Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/5sMQrE3AGyC_9hNqjLAxLGoNwAI.roa
File: 5sMQrE3AGyC_9hNqjLAxLGoNwAI.roa (raw, json)
Hash identifier: c74BHjknZ/pM6/bPTPGnp1EL/bch+ntPEyqJzwiCt0k=
Subject key identifier: E6:C3:10:AC:4D:C0:1B:20:BF:F6:13:6A:8C:B0:31:2C:6A:0D:C0:02
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 018D350D2A65D414F886A8B9A4A507B6C2A5
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/5sMQrE3AGyC_9hNqjLAxLGoNwAI.roa
Signing time: Tue 23 Jan 2024 06:41:11 +0000
ROA not before: Tue 23 Jan 2024 06:41:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24961
IP address blocks: 5.104.104.0/21 maxlen: 24
5.199.128.0/20 maxlen: 24
37.157.248.0/21 maxlen: 24
46.20.32.0/20 maxlen: 24
46.228.192.0/20 maxlen: 24
62.141.32.0/20 maxlen: 24
78.31.64.0/21 maxlen: 24
80.82.208.0/20 maxlen: 24
81.30.144.0/20 maxlen: 24
83.136.80.0/21 maxlen: 24
85.14.192.0/18 maxlen: 24
85.114.128.0/19 maxlen: 24
89.163.128.0/17 maxlen: 24
91.194.84.0/24 maxlen: 24
91.212.153.0/24 maxlen: 24
91.212.159.0/24 maxlen: 24
93.186.192.0/20 maxlen: 24
146.0.32.0/20 maxlen: 24
152.89.92.0/22 maxlen: 24
185.15.244.0/22 maxlen: 24
185.219.208.0/22 maxlen: 24
193.111.198.0/23 maxlen: 24
194.107.129.0/24 maxlen: 24
213.202.192.0/18 maxlen: 24
217.79.176.0/20 maxlen: 24
2001:4ba0::/32 maxlen: 32
2001:4ba1::/32 maxlen: 32
2001:4ba3::/32 maxlen: 32
2001:4ba4::/32 maxlen: 32
2a01:480::/32 maxlen: 32
2a0c:6b00::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 12 Mar 2024 19:54:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:35:0d:2a:65:d4:14:f8:86:a8:b9:a4:a5:07:b6:c2:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Jan 23 06:41:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6c310ac4dc01b20bff6136a8cb0312c6a0dc002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fb:e7:b9:ed:3e:62:35:05:07:1e:9c:3e:d6:
97:98:9e:54:ed:64:3e:1a:b0:9d:d0:a2:f1:26:db:
01:cb:ac:43:93:66:b0:0f:36:5d:95:ff:90:0a:96:
3b:80:c8:58:e9:aa:6b:98:a8:99:a1:42:0f:36:0d:
6f:8c:30:60:70:c7:04:15:62:32:59:a3:5a:f6:87:
02:b0:d8:0f:24:3c:92:3a:a2:51:92:45:c2:08:52:
46:79:d9:a7:01:6f:86:63:e0:34:45:b3:29:7a:5f:
ed:2c:14:3a:88:66:a5:f3:c9:01:e5:04:bc:21:bb:
57:f9:88:9a:af:ab:a0:c7:23:a7:9b:6a:08:c1:b7:
fd:e5:5c:07:31:11:5f:be:d4:c2:83:d6:d3:16:52:
b6:a6:64:4a:a8:3c:2e:b3:fc:f4:56:74:3d:84:f4:
d6:93:cb:23:d3:9d:40:28:66:59:36:0f:a7:d2:03:
15:33:fb:b3:e1:c9:8f:b0:aa:47:a3:ae:bf:8e:ab:
e4:22:60:f6:63:82:f2:c2:ad:11:74:ca:82:db:77:
8b:5b:36:8b:a1:30:e1:c1:e5:95:fd:ac:dc:88:e7:
5c:2f:87:96:d9:0e:58:41:46:ec:72:59:62:a0:33:
9b:da:98:fd:5d:c0:af:d7:8a:5b:ab:3c:50:ff:6f:
74:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:C3:10:AC:4D:C0:1B:20:BF:F6:13:6A:8C:B0:31:2C:6A:0D:C0:02
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/5sMQrE3AGyC_9hNqjLAxLGoNwAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.104.0/21
5.199.128.0/20
37.157.248.0/21
46.20.32.0/20
46.228.192.0/20
62.141.32.0/20
78.31.64.0/21
80.82.208.0/20
81.30.144.0/20
83.136.80.0/21
85.14.192.0/18
85.114.128.0/19
89.163.128.0/17
91.194.84.0/24
91.212.153.0/24
91.212.159.0/24
93.186.192.0/20
146.0.32.0/20
152.89.92.0/22
185.15.244.0/22
185.219.208.0/22
193.111.198.0/23
194.107.129.0/24
213.202.192.0/18
217.79.176.0/20
IPv6:
2001:4ba0::/31
2001:4ba3::-2001:4ba4:ffff:ffff:ffff:ffff:ffff:ffff
2a01:480::/32
2a0c:6b00::/32
Signature Algorithm: sha256WithRSAEncryption
29:28:5f:86:8a:f4:60:bc:a2:5e:78:a8:4f:d8:f4:df:99:a2:
fb:de:0c:b4:ea:b8:12:0f:b4:11:30:b7:0a:52:78:49:b7:d1:
04:46:84:48:05:1e:0d:c3:3e:3d:b5:22:86:ca:61:8f:5a:dd:
35:08:22:59:d9:3e:21:5f:39:42:16:44:33:99:03:ee:6c:2c:
4c:d0:2a:b5:6c:1a:0f:40:48:a2:6a:b9:0c:93:63:0d:c6:57:
69:68:6e:e4:a7:3b:77:95:4a:f9:77:b7:84:6c:39:08:f8:e4:
97:c9:04:25:04:4c:dd:6e:d7:17:b3:89:11:10:3d:a7:90:d4:
cd:62:c8:56:1d:89:2a:b6:33:27:d8:e7:6e:ef:cd:d3:76:aa:
21:b5:d8:95:57:5e:a0:f5:c6:50:11:65:a0:d7:d4:f5:65:5b:
75:a7:db:3c:b6:7f:13:74:91:16:af:0b:76:67:ac:fa:df:77:
ec:b6:4c:b1:74:19:ac:0f:e9:82:0a:17:be:79:cf:60:82:ea:
5a:4b:c0:d5:70:c2:2c:72:5b:8d:60:2b:16:aa:0e:d6:54:d9:
ed:c1:81:cd:d5:85:cb:9f:ef:85:fe:ee:ca:63:4c:5b:9c:fd:
40:83:2c:50:bc:7c:13:8e:fa:43:88:6b:1a:12:db:78:c7:c7:
75:d8:1e:b0
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgISAY01DSpl1BT4hqi5pKUHtsKlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjQwMTIzMDY0MTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmMzMTBhYzRkYzAxYjIwYmZmNjEzNmE4Y2IwMzEyYzZhMGRjMDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfvnue0+YjUFBx6cPtaXmJ5U7WQ+
GrCd0KLxJtsBy6xDk2awDzZdlf+QCpY7gMhY6aprmKiZoUIPNg1vjDBgcMcEFWIy
WaNa9ocCsNgPJDySOqJRkkXCCFJGedmnAW+GY+A0RbMpel/tLBQ6iGal88kB5QS8
IbtX+Yiar6ugxyOnm2oIwbf95VwHMRFfvtTCg9bTFlK2pmRKqDwus/z0VnQ9hPTW
k8sj051AKGZZNg+n0gMVM/uz4cmPsKpHo66/jqvkImD2Y4Lywq0RdMqC23eLWzaL
oTDhweWV/azciOdcL4eW2Q5YQUbscllioDOb2pj9XcCv14pbqzxQ/2905wIDAQAB
o4ICyzCCAscwHQYDVR0OBBYEFObDEKxNwBsgv/YTaoywMSxqDcACMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvNXNNUXJFM0FHeUNfOWhOcWpMQXhMR29Od0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHgBggrBgEFBQcBBwEB/wSB0DCBzTCBnQQCAAEwgZYDBAMF
aGgDBAQFx4ADBAMlnfgDBAQuFCADBAQu5MADBAQ+jSADBANOH0ADBARQUtADBARR
HpADBANTiFADBAZVDsADBAVVcoADBAdZo4ADBABbwlQDBABb1JkDBABb1J8DBARd
usADBASSACADBAKYWVwDBAK5D/QDBAK529ADBAHBb8YDBADCa4EDBAbVysADBATZ
T7AwKwQCAAIwJQMFASABS6AwDgMFACABS6MDBQAgAUukAwUAKgEEgAMFACoMawAw
DQYJKoZIhvcNAQELBQADggEBACkoX4aK9GC8ol54qE/Y9N+ZovveDLTquBIPtBEw
twpSeEm30QRGhEgFHg3DPj21IobKYY9a3TUIIlnZPiFfOUIWRDOZA+5sLEzQKrVs
Gg9ASKJquQyTYw3GV2lobuSnO3eVSvl3t4RsOQj45JfJBCUETN1u1xeziREQPaeQ
1M1iyFYdiSq2MyfY527vzdN2qiG12JVXXqD1xlARZaDX1PVlW3Wn2zy2fxN0kRav
C3ZnrPrfd+y2TLF0GawP6YIKF755z2CC6lpLwNVwwixyW41gKxaqDtZU2e3Bgc3V
hcuf74X+7spjTFuc/UCDLFC8fBOO+kOIaxoS23jHx3XYHrA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:26 2024 by rpki-client on console-fra.rpki-client.org