Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/K5Y_jApKj6pqm4ZkUTYhzxgH4BQ.roa
File: K5Y_jApKj6pqm4ZkUTYhzxgH4BQ.roa (raw, json)
Hash identifier: wkXuFJfzOnRb0c8q97n0VqQRR+yAAAK5yhz5EMPGH+M=
Subject key identifier: 2B:96:3F:8C:0A:4A:8F:AA:6A:9B:86:64:51:36:21:CF:18:07:E0:14
Certificate issuer: /CN=e7133dcaf2b1ebf5dade5a33aa1b2fb99d2689ba
Certificate serial: 0188DE5D9B151DE7563A1926CE1DB5CAC5F2
Authority key identifier: E7:13:3D:CA:F2:B1:EB:F5:DA:DE:5A:33:AA:1B:2F:B9:9D:26:89:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5xM9yvKx6_Xa3lozqhsvuZ0mibo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/K5Y_jApKj6pqm4ZkUTYhzxgH4BQ.roa
Signing time: Wed 21 Jun 2023 14:30:56 +0000
ROA not before: Wed 21 Jun 2023 14:30:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 151.186.192.0/24 maxlen: 24
151.186.192.0/20 maxlen: 24
151.186.194.0/24 maxlen: 24
151.186.193.0/24 maxlen: 24
151.186.197.0/24 maxlen: 24
151.186.196.0/24 maxlen: 24
151.186.195.0/24 maxlen: 24
151.186.199.0/24 maxlen: 24
151.186.198.0/24 maxlen: 24
151.186.204.0/24 maxlen: 24
151.186.203.0/24 maxlen: 24
151.186.202.0/24 maxlen: 24
151.186.206.0/24 maxlen: 24
151.186.205.0/24 maxlen: 24
151.186.201.0/24 maxlen: 24
151.186.200.0/24 maxlen: 24
151.186.207.0/24 maxlen: 24
2a04:e4c4:5::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 20 Sep 2023 20:58:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:de:5d:9b:15:1d:e7:56:3a:19:26:ce:1d:b5:ca:c5:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7133dcaf2b1ebf5dade5a33aa1b2fb99d2689ba
Validity
Not Before: Jun 21 14:30:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b963f8c0a4a8faa6a9b8664513621cf1807e014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:22:e0:ba:e5:bf:6e:a9:af:69:48:6b:02:3f:
cb:d1:c0:dd:5b:fb:d2:5d:ab:c4:c7:0f:8a:aa:15:
e3:5a:a8:a2:ec:be:5f:9a:bd:96:aa:e2:36:84:37:
13:a5:df:ab:9b:47:af:98:80:d2:0f:44:49:53:3e:
34:25:cd:39:ad:ef:b0:c7:ca:a7:c7:ec:5a:a6:dd:
98:d0:ee:08:33:a9:a0:b8:c6:c6:15:3f:91:44:03:
68:a2:e6:2d:95:46:7a:53:f8:d0:d2:96:7f:d2:fe:
aa:54:e2:69:5e:2b:6b:eb:32:06:56:62:0e:5d:f0:
42:8b:8b:2a:8a:8a:49:24:be:1b:95:30:c3:fa:13:
9c:0c:d2:32:69:6a:71:f6:b3:4d:9c:79:d2:20:da:
41:92:0f:0f:79:46:69:d5:21:df:e8:24:39:93:e3:
d2:ff:ce:36:2a:25:fd:e4:f7:98:de:16:2c:4b:a4:
b0:68:d8:1b:c4:19:08:06:c2:51:99:04:5e:1e:52:
b1:ee:ed:30:59:31:a8:0a:0d:8e:9c:8d:07:fe:18:
d9:b4:6e:fd:13:71:d0:3b:f3:97:bb:79:59:cf:74:
ca:79:b9:19:71:f6:e1:12:f9:31:77:da:f6:ef:d3:
48:41:5d:29:1a:16:85:85:dc:1a:33:7e:9b:b4:f6:
57:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:96:3F:8C:0A:4A:8F:AA:6A:9B:86:64:51:36:21:CF:18:07:E0:14
X509v3 Authority Key Identifier:
keyid:E7:13:3D:CA:F2:B1:EB:F5:DA:DE:5A:33:AA:1B:2F:B9:9D:26:89:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5xM9yvKx6_Xa3lozqhsvuZ0mibo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/K5Y_jApKj6pqm4ZkUTYhzxgH4BQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/5xM9yvKx6_Xa3lozqhsvuZ0mibo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.186.192.0/20
IPv6:
2a04:e4c4:5::/48
Signature Algorithm: sha256WithRSAEncryption
89:0c:c2:1e:bb:3b:e5:a5:6e:3f:c6:ec:a6:9f:21:99:e6:43:
28:7e:c8:17:cc:f6:d7:51:e9:4e:e5:e3:b5:f0:f8:13:b2:7b:
5e:00:30:a2:41:da:db:dd:27:b0:25:dc:c9:3c:21:5d:ea:fa:
4a:40:57:0a:3f:cd:81:9c:06:df:05:1f:5d:44:f1:98:69:88:
12:f8:ab:4d:7b:eb:73:3d:5f:a8:ee:28:14:53:8e:9e:86:b2:
30:8c:53:ae:22:fc:ba:53:85:f2:36:3f:79:dc:cb:aa:9e:50:
05:89:e8:fc:7e:65:be:62:ba:cb:c7:a5:58:9b:17:e4:5c:51:
09:fc:5e:e5:ed:51:d5:34:e0:d6:fd:60:b2:07:d6:23:32:4a:
e1:69:d0:0f:f8:93:f8:79:96:e9:8c:4e:cc:11:48:15:06:44:
17:6d:ae:e2:20:d4:61:e5:08:4f:1f:c1:c1:dd:dc:d6:67:10:
1a:87:dc:19:21:ba:77:05:8b:3f:8b:e6:aa:42:e6:51:b9:0d:
ec:48:cd:30:a8:c7:18:0a:4b:0f:87:6d:a1:f1:c0:5f:29:b4:
82:30:36:19:d7:10:a6:79:d3:27:0d:59:a3:af:20:0d:e1:9b:
3e:0d:bd:89:ab:2e:46:db:21:7a:06:84:3f:86:c9:7d:53:ea:
86:c7:0b:33
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYjeXZsVHedWOhkmzh21ysXyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MTMzZGNhZjJiMWViZjVkYWRlNWEzM2FhMWIyZmI5OWQy
Njg5YmEwHhcNMjMwNjIxMTQzMDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjk2M2Y4YzBhNGE4ZmFhNmE5Yjg2NjQ1MTM2MjFjZjE4MDdlMDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSLguuW/bqmvaUhrAj/L0cDdW/vS
XavExw+KqhXjWqii7L5fmr2WquI2hDcTpd+rm0evmIDSD0RJUz40Jc05re+wx8qn
x+xapt2Y0O4IM6mguMbGFT+RRANoouYtlUZ6U/jQ0pZ/0v6qVOJpXitr6zIGVmIO
XfBCi4sqiopJJL4blTDD+hOcDNIyaWpx9rNNnHnSINpBkg8PeUZp1SHf6CQ5k+PS
/842KiX95PeY3hYsS6SwaNgbxBkIBsJRmQReHlKx7u0wWTGoCg2OnI0H/hjZtG79
E3HQO/OXu3lZz3TKebkZcfbhEvkxd9r279NIQV0pGhaFhdwaM36btPZX4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCuWP4wKSo+qapuGZFE2Ic8YB+AUMB8GA1UdIwQY
MBaAFOcTPcrysev12t5aM6obL7mdJom6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXhNOXl2S3g2X1hhM2xvenFoc3Z1WjBtaWJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi81ZTRkZjgtYWU4Yy00NGE3LWJkNmUt
MTljZTQ2YTQyZmE0LzEvSzVZX2pBcEtqNnBxbTRaa1VUWWh6eGdINEJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi81ZTRkZjgtYWU4Yy00NGE3LWJkNmUtMTljZTQ2YTQyZmE0
LzEvNXhNOXl2S3g2X1hhM2xvenFoc3Z1WjBtaWJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQEl7rAMA8E
AgACMAkDBwAqBOTEAAUwDQYJKoZIhvcNAQELBQADggEBAIkMwh67O+Wlbj/G7Kaf
IZnmQyh+yBfM9tdR6U7l47Xw+BOye14AMKJB2tvdJ7Al3Mk8IV3q+kpAVwo/zYGc
Bt8FH11E8ZhpiBL4q01763M9X6juKBRTjp6GsjCMU64i/LpThfI2P3ncy6qeUAWJ
6Px+Zb5iusvHpVibF+RcUQn8XuXtUdU04Nb9YLIH1iMySuFp0A/4k/h5lumMTswR
SBUGRBdtruIg1GHlCE8fwcHd3NZnEBqH3BkhuncFiz+L5qpC5lG5DexIzTCoxxgK
Sw+HbaHxwF8ptIIwNhnXEKZ50ycNWaOvIA3hmz4NvYmrLkbbIXoGhD+GyX1T6obH
CzM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org