Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/1-ciVkloGTjcwJWwFaRZtkGqSvfA.roa
File: 1-ciVkloGTjcwJWwFaRZtkGqSvfA.roa (raw, json)
Hash identifier: sCWZdA0/BK30ixp1LlSl4RNHhYBOKl3+PKB/6MzLUEk=
Subject key identifier: F9:C8:95:92:5A:06:4E:37:30:25:6C:05:69:16:6D:90:6A:92:BD:F0
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 019280B57384DCE757EF054CAA1392EC37E7
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/1-ciVkloGTjcwJWwFaRZtkGqSvfA.roa
Signing time: Sat 12 Oct 2024 12:30:28 +0000
ROA not before: Sat 12 Oct 2024 12:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49100
IP address blocks: 5.202.0.0/16 maxlen: 24
5.202.16.0/23 maxlen: 23
5.202.22.0/23 maxlen: 23
5.202.76.0/24 maxlen: 24
5.202.82.0/24 maxlen: 24
5.202.100.0/24 maxlen: 24
5.202.110.0/24 maxlen: 24
5.202.166.0/23 maxlen: 23
5.202.208.0/20 maxlen: 20
5.202.240.0/21 maxlen: 21
77.237.160.0/19 maxlen: 19
85.9.64.0/18 maxlen: 18
85.9.68.0/24 maxlen: 24
85.9.76.0/24 maxlen: 24
91.209.242.0/24 maxlen: 24
95.215.160.0/22 maxlen: 22
109.125.160.0/19 maxlen: 19
109.125.160.0/23 maxlen: 23
109.125.162.0/23 maxlen: 23
109.125.164.0/23 maxlen: 23
109.125.168.0/21 maxlen: 21
109.125.176.0/22 maxlen: 22
109.125.182.0/23 maxlen: 23
109.125.184.0/22 maxlen: 22
109.125.187.0/24 maxlen: 24
109.125.188.0/24 maxlen: 24
109.125.189.0/24 maxlen: 24
109.125.190.0/24 maxlen: 24
109.125.191.0/24 maxlen: 24
109.232.5.0/24 maxlen: 24
109.232.6.0/24 maxlen: 24
109.232.7.0/24 maxlen: 24
185.72.24.0/22 maxlen: 22
185.72.27.0/24 maxlen: 24
185.83.88.0/24 maxlen: 24
185.83.89.0/24 maxlen: 24
185.83.90.0/23 maxlen: 23
185.103.128.0/22 maxlen: 22
185.125.244.0/22 maxlen: 22
185.125.248.0/21 maxlen: 21
185.125.255.0/24 maxlen: 24
185.126.0.0/20 maxlen: 20
185.126.16.0/22 maxlen: 22
185.126.16.0/23 maxlen: 23
185.126.40.0/22 maxlen: 22
185.131.28.0/22 maxlen: 22
185.131.30.0/23 maxlen: 23
185.155.8.0/21 maxlen: 21
185.169.20.0/22 maxlen: 22
185.169.36.0/22 maxlen: 22
185.169.37.0/24 maxlen: 24
185.177.232.0/22 maxlen: 22
185.180.52.0/22 maxlen: 22
188.253.32.0/19 maxlen: 24
188.253.64.0/19 maxlen: 24
193.32.80.0/23 maxlen: 23
194.33.122.0/23 maxlen: 23
2001:4c88::/32 maxlen: 32
2a02:cd80::/29 maxlen: 29
2a07:8f00::/29 maxlen: 29
2a07:8f40::/29 maxlen: 29
2a0a:4e00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 29 Oct 2024 09:47:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:80:b5:73:84:dc:e7:57:ef:05:4c:aa:13:92:ec:37:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Oct 12 12:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9c895925a064e3730256c0569166d906a92bdf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ae:53:6b:b1:2d:24:d7:17:2a:8e:45:16:b1:
a2:1e:e1:3d:6e:b0:06:72:02:aa:cd:24:6d:f9:fe:
b6:da:06:bc:a5:75:82:43:eb:73:83:ba:07:07:06:
44:a6:b6:42:d6:97:91:0f:7b:f2:bd:28:1c:82:38:
5d:d4:c3:af:3f:98:1e:fc:11:8b:4f:82:a7:4d:c1:
69:db:51:1b:43:d8:ba:f8:2e:e5:10:37:10:60:b9:
e1:d2:a4:5a:51:a3:7e:b5:e1:6d:54:aa:9b:06:cd:
58:68:2d:3a:6f:bf:fa:9d:33:86:87:5c:1b:26:8d:
3d:42:19:3e:24:04:3c:3a:c2:21:84:c8:2f:8c:ed:
ec:a7:d4:96:01:d1:4b:9c:3f:50:f3:c2:cd:34:ee:
2e:80:f9:61:16:0d:ce:ce:88:8c:04:a1:ae:e5:4b:
1f:f8:65:cd:00:36:ba:46:3f:14:f2:df:93:8e:a5:
36:18:fd:b0:70:a6:d9:fd:1e:ed:cc:47:28:ea:84:
78:e0:60:9e:30:f9:81:65:e8:d0:6a:cd:77:c1:fa:
47:ad:9b:59:c9:2a:de:5f:93:2f:12:e2:76:b5:33:
cf:a5:51:aa:14:27:7a:26:40:98:4f:69:e3:fd:1d:
19:c2:cb:9a:83:e2:58:65:3b:8c:07:47:94:3e:53:
7b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:C8:95:92:5A:06:4E:37:30:25:6C:05:69:16:6D:90:6A:92:BD:F0
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/1-ciVkloGTjcwJWwFaRZtkGqSvfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.0.0/16
77.237.160.0/19
85.9.64.0/18
91.209.242.0/24
95.215.160.0/22
109.125.160.0/19
109.232.5.0-109.232.7.255
185.72.24.0/22
185.83.88.0/22
185.103.128.0/22
185.125.244.0-185.126.19.255
185.126.40.0/22
185.131.28.0/22
185.155.8.0/21
185.169.20.0/22
185.169.36.0/22
185.177.232.0/22
185.180.52.0/22
188.253.32.0-188.253.95.255
193.32.80.0/23
194.33.122.0/23
IPv6:
2001:4c88::/32
2a02:cd80::/29
2a07:8f00::/29
2a07:8f40::/29
2a0a:4e00::/29
Signature Algorithm: sha256WithRSAEncryption
81:5a:b8:80:aa:5a:16:c3:f0:1c:06:2c:74:37:57:9d:ef:58:
f1:aa:ff:4f:0a:c6:82:7f:41:91:97:6d:b6:66:d5:6a:78:a9:
52:8d:0a:7d:27:30:9d:69:d7:db:12:d2:29:4d:38:be:7b:4d:
8a:8b:cc:a9:5e:03:87:75:45:d7:1e:c1:4b:ef:d4:49:c7:99:
35:d7:b4:ea:da:2c:c1:a5:ed:8b:dd:ff:33:59:19:54:c3:2c:
01:ca:13:5d:81:c0:da:1b:57:06:15:88:36:a1:00:6e:79:22:
89:cb:54:16:4a:48:47:b4:34:6b:fc:80:cf:22:b4:bb:9e:c3:
2f:91:71:d0:c6:8c:ca:b0:17:18:5e:36:be:f2:91:67:f0:c3:
8e:f1:83:dd:2a:4e:47:0a:e2:8e:b1:01:1c:45:b8:3f:4c:9b:
e2:2b:98:c9:d6:91:d3:2a:41:a4:80:26:6d:f5:e3:43:d7:39:
b6:65:e5:f7:5f:2f:19:7d:db:79:55:78:ef:6e:91:bc:40:4d:
dd:d6:fc:f5:5a:db:e8:91:3d:e2:93:3e:bc:a3:1b:25:1d:3d:
96:8f:c9:01:3e:ed:63:ff:e4:d0:27:71:a7:8b:c7:8d:c6:8f:
18:38:7c:07:9d:3d:3f:4e:f0:b9:43:4b:46:4f:36:8c:84:1f:
d2:81:93:51
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgISAZKAtXOE3OdX7wVMqhOS7DfnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjQxMDEyMTIzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWM4OTU5MjVhMDY0ZTM3MzAyNTZjMDU2OTE2NmQ5MDZhOTJiZGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArK5Ta7EtJNcXKo5FFrGiHuE9brAG
cgKqzSRt+f622ga8pXWCQ+tzg7oHBwZEprZC1peRD3vyvSgcgjhd1MOvP5ge/BGL
T4KnTcFp21EbQ9i6+C7lEDcQYLnh0qRaUaN+teFtVKqbBs1YaC06b7/6nTOGh1wb
Jo09Qhk+JAQ8OsIhhMgvjO3sp9SWAdFLnD9Q88LNNO4ugPlhFg3OzoiMBKGu5Usf
+GXNADa6Rj8U8t+TjqU2GP2wcKbZ/R7tzEco6oR44GCeMPmBZejQas13wfpHrZtZ
ySreX5MvEuJ2tTPPpVGqFCd6JkCYT2nj/R0Zwsuag+JYZTuMB0eUPlN7dQIDAQAB
o4ICyTCCAsUwHQYDVR0OBBYEFPnIlZJaBk43MCVsBWkWbZBqkr3wMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvMS1jaVZrbG9HVGpjd0pXd0ZhUlp0a0dxU3ZmQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZGIvNzg4NmY0LTVmY2MtNGQ0NC1iZDYyLTEwOTgyZTA0MGQ1
My8xL21oNXBOb3E5TkZPUDUzM2FxODNJTmE5Wlhyby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB3QYIKwYBBQUHAQcBAf8Egc0wgcowgZwEAgABMIGVAwMA
BcoDBAVN7aADBAZVCUADBABb0fIDBAJf16ADBAVtfaAwDAMEAG3oBQMEA23oAAME
ArlIGAMEArlTWAMEArlngDAMAwQCuX30AwQCuX4QAwQCuX4oAwQCuYMcAwQDuZsI
AwQCuakUAwQCuakkAwQCubHoAwQCubQ0MAwDBAW8/SADBAW8/UADBAHBIFADBAHC
IXowKQQCAAIwIwMFACABTIgDBQMqAs2AAwUDKgePAAMFAyoHj0ADBQMqCk4AMA0G
CSqGSIb3DQEBCwUAA4IBAQCBWriAqloWw/AcBix0N1ed71jxqv9PCsaCf0GRl222
ZtVqeKlSjQp9JzCdadfbEtIpTTi+e02Ki8ypXgOHdUXXHsFL79RJx5k117Tq2izB
pe2L3f8zWRlUwywByhNdgcDaG1cGFYg2oQBueSKJy1QWSkhHtDRr/IDPIrS7nsMv
kXHQxozKsBcYXja+8pFn8MOO8YPdKk5HCuKOsQEcRbg/TJviK5jJ1pHTKkGkgCZt
9eND1zm2ZeX3Xy8Zfdt5VXjvbpG8QE3d1vz1WtvokT3ikz68oxslHT2Wj8kBPu1j
/+TQJ3Gni8eNxo8YOHwHnT0/TvC5Q0tGTzaMhB/SgZNR
-----END CERTIFICATE-----
Generated at Tue Oct 29 11:58:33 2024 by rpki-client on console-ams.rpki-client.org