Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d4b5f9-af44-41d0-b5f1-a25e07cea2c0/1/5XDj2XUckov-qt7_6QPC4DJgZa4.roa
File: 5XDj2XUckov-qt7_6QPC4DJgZa4.roa (raw, json)
Hash identifier: J3BgJzVz7bqHsuggbJTNOQX+1buWc6EDz2LV/VY1830=
Subject key identifier: E5:70:E3:D9:75:1C:92:8B:FE:AA:DE:FF:E9:03:C2:E0:32:60:65:AE
Certificate issuer: /CN=046f364658b64e2bf150d20fc838c364207975e2
Certificate serial: 01856B6E84972A899687416535F5FDE75741
Authority key identifier: 04:6F:36:46:58:B6:4E:2B:F1:50:D2:0F:C8:38:C3:64:20:79:75:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BG82Rli2TivxUNIPyDjDZCB5deI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4b5f9-af44-41d0-b5f1-a25e07cea2c0/1/5XDj2XUckov-qt7_6QPC4DJgZa4.roa
Signing time: Sun 01 Jan 2023 03:44:43 +0000
ROA not before: Sun 01 Jan 2023 03:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31252
IP address blocks: 87.248.160.0/19 maxlen: 32
89.28.0.0/17 maxlen: 32
89.28.21.0/24 maxlen: 32
195.93.218.0/23 maxlen: 32
188.138.128.0/17 maxlen: 32
185.70.188.0/22 maxlen: 32
185.175.80.0/22 maxlen: 32
95.65.0.0/17 maxlen: 32
185.17.224.0/22 maxlen: 32
188.244.16.0/20 maxlen: 32
178.168.0.0/17 maxlen: 32
178.18.32.0/20 maxlen: 32
37.233.0.0/18 maxlen: 32
2a0b:dd00::/29 maxlen: 128
2a00:9900::/29 maxlen: 128
2a01:320::/29 maxlen: 128
Validation: Failed, certificate revoked on Wed 15 Mar 2023 08:15:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:6e:84:97:2a:89:96:87:41:65:35:f5:fd:e7:57:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=046f364658b64e2bf150d20fc838c364207975e2
Validity
Not Before: Jan 1 03:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e570e3d9751c928bfeaadeffe903c2e0326065ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e9:45:55:97:94:da:55:b9:64:8b:18:13:44:
2e:d5:5d:5d:55:6e:52:af:e3:3c:05:9c:49:0c:d0:
fd:9d:3b:ba:f4:ca:55:36:f5:aa:3b:df:cb:dc:20:
7b:14:96:12:57:e6:bd:bf:05:ab:54:26:09:27:ff:
6b:4b:e4:b3:f5:cb:4b:65:e4:02:38:b8:20:0e:bc:
35:d5:20:e2:d0:83:b7:67:cd:52:d1:cc:dd:c6:35:
4f:0f:0e:ea:28:55:04:ec:d7:ef:a2:6f:3f:66:80:
30:a3:58:4b:e6:08:45:5a:6d:99:1d:d1:77:e3:2a:
20:87:d8:e2:60:cf:59:9a:8e:11:c8:7f:2f:d1:07:
4c:75:42:60:82:42:88:c4:0d:4c:e0:ac:39:70:f0:
ec:4c:8a:08:ed:cc:44:cc:65:c0:6f:1d:d6:9c:28:
c8:11:b5:53:e9:3c:c0:7d:61:eb:14:b9:63:3f:69:
b2:fd:67:78:4c:96:ce:50:d2:18:57:55:09:41:8c:
65:2c:ae:a9:6f:23:45:0c:67:81:5b:96:55:b2:91:
d2:72:88:cb:74:5d:61:cf:0c:ea:34:98:b8:4f:1e:
ba:ae:f3:f9:2b:0b:61:32:21:df:f5:df:a6:33:71:
35:34:95:ba:ec:69:61:06:af:e3:ba:9c:dc:f7:49:
de:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:70:E3:D9:75:1C:92:8B:FE:AA:DE:FF:E9:03:C2:E0:32:60:65:AE
X509v3 Authority Key Identifier:
keyid:04:6F:36:46:58:B6:4E:2B:F1:50:D2:0F:C8:38:C3:64:20:79:75:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BG82Rli2TivxUNIPyDjDZCB5deI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4b5f9-af44-41d0-b5f1-a25e07cea2c0/1/5XDj2XUckov-qt7_6QPC4DJgZa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4b5f9-af44-41d0-b5f1-a25e07cea2c0/1/BG82Rli2TivxUNIPyDjDZCB5deI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.233.0.0/18
87.248.160.0/19
89.28.0.0/17
95.65.0.0/17
178.18.32.0/20
178.168.0.0/17
185.17.224.0/22
185.70.188.0/22
185.175.80.0/22
188.138.128.0/17
188.244.16.0/20
195.93.218.0/23
IPv6:
2a00:9900::/29
2a01:320::/29
2a0b:dd00::/29
Signature Algorithm: sha256WithRSAEncryption
25:37:79:3d:fe:d9:8e:fc:41:9a:d3:5f:67:ad:32:a7:58:ec:
86:ed:41:8e:ee:e1:55:e7:2d:e5:31:d6:34:f1:85:95:b2:81:
8e:a9:db:72:1e:be:01:93:01:f3:85:ba:66:67:bc:22:97:14:
6e:20:e8:f9:91:9d:d0:a7:ba:98:48:6d:79:62:6e:33:a6:4c:
75:34:b7:2f:28:24:bf:f6:e1:80:d6:bf:4d:63:94:70:d2:98:
54:57:76:34:71:c4:da:71:96:17:2e:cd:33:e5:b0:bf:3d:62:
7e:65:21:1b:2f:57:cc:eb:07:61:ec:42:96:b8:5c:e4:82:46:
bd:ba:0f:2e:8d:7d:42:8a:6e:fb:be:c3:ec:fa:26:ea:e1:4e:
f0:be:5c:54:f2:a4:82:45:32:25:9e:14:d8:96:25:14:19:61:
f3:f1:3b:bb:ac:bd:ed:24:0c:8e:e8:f5:6c:1e:16:b4:81:83:
ed:d4:53:33:b5:1a:40:16:3a:4d:cd:fb:f4:42:c4:41:b5:36:
3e:11:09:7e:d1:a2:87:14:c9:69:9b:a0:fc:27:a4:ff:a6:d0:
07:f8:b1:e5:37:62:3e:f6:2f:57:eb:df:58:5a:77:b3:62:93:
e5:b2:ee:bb:26:1c:c1:35:7a:0d:7f:50:ee:77:9e:21:17:70:
6c:16:ec:8d
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAYVrboSXKomWh0FlNfX951dBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NmYzNjQ2NThiNjRlMmJmMTUwZDIwZmM4MzhjMzY0MjA3
OTc1ZTIwHhcNMjMwMTAxMDM0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTcwZTNkOTc1MWM5MjhiZmVhYWRlZmZlOTAzYzJlMDMyNjA2NWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOlFVZeU2lW5ZIsYE0Qu1V1dVW5S
r+M8BZxJDND9nTu69MpVNvWqO9/L3CB7FJYSV+a9vwWrVCYJJ/9rS+Sz9ctLZeQC
OLggDrw11SDi0IO3Z81S0czdxjVPDw7qKFUE7Nfvom8/ZoAwo1hL5ghFWm2ZHdF3
4yogh9jiYM9Zmo4RyH8v0QdMdUJggkKIxA1M4Kw5cPDsTIoI7cxEzGXAbx3WnCjI
EbVT6TzAfWHrFLljP2my/Wd4TJbOUNIYV1UJQYxlLK6pbyNFDGeBW5ZVspHScojL
dF1hzwzqNJi4Tx66rvP5KwthMiHf9d+mM3E1NJW67GlhBq/jupzc90nePQIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFOVw49l1HJKL/qre/+kDwuAyYGWuMB8GA1UdIwQY
MBaAFARvNkZYtk4r8VDSD8g4w2QgeXXiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkc4MlJsaTJUaXZ4VU5JUHlEakRaQ0I1ZGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kNGI1ZjktYWY0NC00MWQwLWI1ZjEt
YTI1ZTA3Y2VhMmMwLzEvNVhEajJYVWNrb3YtcXQ3XzZRUEM0REpnWmE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kNGI1ZjktYWY0NC00MWQwLWI1ZjEtYTI1ZTA3Y2VhMmMw
LzEvQkc4MlJsaTJUaXZ4VU5JUHlEakRaQ0I1ZGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBOBAIAATBIAwQGJekAAwQF
V/igAwQHWRwAAwQHX0EAAwQEshIgAwQHsqgAAwQCuRHgAwQCuUa8AwQCua9QAwQH
vIqAAwQEvPQQAwQBw13aMBsEAgACMBUDBQMqAJkAAwUDKgEDIAMFAyoL3QAwDQYJ
KoZIhvcNAQELBQADggEBACU3eT3+2Y78QZrTX2etMqdY7IbtQY7u4VXnLeUx1jTx
hZWygY6p23IevgGTAfOFumZnvCKXFG4g6PmRndCnuphIbXlibjOmTHU0ty8oJL/2
4YDWv01jlHDSmFRXdjRxxNpxlhcuzTPlsL89Yn5lIRsvV8zrB2HsQpa4XOSCRr26
Dy6NfUKKbvu+w+z6JurhTvC+XFTypIJFMiWeFNiWJRQZYfPxO7usve0kDI7o9Wwe
FrSBg+3UUzO1GkAWOk3N+/RCxEG1Nj4RCX7RoocUyWmboPwnpP+m0Af4seU3Yj72
L1fr31had7Nik+Wy7rsmHME1eg1/UO53niEXcGwW7I0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:38 2024 by rpki-client on console-fra.rpki-client.org