56:dd:fe:ec:20:9c:cb:30:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aebf394e2f1b251c88d988a87161084580786ef5
Validity
Not Before: Jun 13 14:48:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67a960f3782abc9f5b3fe7aa96953096643628c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:aa:d7:22:8e:60:67:8a:e2:e4:2d:87:12:83:
f8:56:45:c2:32:4f:48:59:21:4f:ac:c4:f0:36:2f:
0c:47:c2:2b:3d:52:c0:23:c1:02:66:3b:34:f3:3d:
8f:2b:47:7e:94:11:f4:a3:b9:9a:96:a0:9b:eb:f9:
39:1e:6b:11:7d:de:6e:e8:39:61:a6:2f:b1:16:c6:
53:2f:74:ea:09:3b:4f:a8:b4:cf:7a:bc:a1:c8:cd:
0c:2a:b9:47:8f:b5:69:3d:d9:5d:6f:4e:72:a5:2c:
e3:65:be:d2:41:79:4a:82:dc:75:cd:e9:4a:c8:67:
0d:b7:3b:4d:8d:97:d2:0e:84:13:ae:e9:8d:16:b3:
f7:0f:f5:1e:46:e4:e5:50:2d:da:85:11:ed:e9:fa:
3f:e2:2b:16:52:fb:4b:dd:50:2f:32:09:29:74:93:
91:0a:6e:e7:19:86:56:92:89:d8:ff:82:09:f9:4e:
c8:f7:ae:d5:d0:c6:67:24:ec:02:8a:b3:e7:38:ff:
2c:62:bb:c6:58:3c:95:6d:3e:fa:3c:eb:87:0b:f2:
6c:3d:4a:9e:9e:17:7a:0a:9d:37:d9:84:da:c1:c1:
c5:a9:68:a5:09:d2:77:1c:b6:46:8d:41:4f:f1:bc:
b6:08:2e:65:60:23:89:9b:27:55:2f:85:61:30:51:
84:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A9:60:F3:78:2A:BC:9F:5B:3F:E7:AA:96:95:30:96:64:36:28:C6
X509v3 Authority Key Identifier:
keyid:AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/Z6lg83gqvJ9bP-eqlpUwlmQ2KMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.252.0/22
37.18.160.0/20
37.58.128.0/17
45.145.124.0/22
46.20.160.0/20
62.102.224.0/19
79.98.96.0/21
81.22.216.0/21
91.103.232.0/21
91.206.156.0/23
91.217.94.0/23
91.229.230.0/23
92.61.72.0/21
94.127.8.0/21
103.77.32.0/22
103.229.36.0/23
103.232.172.0/22
109.69.192.0/21
109.237.240.0/20
128.127.128.0/20
146.247.88.0/21
149.255.136.0/21
178.249.160.0/21
185.15.128.0/22
185.42.132.0/22
185.65.224.0/22
185.67.88.0/22
185.79.148.0/22
185.90.96.0/22
185.95.120.0/22
185.149.8.0/22
185.172.16.0/22
185.196.248.0/22
185.204.140.0/22
185.208.248.0/22
188.66.56.0/22
194.177.32.0/19
195.214.240.0/21
212.51.160.0/19
213.108.64.0/21
213.151.168.0/23
213.151.172.0/23
Signature Algorithm: sha256WithRSAEncryption
92:d0:b5:10:9d:b8:c4:b0:90:cc:55:66:78:76:52:cb:35:d2:
b3:a6:49:db:f9:3a:55:b2:cb:a7:c8:61:e8:e0:36:7e:20:d1:
eb:a6:60:6f:59:d2:a3:a2:a7:66:e7:82:bb:88:d3:b5:d2:f4:
c4:6e:4f:5a:6a:03:7d:9f:18:8d:bf:f0:bd:08:48:27:7f:06:
60:15:1c:ad:58:8f:a6:bd:74:f2:f2:2c:18:8f:a3:d8:35:52:
b3:c1:8e:44:de:31:4b:97:7d:a9:4d:ec:f6:24:1f:53:7b:c4:
d2:98:86:97:d1:4e:3d:fa:ef:53:1b:31:a5:4c:be:fc:94:96:
36:52:56:bd:b2:dd:ed:a7:d2:bd:2c:84:13:40:6c:ed:19:00:
b5:37:d5:cf:2e:9d:25:90:f4:d8:f1:0f:a9:c5:b2:18:29:8d:
ff:6d:ab:4e:5c:4a:03:4b:d5:d6:cc:d6:54:ca:a3:2d:90:06:
b2:e9:da:b8:8b:79:20:89:b5:6b:cf:f1:b1:ee:c0:e0:de:44:
62:cc:21:20:62:ae:83:35:8f:d1:63:0d:42:4b:bc:cf:52:b9:
4b:cd:9d:bc:c9:66:54:47:1b:f6:4b:65:d2:0f:b3:51:27:e0:
7e:25:5b:4a:34:ac:30:88:6c:59:39:fc:2c:cd:b4:4e:36:0e:
88:26:32:0d
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgISAZASEmfq/MIgVt3+7CCcyzCiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYmYzOTRlMmYxYjI1MWM4OGQ5ODhhODcxNjEwODQ1ODA3
ODZlZjUwHhcNMjQwNjEzMTQ0ODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2E5NjBmMzc4MmFiYzlmNWIzZmU3YWE5Njk1MzA5NjY0MzYyOGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqrXIo5gZ4ri5C2HEoP4VkXCMk9I
WSFPrMTwNi8MR8IrPVLAI8ECZjs08z2PK0d+lBH0o7malqCb6/k5HmsRfd5u6Dlh
pi+xFsZTL3TqCTtPqLTPeryhyM0MKrlHj7VpPdldb05ypSzjZb7SQXlKgtx1zelK
yGcNtztNjZfSDoQTrumNFrP3D/UeRuTlUC3ahRHt6fo/4isWUvtL3VAvMgkpdJOR
Cm7nGYZWkonY/4IJ+U7I967V0MZnJOwCirPnOP8sYrvGWDyVbT76POuHC/JsPUqe
nhd6Cp032YTawcHFqWilCdJ3HLZGjUFP8by2CC5lYCOJmydVL4VhMFGE3QIDAQAB
o4IDCDCCAwQwHQYDVR0OBBYEFGepYPN4KryfWz/nqpaVMJZkNijGMB8GA1UdIwQY
MBaAFK6/OU4vGyUciNmIqHFhCEWAeG71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2It
NjFlN2Y0MGQ1ZGQ2LzEvWjZsZzgzZ3F2SjliUC1lcWxwVXdsbVEyS01ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2ItNjFlN2Y0MGQ1ZGQ2
LzEvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHAYIKwYBBQUHAQcBAf8EggELMIIBBzCCAQMEAgABMIH8
AwQCBbb8AwQEJRKgAwQHJTqAAwQCLZF8AwQELhSgAwQFPmbgAwQDT2JgAwQDURbY
AwQDW2foAwQBW86cAwQBW9leAwQBW+XmAwQDXD1IAwQDXn8IAwQCZ00gAwQBZ+Uk
AwQCZ+isAwQDbUXAAwQEbe3wAwQEgH+AAwQDkvdYAwQDlf+IAwQDsvmgAwQCuQ+A
AwQCuSqEAwQCuUHgAwQCuUNYAwQCuU+UAwQCuVpgAwQCuV94AwQCuZUIAwQCuawQ
AwQCucT4AwQCucyMAwQCudD4AwQCvEI4AwQFwrEgAwQDw9bwAwQF1DOgAwQD1WxA
AwQB1ZeoAwQB1ZesMA0GCSqGSIb3DQEBCwUAA4IBAQCS0LUQnbjEsJDMVWZ4dlLL
NdKzpknb+TpVssunyGHo4DZ+INHrpmBvWdKjoqdm54K7iNO10vTEbk9aagN9nxiN
v/C9CEgnfwZgFRytWI+mvXTy8iwYj6PYNVKzwY5E3jFLl32pTez2JB9Te8TSmIaX
0U49+u9TGzGlTL78lJY2Ula9st3tp9K9LIQTQGztGQC1N9XPLp0lkPTY8Q+pxbIY
KY3/batOXEoDS9XWzNZUyqMtkAay6dq4i3kgibVrz/Gx7sDg3kRizCEgYq6DNY/R
Yw1CS7zPUrlLzZ28yWZURxv2S2XSD7NRJ+B+JVtKNKwwiGxZOfwszbRONg6IJjIN
-----END CERTIFICATE-----
Generated at Wed Oct 16 13:44:39 2024 by rpki-client on console-fra.rpki-client.org