Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/tb1hUg4xVbbmk-iqVrJSmi18mz4.roa
File: tb1hUg4xVbbmk-iqVrJSmi18mz4.roa (raw, json)
Hash identifier: CDfyasrvwO/2yVO0U2dptx8+JWaGYsMXnknP6/qGNiY=
Subject key identifier: B5:BD:61:52:0E:31:55:B6:E6:93:E8:AA:56:B2:52:9A:2D:7C:9B:3E
Certificate issuer: /CN=4cbfd3e72d4a0396f95347336b42678f68c26430
Certificate serial: 018D45C11AF9A99D387E145223AA14D3E018
Authority key identifier: 4C:BF:D3:E7:2D:4A:03:96:F9:53:47:33:6B:42:67:8F:68:C2:64:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TL_T5y1KA5b5U0cza0Jnj2jCZDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/tb1hUg4xVbbmk-iqVrJSmi18mz4.roa
Signing time: Fri 26 Jan 2024 12:31:39 +0000
ROA not before: Fri 26 Jan 2024 12:31:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3188
IP address blocks: 5.2.80.0/24 maxlen: 24
5.2.81.0/24 maxlen: 24
5.2.82.0/24 maxlen: 24
5.2.83.0/24 maxlen: 24
5.2.84.0/24 maxlen: 24
5.2.85.0/24 maxlen: 24
5.2.86.0/24 maxlen: 24
5.2.87.0/24 maxlen: 24
185.8.32.0/24 maxlen: 24
185.8.33.0/24 maxlen: 24
185.8.34.0/24 maxlen: 24
185.8.128.0/24 maxlen: 24
185.8.129.0/24 maxlen: 24
185.8.130.0/24 maxlen: 24
185.8.131.0/24 maxlen: 24
185.150.128.0/24 maxlen: 24
185.150.129.0/24 maxlen: 24
185.150.130.0/24 maxlen: 24
185.150.131.0/24 maxlen: 24
2a02:d9c0::/29 maxlen: 29
2a04:b600::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 13 Mar 2024 18:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:45:c1:1a:f9:a9:9d:38:7e:14:52:23:aa:14:d3:e0:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cbfd3e72d4a0396f95347336b42678f68c26430
Validity
Not Before: Jan 26 12:31:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5bd61520e3155b6e693e8aa56b2529a2d7c9b3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:67:31:3d:2d:74:5a:29:92:41:13:08:81:5b:
6c:0a:f0:78:0d:71:f1:2d:68:41:78:bd:c4:24:fa:
37:ce:87:49:11:40:f3:c7:79:3e:75:31:61:0d:bb:
89:09:87:0a:4d:86:8b:25:89:da:1e:26:3a:aa:b8:
b0:9a:9f:fb:91:37:02:d3:6f:15:4f:c2:6e:ec:19:
5d:8f:6c:9d:fa:c7:f5:3f:42:47:f5:43:ba:6b:99:
97:5a:99:55:fa:dd:1b:e5:b8:75:ab:28:1b:48:67:
5c:50:e4:f6:03:e0:22:18:28:08:0b:8b:fd:bb:d9:
54:47:03:f5:97:6e:ed:93:f7:f5:14:f5:6b:c6:f6:
68:5d:22:8a:c2:23:1a:3c:96:2a:2b:88:41:2c:87:
e8:8b:c0:82:e5:4c:37:1c:b6:26:19:52:d1:51:7d:
7e:e1:f1:78:74:33:77:18:4e:b7:55:7b:72:db:db:
d2:ec:52:c5:23:a6:ff:df:c4:88:1a:6d:b0:f9:fc:
e3:51:5c:ec:69:2e:e8:da:28:4e:86:3e:fb:a8:a3:
59:25:9d:a6:18:c1:74:bd:69:1e:c6:2f:5f:97:f9:
39:81:46:76:c2:ad:a6:16:ef:4e:37:0e:4b:fc:4d:
9b:06:87:10:fb:dd:49:e7:66:1b:ba:b4:df:49:9d:
cb:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:BD:61:52:0E:31:55:B6:E6:93:E8:AA:56:B2:52:9A:2D:7C:9B:3E
X509v3 Authority Key Identifier:
keyid:4C:BF:D3:E7:2D:4A:03:96:F9:53:47:33:6B:42:67:8F:68:C2:64:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TL_T5y1KA5b5U0cza0Jnj2jCZDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/tb1hUg4xVbbmk-iqVrJSmi18mz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/TL_T5y1KA5b5U0cza0Jnj2jCZDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.80.0/21
185.8.32.0-185.8.34.255
185.8.128.0/22
185.150.128.0/22
IPv6:
2a02:d9c0::/29
2a04:b600::/29
Signature Algorithm: sha256WithRSAEncryption
53:e1:69:7f:f9:07:0e:33:fd:d1:36:23:38:17:d3:57:0d:32:
b4:3c:68:54:d6:dd:34:5d:69:0d:4e:37:f0:0c:0e:f8:a0:b4:
7e:e1:c0:0d:7a:27:35:28:dc:48:f3:b6:8a:98:fb:24:61:f8:
60:59:69:65:a2:52:ce:a7:74:ef:c9:b2:58:e4:45:31:5f:5a:
7a:0b:11:ba:47:e2:0c:44:cc:33:22:5d:53:d9:34:e2:f4:e2:
6a:a2:4f:75:95:62:d8:c9:b9:b7:98:f0:3e:08:60:9a:5b:b4:
43:84:24:a5:20:4c:ac:7b:21:e0:1d:be:75:35:e1:75:a4:8e:
7e:a3:cb:5c:52:34:01:cc:75:1f:2c:e5:98:4b:52:5f:00:51:
b7:31:1f:19:b2:78:da:36:06:de:04:ad:f8:3c:9b:7f:a3:13:
43:9a:d6:9e:70:1d:82:a4:95:67:9c:59:3a:60:1f:cb:41:31:
e7:41:ec:2f:3b:81:fa:3d:79:08:e9:97:12:37:71:a6:fa:46:
4f:02:47:2b:8e:be:22:4c:2e:c4:42:c5:ea:aa:74:57:83:e9:
29:f5:e6:08:b2:51:96:71:2e:96:a5:7e:10:17:39:99:08:ac:
01:b8:cf:22:f0:76:12:71:fd:57:76:ea:40:cb:f6:bb:5f:0b:
9d:f8:49:81
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY1FwRr5qZ04fhRSI6oU0+AYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYmZkM2U3MmQ0YTAzOTZmOTUzNDczMzZiNDI2NzhmNjhj
MjY0MzAwHhcNMjQwMTI2MTIzMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWJkNjE1MjBlMzE1NWI2ZTY5M2U4YWE1NmIyNTI5YTJkN2M5YjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WcxPS10WimSQRMIgVtsCvB4DXHx
LWhBeL3EJPo3zodJEUDzx3k+dTFhDbuJCYcKTYaLJYnaHiY6qriwmp/7kTcC028V
T8Ju7Bldj2yd+sf1P0JH9UO6a5mXWplV+t0b5bh1qygbSGdcUOT2A+AiGCgIC4v9
u9lURwP1l27tk/f1FPVrxvZoXSKKwiMaPJYqK4hBLIfoi8CC5Uw3HLYmGVLRUX1+
4fF4dDN3GE63VXty29vS7FLFI6b/38SIGm2w+fzjUVzsaS7o2ihOhj77qKNZJZ2m
GMF0vWkexi9fl/k5gUZ2wq2mFu9ONw5L/E2bBocQ+91J52YburTfSZ3LwwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFLW9YVIOMVW25pPoqlayUpotfJs+MB8GA1UdIwQY
MBaAFEy/0+ctSgOW+VNHM2tCZ49owmQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVExfVDV5MUtBNWI1VTBjemEwSm5qMmpDWkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9iNTczM2ItMzg5MS00NDliLTk5NTAt
ZmY2MGUyMThlZDQxLzEvdGIxaFVnNHhWYmJtay1pcVZySlNtaTE4bXo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9iNTczM2ItMzg5MS00NDliLTk5NTAtZmY2MGUyMThlZDQx
LzEvVExfVDV5MUtBNWI1VTBjemEwSm5qMmpDWkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAmBAIAATAgAwQDBQJQMAwD
BAW5CCADBAC5CCIDBAK5CIADBAK5loAwFAQCAAIwDgMFAyoC2cADBQMqBLYAMA0G
CSqGSIb3DQEBCwUAA4IBAQBT4Wl/+QcOM/3RNiM4F9NXDTK0PGhU1t00XWkNTjfw
DA74oLR+4cANeic1KNxI87aKmPskYfhgWWllolLOp3TvybJY5EUxX1p6CxG6R+IM
RMwzIl1T2TTi9OJqok91lWLYybm3mPA+CGCaW7RDhCSlIEyseyHgHb51NeF1pI5+
o8tcUjQBzHUfLOWYS1JfAFG3MR8ZsnjaNgbeBK34PJt/oxNDmtaecB2CpJVnnFk6
YB/LQTHnQewvO4H6PXkI6ZcSN3Gm+kZPAkcrjr4iTC7EQsXqqnRXg+kp9eYIslGW
cS6WpX4QFzmZCKwBuM8i8HYScf1XdupAy/a7Xwud+EmB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:58 2024 by rpki-client on console-ams.rpki-client.org