Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/kM0C6gM308PGOPueiuYICnb_qiM.roa
File: kM0C6gM308PGOPueiuYICnb_qiM.roa (raw, json)
Hash identifier: Cc1/uG9nFo7HhJoQLtdH6PuFl6DIysV4gSe3ARyrwJY=
Subject key identifier: 90:CD:02:EA:03:37:D3:C3:C6:38:FB:9E:8A:E6:08:0A:76:FF:AA:23
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 01912741BAB1FA685FB1C74A427D51FC452F
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/kM0C6gM308PGOPueiuYICnb_qiM.roa
Signing time: Tue 06 Aug 2024 10:35:04 +0000
ROA not before: Tue 06 Aug 2024 10:35:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57344
IP address blocks: 5.104.168.0/23 maxlen: 23
5.104.174.0/24 maxlen: 24
77.76.8.0/24 maxlen: 24
77.76.10.0/24 maxlen: 24
77.76.11.0/24 maxlen: 24
78.128.0.0/24 maxlen: 24
78.128.8.0/24 maxlen: 24
78.128.43.0/24 maxlen: 24
78.128.60.0/24 maxlen: 24
78.128.67.0/24 maxlen: 24
78.128.72.0/24 maxlen: 24
78.128.76.0/24 maxlen: 24
78.128.79.0/24 maxlen: 24
78.128.81.0/24 maxlen: 24
78.128.92.0/24 maxlen: 24
78.128.94.0/24 maxlen: 24
78.128.98.0/24 maxlen: 24
78.128.108.0/23 maxlen: 23
78.142.1.0/24 maxlen: 24
78.142.4.0/23 maxlen: 23
78.142.17.0/24 maxlen: 24
78.142.20.0/24 maxlen: 24
78.142.24.0/24 maxlen: 24
78.142.33.0/24 maxlen: 24
78.142.34.0/24 maxlen: 24
78.142.47.0/24 maxlen: 24
78.142.48.0/24 maxlen: 24
78.142.60.0/24 maxlen: 24
78.142.63.0/24 maxlen: 24
79.124.0.0/24 maxlen: 24
79.124.15.0/24 maxlen: 24
79.124.20.0/23 maxlen: 23
79.124.23.0/24 maxlen: 24
79.124.24.0/22 maxlen: 24
79.124.28.0/24 maxlen: 24
79.124.50.0/24 maxlen: 24
79.124.51.0/24 maxlen: 24
79.124.73.0/24 maxlen: 24
79.124.74.0/24 maxlen: 24
79.124.76.0/24 maxlen: 24
79.124.79.0/24 maxlen: 24
79.124.82.0/24 maxlen: 24
82.118.224.0/24 maxlen: 24
82.118.236.0/24 maxlen: 24
82.118.238.0/24 maxlen: 24
82.118.244.0/24 maxlen: 24
82.118.246.0/23 maxlen: 23
91.148.131.0/24 maxlen: 24
91.148.140.0/24 maxlen: 24
91.148.160.0/24 maxlen: 24
91.148.168.0/24 maxlen: 24
94.72.145.0/24 maxlen: 24
94.72.148.0/22 maxlen: 24
94.72.158.0/24 maxlen: 24
94.72.159.0/24 maxlen: 24
130.185.224.0/24 maxlen: 24
130.185.226.0/24 maxlen: 24
130.185.229.0/24 maxlen: 24
130.185.235.0/24 maxlen: 24
130.185.236.0/24 maxlen: 24
130.185.237.0/24 maxlen: 24
130.185.248.0/24 maxlen: 24
130.185.250.0/24 maxlen: 24
176.241.176.0/23 maxlen: 24
178.132.80.0/24 maxlen: 24
178.132.81.0/24 maxlen: 24
178.132.82.0/23 maxlen: 24
178.132.84.0/23 maxlen: 24
185.148.160.0/22 maxlen: 22
217.174.148.0/23 maxlen: 24
217.174.150.0/24 maxlen: 24
217.174.152.0/23 maxlen: 24
217.174.154.0/24 maxlen: 24
217.174.159.0/24 maxlen: 24
2a01:8740::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 23 Oct 2024 14:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:27:41:ba:b1:fa:68:5f:b1:c7:4a:42:7d:51:fc:45:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Aug 6 10:35:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90cd02ea0337d3c3c638fb9e8ae6080a76ffaa23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8c:80:c1:fe:7e:d4:62:ed:ab:7c:93:74:b1:
f8:94:4b:37:11:0d:69:d5:47:ab:e6:d2:9e:94:9e:
14:50:9f:dd:a9:a2:35:01:c8:49:74:9a:66:ed:52:
d4:fb:b0:7b:1e:92:f3:e8:ff:1c:5c:15:6c:dc:d4:
db:64:95:d9:84:55:86:80:fc:cc:2d:a1:97:3c:ac:
f3:90:6f:c7:e4:0c:73:9c:2e:bf:f0:d3:b2:26:53:
7c:15:2c:b3:58:13:e2:70:58:96:be:37:4c:71:e7:
53:d8:c2:e1:22:3b:89:3a:e8:cb:43:e8:21:ae:fb:
d4:dc:71:9a:90:79:c9:7c:58:d2:b8:e7:5a:12:45:
38:9e:f2:f4:31:25:72:9f:a1:eb:a1:b2:8d:36:55:
be:81:b8:40:9e:3b:38:b3:c0:71:2a:20:3c:c7:c0:
bc:59:50:5a:ed:35:bd:dd:c4:aa:78:6c:7e:3b:0a:
07:cc:37:e9:65:f8:55:ca:fd:b9:26:e5:aa:61:52:
8e:69:4a:5b:40:33:ab:51:7f:69:83:a4:f5:e0:af:
78:e2:ed:b2:7c:a1:86:0d:d9:91:2a:c7:b1:d9:fc:
59:78:c3:5e:a2:4b:cd:53:31:de:07:b6:f2:f9:53:
56:5d:80:ea:0f:c9:ff:dc:44:d5:65:52:6d:d1:41:
a2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:CD:02:EA:03:37:D3:C3:C6:38:FB:9E:8A:E6:08:0A:76:FF:AA:23
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/kM0C6gM308PGOPueiuYICnb_qiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.168.0/23
5.104.174.0/24
77.76.8.0/24
77.76.10.0/23
78.128.0.0/24
78.128.8.0/24
78.128.43.0/24
78.128.60.0/24
78.128.67.0/24
78.128.72.0/24
78.128.76.0/24
78.128.79.0/24
78.128.81.0/24
78.128.92.0/24
78.128.94.0/24
78.128.98.0/24
78.128.108.0/23
78.142.1.0/24
78.142.4.0/23
78.142.17.0/24
78.142.20.0/24
78.142.24.0/24
78.142.33.0-78.142.34.255
78.142.47.0-78.142.48.255
78.142.60.0/24
78.142.63.0/24
79.124.0.0/24
79.124.15.0/24
79.124.20.0/23
79.124.23.0-79.124.28.255
79.124.50.0/23
79.124.73.0-79.124.74.255
79.124.76.0/24
79.124.79.0/24
79.124.82.0/24
82.118.224.0/24
82.118.236.0/24
82.118.238.0/24
82.118.244.0/24
82.118.246.0/23
91.148.131.0/24
91.148.140.0/24
91.148.160.0/24
91.148.168.0/24
94.72.145.0/24
94.72.148.0/22
94.72.158.0/23
130.185.224.0/24
130.185.226.0/24
130.185.229.0/24
130.185.235.0-130.185.237.255
130.185.248.0/24
130.185.250.0/24
176.241.176.0/23
178.132.80.0-178.132.85.255
185.148.160.0/22
217.174.148.0-217.174.150.255
217.174.152.0-217.174.154.255
217.174.159.0/24
IPv6:
2a01:8740::/32
Signature Algorithm: sha256WithRSAEncryption
0d:0e:5a:e8:d5:a7:9a:e4:5a:97:bc:d4:ef:c3:af:65:7b:10:
86:e3:c2:a7:7d:e4:59:53:ab:f0:30:7a:90:fe:17:2d:4b:48:
0a:c1:6b:f1:6e:16:c6:53:9a:a2:29:17:d0:c0:5f:59:42:ca:
28:b0:c4:fb:b1:a0:3e:68:7d:b4:44:db:14:87:e1:4b:e0:1b:
cc:4b:b6:c8:bf:be:ea:1a:e2:ff:96:6c:eb:2c:2d:47:42:7f:
f4:52:89:8e:59:6d:dc:89:04:b9:16:56:92:31:a3:68:26:21:
ca:45:e3:19:8c:a3:64:63:cd:96:96:49:83:f1:06:fa:97:34:
53:ba:f5:d6:12:68:70:d8:c0:85:96:4d:49:d9:5e:0c:5b:0e:
7d:56:bf:0f:ab:d1:1e:a4:ee:cc:09:bd:b3:7a:51:88:2b:69:
03:f4:da:46:54:dd:dc:e6:1b:03:d8:b8:a3:78:cc:c8:fb:62:
30:f0:38:51:6f:9c:8d:63:6b:8b:fb:b3:6a:ca:82:61:33:67:
17:94:96:ba:58:31:cf:1f:32:78:bd:6d:01:24:f7:10:a0:cf:
e7:e5:9d:42:f6:8e:0e:01:28:fd:b1:39:0f:fc:90:99:99:32:
2b:16:4d:bf:b6:51:07:71:ba:09:35:62:f6:3c:aa:fc:22:ab:
1d:1e:95:75
-----BEGIN CERTIFICATE-----
MIIGsjCCBZqgAwIBAgISAZEnQbqx+mhfscdKQn1R/EUvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjQwODA2MTAzNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGNkMDJlYTAzMzdkM2MzYzYzOGZiOWU4YWU2MDgwYTc2ZmZhYTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoyAwf5+1GLtq3yTdLH4lEs3EQ1p
1Uer5tKelJ4UUJ/dqaI1AchJdJpm7VLU+7B7HpLz6P8cXBVs3NTbZJXZhFWGgPzM
LaGXPKzzkG/H5AxznC6/8NOyJlN8FSyzWBPicFiWvjdMcedT2MLhIjuJOujLQ+gh
rvvU3HGakHnJfFjSuOdaEkU4nvL0MSVyn6HrobKNNlW+gbhAnjs4s8BxKiA8x8C8
WVBa7TW93cSqeGx+OwoHzDfpZfhVyv25JuWqYVKOaUpbQDOrUX9pg6T14K944u2y
fKGGDdmRKsex2fxZeMNeokvNUzHeB7by+VNWXYDqD8n/3ETVZVJt0UGi6QIDAQAB
o4IDvjCCA7owHQYDVR0OBBYEFJDNAuoDN9PDxjj7normCAp2/6ojMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEva00wQzZnTTMwOFBHT1B1ZWl1WUlDbmJfcWlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB0gYIKwYBBQUHAQcBAf8EggHBMIIBvTCCAaoEAgABMIIB
ogMEAQVoqAMEAAVorgMEAE1MCAMEAU1MCgMEAE6AAAMEAE6ACAMEAE6AKwMEAE6A
PAMEAE6AQwMEAE6ASAMEAE6ATAMEAE6ATwMEAE6AUQMEAE6AXAMEAE6AXgMEAE6A
YgMEAU6AbAMEAE6OAQMEAU6OBAMEAE6OEQMEAE6OFAMEAE6OGDAMAwQATo4hAwQA
To4iMAwDBABOji8DBABOjjADBABOjjwDBABOjj8DBABPfAADBABPfA8DBAFPfBQw
DAMEAE98FwMEAE98HAMEAU98MjAMAwQAT3xJAwQAT3xKAwQAT3xMAwQAT3xPAwQA
T3xSAwQAUnbgAwQAUnbsAwQAUnbuAwQAUnb0AwQBUnb2AwQAW5SDAwQAW5SMAwQA
W5SgAwQAW5SoAwQAXkiRAwQCXkiUAwQBXkieAwQAgrngAwQAgrniAwQAgrnlMAwD
BACCuesDBAGCuewDBACCufgDBACCufoDBAGw8bAwDAMEBLKEUAMEAbKEVAMEArmU
oDAMAwQC2a6UAwQA2a6WMAwDBAPZrpgDBADZrpoDBADZrp8wDQQCAAIwBwMFACoB
h0AwDQYJKoZIhvcNAQELBQADggEBAA0OWujVp5rkWpe81O/Dr2V7EIbjwqd95FlT
q/AwepD+Fy1LSArBa/FuFsZTmqIpF9DAX1lCyiiwxPuxoD5ofbRE2xSH4UvgG8xL
tsi/vuoa4v+WbOssLUdCf/RSiY5ZbdyJBLkWVpIxo2gmIcpF4xmMo2RjzZaWSYPx
BvqXNFO69dYSaHDYwIWWTUnZXgxbDn1Wvw+r0R6k7swJvbN6UYgraQP02kZU3dzm
GwPYuKN4zMj7YjDwOFFvnI1ja4v7s2rKgmEzZxeUlrpYMc8fMni9bQEk9xCgz+fl
nUL2jg4BKP2xOQ/8kJmZMisWTb+2UQdxugk1YvY8qvwiqx0elXU=
-----END CERTIFICATE-----
Generated at Wed Oct 23 18:06:43 2024 by rpki-client on console-fra.rpki-client.org