Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/gR06uLRLrnDS5qhYaVC02r1ZRCk.roa
File: gR06uLRLrnDS5qhYaVC02r1ZRCk.roa (raw, json)
Hash identifier: tdFQOvZnYA7RFL4xo3QQfDyINvFwI2r3WMa0TokOn7o=
Subject key identifier: 81:1D:3A:B8:B4:4B:AE:70:D2:E6:A8:58:69:50:B4:DA:BD:59:44:29
Certificate issuer: /CN=15fd3804e00b9e06a82ced9f07b34fe3fd80394e
Certificate serial: 018E13F7A7C34B94DD76CF949FA12834A9B4
Authority key identifier: 15:FD:38:04:E0:0B:9E:06:A8:2C:ED:9F:07:B3:4F:E3:FD:80:39:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ff04BOALngaoLO2fB7NP4_2AOU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/gR06uLRLrnDS5qhYaVC02r1ZRCk.roa
Signing time: Wed 06 Mar 2024 13:33:01 +0000
ROA not before: Wed 06 Mar 2024 13:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61173
IP address blocks: 5.182.44.0/24 maxlen: 24
5.182.45.0/24 maxlen: 24
5.182.46.0/24 maxlen: 24
5.182.47.0/24 maxlen: 24
45.159.112.0/24 maxlen: 24
45.159.113.0/24 maxlen: 24
45.159.114.0/24 maxlen: 24
45.159.115.0/24 maxlen: 24
62.3.42.0/24 maxlen: 24
85.208.253.0/24 maxlen: 24
85.208.254.0/24 maxlen: 24
85.208.255.0/24 maxlen: 24
185.4.28.0/24 maxlen: 24
185.4.29.0/24 maxlen: 24
185.4.30.0/24 maxlen: 24
185.4.31.0/24 maxlen: 24
185.50.37.0/24 maxlen: 24
185.50.38.0/24 maxlen: 24
185.50.39.0/24 maxlen: 24
185.116.160.0/24 maxlen: 24
185.116.161.0/24 maxlen: 24
185.116.162.0/24 maxlen: 24
185.116.163.0/24 maxlen: 24
185.213.164.0/24 maxlen: 24
185.213.165.0/24 maxlen: 24
185.213.166.0/24 maxlen: 24
185.213.167.0/24 maxlen: 24
185.255.88.0/24 maxlen: 24
185.255.89.0/24 maxlen: 24
185.255.90.0/24 maxlen: 24
185.255.91.0/24 maxlen: 24
193.141.64.0/24 maxlen: 24
193.141.65.0/24 maxlen: 24
193.141.126.0/24 maxlen: 24
193.141.127.0/24 maxlen: 24
2a05:ab80::/48 maxlen: 48
2a05:ab80:3::/48 maxlen: 48
2a05:ab80:4::/48 maxlen: 48
2a05:ab80:100::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 09 Apr 2024 08:18:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:13:f7:a7:c3:4b:94:dd:76:cf:94:9f:a1:28:34:a9:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15fd3804e00b9e06a82ced9f07b34fe3fd80394e
Validity
Not Before: Mar 6 13:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=811d3ab8b44bae70d2e6a8586950b4dabd594429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:37:fa:f0:a4:0c:92:82:27:39:04:51:7a:41:
33:de:c4:d3:4b:ac:e4:c4:12:49:e0:e4:3c:df:03:
8a:20:fd:58:dc:73:12:eb:51:4d:5f:f2:35:72:f3:
7a:e1:be:33:27:c3:c5:ad:11:97:47:55:e6:2c:a7:
ff:5e:69:58:b9:e9:a3:b4:e7:d9:ff:86:74:e9:ca:
4c:40:07:8c:96:c6:ef:f4:b0:be:7c:0c:eb:d2:ef:
da:d7:26:fc:76:cb:f6:65:56:67:b4:10:82:c7:98:
a9:f8:ef:c2:c2:d1:22:37:9d:03:74:08:39:c0:e9:
50:ae:9f:e2:ab:4d:15:1b:53:b0:51:c5:8b:72:90:
be:bc:a1:6c:a6:c2:69:92:fb:00:a5:8b:01:7f:f1:
08:68:9d:b1:32:b8:5f:b7:62:1c:93:25:f9:ff:45:
33:03:fb:f4:61:af:a3:63:a9:42:6e:24:2f:b4:b7:
b7:9d:92:f0:52:e9:a7:0a:d6:69:06:ea:a5:d0:ce:
af:b9:cb:bc:30:16:cb:92:f5:31:1f:68:07:7e:cc:
b5:78:82:ab:d2:e3:aa:6b:3b:50:db:aa:6c:b9:fd:
1c:5c:02:3f:6c:ff:5f:2e:c9:01:33:e4:01:cb:34:
1b:6a:17:db:1b:4f:0a:d4:86:00:cf:ce:e4:d3:52:
4b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:1D:3A:B8:B4:4B:AE:70:D2:E6:A8:58:69:50:B4:DA:BD:59:44:29
X509v3 Authority Key Identifier:
keyid:15:FD:38:04:E0:0B:9E:06:A8:2C:ED:9F:07:B3:4F:E3:FD:80:39:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ff04BOALngaoLO2fB7NP4_2AOU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/gR06uLRLrnDS5qhYaVC02r1ZRCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/Ff04BOALngaoLO2fB7NP4_2AOU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.44.0/22
45.159.112.0/22
62.3.42.0/24
85.208.253.0-85.208.255.255
185.4.28.0/22
185.50.37.0-185.50.39.255
185.116.160.0/22
185.213.164.0/22
185.255.88.0/22
193.141.64.0/23
193.141.126.0/23
IPv6:
2a05:ab80::/48
2a05:ab80:3::-2a05:ab80:4:ffff:ffff:ffff:ffff:ffff
2a05:ab80:100::/48
Signature Algorithm: sha256WithRSAEncryption
33:51:35:ec:b3:b0:d0:73:d5:d1:42:55:f0:60:30:a8:d8:3e:
f3:c4:48:88:41:56:5f:6c:88:82:7a:52:e0:8f:8f:58:e9:7e:
41:d1:67:b9:e8:a2:c2:3a:25:5b:09:ab:62:18:29:95:dd:93:
97:90:6c:24:b1:b8:bf:54:6d:2d:f0:fd:b6:3f:40:e4:0b:ad:
5b:f8:16:d9:95:4c:e0:20:a7:ee:a6:ab:7b:9e:a5:17:b1:f3:
b6:3b:a4:13:81:f8:b4:82:40:f8:9b:0a:53:bc:99:de:0f:27:
ce:42:d8:5f:9c:9e:eb:e3:23:06:6e:61:0f:68:d3:fe:c1:d6:
d5:56:34:e1:5d:bc:fc:fd:7c:c4:1a:b4:a9:7c:4a:af:3e:71:
a7:d2:de:9f:db:b7:05:2b:5c:b5:85:df:02:8a:74:20:bd:65:
fa:d2:c3:23:1c:92:99:73:6f:0b:a9:8f:88:0a:01:b9:10:3a:
a8:40:c1:c5:32:ed:59:a6:66:a3:e1:5b:34:61:24:ad:c7:31:
db:a5:ae:34:a4:11:d6:cb:f7:d8:2b:fa:70:69:19:d5:b9:0a:
d7:d1:85:35:92:f9:87:b9:0c:81:54:a4:58:a9:ac:72:64:98:
15:7f:08:c9:d6:b2:00:48:bc:31:8b:20:01:2c:0f:3d:f7:a4:
97:75:46:cc
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAY4T96fDS5Tdds+Un6EoNKm0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZmQzODA0ZTAwYjllMDZhODJjZWQ5ZjA3YjM0ZmUzZmQ4
MDM5NGUwHhcNMjQwMzA2MTMzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTFkM2FiOGI0NGJhZTcwZDJlNmE4NTg2OTUwYjRkYWJkNTk0NDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDf68KQMkoInOQRRekEz3sTTS6zk
xBJJ4OQ83wOKIP1Y3HMS61FNX/I1cvN64b4zJ8PFrRGXR1XmLKf/XmlYuemjtOfZ
/4Z06cpMQAeMlsbv9LC+fAzr0u/a1yb8dsv2ZVZntBCCx5ip+O/CwtEiN50DdAg5
wOlQrp/iq00VG1OwUcWLcpC+vKFspsJpkvsApYsBf/EIaJ2xMrhft2IckyX5/0Uz
A/v0Ya+jY6lCbiQvtLe3nZLwUumnCtZpBuql0M6vucu8MBbLkvUxH2gHfsy1eIKr
0uOqaztQ26psuf0cXAI/bP9fLskBM+QByzQbahfbG08K1IYAz87k01JLXwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFIEdOri0S65w0uaoWGlQtNq9WUQpMB8GA1UdIwQY
MBaAFBX9OATgC54GqCztnwezT+P9gDlOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmYwNEJPQUxuZ2FvTE8yZkI3TlA0XzJBT1U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iZTNjNDAtMTIxMC00MjcyLWE1ZWEt
NzgzNWQzMjA4Mzk2LzEvZ1IwNnVMUkxybkRTNXFoWWFWQzAycjFaUkNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iZTNjNDAtMTIxMC00MjcyLWE1ZWEtNzgzNWQzMjA4Mzk2
LzEvRmYwNEJPQUxuZ2FvTE8yZkI3TlA0XzJBT1U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzBXBAIAATBRAwQCBbYs
AwQCLZ9wAwQAPgMqMAsDBABV0P0DAwBV0AMEArkEHDAMAwQAuTIlAwQDuTIgAwQC
uXSgAwQCudWkAwQCuf9YAwQBwY1AAwQBwY1+MCwEAgACMCYDBwAqBauAAAAwEgMH
ACoFq4AAAwMHACoFq4AABAMHACoFq4ABADANBgkqhkiG9w0BAQsFAAOCAQEAM1E1
7LOw0HPV0UJV8GAwqNg+88RIiEFWX2yIgnpS4I+PWOl+QdFnueiiwjolWwmrYhgp
ld2Tl5BsJLG4v1RtLfD9tj9A5AutW/gW2ZVM4CCn7qare56lF7HztjukE4H4tIJA
+JsKU7yZ3g8nzkLYX5ye6+MjBm5hD2jT/sHW1VY04V28/P18xBq0qXxKrz5xp9Le
n9u3BStctYXfAop0IL1l+tLDIxySmXNvC6mPiAoBuRA6qEDBxTLtWaZmo+FbNGEk
rccx26WuNKQR1sv32Cv6cGkZ1bkK19GFNZL5h7kMgVSkWKmscmSYFX8IydayAEi8
MYsgASwPPfekl3VGzA==
-----END CERTIFICATE-----
Generated at Tue Apr 9 12:12:02 2024 by rpki-client on console-ams.rpki-client.org