Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/4dcwgEJYWZMUsGY8KvQqyW20FcY.roa
File: 4dcwgEJYWZMUsGY8KvQqyW20FcY.roa (raw, json)
Hash identifier: lol3zD+l9YfwOUPGYbxLx4d93bYo5zV9Nzj4PGpU8uY=
Subject key identifier: E1:D7:30:80:42:58:59:93:14:B0:66:3C:2A:F4:2A:C9:6D:B4:15:C6
Certificate issuer: /CN=4cbfd3e72d4a0396f95347336b42678f68c26430
Certificate serial: 0190E97BD38FF4A10A32216A3DB88B64612D
Authority key identifier: 4C:BF:D3:E7:2D:4A:03:96:F9:53:47:33:6B:42:67:8F:68:C2:64:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TL_T5y1KA5b5U0cza0Jnj2jCZDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/4dcwgEJYWZMUsGY8KvQqyW20FcY.roa
Signing time: Thu 25 Jul 2024 10:42:04 +0000
ROA not before: Thu 25 Jul 2024 10:42:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3188
IP address blocks: 5.2.80.0/24 maxlen: 24
5.2.81.0/24 maxlen: 24
5.2.82.0/24 maxlen: 24
5.2.83.0/24 maxlen: 24
5.2.84.0/24 maxlen: 24
5.2.85.0/24 maxlen: 24
5.2.86.0/24 maxlen: 24
5.2.87.0/24 maxlen: 24
185.8.32.0/24 maxlen: 24
185.8.33.0/24 maxlen: 24
185.8.34.0/24 maxlen: 24
185.8.35.0/24 maxlen: 24
185.8.128.0/24 maxlen: 24
185.8.129.0/24 maxlen: 24
185.8.130.0/24 maxlen: 24
185.8.131.0/24 maxlen: 24
185.67.121.0/24 maxlen: 24
185.150.128.0/24 maxlen: 24
185.150.131.0/24 maxlen: 24
193.31.118.0/24 maxlen: 24
2a02:d9c0::/29 maxlen: 29
2a04:b600::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e9:7b:d3:8f:f4:a1:0a:32:21:6a:3d:b8:8b:64:61:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cbfd3e72d4a0396f95347336b42678f68c26430
Validity
Not Before: Jul 25 10:42:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1d730804258599314b0663c2af42ac96db415c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:59:c2:40:33:ca:32:67:f4:33:8a:93:a9:ba:
f9:25:7e:b3:2b:e8:4a:61:91:59:5c:6a:a3:84:50:
fd:9d:f7:a5:61:a9:9f:19:78:b9:1f:b2:b1:b7:71:
f5:d2:1e:5c:3c:eb:39:d6:bb:da:68:3a:08:d9:0f:
b4:03:e5:f7:7c:3c:7a:26:16:3e:cf:ad:13:6d:61:
e5:d6:5f:e3:81:6b:ba:30:0b:6d:06:88:70:a3:f5:
0e:eb:4d:56:96:f9:48:f8:fc:75:bb:0b:f8:e0:e8:
ee:c4:45:21:7f:2d:9c:5f:c5:b4:d3:05:79:5a:32:
86:fa:db:25:55:12:50:ea:d6:b3:64:fd:05:fc:3b:
c9:b9:96:5e:e1:c0:f9:db:97:08:8a:b9:cd:2b:60:
dc:e1:8a:73:19:44:39:67:09:8a:c6:b3:1c:4b:9e:
69:e6:15:2d:6c:8e:3a:9a:04:a1:6c:45:17:f8:e9:
b6:f2:3f:59:6a:79:af:73:d9:9a:67:a3:01:da:99:
fd:a2:d6:8c:13:77:a0:ea:c1:5b:87:2c:dc:44:d9:
12:85:fd:97:c9:79:fb:01:fd:b7:b6:af:80:90:bf:
48:86:8a:76:e1:8a:95:8b:54:cd:9c:b1:74:41:c4:
4e:bb:64:83:d6:79:d7:64:78:e7:17:83:e4:25:73:
f4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:D7:30:80:42:58:59:93:14:B0:66:3C:2A:F4:2A:C9:6D:B4:15:C6
X509v3 Authority Key Identifier:
keyid:4C:BF:D3:E7:2D:4A:03:96:F9:53:47:33:6B:42:67:8F:68:C2:64:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TL_T5y1KA5b5U0cza0Jnj2jCZDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/4dcwgEJYWZMUsGY8KvQqyW20FcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/TL_T5y1KA5b5U0cza0Jnj2jCZDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.80.0/21
185.8.32.0/22
185.8.128.0/22
185.67.121.0/24
185.150.128.0/24
185.150.131.0/24
193.31.118.0/24
IPv6:
2a02:d9c0::/29
2a04:b600::/29
Signature Algorithm: sha256WithRSAEncryption
90:69:53:d6:e2:b6:3c:e8:6b:6f:77:38:b5:07:54:d8:5a:57:
38:b7:13:54:01:0a:05:96:32:33:2f:3f:85:a0:f6:76:63:db:
ce:52:99:9d:cc:9f:23:40:f5:87:cd:b1:df:c4:f1:22:4d:c0:
17:db:c1:31:2f:1c:3d:02:72:cc:bc:a5:27:4a:17:15:f5:8e:
e1:c0:f0:85:5b:df:df:1d:f3:ac:49:bd:1a:94:cc:49:73:bf:
fa:34:f8:82:10:7b:72:43:df:5c:6d:e3:23:19:f3:eb:7d:0d:
89:3e:62:2b:3d:b0:51:ae:4a:64:40:13:58:23:6e:9b:04:ce:
4b:d6:40:19:b9:b0:b8:03:e1:64:40:ae:65:de:4c:a8:a2:79:
cc:0f:91:f9:b6:04:82:d7:1c:76:96:5f:78:0d:30:33:02:70:
c9:70:33:aa:88:b8:a4:53:17:1f:0d:c8:b7:0c:fa:1f:d2:14:
7a:94:bb:3b:74:43:01:68:af:47:2b:8a:05:e1:07:81:13:36:
65:a5:b6:31:e1:74:c3:de:6d:40:6f:3c:d1:c9:38:2a:a3:ad:
06:db:75:17:9c:30:68:c4:35:9b:2c:df:e1:73:a9:14:cf:32:
50:e5:17:89:0f:e2:bc:f1:e6:f5:6e:00:ed:1d:b1:f0:ae:93:
70:a0:c1:14
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZDpe9OP9KEKMiFqPbiLZGEtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYmZkM2U3MmQ0YTAzOTZmOTUzNDczMzZiNDI2NzhmNjhj
MjY0MzAwHhcNMjQwNzI1MTA0MjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWQ3MzA4MDQyNTg1OTkzMTRiMDY2M2MyYWY0MmFjOTZkYjQxNWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1nCQDPKMmf0M4qTqbr5JX6zK+hK
YZFZXGqjhFD9nfelYamfGXi5H7Kxt3H10h5cPOs51rvaaDoI2Q+0A+X3fDx6JhY+
z60TbWHl1l/jgWu6MAttBohwo/UO601WlvlI+Px1uwv44OjuxEUhfy2cX8W00wV5
WjKG+tslVRJQ6tazZP0F/DvJuZZe4cD525cIirnNK2Dc4YpzGUQ5ZwmKxrMcS55p
5hUtbI46mgShbEUX+Om28j9Zanmvc9maZ6MB2pn9otaME3eg6sFbhyzcRNkShf2X
yXn7Af23tq+AkL9Ihop24YqVi1TNnLF0QcROu2SD1nnXZHjnF4PkJXP0NwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFOHXMIBCWFmTFLBmPCr0KslttBXGMB8GA1UdIwQY
MBaAFEy/0+ctSgOW+VNHM2tCZ49owmQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVExfVDV5MUtBNWI1VTBjemEwSm5qMmpDWkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9iNTczM2ItMzg5MS00NDliLTk5NTAt
ZmY2MGUyMThlZDQxLzEvNGRjd2dFSllXWk1Vc0dZOEt2UXF5VzIwRmNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9iNTczM2ItMzg5MS00NDliLTk5NTAtZmY2MGUyMThlZDQx
LzEvVExfVDV5MUtBNWI1VTBjemEwSm5qMmpDWkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQDBQJQAwQC
uQggAwQCuQiAAwQAuUN5AwQAuZaAAwQAuZaDAwQAwR92MBQEAgACMA4DBQMqAtnA
AwUDKgS2ADANBgkqhkiG9w0BAQsFAAOCAQEAkGlT1uK2POhrb3c4tQdU2FpXOLcT
VAEKBZYyMy8/haD2dmPbzlKZncyfI0D1h82x38TxIk3AF9vBMS8cPQJyzLylJ0oX
FfWO4cDwhVvf3x3zrEm9GpTMSXO/+jT4ghB7ckPfXG3jIxnz630NiT5iKz2wUa5K
ZEATWCNumwTOS9ZAGbmwuAPhZECuZd5MqKJ5zA+R+bYEgtccdpZfeA0wMwJwyXAz
qoi4pFMXHw3Itwz6H9IUepS7O3RDAWivRyuKBeEHgRM2ZaW2MeF0w95tQG880ck4
KqOtBtt1F5wwaMQ1myzf4XOpFM8yUOUXiQ/ivPHm9W4A7R2x8K6TcKDBFA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:00:37 2025 by rpki-client