Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/gkaIREOQnz5YrtWUmwt9c_j9yz8.roa
File: gkaIREOQnz5YrtWUmwt9c_j9yz8.roa (raw, json)
Hash identifier: xLChw2rLcITYaIbS+Y0p7Yxt/wmX1n0ifN3svf5YLaE=
Subject key identifier: 82:46:88:44:43:90:9F:3E:58:AE:D5:94:9B:0B:7D:73:F8:FD:CB:3F
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 01914F81E966F3A7E5E45502D0DE0420800A
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/gkaIREOQnz5YrtWUmwt9c_j9yz8.roa
Signing time: Wed 14 Aug 2024 06:09:59 +0000
ROA not before: Wed 14 Aug 2024 06:09:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31083
IP address blocks: 5.104.175.0/24 maxlen: 24
77.76.14.0/24 maxlen: 24
78.128.1.0/24 maxlen: 24
78.128.6.0/24 maxlen: 24
78.128.7.0/24 maxlen: 24
78.128.8.0/24 maxlen: 24
78.128.9.0/24 maxlen: 24
78.128.42.0/24 maxlen: 24
78.128.43.0/24 maxlen: 24
78.128.60.0/24 maxlen: 24
78.128.62.0/24 maxlen: 24
78.128.63.0/24 maxlen: 24
78.128.76.0/24 maxlen: 24
78.128.77.0/24 maxlen: 24
78.128.78.0/24 maxlen: 24
78.128.80.0/24 maxlen: 24
78.128.81.0/24 maxlen: 24
78.128.118.0/24 maxlen: 24
78.128.126.0/24 maxlen: 24
78.142.6.0/24 maxlen: 24
78.142.32.0/24 maxlen: 24
78.142.47.0/24 maxlen: 24
78.142.51.0/24 maxlen: 24
78.142.56.0/24 maxlen: 24
78.142.57.0/24 maxlen: 24
78.142.58.0/24 maxlen: 24
78.142.59.0/24 maxlen: 24
78.142.62.0/24 maxlen: 24
78.142.63.0/24 maxlen: 24
79.124.4.0/24 maxlen: 24
79.124.5.0/24 maxlen: 24
79.124.6.0/24 maxlen: 24
79.124.14.0/24 maxlen: 24
79.124.16.0/24 maxlen: 24
79.124.17.0/24 maxlen: 24
79.124.22.0/24 maxlen: 24
79.124.29.0/24 maxlen: 24
79.124.31.0/24 maxlen: 24
79.124.44.0/24 maxlen: 24
79.124.52.0/24 maxlen: 24
79.124.63.0/24 maxlen: 24
79.124.64.0/24 maxlen: 24
79.124.65.0/24 maxlen: 24
79.124.66.0/24 maxlen: 24
79.124.67.0/24 maxlen: 24
79.124.75.0/24 maxlen: 24
79.124.76.0/24 maxlen: 24
79.124.84.0/24 maxlen: 24
79.124.90.0/24 maxlen: 24
82.118.229.0/24 maxlen: 24
82.118.243.0/24 maxlen: 24
91.148.148.0/24 maxlen: 24
91.148.167.0/24 maxlen: 24
91.148.168.0/24 maxlen: 24
94.72.136.0/22 maxlen: 24
130.185.225.0/24 maxlen: 24
130.185.232.0/24 maxlen: 24
178.132.86.0/24 maxlen: 24
178.132.87.0/24 maxlen: 24
185.197.152.0/22 maxlen: 24
185.232.156.0/23 maxlen: 24
217.174.146.0/23 maxlen: 24
217.174.148.0/23 maxlen: 24
217.174.151.0/24 maxlen: 24
217.174.152.0/23 maxlen: 24
217.174.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Sep 2024 11:45:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4f:81:e9:66:f3:a7:e5:e4:55:02:d0:de:04:20:80:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Aug 14 06:09:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8246884443909f3e58aed5949b0b7d73f8fdcb3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:11:87:c3:2d:cc:b7:98:dd:6c:59:49:f1:bd:
66:2e:cd:e7:cf:e9:30:e6:0e:88:7e:c8:76:bd:12:
f8:c5:c7:45:be:9f:f7:f1:b3:44:b8:15:d1:8d:68:
8a:97:a0:c5:87:92:b1:d7:dd:aa:8a:01:ba:be:df:
20:24:61:10:93:58:cd:79:e9:38:23:96:23:bf:2b:
10:81:96:81:f2:02:16:b6:db:40:79:eb:66:f1:b5:
8f:46:52:84:9e:58:ef:a4:04:90:a4:ae:8f:71:12:
c4:c4:24:4b:fc:4d:6c:68:3e:65:5d:e1:c0:50:39:
42:02:08:ab:d8:fc:b6:45:f5:a8:b9:da:9c:dc:c7:
4d:c8:86:58:68:7f:ca:d2:c0:b7:71:0c:3b:24:4e:
a9:bd:68:ff:2e:e2:43:30:3b:79:c4:22:a3:fc:f6:
81:8a:07:be:b2:da:a2:f0:d5:87:10:dc:6a:5c:d9:
5a:ff:de:c0:c9:46:8b:f2:d4:28:88:64:ac:22:75:
ea:57:bb:1b:5e:62:02:a1:0c:7f:34:0c:7c:7d:e0:
4a:3f:f6:5f:40:1f:43:d6:fa:db:0c:e8:23:53:ae:
b1:12:c8:4a:67:39:ff:95:61:de:46:4e:5f:e8:73:
40:18:e2:49:31:40:ec:9e:0b:09:6a:fc:dc:c5:3d:
c1:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:46:88:44:43:90:9F:3E:58:AE:D5:94:9B:0B:7D:73:F8:FD:CB:3F
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/gkaIREOQnz5YrtWUmwt9c_j9yz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.175.0/24
77.76.14.0/24
78.128.1.0/24
78.128.6.0-78.128.9.255
78.128.42.0/23
78.128.60.0/24
78.128.62.0/23
78.128.76.0-78.128.78.255
78.128.80.0/23
78.128.118.0/24
78.128.126.0/24
78.142.6.0/24
78.142.32.0/24
78.142.47.0/24
78.142.51.0/24
78.142.56.0/22
78.142.62.0/23
79.124.4.0-79.124.6.255
79.124.14.0/24
79.124.16.0/23
79.124.22.0/24
79.124.29.0/24
79.124.31.0/24
79.124.44.0/24
79.124.52.0/24
79.124.63.0-79.124.67.255
79.124.75.0-79.124.76.255
79.124.84.0/24
79.124.90.0/24
82.118.229.0/24
82.118.243.0/24
91.148.148.0/24
91.148.167.0-91.148.168.255
94.72.136.0/22
130.185.225.0/24
130.185.232.0/24
178.132.86.0/23
185.197.152.0/22
185.232.156.0/23
217.174.146.0-217.174.149.255
217.174.151.0-217.174.153.255
217.174.155.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:eb:65:0c:3e:dd:c8:15:4e:f4:35:4f:91:4a:9f:d4:d0:62:
f6:2b:d6:d9:d6:43:6f:66:5f:09:c1:6b:09:c9:b7:69:90:e1:
9a:99:59:20:89:a7:92:3a:b1:ec:e7:ca:08:2a:f3:f1:8e:83:
ba:c9:09:08:4e:08:d4:39:cc:9a:fc:ab:e9:9a:17:43:72:1b:
a4:61:3b:c3:0d:c1:57:c4:40:92:04:ed:3f:09:1d:59:45:92:
ad:35:42:5a:31:b6:91:e5:0e:74:5f:7c:36:f0:83:09:b2:e9:
e2:00:0f:92:dc:52:16:aa:55:7f:65:b3:b5:95:27:23:7e:3c:
5a:5f:08:c0:af:1c:d8:37:ae:ee:61:88:4e:66:f9:af:1e:6c:
cc:29:2e:aa:91:4f:cb:bc:b7:13:1d:a1:a3:42:dd:53:f3:f5:
25:4d:97:fe:c2:c6:06:e4:f9:90:02:51:e2:74:18:84:4d:a9:
b7:11:51:01:2c:e1:fe:a6:d0:3c:77:06:a2:99:09:db:32:0b:
20:72:bb:c1:7e:47:32:3a:4f:4b:cb:a6:3e:c6:91:a0:50:80:
33:d8:3e:64:c4:fc:ea:eb:7e:e1:34:20:97:76:a3:ee:ef:29:
79:4b:94:b2:6a:5f:79:98:a4:aa:54:aa:35:b2:1e:40:a2:53:
24:a1:10:6c
-----BEGIN CERTIFICATE-----
MIIGPTCCBSWgAwIBAgISAZFPgelm86fl5FUC0N4EIIAKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjQwODE0MDYwOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjQ2ODg0NDQzOTA5ZjNlNThhZWQ1OTQ5YjBiN2Q3M2Y4ZmRjYjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxGHwy3Mt5jdbFlJ8b1mLs3nz+kw
5g6Ifsh2vRL4xcdFvp/38bNEuBXRjWiKl6DFh5Kx192qigG6vt8gJGEQk1jNeek4
I5YjvysQgZaB8gIWtttAeetm8bWPRlKEnljvpASQpK6PcRLExCRL/E1saD5lXeHA
UDlCAgir2Py2RfWoudqc3MdNyIZYaH/K0sC3cQw7JE6pvWj/LuJDMDt5xCKj/PaB
ige+stqi8NWHENxqXNla/97AyUaL8tQoiGSsInXqV7sbXmICoQx/NAx8feBKP/Zf
QB9D1vrbDOgjU66xEshKZzn/lWHeRk5f6HNAGOJJMUDsngsJavzcxT3BsQIDAQAB
o4IDSTCCA0UwHQYDVR0OBBYEFIJGiERDkJ8+WK7VlJsLfXP4/cs/MB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvZ2thSVJFT1FuejVZcnRXVW13dDljX2o5eXo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXQYIKwYBBQUHAQcBAf8EggFMMIIBSDCCAUQEAgABMIIB
PAMEAAVorwMEAE1MDgMEAE6AATAMAwQBToAGAwQBToAIAwQBToAqAwQAToA8AwQB
ToA+MAwDBAJOgEwDBABOgE4DBAFOgFADBABOgHYDBABOgH4DBABOjgYDBABOjiAD
BABOji8DBABOjjMDBAJOjjgDBAFOjj4wDAMEAk98BAMEAE98BgMEAE98DgMEAU98
EAMEAE98FgMEAE98HQMEAE98HwMEAE98LAMEAE98NDAMAwQAT3w/AwQCT3xAMAwD
BABPfEsDBABPfEwDBABPfFQDBABPfFoDBABSduUDBABSdvMDBABblJQwDAMEAFuU
pwMEAFuUqAMEAl5IiAMEAIK54QMEAIK56AMEAbKEVgMEArnFmAMEAbnonDAMAwQB
2a6SAwQB2a6UMAwDBADZrpcDBAHZrpgDBADZrpswDQYJKoZIhvcNAQELBQADggEB
AKnrZQw+3cgVTvQ1T5FKn9TQYvYr1tnWQ29mXwnBawnJt2mQ4ZqZWSCJp5I6sezn
yggq8/GOg7rJCQhOCNQ5zJr8q+maF0NyG6RhO8MNwVfEQJIE7T8JHVlFkq01Qlox
tpHlDnRffDbwgwmy6eIAD5LcUhaqVX9ls7WVJyN+PFpfCMCvHNg3ru5hiE5m+a8e
bMwpLqqRT8u8txMdoaNC3VPz9SVNl/7Cxgbk+ZACUeJ0GIRNqbcRUQEs4f6m0Dx3
BqKZCdsyCyByu8F+RzI6T0vLpj7GkaBQgDPYPmTE/OrrfuE0IJd2o+7vKXlLlLJq
X3mYpKpUqjWyHkCiUyShEGw=
-----END CERTIFICATE-----
Generated at Tue Sep 17 15:54:05 2024 by rpki-client on console-fra.rpki-client.org