Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/GhzdkHnBk5XHZKfzHMFs6k9RyFk.roa
File: GhzdkHnBk5XHZKfzHMFs6k9RyFk.roa (raw, json)
Hash identifier: 52gEcglqz/LAM99Otjy96ctCxQzOcyB1QLoKQZbGdd0=
Subject key identifier: 1A:1C:DD:90:79:C1:93:95:C7:64:A7:F3:1C:C1:6C:EA:4F:51:C8:59
Certificate issuer: /CN=4283696716dbcc360b9a62ef7d84b4d28f958bdd
Certificate serial: 018F237BCC33473C3527778288A5555C680A
Authority key identifier: 42:83:69:67:16:DB:CC:36:0B:9A:62:EF:7D:84:B4:D2:8F:95:8B:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/GhzdkHnBk5XHZKfzHMFs6k9RyFk.roa
Signing time: Sun 28 Apr 2024 06:54:26 +0000
ROA not before: Sun 28 Apr 2024 06:54:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29256
IP address blocks: 5.0.0.0/19 maxlen: 19
5.0.32.0/19 maxlen: 19
5.0.64.0/18 maxlen: 18
5.0.128.0/19 maxlen: 19
5.0.160.0/19 maxlen: 19
5.0.160.0/21 maxlen: 21
5.0.168.0/21 maxlen: 21
5.0.176.0/21 maxlen: 21
5.0.184.0/21 maxlen: 21
5.0.192.0/18 maxlen: 18
5.155.0.0/19 maxlen: 19
5.155.32.0/19 maxlen: 19
5.155.64.0/19 maxlen: 19
5.155.96.0/19 maxlen: 19
5.155.128.0/19 maxlen: 19
5.155.160.0/19 maxlen: 19
5.155.192.0/19 maxlen: 19
5.155.224.0/19 maxlen: 19
31.9.48.0/22 maxlen: 22
31.9.56.0/21 maxlen: 21
31.9.64.0/20 maxlen: 20
31.9.80.0/20 maxlen: 20
31.9.96.0/19 maxlen: 19
31.9.128.0/20 maxlen: 20
31.9.144.0/20 maxlen: 20
31.9.160.0/19 maxlen: 19
31.9.192.0/19 maxlen: 19
31.9.224.0/19 maxlen: 19
46.40.128.0/18 maxlen: 18
80.70.120.0/21 maxlen: 21
82.100.128.0/19 maxlen: 19
82.137.192.0/20 maxlen: 20
82.137.208.0/20 maxlen: 20
82.137.224.0/20 maxlen: 20
82.137.240.0/24 maxlen: 24
82.137.242.0/24 maxlen: 24
82.137.243.0/24 maxlen: 24
82.137.244.0/23 maxlen: 23
82.137.246.0/23 maxlen: 23
82.137.248.0/24 maxlen: 24
82.137.249.0/24 maxlen: 24
82.137.250.0/24 maxlen: 24
82.137.251.0/24 maxlen: 24
82.137.252.0/24 maxlen: 24
82.137.253.0/24 maxlen: 24
82.137.254.0/24 maxlen: 24
82.137.255.0/24 maxlen: 24
91.144.0.0/20 maxlen: 20
91.144.16.0/20 maxlen: 20
91.144.32.0/20 maxlen: 20
94.47.0.0/19 maxlen: 19
94.47.0.0/21 maxlen: 21
94.47.8.0/21 maxlen: 21
94.47.16.0/21 maxlen: 21
94.47.24.0/21 maxlen: 21
94.47.32.0/19 maxlen: 19
94.47.32.0/21 maxlen: 21
94.47.40.0/21 maxlen: 21
94.47.48.0/21 maxlen: 21
94.47.56.0/21 maxlen: 21
94.47.64.0/19 maxlen: 19
94.47.96.0/19 maxlen: 19
94.47.128.0/20 maxlen: 20
94.47.144.0/20 maxlen: 20
94.47.160.0/19 maxlen: 19
94.47.160.0/21 maxlen: 21
94.47.168.0/21 maxlen: 21
94.47.176.0/21 maxlen: 21
94.47.184.0/21 maxlen: 21
94.47.192.0/18 maxlen: 18
178.253.64.0/19 maxlen: 19
178.253.96.0/23 maxlen: 23
178.253.98.0/24 maxlen: 24
178.253.99.0/24 maxlen: 24
178.253.100.0/23 maxlen: 23
178.253.102.0/24 maxlen: 24
178.253.103.0/24 maxlen: 24
178.253.104.0/22 maxlen: 22
178.253.108.0/23 maxlen: 23
178.253.110.0/23 maxlen: 23
185.92.88.0/22 maxlen: 22
185.99.100.0/22 maxlen: 22
185.109.212.0/22 maxlen: 22
188.133.0.0/20 maxlen: 20
188.133.16.0/20 maxlen: 20
188.133.32.0/19 maxlen: 19
188.133.64.0/19 maxlen: 19
188.133.96.0/19 maxlen: 19
193.124.10.0/23 maxlen: 23
193.124.12.0/23 maxlen: 23
193.124.26.0/23 maxlen: 23
193.124.28.0/23 maxlen: 23
193.124.38.0/23 maxlen: 23
193.124.52.0/23 maxlen: 23
193.124.62.0/23 maxlen: 23
193.124.68.0/23 maxlen: 23
193.124.86.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 22 May 2024 20:22:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:23:7b:cc:33:47:3c:35:27:77:82:88:a5:55:5c:68:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4283696716dbcc360b9a62ef7d84b4d28f958bdd
Validity
Not Before: Apr 28 06:54:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a1cdd9079c19395c764a7f31cc16cea4f51c859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:25:f0:81:bc:9a:bc:99:53:0e:b6:ba:aa:d9:
b4:56:83:93:be:74:8a:08:24:9f:65:1a:ac:3f:fc:
87:ec:03:73:45:c2:8b:2c:24:df:0b:e7:ed:99:fb:
86:4f:b6:cc:ef:68:08:de:88:a5:b7:b8:ca:54:af:
8e:b0:72:1b:d3:07:86:ac:2e:3f:da:00:83:30:8d:
4b:7e:2c:34:75:ce:23:44:88:a9:56:61:e4:88:48:
95:1a:3a:69:8f:7f:72:0c:29:ee:91:54:f4:74:9c:
28:0e:15:ca:23:0e:db:4d:d3:23:39:44:18:18:bd:
76:45:5d:2f:47:ff:35:3c:b9:0d:31:8e:a3:c8:7e:
fc:db:ce:4a:b8:29:52:d8:de:f1:5d:64:c1:e6:29:
16:89:65:67:00:bc:ca:0d:f4:c6:92:de:5a:e7:9e:
a0:33:23:36:18:49:95:5b:de:06:ac:41:d6:5e:52:
47:c5:11:81:dd:bf:1a:3a:5c:a0:34:eb:ae:7b:04:
d7:17:52:e3:13:ee:54:9a:8b:2f:d0:81:b9:d7:cf:
a7:0d:bf:75:fa:6f:8e:65:dd:ab:2a:9d:af:93:59:
98:de:06:e7:87:dd:96:67:49:4b:7e:bb:8a:b3:10:
1f:5a:3f:a5:47:47:15:31:e9:a6:2a:c2:72:ca:2a:
5b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:1C:DD:90:79:C1:93:95:C7:64:A7:F3:1C:C1:6C:EA:4F:51:C8:59
X509v3 Authority Key Identifier:
keyid:42:83:69:67:16:DB:CC:36:0B:9A:62:EF:7D:84:B4:D2:8F:95:8B:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/GhzdkHnBk5XHZKfzHMFs6k9RyFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/QoNpZxbbzDYLmmLvfYS00o-Vi90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.0.0.0/16
5.155.0.0/16
31.9.48.0/22
31.9.56.0-31.9.255.255
46.40.128.0/18
80.70.120.0/21
82.100.128.0/19
82.137.192.0-82.137.240.255
82.137.242.0-82.137.255.255
91.144.0.0-91.144.47.255
94.47.0.0/16
178.253.64.0-178.253.111.255
185.92.88.0/22
185.99.100.0/22
185.109.212.0/22
188.133.0.0/17
193.124.10.0-193.124.13.255
193.124.26.0-193.124.29.255
193.124.38.0/23
193.124.52.0/23
193.124.62.0/23
193.124.68.0/23
193.124.86.0/23
Signature Algorithm: sha256WithRSAEncryption
70:e3:83:2e:17:22:56:55:d4:6e:27:0d:2a:c0:b2:23:17:28:
8a:d8:01:79:d3:30:b6:e8:0e:a8:9a:2e:ee:ff:2b:9b:47:6b:
0c:1e:04:a4:01:e9:7c:15:9f:b4:3d:31:32:93:db:45:fc:4a:
18:a8:33:c8:97:6e:a1:d0:20:db:ba:c4:35:1a:7f:eb:2f:f6:
53:c7:5e:77:46:02:6a:2f:f3:e5:a0:d1:49:3d:0f:f3:08:22:
e8:95:34:48:c6:51:d1:2f:9d:ef:91:7a:18:02:8e:d6:66:f4:
59:c8:a4:9a:e6:3c:19:28:b7:b2:5c:ce:03:1f:d9:9f:5d:e4:
31:6d:5b:34:7c:2b:2e:85:7c:5d:00:c6:a1:30:e6:b3:fc:1a:
58:d3:6a:21:b8:9d:b4:d1:a2:35:ca:76:f3:75:97:d9:a7:5a:
a9:65:34:e9:91:5b:6f:60:03:d1:f2:26:34:cb:2e:d3:fb:86:
ed:6a:4b:98:86:00:ca:a0:f4:93:12:75:68:6c:4b:cf:bb:36:
44:05:66:3f:06:dd:c2:ab:b1:62:e2:22:e4:de:42:81:a4:11:
e2:2a:74:ba:bb:87:85:8c:53:96:63:ab:93:a4:7c:e5:81:7f:
8b:94:32:e7:28:22:7b:4c:f3:e5:d9:ce:c9:6d:ff:7a:ad:f2:
ba:20:1d:41
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAY8je8wzRzw1J3eCiKVVXGgKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyODM2OTY3MTZkYmNjMzYwYjlhNjJlZjdkODRiNGQyOGY5
NThiZGQwHhcNMjQwNDI4MDY1NDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTFjZGQ5MDc5YzE5Mzk1Yzc2NGE3ZjMxY2MxNmNlYTRmNTFjODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7iXwgbyavJlTDra6qtm0VoOTvnSK
CCSfZRqsP/yH7ANzRcKLLCTfC+ftmfuGT7bM72gI3oilt7jKVK+OsHIb0weGrC4/
2gCDMI1Lfiw0dc4jRIipVmHkiEiVGjppj39yDCnukVT0dJwoDhXKIw7bTdMjOUQY
GL12RV0vR/81PLkNMY6jyH78285KuClS2N7xXWTB5ikWiWVnALzKDfTGkt5a556g
MyM2GEmVW94GrEHWXlJHxRGB3b8aOlygNOuuewTXF1LjE+5Umosv0IG518+nDb91
+m+OZd2rKp2vk1mY3gbnh92WZ0lLfruKsxAfWj+lR0cVMemmKsJyyipb8QIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFBoc3ZB5wZOVx2Sn8xzBbOpPUchZMB8GA1UdIwQY
MBaAFEKDaWcW28w2C5pi732EtNKPlYvdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW9OcFp4YmJ6RFlMbW1MdmZZUzAwby1WaTkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS81NDQyY2UtNDhiYy00MTY0LTkzNTAt
OTI0MGQ5Zjc1YWU2LzEvR2h6ZGtIbkJrNVhIWktmekhNRnM2azlSeUZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS81NDQyY2UtNDhiYy00MTY0LTkzNTAtOTI0MGQ5Zjc1YWU2
LzEvUW9OcFp4YmJ6RFlMbW1MdmZZUzAwby1WaTkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDAwAF
AAMDAAWbAwQCHwkwMAsDBAMfCTgDAwEfCAMEBi4ogAMEA1BGeAMEBVJkgDAMAwQG
UonAAwQAUonwMAsDBAFSifIDAwFSiDALAwMEW5ADBARbkCADAwBeLzAMAwQGsv1A
AwQEsv1gAwQCuVxYAwQCuWNkAwQCuW3UAwQHvIUAMAwDBAHBfAoDBAHBfAwwDAME
AcF8GgMEAcF8HAMEAcF8JgMEAcF8NAMEAcF8PgMEAcF8RAMEAcF8VjANBgkqhkiG
9w0BAQsFAAOCAQEAcOODLhciVlXUbicNKsCyIxcoitgBedMwtugOqJou7v8rm0dr
DB4EpAHpfBWftD0xMpPbRfxKGKgzyJduodAg27rENRp/6y/2U8ded0YCai/z5aDR
ST0P8wgi6JU0SMZR0S+d75F6GAKO1mb0WcikmuY8GSi3slzOAx/Zn13kMW1bNHwr
LoV8XQDGoTDms/waWNNqIbidtNGiNcp283WX2adaqWU06ZFbb2AD0fImNMsu0/uG
7WpLmIYAyqD0kxJ1aGxLz7s2RAVmPwbdwquxYuIi5N5CgaQR4ip0uruHhYxTlmOr
k6R85YF/i5Qy5ygie0zz5dnOyW3/eq3yuiAdQQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:07 2024 by rpki-client on console-fra.rpki-client.org