Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/_gREalHZ_w9xlZp7MGCuEcb4KUc.roa
File: _gREalHZ_w9xlZp7MGCuEcb4KUc.roa (raw, json)
Hash identifier: WEcpnu4oTiQij25lGnnAa9PbGkyC9mNdHgK6Wojedec=
Subject key identifier: FE:04:44:6A:51:D9:FF:0F:71:95:9A:7B:30:60:AE:11:C6:F8:29:47
Certificate issuer: /CN=c2d2a234e224bf87996f2f0df559ead882f9e651
Certificate serial: 018E9F8D5B56EE2F390E86815909D1AA66B3
Authority key identifier: C2:D2:A2:34:E2:24:BF:87:99:6F:2F:0D:F5:59:EA:D8:82:F9:E6:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtKiNOIkv4eZby8N9Vnq2IL55lE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/_gREalHZ_w9xlZp7MGCuEcb4KUc.roa
Signing time: Tue 02 Apr 2024 16:03:44 +0000
ROA not before: Tue 02 Apr 2024 16:03:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50926
IP address blocks: 5.175.40.0/21 maxlen: 24
31.24.40.0/21 maxlen: 24
31.24.152.0/21 maxlen: 24
84.246.208.0/21 maxlen: 24
91.142.208.0/20 maxlen: 24
91.200.140.0/22 maxlen: 24
91.213.46.0/24 maxlen: 24
94.127.184.0/21 maxlen: 24
109.68.80.0/21 maxlen: 24
149.62.168.0/21 maxlen: 24
185.23.68.0/22 maxlen: 24
185.70.92.0/22 maxlen: 24
185.101.224.0/22 maxlen: 24
185.129.248.0/22 maxlen: 24
185.176.8.0/24 maxlen: 24
185.176.9.0/24 maxlen: 24
185.176.10.0/24 maxlen: 24
185.176.11.0/24 maxlen: 24
185.222.156.0/22 maxlen: 24
188.95.112.0/21 maxlen: 24
188.164.192.0/21 maxlen: 24
194.116.147.0/24 maxlen: 24
195.5.116.0/23 maxlen: 24
212.34.156.0/22 maxlen: 24
2a00:5ac0::/44 maxlen: 44
2a00:5ac0:100::/48 maxlen: 48
2a00:5ac0:147::/48 maxlen: 48
2a00:5ac0:180::/48 maxlen: 48
2a00:5ac0:200::/48 maxlen: 48
2a01:4b80::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 11 Apr 2024 09:46:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9f:8d:5b:56:ee:2f:39:0e:86:81:59:09:d1:aa:66:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d2a234e224bf87996f2f0df559ead882f9e651
Validity
Not Before: Apr 2 16:03:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe04446a51d9ff0f71959a7b3060ae11c6f82947
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:0d:e8:44:fb:1e:07:6e:77:cd:4f:49:ad:c0:
d3:bb:0c:69:31:48:6a:ec:fd:ea:3c:bb:b5:e6:84:
bf:c8:54:4d:66:f6:50:02:1e:f3:37:eb:09:e4:3f:
fe:0b:de:94:3d:5b:79:67:75:68:5a:58:84:20:73:
13:d7:87:bf:30:0b:f2:e9:56:0e:30:7f:79:57:28:
63:52:78:18:f6:a3:5c:64:d7:a1:40:c6:e0:a8:26:
b0:35:36:3d:4f:70:6e:90:e4:35:af:2a:7a:71:34:
b0:77:b1:fa:3c:f4:40:bf:6d:26:9a:74:31:f2:7c:
d4:d7:65:05:1e:e4:fa:f7:da:17:82:dd:60:44:7a:
08:6f:74:59:6f:7d:57:5d:d0:21:b7:d5:50:97:06:
d5:42:ef:ba:51:c5:44:2d:70:e9:bb:3f:a8:fe:e3:
00:16:b6:ae:e5:f5:5e:bd:c7:e5:93:a7:e7:23:1b:
ed:97:3d:70:2f:ac:f5:2d:d4:10:3d:9f:01:a0:3c:
31:1d:db:6d:be:45:5c:ae:70:35:8e:57:8e:6c:bc:
37:dd:6d:74:3f:a2:8f:13:4e:a8:7c:e2:9c:91:fc:
97:83:6f:85:00:41:1a:fb:7b:28:a6:23:6f:c5:d3:
39:dd:a6:f0:e6:d5:60:54:61:a6:ee:09:f3:80:59:
6e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:04:44:6A:51:D9:FF:0F:71:95:9A:7B:30:60:AE:11:C6:F8:29:47
X509v3 Authority Key Identifier:
keyid:C2:D2:A2:34:E2:24:BF:87:99:6F:2F:0D:F5:59:EA:D8:82:F9:E6:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtKiNOIkv4eZby8N9Vnq2IL55lE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/_gREalHZ_w9xlZp7MGCuEcb4KUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/wtKiNOIkv4eZby8N9Vnq2IL55lE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.40.0/21
31.24.40.0/21
31.24.152.0/21
84.246.208.0/21
91.142.208.0/20
91.200.140.0/22
91.213.46.0/24
94.127.184.0/21
109.68.80.0/21
149.62.168.0/21
185.23.68.0/22
185.70.92.0/22
185.101.224.0/22
185.129.248.0/22
185.176.8.0/22
185.222.156.0/22
188.95.112.0/21
188.164.192.0/21
194.116.147.0/24
195.5.116.0/23
212.34.156.0/22
IPv6:
2a00:5ac0::/44
2a00:5ac0:100::/48
2a00:5ac0:147::/48
2a00:5ac0:180::/48
2a00:5ac0:200::/48
2a01:4b80::/32
Signature Algorithm: sha256WithRSAEncryption
2c:2b:cb:d7:25:01:4a:bb:17:c1:c3:a3:ae:fc:16:b0:9a:2c:
b7:93:cf:7a:b1:92:f3:fb:1f:1d:19:0e:84:a4:e8:79:fb:ae:
3d:92:72:f0:05:06:c1:21:15:a6:48:62:60:5e:72:79:fe:2b:
49:0c:c6:08:af:e0:0b:ac:23:ce:58:d4:93:41:e0:67:d3:97:
06:bc:11:d3:c6:71:ac:f7:28:6d:dd:04:4d:9b:0d:78:0b:94:
e5:f9:65:87:f7:d7:5d:9f:bd:ef:32:bb:39:6d:29:c3:6d:c5:
ca:9d:f6:80:1f:25:f3:f4:b7:8d:e5:90:a2:d2:cb:df:b8:8f:
19:17:9b:64:0a:7c:cc:63:e9:08:74:2b:5f:36:5a:54:90:43:
85:98:ff:2b:4f:11:29:45:34:e8:f6:fc:27:c3:aa:0b:89:0d:
95:61:9c:52:d3:37:1d:c6:42:02:10:e0:87:8b:af:b4:35:21:
e9:78:1b:62:a6:46:66:12:59:e5:11:46:da:7d:8e:a8:c7:0d:
76:75:c9:aa:3a:8f:f4:ab:b9:ea:bb:4e:e8:6b:c2:31:03:9a:
f3:29:1b:8e:5a:bc:83:92:6c:cb:29:fa:c0:2c:29:38:d0:fd:
a4:52:81:aa:c0:98:3d:99:9a:bf:12:7e:35:84:ac:2b:d5:24:
e8:85:14:6b
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAY6fjVtW7i85DoaBWQnRqmazMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDJhMjM0ZTIyNGJmODc5OTZmMmYwZGY1NTllYWQ4ODJm
OWU2NTEwHhcNMjQwNDAyMTYwMzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTA0NDQ2YTUxZDlmZjBmNzE5NTlhN2IzMDYwYWUxMWM2ZjgyOTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgA3oRPseB253zU9JrcDTuwxpMUhq
7P3qPLu15oS/yFRNZvZQAh7zN+sJ5D/+C96UPVt5Z3VoWliEIHMT14e/MAvy6VYO
MH95VyhjUngY9qNcZNehQMbgqCawNTY9T3BukOQ1ryp6cTSwd7H6PPRAv20mmnQx
8nzU12UFHuT699oXgt1gRHoIb3RZb31XXdAht9VQlwbVQu+6UcVELXDpuz+o/uMA
Frau5fVevcflk6fnIxvtlz1wL6z1LdQQPZ8BoDwxHdttvkVcrnA1jleObLw33W10
P6KPE06ofOKckfyXg2+FAEEa+3sopiNvxdM53abw5tVgVGGm7gnzgFluEwIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFP4ERGpR2f8PcZWaezBgrhHG+ClHMB8GA1UdIwQY
MBaAFMLSojTiJL+HmW8vDfVZ6tiC+eZRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RLaU5PSWt2NGVaYnk4TjlWbnEySUw1NWxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9kMWVlNGItZTg4YS00ZTQxLWE2MTYt
NGIyNDhkYTZjOTZjLzEvX2dSRWFsSFpfdzl4bFpwN01HQ3VFY2I0S1VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9kMWVlNGItZTg4YS00ZTQxLWE2MTYtNGIyNDhkYTZjOTZj
LzEvd3RLaU5PSWt2NGVaYnk4TjlWbnEySUw1NWxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHWBggrBgEFBQcBBwEB/wSBxjCBwzCBhAQCAAEwfgMEAwWv
KAMEAx8YKAMEAx8YmAMEA1T20AMEBFuO0AMEAlvIjAMEAFvVLgMEA15/uAMEA21E
UAMEA5U+qAMEArkXRAMEArlGXAMEArll4AMEArmB+AMEArmwCAMEArnenAMEA7xf
cAMEA7ykwAMEAMJ0kwMEAcMFdAMEAtQinDA6BAIAAjA0AwcEKgBawAAAAwcAKgBa
wAEAAwcAKgBawAFHAwcAKgBawAGAAwcAKgBawAIAAwUAKgFLgDANBgkqhkiG9w0B
AQsFAAOCAQEALCvL1yUBSrsXwcOjrvwWsJost5PPerGS8/sfHRkOhKToefuuPZJy
8AUGwSEVpkhiYF5yef4rSQzGCK/gC6wjzljUk0HgZ9OXBrwR08ZxrPcobd0ETZsN
eAuU5fllh/fXXZ+97zK7OW0pw23Fyp32gB8l8/S3jeWQotLL37iPGRebZAp8zGPp
CHQrXzZaVJBDhZj/K08RKUU06Pb8J8OqC4kNlWGcUtM3HcZCAhDgh4uvtDUh6Xgb
YqZGZhJZ5RFG2n2OqMcNdnXJqjqP9Ku56rtO6GvCMQOa8ykbjlq8g5Jsyyn6wCwp
OND9pFKBqsCYPZmavxJ+NYSsK9Uk6IUUaw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:04 2024 by rpki-client on console-fra.rpki-client.org