Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/LhddwZO9qMSMW8yQyLyOhx8rtY4.roa
File: LhddwZO9qMSMW8yQyLyOhx8rtY4.roa (raw, json)
Hash identifier: TTT5haLwgAh7cp4ZNiAkUim0yqukiIr2wJcq9RVxMK0=
Subject key identifier: 2E:17:5D:C1:93:BD:A8:C4:8C:5B:CC:90:C8:BC:8E:87:1F:2B:B5:8E
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 01890065C425713992B39D2E6A63EECECA3A
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/LhddwZO9qMSMW8yQyLyOhx8rtY4.roa
Signing time: Wed 28 Jun 2023 05:06:56 +0000
ROA not before: Wed 28 Jun 2023 05:06:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49100
IP address blocks: 185.177.232.0/22 maxlen: 22
85.9.68.0/24 maxlen: 24
85.9.64.0/18 maxlen: 18
85.9.76.0/24 maxlen: 24
194.33.122.0/23 maxlen: 23
5.202.0.0/16 maxlen: 24
109.232.7.0/24 maxlen: 24
109.232.5.0/24 maxlen: 24
109.232.6.0/24 maxlen: 24
185.131.30.0/23 maxlen: 23
185.131.28.0/22 maxlen: 22
193.32.80.0/23 maxlen: 23
185.180.52.0/22 maxlen: 22
77.237.160.0/19 maxlen: 19
185.103.128.0/22 maxlen: 22
185.83.88.0/24 maxlen: 24
185.83.89.0/24 maxlen: 24
185.83.90.0/23 maxlen: 23
109.125.176.0/22 maxlen: 22
109.125.184.0/22 maxlen: 22
109.125.182.0/23 maxlen: 23
109.125.191.0/24 maxlen: 24
109.125.189.0/24 maxlen: 24
109.125.190.0/24 maxlen: 24
91.209.242.0/24 maxlen: 24
109.125.160.0/19 maxlen: 19
185.126.40.0/22 maxlen: 22
185.125.244.0/22 maxlen: 22
185.72.24.0/22 maxlen: 22
185.125.248.0/21 maxlen: 21
185.125.255.0/24 maxlen: 24
185.72.27.0/24 maxlen: 24
185.126.0.0/20 maxlen: 20
185.126.16.0/22 maxlen: 22
185.126.16.0/23 maxlen: 23
5.202.82.0/24 maxlen: 24
5.202.100.0/24 maxlen: 24
5.202.110.0/24 maxlen: 24
95.215.160.0/22 maxlen: 22
185.155.8.0/21 maxlen: 21
185.169.20.0/22 maxlen: 22
185.169.36.0/22 maxlen: 22
185.169.37.0/24 maxlen: 24
188.253.32.0/19 maxlen: 24
5.202.166.0/23 maxlen: 23
188.253.64.0/19 maxlen: 24
2a07:8f40::/29 maxlen: 29
2a0a:4e00::/29 maxlen: 29
2a07:8f00::/29 maxlen: 29
2001:4c88::/32 maxlen: 32
2a02:cd80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:00:65:c4:25:71:39:92:b3:9d:2e:6a:63:ee:ce:ca:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jun 28 05:06:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e175dc193bda8c48c5bcc90c8bc8e871f2bb58e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:44:54:d9:18:2f:96:b2:f5:98:f0:ed:11:cd:
22:78:a5:49:a0:9f:c0:9d:f4:1a:5b:0a:a5:a4:1e:
96:16:f4:44:31:d8:ca:99:6d:2d:e1:01:8e:e8:1f:
64:15:92:6b:03:17:2f:78:66:30:78:33:b7:4f:c3:
0d:8d:a2:dc:7b:9f:36:8f:d1:1a:e7:c9:fe:cb:1f:
6e:f6:f0:c7:1f:10:1a:6d:d7:15:2e:e1:91:9d:ac:
3b:c9:c6:18:bb:b6:77:ca:0d:39:5c:bd:ed:21:de:
8d:df:22:f4:18:72:5e:e5:bb:d6:db:c9:4a:e7:92:
a8:35:2e:f9:43:43:72:51:ad:bf:61:2c:b5:49:19:
ea:6b:08:50:b8:b6:48:42:41:4c:bb:6e:9a:55:b6:
eb:de:2f:87:e8:7f:78:c4:d1:16:65:9c:98:98:9e:
ea:e1:76:cc:a4:c8:27:cc:8b:7d:3a:d9:37:4f:a6:
76:2d:ee:5c:e2:5b:9f:bf:97:1d:00:d1:1b:2c:96:
a2:bc:2f:ed:09:90:70:5f:0d:ff:85:84:8b:4e:b9:
fd:d1:5b:02:05:1e:cd:10:fe:2f:61:c5:85:fb:65:
60:e5:4d:51:44:67:ed:2c:8b:a9:6d:ed:e5:39:4f:
07:af:71:b8:17:e8:1f:5c:e4:d8:25:93:55:4a:97:
33:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:17:5D:C1:93:BD:A8:C4:8C:5B:CC:90:C8:BC:8E:87:1F:2B:B5:8E
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/LhddwZO9qMSMW8yQyLyOhx8rtY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.0.0/16
77.237.160.0/19
85.9.64.0/18
91.209.242.0/24
95.215.160.0/22
109.125.160.0/19
109.232.5.0-109.232.7.255
185.72.24.0/22
185.83.88.0/22
185.103.128.0/22
185.125.244.0-185.126.19.255
185.126.40.0/22
185.131.28.0/22
185.155.8.0/21
185.169.20.0/22
185.169.36.0/22
185.177.232.0/22
185.180.52.0/22
188.253.32.0-188.253.95.255
193.32.80.0/23
194.33.122.0/23
IPv6:
2001:4c88::/32
2a02:cd80::/29
2a07:8f00::/29
2a07:8f40::/29
2a0a:4e00::/29
Signature Algorithm: sha256WithRSAEncryption
85:bb:fa:c1:bf:60:b4:43:72:e1:a5:88:d6:03:b3:2a:e4:0a:
b6:37:7e:e5:85:2f:55:d9:38:87:fe:ba:ad:cd:06:b5:7a:e7:
35:d7:3c:b5:f8:f5:37:4e:af:e4:b7:ea:63:5f:27:96:a4:03:
e9:d5:23:7c:bc:01:99:41:61:36:be:a8:33:b0:36:3e:37:93:
fd:ff:4d:ae:be:d3:4c:ef:a3:4f:3b:df:8c:64:91:a7:e4:98:
8f:a4:c1:73:24:a3:8c:a3:bd:b8:3d:19:38:e8:54:f7:6d:b7:
53:00:d5:3a:b5:e2:71:65:a7:15:e3:db:46:a5:2a:b0:74:cf:
07:cb:08:e4:40:eb:69:bd:91:44:20:26:f5:61:c7:4d:bf:13:
99:f9:28:fc:30:48:6d:08:75:59:69:bc:1e:02:4d:0c:74:63:
e0:31:a1:09:63:11:35:8b:cf:fb:d9:35:f7:4c:c8:48:17:a3:
bb:37:6a:f2:48:f4:d3:82:e5:2c:5a:10:f0:13:09:dd:4d:1a:
99:b8:76:4c:ff:29:04:cd:a3:58:9a:af:b1:aa:b1:e7:38:d6:
a9:ad:8c:27:ce:25:ea:15:fc:f4:30:1b:1e:ef:c5:e4:ed:42:
7f:a7:30:d2:cc:79:74:5c:16:e9:67:c0:e6:d6:78:aa:80:be:
c8:df:1c:b8
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAYkAZcQlcTmSs50uamPuzso6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjMwNjI4MDUwNjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTE3NWRjMTkzYmRhOGM0OGM1YmNjOTBjOGJjOGU4NzFmMmJiNThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzERU2RgvlrL1mPDtEc0ieKVJoJ/A
nfQaWwqlpB6WFvREMdjKmW0t4QGO6B9kFZJrAxcveGYweDO3T8MNjaLce582j9Ea
58n+yx9u9vDHHxAabdcVLuGRnaw7ycYYu7Z3yg05XL3tId6N3yL0GHJe5bvW28lK
55KoNS75Q0NyUa2/YSy1SRnqawhQuLZIQkFMu26aVbbr3i+H6H94xNEWZZyYmJ7q
4XbMpMgnzIt9Otk3T6Z2Le5c4lufv5cdANEbLJaivC/tCZBwXw3/hYSLTrn90VsC
BR7NEP4vYcWF+2Vg5U1RRGftLIupbe3lOU8Hr3G4F+gfXOTYJZNVSpcz4wIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFC4XXcGTvajEjFvMkMi8jocfK7WOMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvTGhkZHdaTzlxTVNNVzh5UXlMeU9oeDhydFk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBnAQCAAEwgZUDAwAF
ygMEBU3toAMEBlUJQAMEAFvR8gMEAl/XoAMEBW19oDAMAwQAbegFAwQDbegAAwQC
uUgYAwQCuVNYAwQCuWeAMAwDBAK5ffQDBAK5fhADBAK5figDBAK5gxwDBAO5mwgD
BAK5qRQDBAK5qSQDBAK5segDBAK5tDQwDAMEBbz9IAMEBbz9QAMEAcEgUAMEAcIh
ejApBAIAAjAjAwUAIAFMiAMFAyoCzYADBQMqB48AAwUDKgePQAMFAyoKTgAwDQYJ
KoZIhvcNAQELBQADggEBAIW7+sG/YLRDcuGliNYDsyrkCrY3fuWFL1XZOIf+uq3N
BrV65zXXPLX49TdOr+S36mNfJ5akA+nVI3y8AZlBYTa+qDOwNj43k/3/Ta6+00zv
o08734xkkafkmI+kwXMko4yjvbg9GTjoVPdtt1MA1Tq14nFlpxXj20alKrB0zwfL
CORA62m9kUQgJvVhx02/E5n5KPwwSG0IdVlpvB4CTQx0Y+AxoQljETWLz/vZNfdM
yEgXo7s3avJI9NOC5SxaEPATCd1NGpm4dkz/KQTNo1iar7Gqsec41qmtjCfOJeoV
/PQwGx7vxeTtQn+nMNLMeXRcFulnwObWeKqAvsjfHLg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org