Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/otKYVFvwo8pF1L84971faCeTpF8.roa
File: otKYVFvwo8pF1L84971faCeTpF8.roa (raw, json)
Hash identifier: ZelEBiM4YMBf7pHs7GrmUN5HEnBR23LCfcBz7P4EA8M=
Subject key identifier: A2:D2:98:54:5B:F0:A3:CA:45:D4:BF:38:F7:BD:5F:68:27:93:A4:5F
Certificate issuer: /CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Certificate serial: 018DC68A79C00A100DD36E0A54A8613BF268
Authority key identifier: E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/otKYVFvwo8pF1L84971faCeTpF8.roa
Signing time: Tue 20 Feb 2024 12:43:00 +0000
ROA not before: Tue 20 Feb 2024 12:43:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8400
IP address blocks: 5.154.225.0/24 maxlen: 24
62.101.128.0/20 maxlen: 20
77.46.128.0/17 maxlen: 17
79.101.0.0/16 maxlen: 16
79.101.21.0/24 maxlen: 24
89.39.144.0/23 maxlen: 23
91.150.64.0/18 maxlen: 18
91.150.64.0/23 maxlen: 23
91.150.66.0/24 maxlen: 24
91.150.91.0/24 maxlen: 24
93.86.0.0/15 maxlen: 15
93.86.0.0/16 maxlen: 16
93.87.0.0/16 maxlen: 16
93.87.38.0/24 maxlen: 24
93.87.39.0/24 maxlen: 24
93.87.50.0/24 maxlen: 24
93.87.58.0/24 maxlen: 24
109.92.0.0/15 maxlen: 15
109.122.77.0/24 maxlen: 24
178.220.0.0/15 maxlen: 15
178.222.0.0/16 maxlen: 16
178.223.0.0/17 maxlen: 17
178.223.128.0/18 maxlen: 18
178.223.192.0/19 maxlen: 19
185.190.152.0/22 maxlen: 22
195.178.32.0/19 maxlen: 19
212.200.0.0/16 maxlen: 16
212.200.0.0/17 maxlen: 17
212.200.0.0/21 maxlen: 21
212.200.8.0/22 maxlen: 22
212.200.12.0/23 maxlen: 23
212.200.45.0/24 maxlen: 24
212.200.50.0/24 maxlen: 24
212.200.51.0/24 maxlen: 24
212.200.52.0/24 maxlen: 24
212.200.123.0/24 maxlen: 24
212.200.128.0/17 maxlen: 17
212.200.128.0/18 maxlen: 18
212.200.132.0/24 maxlen: 24
212.200.192.0/19 maxlen: 19
212.200.224.0/24 maxlen: 24
212.200.225.0/24 maxlen: 24
212.200.226.0/23 maxlen: 23
212.200.228.0/22 maxlen: 22
212.200.232.0/21 maxlen: 21
212.200.240.0/20 maxlen: 20
2a00:e90::/32 maxlen: 32
2a06:63c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 26 Apr 2024 11:31:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c6:8a:79:c0:0a:10:0d:d3:6e:0a:54:a8:61:3b:f2:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Validity
Not Before: Feb 20 12:43:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2d298545bf0a3ca45d4bf38f7bd5f682793a45f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b5:5c:d0:a0:ec:2a:16:ff:1c:f5:1b:b2:2f:
b0:c6:08:13:9b:dd:d8:fe:ab:91:82:5c:42:4f:13:
93:19:43:60:04:10:02:e2:f9:5d:f4:26:12:22:17:
a5:43:46:39:8a:92:71:a3:79:c0:53:ed:52:0e:70:
5e:70:a6:9d:f3:11:fd:0c:0b:10:be:49:99:d5:34:
e3:7e:f1:36:04:19:fa:3d:08:d7:ed:f0:2a:53:e3:
ed:4c:5e:24:6b:59:a4:03:d3:ca:49:ba:b8:6b:0a:
c4:b4:d9:85:07:0b:5e:c9:e0:88:33:07:3e:35:a2:
49:f3:5f:3c:d4:62:c8:29:b8:b8:ac:25:a9:5b:f1:
c8:cc:31:e0:45:fc:72:9a:57:4f:51:37:d2:15:bd:
c4:bf:3f:79:0e:33:71:16:a9:22:57:80:8a:88:9d:
b2:67:bc:bb:93:7d:ad:04:47:d1:f3:d7:d5:a2:18:
19:09:7c:59:19:f1:e9:10:93:87:ef:ea:fd:55:8b:
72:00:ee:ac:2f:31:77:34:f5:76:48:77:d7:9c:20:
95:f7:d2:a4:e1:fd:34:db:83:c7:5d:6b:47:63:47:
a5:39:ef:37:d8:7c:5e:94:63:19:54:3b:27:7a:aa:
55:a4:3d:aa:a4:00:a5:1a:4d:fc:ec:d5:5a:a1:52:
c0:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D2:98:54:5B:F0:A3:CA:45:D4:BF:38:F7:BD:5F:68:27:93:A4:5F
X509v3 Authority Key Identifier:
keyid:E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/otKYVFvwo8pF1L84971faCeTpF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.225.0/24
62.101.128.0/20
77.46.128.0/17
79.101.0.0/16
89.39.144.0/23
91.150.64.0/18
93.86.0.0/15
109.92.0.0/15
109.122.77.0/24
178.220.0.0-178.223.223.255
185.190.152.0/22
195.178.32.0/19
212.200.0.0/16
IPv6:
2a00:e90::/32
2a06:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
8e:a1:e0:a6:1a:5c:61:b4:3f:08:a2:10:13:da:5b:9e:54:16:
f5:61:ff:df:da:9e:31:98:ef:83:18:79:b7:25:8e:8e:93:2b:
f0:7c:0d:10:c8:7d:a7:65:01:46:48:6e:b5:21:57:57:13:cc:
06:14:bb:75:f1:12:9b:1d:8c:d1:65:69:96:05:70:6a:3e:ff:
d9:67:e5:94:b6:54:e4:3d:1d:dc:26:aa:32:24:65:b3:34:fb:
a5:7c:dd:86:c5:3e:b3:61:6f:aa:a2:4c:60:5e:b4:df:9b:99:
a9:bd:00:16:42:2e:5b:48:ff:14:74:ae:32:18:87:12:8d:5b:
35:21:c9:45:c0:93:db:e4:35:fd:5c:05:9e:5e:39:b3:51:36:
8e:2a:6c:5f:1a:65:11:b1:ac:d4:ad:4a:0d:32:d4:6c:38:8f:
af:a7:a7:54:68:73:fd:98:02:35:43:f0:6d:e3:d7:d7:69:f3:
32:eb:d3:55:ca:4c:ea:f5:59:8b:3a:1e:2c:c4:94:15:89:a5:
49:45:0b:b2:3b:02:ae:7a:a6:b5:60:65:c2:4d:79:29:71:9c:
a6:48:75:1c:69:00:e1:2b:b2:b7:8c:97:60:7d:79:d5:58:a6:
47:4c:d2:87:33:57:2e:9a:63:8f:69:af:05:1b:a6:57:73:87:
ef:ca:62:fa
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAY3GinnAChAN024KVKhhO/JoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YjEzMjBmYmMyNGQ2ZjQzNjZjYjY0ZmNmNWVkMmQ3YjFi
NmJkZjcwHhcNMjQwMjIwMTI0MzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmQyOTg1NDViZjBhM2NhNDVkNGJmMzhmN2JkNWY2ODI3OTNhNDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbVc0KDsKhb/HPUbsi+wxggTm93Y
/quRglxCTxOTGUNgBBAC4vld9CYSIhelQ0Y5ipJxo3nAU+1SDnBecKad8xH9DAsQ
vkmZ1TTjfvE2BBn6PQjX7fAqU+PtTF4ka1mkA9PKSbq4awrEtNmFBwteyeCIMwc+
NaJJ81881GLIKbi4rCWpW/HIzDHgRfxymldPUTfSFb3Evz95DjNxFqkiV4CKiJ2y
Z7y7k32tBEfR89fVohgZCXxZGfHpEJOH7+r9VYtyAO6sLzF3NPV2SHfXnCCV99Kk
4f0024PHXWtHY0elOe832HxelGMZVDsneqpVpD2qpAClGk387NVaoVLA2wIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFKLSmFRb8KPKRdS/OPe9X2gnk6RfMB8GA1UdIwQY
MBaAFOmxMg+8JNb0Nmy2T89e0textr33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUt
ZDNlMjgwMGJkNjQwLzEvb3RLWVZGdndvOHBGMUw4NDk3MWZhQ2VUcEY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUtZDNlMjgwMGJkNjQw
LzEvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wVwQCAAEwUQMEAAWa4QME
BD5lgAMEB00ugAMDAE9lAwQBWSeQAwQGW5ZAAwMBXVYDAwFtXAMEAG16TTALAwMC
stwDBAWy38ADBAK5vpgDBAXDsiADAwDUyDAUBAIAAjAOAwUAKgAOkAMFAyoGY8Aw
DQYJKoZIhvcNAQELBQADggEBAI6h4KYaXGG0PwiiEBPaW55UFvVh/9/anjGY74MY
ebcljo6TK/B8DRDIfadlAUZIbrUhV1cTzAYUu3XxEpsdjNFlaZYFcGo+/9ln5ZS2
VOQ9HdwmqjIkZbM0+6V83YbFPrNhb6qiTGBetN+bmam9ABZCLltI/xR0rjIYhxKN
WzUhyUXAk9vkNf1cBZ5eObNRNo4qbF8aZRGxrNStSg0y1Gw4j6+np1Roc/2YAjVD
8G3j19dp8zLr01XKTOr1WYs6HizElBWJpUlFC7I7Aq56prVgZcJNeSlxnKZIdRxp
AOErsreMl2B9edVYpkdM0oczVy6aY49prwUbpldzh+/KYvo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:02 2024 by rpki-client on console-ams.rpki-client.org