Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/iLXttlXFEZ81Tgn0bjmkC3X06NE.roa
File: iLXttlXFEZ81Tgn0bjmkC3X06NE.roa (raw, json)
Hash identifier: EaDkm1C7kip3dlk5e878MJJstB4YEoL4lmkQXEVnYAU=
Subject key identifier: 88:B5:ED:B6:55:C5:11:9F:35:4E:09:F4:6E:39:A4:0B:75:F4:E8:D1
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 0190730272A519DD553C46110DAE12D30969
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/iLXttlXFEZ81Tgn0bjmkC3X06NE.roa
Signing time: Tue 02 Jul 2024 10:34:18 +0000
ROA not before: Tue 02 Jul 2024 10:34:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34918
IP address blocks: 5.202.0.0/20 maxlen: 20
85.9.96.0/20 maxlen: 20
85.9.96.0/21 maxlen: 21
85.9.96.0/22 maxlen: 22
85.9.100.0/22 maxlen: 22
85.9.104.0/21 maxlen: 21
85.9.105.0/24 maxlen: 24
85.9.106.0/24 maxlen: 24
85.9.107.0/24 maxlen: 24
85.9.108.0/24 maxlen: 24
85.9.109.0/24 maxlen: 24
85.9.110.0/24 maxlen: 24
85.9.111.0/24 maxlen: 24
85.9.112.0/22 maxlen: 22
85.9.112.0/24 maxlen: 24
85.9.113.0/24 maxlen: 24
85.9.114.0/24 maxlen: 24
85.9.115.0/24 maxlen: 24
85.9.120.0/21 maxlen: 21
85.9.120.0/22 maxlen: 22
85.9.124.0/22 maxlen: 22
185.126.0.0/20 maxlen: 20
185.126.0.0/21 maxlen: 21
185.126.0.0/22 maxlen: 22
185.126.0.0/24 maxlen: 24
185.126.1.0/24 maxlen: 24
185.126.2.0/24 maxlen: 24
185.126.3.0/24 maxlen: 24
185.126.4.0/24 maxlen: 24
185.126.5.0/24 maxlen: 24
185.126.6.0/24 maxlen: 24
185.126.7.0/24 maxlen: 24
185.126.8.0/21 maxlen: 21
185.126.8.0/24 maxlen: 24
185.126.9.0/24 maxlen: 24
185.126.10.0/24 maxlen: 24
185.126.11.0/24 maxlen: 24
185.126.12.0/24 maxlen: 24
185.126.13.0/24 maxlen: 24
185.126.14.0/24 maxlen: 24
185.126.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Oct 2024 09:45:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:73:02:72:a5:19:dd:55:3c:46:11:0d:ae:12:d3:09:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jul 2 10:34:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88b5edb655c5119f354e09f46e39a40b75f4e8d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:dd:f0:de:42:07:5e:84:15:88:4f:f4:96:69:
c8:b7:e4:48:73:19:cb:79:22:ac:67:b4:5c:a8:66:
cc:4c:28:f9:66:83:0c:a3:4f:81:e7:38:0e:c9:50:
1e:0e:89:84:47:ef:00:b2:98:e9:00:a8:e9:d0:07:
51:72:bd:90:96:f7:30:ae:e3:13:b1:0e:61:be:cb:
a7:95:38:b7:ed:a0:f9:13:a3:87:65:f0:a6:fd:a9:
14:7c:02:aa:fb:b2:58:9d:67:89:ba:e3:d3:e9:81:
06:5c:46:05:5d:12:5f:fa:b8:dc:80:fe:ac:b5:d8:
db:ba:04:97:a7:32:1b:c5:aa:24:92:e0:90:63:3f:
78:f5:f7:1f:e5:5d:cc:f7:3c:63:b5:e6:3d:84:5e:
69:e4:01:19:3d:da:38:32:d8:af:48:a2:d8:6d:d9:
0c:03:75:5e:3d:70:67:8f:30:09:93:8e:f2:71:ce:
31:ed:fd:f8:55:59:64:d8:05:93:b8:73:96:45:16:
8c:56:03:4e:46:3f:7c:ee:c3:a2:a8:df:68:1b:6f:
18:e2:15:ea:e6:a1:6e:88:7e:e0:80:ea:bb:1a:26:
8f:b8:3e:89:36:aa:c6:e3:72:7e:c1:59:b7:ff:e7:
85:8c:8c:ad:36:69:fb:af:9b:a6:ef:80:cd:39:51:
1e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:B5:ED:B6:55:C5:11:9F:35:4E:09:F4:6E:39:A4:0B:75:F4:E8:D1
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/iLXttlXFEZ81Tgn0bjmkC3X06NE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.0.0/20
85.9.96.0-85.9.115.255
85.9.120.0/21
185.126.0.0/20
Signature Algorithm: sha256WithRSAEncryption
24:54:c2:68:45:af:66:f4:cf:d2:4f:85:e5:bd:b4:59:d6:76:
4b:a3:85:c7:98:2f:a4:2d:e7:9a:ad:10:95:63:fa:e4:dc:97:
32:d6:85:b4:09:3d:39:b1:a2:bd:85:8c:bb:e2:3d:2c:c4:78:
1e:f0:fc:7b:d5:0f:be:7b:38:17:75:25:1a:81:8c:02:3c:c0:
ae:89:94:62:0f:08:7e:1e:a2:ae:2e:b1:08:ea:52:a3:8d:fc:
68:5f:b9:49:11:2a:17:f7:e3:f8:63:c5:20:10:ab:89:18:3a:
40:fe:71:fb:d7:32:0a:77:5f:8e:1c:b6:7d:21:6d:86:6e:e4:
10:de:aa:dc:12:75:66:fa:f6:6f:89:96:29:1d:53:d8:e9:c5:
65:08:4a:d0:79:c7:2c:16:6b:00:f1:77:82:fb:6e:bb:37:e4:
b1:62:d0:d5:0f:9a:4b:fc:86:d9:78:b2:70:13:fa:f2:67:ff:
09:0b:ba:74:ce:bb:2f:98:98:64:c8:ec:b8:8a:c7:6b:d5:ed:
b4:17:3a:75:65:6c:ca:14:2d:e7:2a:3c:c2:68:e2:f3:5f:9b:
a6:19:06:64:00:8f:2e:f2:f1:26:36:5d:e6:cf:55:19:1c:97:
46:a3:5a:49:4e:07:66:ba:39:8f:80:11:0e:6d:35:bf:e1:04:
08:c8:5a:81
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZBzAnKlGd1VPEYRDa4S0wlpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjQwNzAyMTAzNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGI1ZWRiNjU1YzUxMTlmMzU0ZTA5ZjQ2ZTM5YTQwYjc1ZjRlOGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp93w3kIHXoQViE/0lmnIt+RIcxnL
eSKsZ7RcqGbMTCj5ZoMMo0+B5zgOyVAeDomER+8AspjpAKjp0AdRcr2QlvcwruMT
sQ5hvsunlTi37aD5E6OHZfCm/akUfAKq+7JYnWeJuuPT6YEGXEYFXRJf+rjcgP6s
tdjbugSXpzIbxaokkuCQYz949fcf5V3M9zxjteY9hF5p5AEZPdo4MtivSKLYbdkM
A3VePXBnjzAJk47ycc4x7f34VVlk2AWTuHOWRRaMVgNORj987sOiqN9oG28Y4hXq
5qFuiH7ggOq7GiaPuD6JNqrG43J+wVm3/+eFjIytNmn7r5um74DNOVEetwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIi17bZVxRGfNU4J9G45pAt19OjRMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvaUxYdHRsWEZFWjgxVGduMGJqbWtDM1gwNk5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQEBcoAMAwD
BAVVCWADBAJVCXADBANVCXgDBAS5fgAwDQYJKoZIhvcNAQELBQADggEBACRUwmhF
r2b0z9JPheW9tFnWdkujhceYL6Qt55qtEJVj+uTclzLWhbQJPTmxor2FjLviPSzE
eB7w/HvVD757OBd1JRqBjAI8wK6JlGIPCH4eoq4usQjqUqON/GhfuUkRKhf34/hj
xSAQq4kYOkD+cfvXMgp3X44ctn0hbYZu5BDeqtwSdWb69m+JlikdU9jpxWUIStB5
xywWawDxd4L7brs35LFi0NUPmkv8htl4snAT+vJn/wkLunTOuy+YmGTI7LiKx2vV
7bQXOnVlbMoULecqPMJo4vNfm6YZBmQAjy7y8SY2XebPVRkcl0ajWklOB2a6OY+A
EQ5tNb/hBAjIWoE=
-----END CERTIFICATE-----
Generated at Wed Oct 30 12:04:29 2024 by rpki-client on console-fra.rpki-client.org