Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/cTl3RVP0QE-fmgDgC40rFoP10NY.roa
File: cTl3RVP0QE-fmgDgC40rFoP10NY.roa (raw, json)
Hash identifier: r+GTd6BYRq3be2o5qOditExp7OTJy1aFiFIPWSM7JYY=
Subject key identifier: 71:39:77:45:53:F4:40:4F:9F:9A:00:E0:0B:8D:2B:16:83:F5:D0:D6
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018E5BF6CE74E6840E053CF96A53AAA4098F
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/cTl3RVP0QE-fmgDgC40rFoP10NY.roa
Signing time: Wed 20 Mar 2024 13:04:45 +0000
ROA not before: Wed 20 Mar 2024 13:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.85.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
146.19.125.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Mar 2024 03:23:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5b:f6:ce:74:e6:84:0e:05:3c:f9:6a:53:aa:a4:09:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Mar 20 13:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7139774553f4404f9f9a00e00b8d2b1683f5d0d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:52:6c:b5:01:d7:0e:21:95:2d:0c:28:d8:e1:
68:17:79:eb:09:93:12:1e:69:1e:eb:39:16:38:2f:
23:28:76:53:03:44:0d:b3:5b:4b:34:0b:6e:16:42:
b1:f2:2a:be:4e:ac:98:61:46:4f:1b:42:5b:37:0d:
48:c6:26:ed:e9:b1:58:53:fa:32:41:ac:58:b6:9a:
ab:ce:1f:b1:ba:35:9a:45:98:01:3a:21:2f:ee:59:
84:d7:7a:80:25:cc:fa:b6:53:36:56:04:55:57:94:
7e:a4:3c:cf:00:89:be:d4:c5:eb:c9:d7:34:ba:9f:
87:29:9b:46:5b:1c:4c:a4:81:b1:c5:7d:5d:4c:e7:
65:3c:3f:fa:2c:89:7f:78:b8:4a:3c:44:87:d7:30:
70:1d:e2:b1:b7:76:79:13:22:ca:25:1e:11:82:d6:
bd:2d:99:b9:ce:68:1f:69:a3:f3:90:83:a6:d0:ea:
a8:56:93:54:40:69:ec:0c:94:5a:a1:59:bb:a9:26:
2a:dc:76:06:73:ee:2d:f2:d8:4e:95:a1:b5:51:2a:
43:fd:f6:4d:7a:66:f7:ab:80:40:d0:b6:c2:5c:59:
7e:7d:f5:b1:f7:07:62:94:33:01:5b:37:78:6c:96:
cb:43:fd:20:62:b6:ed:c1:7b:61:36:c1:cb:26:a7:
29:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:39:77:45:53:F4:40:4F:9F:9A:00:E0:0B:8D:2B:16:83:F5:D0:D6
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/cTl3RVP0QE-fmgDgC40rFoP10NY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/23
5.181.87.0/24
45.88.139.0/24
45.94.170.0/23
45.132.180.0/23
85.209.120.0/23
146.19.125.0/24
193.30.241.0/24
193.57.41.0/24
195.177.93.0/24
195.177.95.0/24
Signature Algorithm: sha256WithRSAEncryption
98:e7:7b:17:c3:fd:ae:b5:fa:48:8f:3a:23:60:30:70:ea:07:
41:ce:a7:9f:69:52:81:b9:17:b0:41:38:4a:96:2f:58:ab:57:
54:2c:61:97:13:f6:d7:58:3d:37:d1:db:b1:c7:50:58:26:50:
00:59:d1:e2:ed:08:ef:ea:bc:e5:2f:9f:8b:fc:85:f5:ec:21:
95:00:fb:92:25:be:8b:66:6f:b9:ef:02:4c:17:86:fb:33:eb:
5f:c3:e4:5c:7e:5f:3c:fb:fa:aa:30:8f:c5:b7:96:51:cb:ea:
3d:75:3f:b4:56:bd:25:37:e0:d7:cf:86:82:37:bf:09:3e:16:
8f:10:e9:02:23:bf:54:33:95:22:7e:3b:b5:02:8e:eb:f1:99:
10:f1:76:08:27:8e:1a:0c:a5:e7:37:50:6d:8d:95:32:75:35:
85:06:57:b0:7c:f8:82:5a:1b:bd:e7:13:54:53:6e:f8:cb:12:
44:35:8b:69:cd:f3:42:05:2f:22:03:86:7a:03:a5:f4:6a:de:
a6:1e:24:a0:bc:3c:ba:38:a2:5a:e4:f1:24:b3:4d:0a:0e:64:
6d:dd:3a:24:81:dc:e8:3a:ba:b2:28:c6:a1:95:57:24:95:cb:
b2:91:a2:af:fd:41:8d:3a:5d:84:17:3a:4c:77:64:9b:23:a8:
73:3c:13:30
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAY5b9s505oQOBTz5alOqpAmPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMzIwMTMwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTM5Nzc0NTUzZjQ0MDRmOWY5YTAwZTAwYjhkMmIxNjgzZjVkMGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFJstQHXDiGVLQwo2OFoF3nrCZMS
Hmke6zkWOC8jKHZTA0QNs1tLNAtuFkKx8iq+TqyYYUZPG0JbNw1Ixibt6bFYU/oy
QaxYtpqrzh+xujWaRZgBOiEv7lmE13qAJcz6tlM2VgRVV5R+pDzPAIm+1MXrydc0
up+HKZtGWxxMpIGxxX1dTOdlPD/6LIl/eLhKPESH1zBwHeKxt3Z5EyLKJR4Rgta9
LZm5zmgfaaPzkIOm0OqoVpNUQGnsDJRaoVm7qSYq3HYGc+4t8thOlaG1USpD/fZN
emb3q4BA0LbCXFl+ffWx9wdilDMBWzd4bJbLQ/0gYrbtwXthNsHLJqcpPQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFHE5d0VT9EBPn5oA4AuNKxaD9dDWMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvY1RsM1JWUDBRRS1mbWdEZ0M0MHJGb1AxME5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBBbVUAwQA
BbVXAwQALViLAwQBLV6qAwQBLYS0AwQBVdF4AwQAkhN9AwQAwR7xAwQAwTkpAwQA
w7FdAwQAw7FfMA0GCSqGSIb3DQEBCwUAA4IBAQCY53sXw/2utfpIjzojYDBw6gdB
zqefaVKBuRewQThKli9Yq1dULGGXE/bXWD030duxx1BYJlAAWdHi7Qjv6rzlL5+L
/IX17CGVAPuSJb6LZm+57wJMF4b7M+tfw+Rcfl88+/qqMI/Ft5ZRy+o9dT+0Vr0l
N+DXz4aCN78JPhaPEOkCI79UM5Uifju1Ao7r8ZkQ8XYIJ44aDKXnN1BtjZUydTWF
BlewfPiCWhu95xNUU274yxJENYtpzfNCBS8iA4Z6A6X0at6mHiSgvDy6OKJa5PEk
s00KDmRt3TokgdzoOrqyKMahlVcklcuykaKv/UGNOl2EFzpMd2SbI6hzPBMw
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org