Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/6w66G2IIr-JHnF0B390gX_cTPag.roa
File: 6w66G2IIr-JHnF0B390gX_cTPag.roa (raw, json)
Hash identifier: etKXK+orJ0wSgyylTVAObYSmpVj9duGkXDE1qTZQz04=
Subject key identifier: EB:0E:BA:1B:62:08:AF:E2:47:9C:5D:01:DF:DD:20:5F:F7:13:3D:A8
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018FBDCA1EC78C1CFE5366083E032F784062
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/6w66G2IIr-JHnF0B390gX_cTPag.roa
Signing time: Tue 28 May 2024 06:01:31 +0000
ROA not before: Tue 28 May 2024 06:01:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 5.34.208.0/21 maxlen: 24
82.115.4.0/22 maxlen: 24
82.115.8.0/24 maxlen: 24
89.251.10.0/24 maxlen: 24
103.25.86.0/23 maxlen: 24
188.214.236.0/22 maxlen: 24
188.253.8.0/21 maxlen: 24
202.133.90.0/23 maxlen: 24
213.173.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 May 2024 01:11:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bd:ca:1e:c7:8c:1c:fe:53:66:08:3e:03:2f:78:40:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: May 28 06:01:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb0eba1b6208afe2479c5d01dfdd205ff7133da8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:75:f5:ae:07:d4:f3:2b:0a:d4:70:1d:26:f8:
24:22:3a:50:bc:01:6e:aa:cf:f4:92:67:13:ef:44:
4d:d1:e9:65:79:58:fb:32:71:1a:1e:83:72:5f:3e:
bf:53:b9:3a:e4:09:e7:a3:1e:f7:74:4a:2d:16:e5:
4e:fb:e5:e0:58:97:e5:af:24:c8:a8:69:20:1a:82:
d8:6f:cc:d7:b1:58:a2:28:a9:16:41:e3:9e:25:3e:
b5:54:db:30:50:23:e9:5e:01:a8:40:59:49:63:af:
c6:0c:32:5b:c1:aa:4d:ee:d2:81:00:ef:41:63:e4:
af:89:7d:17:cd:fa:6a:d4:52:d5:ff:ed:2c:16:15:
2e:2d:e9:2c:3b:88:ed:e3:0f:23:11:aa:cb:9e:29:
b7:fb:d9:b9:55:aa:f1:08:f1:d1:d7:fa:15:68:26:
c6:05:65:75:41:55:a8:aa:f1:7c:c9:8e:8b:3c:8b:
6e:fe:29:59:18:3b:9f:2f:14:f7:49:0b:34:84:94:
8a:79:82:8c:50:63:5d:fb:11:83:05:eb:0a:58:9a:
7d:bd:e1:ce:52:65:6a:72:a2:a7:4f:19:9c:ec:d5:
c9:fe:d7:0b:11:76:86:dc:f6:85:8d:3f:5b:c5:7e:
90:c0:1c:59:f3:42:26:86:3f:c4:74:9b:ca:f5:89:
86:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:0E:BA:1B:62:08:AF:E2:47:9C:5D:01:DF:DD:20:5F:F7:13:3D:A8
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/6w66G2IIr-JHnF0B390gX_cTPag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.208.0/21
82.115.4.0-82.115.8.255
89.251.10.0/24
103.25.86.0/23
188.214.236.0/22
188.253.8.0/21
202.133.90.0/23
213.173.32.0/22
Signature Algorithm: sha256WithRSAEncryption
09:cd:52:9f:4a:a6:cc:e1:36:f1:60:5f:ca:e0:3a:fa:1f:07:
6a:e3:5c:ed:18:2f:1e:71:4f:3e:dd:9f:23:64:26:0d:d8:9e:
af:a0:8c:f7:97:37:c6:6f:61:9f:47:4c:89:d9:af:70:e7:49:
c6:30:70:7a:28:b5:80:fe:57:ec:b7:00:75:d6:80:4c:c5:67:
22:4c:e1:4d:5b:fc:2e:a6:d4:ab:2a:0b:34:41:c8:71:aa:32:
b7:b5:ba:34:8b:88:cd:5b:33:41:00:de:77:35:ac:a4:66:af:
80:7c:28:2b:25:2c:0c:f1:58:74:db:24:66:7f:b6:5b:1e:e7:
ff:ad:25:39:dd:5b:0a:5e:c8:b6:25:40:8f:79:3b:4b:cb:d8:
a2:48:4a:ae:03:c9:28:86:e5:d7:6a:46:81:c4:35:bc:a3:61:
2d:1d:a2:c0:78:5f:f6:53:b2:dc:aa:d3:6c:24:44:36:da:76:
b6:6b:f9:e3:6d:99:c3:88:25:f6:b8:fc:b3:b7:e5:2f:98:60:
29:87:d0:b9:d1:20:d8:5e:db:44:fe:24:72:43:cc:1e:79:f2:
eb:b5:ca:0c:e3:ef:35:43:86:78:42:37:b0:e6:80:71:d4:5d:
b9:16:bc:3b:a3:d4:a5:ae:d1:b6:b7:37:ea:e1:b2:4c:af:ab:
a9:b5:32:4e
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY+9yh7HjBz+U2YIPgMveEBiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNTI4MDYwMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjBlYmExYjYyMDhhZmUyNDc5YzVkMDFkZmRkMjA1ZmY3MTMzZGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3XX1rgfU8ysK1HAdJvgkIjpQvAFu
qs/0kmcT70RN0elleVj7MnEaHoNyXz6/U7k65Annox73dEotFuVO++XgWJflryTI
qGkgGoLYb8zXsViiKKkWQeOeJT61VNswUCPpXgGoQFlJY6/GDDJbwapN7tKBAO9B
Y+SviX0Xzfpq1FLV/+0sFhUuLeksO4jt4w8jEarLnim3+9m5VarxCPHR1/oVaCbG
BWV1QVWoqvF8yY6LPItu/ilZGDufLxT3SQs0hJSKeYKMUGNd+xGDBesKWJp9veHO
UmVqcqKnTxmc7NXJ/tcLEXaG3PaFjT9bxX6QwBxZ80Imhj/EdJvK9YmGlwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFOsOuhtiCK/iR5xdAd/dIF/3Ez2oMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvNnc2NkcySUlyLUpIbkYwQjM5MGdYX2NUUGFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQDBSLQMAwD
BAJScwQDBABScwgDBABZ+woDBAFnGVYDBAK81uwDBAO8/QgDBAHKhVoDBALVrSAw
DQYJKoZIhvcNAQELBQADggEBAAnNUp9KpszhNvFgX8rgOvofB2rjXO0YLx5xTz7d
nyNkJg3Ynq+gjPeXN8ZvYZ9HTInZr3DnScYwcHootYD+V+y3AHXWgEzFZyJM4U1b
/C6m1KsqCzRByHGqMre1ujSLiM1bM0EA3nc1rKRmr4B8KCslLAzxWHTbJGZ/tlse
5/+tJTndWwpeyLYlQI95O0vL2KJISq4DySiG5ddqRoHENbyjYS0dosB4X/ZTstyq
02wkRDbadrZr+eNtmcOIJfa4/LO35S+YYCmH0LnRINhe20T+JHJDzB558uu1ygzj
7zVDhnhCN7DmgHHUXbkWvDuj1KWu0ba3N+rhskyvq6m1Mk4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:34 2024 by rpki-client on console-fra.rpki-client.org