Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/louJTJt6LmpIv_sXFZwGz0fldMs.roa
File: louJTJt6LmpIv_sXFZwGz0fldMs.roa (raw, json)
Hash identifier: obd4WeAb4mFV1hKwiCIyiu6nQxPI97bH9bYUriayTas=
Subject key identifier: 96:8B:89:4C:9B:7A:2E:6A:48:BF:FB:17:15:9C:06:CF:47:E5:74:CB
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 0190E42F602C0CEB4C9AA287A2FAFF82B9A1
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/louJTJt6LmpIv_sXFZwGz0fldMs.roa
Signing time: Wed 24 Jul 2024 10:00:28 +0000
ROA not before: Wed 24 Jul 2024 10:00:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49100
IP address blocks: 5.202.0.0/16 maxlen: 24
5.202.76.0/24 maxlen: 24
5.202.82.0/24 maxlen: 24
5.202.100.0/24 maxlen: 24
5.202.110.0/24 maxlen: 24
5.202.166.0/23 maxlen: 23
77.237.160.0/19 maxlen: 19
85.9.64.0/18 maxlen: 18
85.9.68.0/24 maxlen: 24
85.9.76.0/24 maxlen: 24
91.209.242.0/24 maxlen: 24
95.215.160.0/22 maxlen: 22
109.125.160.0/19 maxlen: 19
109.125.160.0/23 maxlen: 23
109.125.162.0/23 maxlen: 23
109.125.164.0/23 maxlen: 23
109.125.176.0/22 maxlen: 22
109.125.182.0/23 maxlen: 23
109.125.184.0/22 maxlen: 22
109.125.187.0/24 maxlen: 24
109.125.188.0/24 maxlen: 24
109.125.189.0/24 maxlen: 24
109.125.190.0/24 maxlen: 24
109.125.191.0/24 maxlen: 24
109.232.5.0/24 maxlen: 24
109.232.6.0/24 maxlen: 24
109.232.7.0/24 maxlen: 24
185.72.24.0/22 maxlen: 22
185.72.27.0/24 maxlen: 24
185.83.88.0/24 maxlen: 24
185.83.89.0/24 maxlen: 24
185.83.90.0/23 maxlen: 23
185.103.128.0/22 maxlen: 22
185.125.244.0/22 maxlen: 22
185.125.248.0/21 maxlen: 21
185.125.255.0/24 maxlen: 24
185.126.0.0/20 maxlen: 20
185.126.16.0/22 maxlen: 22
185.126.16.0/23 maxlen: 23
185.126.40.0/22 maxlen: 22
185.131.28.0/22 maxlen: 22
185.131.30.0/23 maxlen: 23
185.155.8.0/21 maxlen: 21
185.169.20.0/22 maxlen: 22
185.169.36.0/22 maxlen: 22
185.169.37.0/24 maxlen: 24
185.177.232.0/22 maxlen: 22
185.180.52.0/22 maxlen: 22
188.253.32.0/19 maxlen: 24
188.253.64.0/19 maxlen: 24
193.32.80.0/23 maxlen: 23
194.33.122.0/23 maxlen: 23
2001:4c88::/32 maxlen: 32
2a02:cd80::/29 maxlen: 29
2a07:8f00::/29 maxlen: 29
2a07:8f40::/29 maxlen: 29
2a0a:4e00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 25 Sep 2024 11:54:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e4:2f:60:2c:0c:eb:4c:9a:a2:87:a2:fa:ff:82:b9:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jul 24 10:00:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=968b894c9b7a2e6a48bffb17159c06cf47e574cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:9e:7a:24:b6:df:a3:b2:02:58:cd:a6:40:ce:
fd:b3:94:45:9d:55:d0:71:9e:bc:64:9a:c9:85:79:
40:cc:b9:a3:ef:bd:a4:27:b8:be:71:04:29:65:16:
10:51:b2:f9:d0:cd:6a:56:01:f4:4e:b2:78:8c:2e:
b8:a6:d8:ff:2d:51:0d:b7:17:ab:53:c7:37:0f:d6:
62:ac:8e:36:c4:9f:fd:c6:96:f9:2e:00:a4:01:62:
b7:0d:e5:e5:85:43:cf:ea:da:ad:23:d6:8c:43:32:
bc:1b:0e:2d:f3:96:f7:4f:38:17:3e:fa:0d:8c:be:
b0:ef:bb:56:39:c7:34:68:e9:65:99:1a:94:ed:d6:
2e:37:73:cf:16:27:63:c3:e4:f0:2b:59:52:7c:f4:
a9:00:d1:39:c6:9d:4e:ab:d2:77:0a:c2:1c:c8:24:
43:dd:27:02:af:1a:2b:d1:48:ef:9b:b9:f4:9d:45:
50:a5:a8:4a:2a:ab:20:4e:52:e9:60:5d:db:e1:83:
4e:f9:ef:8e:ce:1d:85:9f:94:f0:52:7f:4e:f4:24:
94:e5:11:cd:ca:89:82:36:75:65:a5:a8:5b:e8:01:
23:f2:3b:c0:8f:6f:21:c6:45:49:3e:d4:01:d6:57:
4d:a2:78:d0:87:13:c5:47:73:03:95:60:b2:1f:82:
7c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:8B:89:4C:9B:7A:2E:6A:48:BF:FB:17:15:9C:06:CF:47:E5:74:CB
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/louJTJt6LmpIv_sXFZwGz0fldMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.0.0/16
77.237.160.0/19
85.9.64.0/18
91.209.242.0/24
95.215.160.0/22
109.125.160.0/19
109.232.5.0-109.232.7.255
185.72.24.0/22
185.83.88.0/22
185.103.128.0/22
185.125.244.0-185.126.19.255
185.126.40.0/22
185.131.28.0/22
185.155.8.0/21
185.169.20.0/22
185.169.36.0/22
185.177.232.0/22
185.180.52.0/22
188.253.32.0-188.253.95.255
193.32.80.0/23
194.33.122.0/23
IPv6:
2001:4c88::/32
2a02:cd80::/29
2a07:8f00::/29
2a07:8f40::/29
2a0a:4e00::/29
Signature Algorithm: sha256WithRSAEncryption
68:1c:3c:e4:c1:2f:42:be:04:0b:04:04:af:bd:0e:c2:b2:ea:
2c:47:ba:65:9a:b6:99:2b:22:ff:b4:1d:0d:3a:f1:ca:51:26:
82:a5:41:fd:e8:2a:61:5b:1c:ea:8e:cb:32:a0:e8:14:1d:d6:
62:0a:a9:25:35:d4:98:e2:b0:95:f5:8f:79:30:c8:f4:d0:ae:
8e:bb:e1:0b:21:05:d1:ce:f8:a5:d0:d8:c0:70:cb:59:be:ad:
56:b7:89:40:44:66:b6:9b:67:6f:9d:23:ff:3b:e1:86:f1:e4:
4c:7a:5a:f7:ee:20:41:ab:dc:fb:a7:20:59:a6:5d:de:4e:47:
e2:ad:49:26:80:c7:37:4b:6e:9b:70:80:6d:19:1e:76:6a:31:
24:9f:59:db:49:c2:1e:93:30:9b:17:00:21:d2:7e:88:e5:65:
2b:10:08:32:a2:b9:64:61:35:38:ca:29:59:3a:1b:95:05:4e:
84:13:ed:d9:8b:96:83:1a:47:3c:f5:68:18:1a:95:bc:6d:0e:
0a:df:4d:f0:fd:8c:0e:fc:bf:9e:f9:ce:d0:8c:d6:9d:7b:74:
9a:09:35:9a:4f:34:37:d9:d1:c1:42:97:b3:73:9e:37:e0:c4:
08:2f:f6:60:7d:b3:c1:70:40:3e:44:bf:3d:5d:8e:5f:97:c3:
e5:b1:83:ee
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAZDkL2AsDOtMmqKHovr/grmhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjQwNzI0MTAwMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjhiODk0YzliN2EyZTZhNDhiZmZiMTcxNTljMDZjZjQ3ZTU3NGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJ56JLbfo7ICWM2mQM79s5RFnVXQ
cZ68ZJrJhXlAzLmj772kJ7i+cQQpZRYQUbL50M1qVgH0TrJ4jC64ptj/LVENtxer
U8c3D9ZirI42xJ/9xpb5LgCkAWK3DeXlhUPP6tqtI9aMQzK8Gw4t85b3TzgXPvoN
jL6w77tWOcc0aOllmRqU7dYuN3PPFidjw+TwK1lSfPSpANE5xp1Oq9J3CsIcyCRD
3ScCrxor0Ujvm7n0nUVQpahKKqsgTlLpYF3b4YNO+e+Ozh2Fn5TwUn9O9CSU5RHN
yomCNnVlpahb6AEj8jvAj28hxkVJPtQB1ldNonjQhxPFR3MDlWCyH4J80QIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFJaLiUybei5qSL/7FxWcBs9H5XTLMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvbG91SlRKdDZMbXBJdl9zWEZad0d6MGZsZE1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBnAQCAAEwgZUDAwAF
ygMEBU3toAMEBlUJQAMEAFvR8gMEAl/XoAMEBW19oDAMAwQAbegFAwQDbegAAwQC
uUgYAwQCuVNYAwQCuWeAMAwDBAK5ffQDBAK5fhADBAK5figDBAK5gxwDBAO5mwgD
BAK5qRQDBAK5qSQDBAK5segDBAK5tDQwDAMEBbz9IAMEBbz9QAMEAcEgUAMEAcIh
ejApBAIAAjAjAwUAIAFMiAMFAyoCzYADBQMqB48AAwUDKgePQAMFAyoKTgAwDQYJ
KoZIhvcNAQELBQADggEBAGgcPOTBL0K+BAsEBK+9DsKy6ixHumWatpkrIv+0HQ06
8cpRJoKlQf3oKmFbHOqOyzKg6BQd1mIKqSU11JjisJX1j3kwyPTQro674QshBdHO
+KXQ2MBwy1m+rVa3iUBEZrabZ2+dI/874Ybx5Ex6WvfuIEGr3PunIFmmXd5OR+Kt
SSaAxzdLbptwgG0ZHnZqMSSfWdtJwh6TMJsXACHSfojlZSsQCDKiuWRhNTjKKVk6
G5UFToQT7dmLloMaRzz1aBgalbxtDgrfTfD9jA78v575ztCM1p17dJoJNZpPNDfZ
0cFCl7NznjfgxAgv9mB9s8FwQD5Evz1djl+Xw+Wxg+4=
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:32:35 2025 by rpki-client