Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/pgWWhMQI0hJFHoUX1cXZnQ0b6Mk.roa
File: pgWWhMQI0hJFHoUX1cXZnQ0b6Mk.roa (raw, json)
Hash identifier: wFz4Bkflve0CvNmVJw57BYp+O4lvpZ3SCAVoNrwLG0g=
Subject key identifier: A6:05:96:84:C4:08:D2:12:45:1E:85:17:D5:C5:D9:9D:0D:1B:E8:C9
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EC7C09C148FD1011EDBD7FC620E6E1BFE
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/pgWWhMQI0hJFHoUX1cXZnQ0b6Mk.roa
Signing time: Wed 10 Apr 2024 11:24:32 +0000
ROA not before: Wed 10 Apr 2024 11:24:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15468
IP address blocks: 5.143.176.0/20 maxlen: 21
5.143.184.0/21 maxlen: 21
94.242.148.0/24 maxlen: 24
94.242.149.0/24 maxlen: 24
94.242.150.0/24 maxlen: 24
94.242.151.0/24 maxlen: 24
94.242.160.0/19 maxlen: 19
94.242.160.0/20 maxlen: 20
94.242.176.0/20 maxlen: 20
95.107.16.0/20 maxlen: 20
95.107.16.0/21 maxlen: 21
95.107.24.0/21 maxlen: 21
95.107.112.0/20 maxlen: 20
95.107.112.0/21 maxlen: 21
95.107.120.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 17 Apr 2024 07:19:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c7:c0:9c:14:8f:d1:01:1e:db:d7:fc:62:0e:6e:1b:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 10 11:24:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6059684c408d212451e8517d5c5d99d0d1be8c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e9:c4:26:f2:88:24:9a:db:ed:70:1f:9b:12:
a2:d9:9d:b9:bd:7c:a6:38:dd:b7:43:48:ec:97:98:
b0:93:32:90:13:84:37:c8:d1:a6:e3:35:89:ff:a5:
48:f8:9b:7f:18:dc:f4:80:4d:ff:60:19:10:ea:96:
d3:c5:3b:38:12:ca:01:3a:77:96:3e:8d:8e:c5:8e:
f6:75:5d:01:74:c8:40:5f:7b:7e:fd:c0:61:c7:d2:
a6:b2:64:83:9b:49:19:db:ae:4f:42:05:d9:b5:6c:
f0:ef:c0:1c:98:79:81:8a:47:4d:35:0d:f5:29:e7:
e1:e5:06:d3:2a:63:40:b3:13:36:1e:be:fb:cf:e3:
5d:b8:3a:ae:7d:93:5d:96:c4:db:33:ee:d4:b3:ec:
17:43:6c:3c:19:0e:09:ef:f5:a3:fb:eb:11:31:1a:
f2:b1:27:04:51:7f:3e:78:5a:f0:02:4c:f8:37:bc:
a5:44:7d:2f:9b:03:4a:73:fd:c9:b0:7f:fa:45:9a:
fc:d8:e3:7b:25:73:7a:42:49:91:89:0b:fd:20:c2:
aa:c8:4e:db:c5:3d:89:81:63:04:b8:49:b4:7d:7c:
86:48:7d:d7:af:61:4e:32:39:de:b3:b5:bc:99:8d:
87:e4:09:6c:5b:05:6d:75:6c:72:a7:1b:c5:54:94:
4f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:05:96:84:C4:08:D2:12:45:1E:85:17:D5:C5:D9:9D:0D:1B:E8:C9
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/pgWWhMQI0hJFHoUX1cXZnQ0b6Mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.143.176.0/20
94.242.148.0/22
94.242.160.0/19
95.107.16.0/20
95.107.112.0/20
Signature Algorithm: sha256WithRSAEncryption
18:4d:51:9a:f8:05:70:15:55:cb:51:c6:30:7f:10:26:da:1f:
4b:d1:f3:63:b3:78:bb:87:77:72:3d:66:c0:69:a0:02:cf:be:
7b:df:c1:42:17:08:72:67:64:8b:52:69:6a:b2:f7:8e:08:76:
65:f8:06:d8:42:04:d4:12:10:c4:ef:34:e8:39:6f:61:a3:1a:
4b:58:fa:2f:a9:34:63:8a:ac:6a:76:69:ac:71:0d:92:13:a9:
83:bf:0a:e3:8d:1e:ad:63:27:fb:59:26:10:af:fe:b3:2c:80:
75:3e:8f:4c:17:25:db:28:ad:85:09:6a:79:52:69:6f:e3:22:
64:52:4c:be:5f:e9:90:b3:d7:59:04:10:48:35:fe:66:87:d5:
bd:a7:cf:5b:01:b3:77:c0:09:b5:19:ce:fb:e3:f3:b9:b3:95:
79:d9:b0:04:d8:33:79:ec:bf:69:60:ef:33:27:6b:c1:5c:0e:
68:6e:2d:0a:a6:5a:2b:5e:51:60:f3:8c:ee:ee:02:03:d0:ab:
9d:2d:99:c6:bd:9d:11:4a:4c:91:f0:e4:bc:9a:4e:3e:61:87:
f9:3d:11:f9:d4:2b:0f:d8:cd:f8:57:06:5e:b4:69:f9:53:91:
be:1b:d4:b4:fd:6c:aa:c7:a2:ee:28:52:1f:a1:e2:c2:f9:7d:
d9:fa:d1:c6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY7HwJwUj9EBHtvX/GIObhv+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDEwMTEyNDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjA1OTY4NGM0MDhkMjEyNDUxZTg1MTdkNWM1ZDk5ZDBkMWJlOGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOnEJvKIJJrb7XAfmxKi2Z25vXym
ON23Q0jsl5iwkzKQE4Q3yNGm4zWJ/6VI+Jt/GNz0gE3/YBkQ6pbTxTs4EsoBOneW
Po2OxY72dV0BdMhAX3t+/cBhx9KmsmSDm0kZ265PQgXZtWzw78AcmHmBikdNNQ31
Kefh5QbTKmNAsxM2Hr77z+NduDqufZNdlsTbM+7Us+wXQ2w8GQ4J7/Wj++sRMRry
sScEUX8+eFrwAkz4N7ylRH0vmwNKc/3JsH/6RZr82ON7JXN6QkmRiQv9IMKqyE7b
xT2JgWMEuEm0fXyGSH3Xr2FOMjnes7W8mY2H5AlsWwVtdWxypxvFVJRP+wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKYFloTECNISRR6FF9XF2Z0NG+jJMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvcGdXV2hNUUkwaEpGSG9VWDFjWFpuUTBiNk1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEBY+wAwQC
XvKUAwQFXvKgAwQEX2sQAwQEX2twMA0GCSqGSIb3DQEBCwUAA4IBAQAYTVGa+AVw
FVXLUcYwfxAm2h9L0fNjs3i7h3dyPWbAaaACz75738FCFwhyZ2SLUmlqsveOCHZl
+AbYQgTUEhDE7zToOW9hoxpLWPovqTRjiqxqdmmscQ2SE6mDvwrjjR6tYyf7WSYQ
r/6zLIB1Po9MFyXbKK2FCWp5Umlv4yJkUky+X+mQs9dZBBBINf5mh9W9p89bAbN3
wAm1Gc774/O5s5V52bAE2DN57L9pYO8zJ2vBXA5obi0KplorXlFg84zu7gID0Kud
LZnGvZ0RSkyR8OS8mk4+YYf5PRH51CsP2M34VwZetGn5U5G+G9S0/Wyqx6LuKFIf
oeLC+X3Z+tHG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:26 2024 by rpki-client on console-ams.rpki-client.org