Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/7637a6-5237-4b16-93cf-be17b8aad554/1/5U5lWaxsO2qcmlvThGEhK-YxL1k.roa
File: 5U5lWaxsO2qcmlvThGEhK-YxL1k.roa (raw, json)
Hash identifier: IE0g96ZmoRWmoW5wVwIaYAKCBBTlRapMox5nArB7zQw=
Subject key identifier: E5:4E:65:59:AC:6C:3B:6A:9C:9A:5B:D3:84:61:21:2B:E6:31:2F:59
Certificate issuer: /CN=1f31139f89e825962a7e3380ade75b56ab5baad5
Certificate serial: 018AD1953FAA3478A74809AF0D4794DAE303
Authority key identifier: 1F:31:13:9F:89:E8:25:96:2A:7E:33:80:AD:E7:5B:56:AB:5B:AA:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HzETn4noJZYqfjOAredbVqtbqtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/7637a6-5237-4b16-93cf-be17b8aad554/1/5U5lWaxsO2qcmlvThGEhK-YxL1k.roa
Signing time: Tue 26 Sep 2023 13:02:13 +0000
ROA not before: Tue 26 Sep 2023 13:02:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50522
IP address blocks: 185.61.68.0/22 maxlen: 22
81.173.96.0/22 maxlen: 22
81.173.0.0/22 maxlen: 22
81.23.244.0/22 maxlen: 22
81.173.7.0/24 maxlen: 24
81.173.125.0/24 maxlen: 24
81.173.126.0/23 maxlen: 23
81.173.32.0/23 maxlen: 23
81.173.48.0/20 maxlen: 20
109.235.32.0/21 maxlen: 21
81.173.64.0/20 maxlen: 20
2a03:be00::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d1:95:3f:aa:34:78:a7:48:09:af:0d:47:94:da:e3:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f31139f89e825962a7e3380ade75b56ab5baad5
Validity
Not Before: Sep 26 13:02:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e54e6559ac6c3b6a9c9a5bd38461212be6312f59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:6c:cb:95:cc:d5:e5:1d:db:f4:8b:14:9f:b7:
a4:7f:fc:e5:81:2f:99:74:1b:38:86:3a:78:00:6e:
4f:3c:93:0c:2d:72:a7:7f:fb:1b:56:2b:93:c9:a3:
43:1b:99:ba:6f:c9:4e:8b:91:5a:20:2c:4a:a3:78:
1a:b6:68:c2:4c:79:8d:08:dc:db:89:d7:f2:ae:59:
0c:c2:63:98:d6:32:f1:17:bc:35:fe:20:42:e6:9c:
16:7e:1b:cf:d6:6f:98:63:9a:97:5a:e5:81:59:04:
55:95:20:cb:6c:90:37:0c:15:b6:a4:02:86:b3:f0:
5d:48:38:ac:75:5d:33:b6:f2:51:4c:3d:af:e1:07:
c0:a8:3c:23:18:63:62:6d:78:4d:20:73:e8:04:68:
de:7e:28:df:b7:35:ea:de:51:b5:6d:7d:8b:5b:46:
e0:ce:b7:b7:2d:06:c9:26:05:e4:0b:9d:1e:5b:d8:
7c:12:54:5b:11:48:8d:c9:ff:01:37:ab:f0:0f:68:
14:f4:11:ca:27:ca:e9:ca:5c:26:10:e7:91:42:70:
1c:e4:7a:be:0b:b3:9f:1a:93:d6:72:59:b9:f7:b0:
b0:0e:5f:a9:d7:c4:a5:51:0f:f8:f0:34:63:1a:c7:
b9:dd:f0:b6:75:00:2a:41:11:c5:5d:65:b5:82:db:
30:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:4E:65:59:AC:6C:3B:6A:9C:9A:5B:D3:84:61:21:2B:E6:31:2F:59
X509v3 Authority Key Identifier:
keyid:1F:31:13:9F:89:E8:25:96:2A:7E:33:80:AD:E7:5B:56:AB:5B:AA:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzETn4noJZYqfjOAredbVqtbqtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/7637a6-5237-4b16-93cf-be17b8aad554/1/5U5lWaxsO2qcmlvThGEhK-YxL1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/7637a6-5237-4b16-93cf-be17b8aad554/1/HzETn4noJZYqfjOAredbVqtbqtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.23.244.0/22
81.173.0.0/22
81.173.7.0/24
81.173.32.0/23
81.173.48.0-81.173.79.255
81.173.96.0/22
81.173.125.0-81.173.127.255
109.235.32.0/21
185.61.68.0/22
IPv6:
2a03:be00::/32
Signature Algorithm: sha256WithRSAEncryption
51:12:54:a3:35:46:81:6a:bf:bc:f9:9c:c1:e3:ef:ce:49:3c:
4f:67:e9:95:9e:03:29:2f:ad:ea:50:80:ab:fe:32:32:60:6f:
fd:74:7a:52:56:22:2e:05:bc:b9:9a:69:2c:5f:02:bd:95:e7:
71:2c:fa:45:e0:28:03:47:75:03:a7:ab:ba:9c:55:5e:e4:6e:
ce:b2:dc:74:97:5b:c7:08:ac:39:d1:27:38:2f:0e:36:8d:53:
6b:36:0f:3d:33:e6:8f:68:57:e3:0d:cc:f4:9a:48:f9:4a:36:
64:9b:9a:f9:ce:ac:ef:9a:ed:85:14:31:a2:d3:07:76:03:5a:
6e:da:8c:b3:bb:c3:f2:61:7c:c3:f1:a5:01:11:9a:a3:95:7f:
67:55:0d:3f:88:93:40:2f:4c:91:ce:e1:cd:26:47:5e:fe:eb:
03:0f:0c:94:a2:c7:ab:0c:73:db:61:de:a2:34:83:e2:a8:ac:
72:ac:18:08:1d:ca:a1:ba:03:76:13:cb:a0:1d:31:d6:e0:38:
80:71:9a:6b:f2:0d:87:cc:7d:ee:29:60:9f:a8:78:89:54:42:
25:5f:01:6d:40:0a:cb:f9:d3:fa:4b:25:ee:73:1e:30:ec:c9:
b7:0a:be:d9:b4:2f:ac:7d:97:93:16:f8:15:ae:1c:1d:0e:a9:
1f:e3:7d:33
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYrRlT+qNHinSAmvDUeU2uMDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzExMzlmODllODI1OTYyYTdlMzM4MGFkZTc1YjU2YWI1
YmFhZDUwHhcNMjMwOTI2MTMwMjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTRlNjU1OWFjNmMzYjZhOWM5YTViZDM4NDYxMjEyYmU2MzEyZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2zLlczV5R3b9IsUn7ekf/zlgS+Z
dBs4hjp4AG5PPJMMLXKnf/sbViuTyaNDG5m6b8lOi5FaICxKo3gatmjCTHmNCNzb
idfyrlkMwmOY1jLxF7w1/iBC5pwWfhvP1m+YY5qXWuWBWQRVlSDLbJA3DBW2pAKG
s/BdSDisdV0ztvJRTD2v4QfAqDwjGGNibXhNIHPoBGjefijftzXq3lG1bX2LW0bg
zre3LQbJJgXkC50eW9h8ElRbEUiNyf8BN6vwD2gU9BHKJ8rpylwmEOeRQnAc5Hq+
C7OfGpPWclm597CwDl+p18SlUQ/48DRjGse53fC2dQAqQRHFXWW1gtsw4QIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFOVOZVmsbDtqnJpb04RhISvmMS9ZMB8GA1UdIwQY
MBaAFB8xE5+J6CWWKn4zgK3nW1arW6rVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpFVG40bm9KWllxZmpPQXJlZGJWcXRicXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS83NjM3YTYtNTIzNy00YjE2LTkzY2Yt
YmUxN2I4YWFkNTU0LzEvNVU1bFdheHNPMnFjbWx2VGhHRWhLLVl4TDFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS83NjM3YTYtNTIzNy00YjE2LTkzY2YtYmUxN2I4YWFkNTU0
LzEvSHpFVG40bm9KWllxZmpPQXJlZGJWcXRicXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGAwQCURf0AwQC
Ua0AAwQAUa0HAwQBUa0gMAwDBARRrTADBARRrUADBAJRrWAwDAMEAFGtfQMEB1Gt
AAMEA23rIAMEArk9RDANBAIAAjAHAwUAKgO+ADANBgkqhkiG9w0BAQsFAAOCAQEA
URJUozVGgWq/vPmcwePvzkk8T2fplZ4DKS+t6lCAq/4yMmBv/XR6UlYiLgW8uZpp
LF8CvZXncSz6ReAoA0d1A6erupxVXuRuzrLcdJdbxwisOdEnOC8ONo1TazYPPTPm
j2hX4w3M9JpI+Uo2ZJua+c6s75rthRQxotMHdgNabtqMs7vD8mF8w/GlARGao5V/
Z1UNP4iTQC9Mkc7hzSZHXv7rAw8MlKLHqwxz22HeojSD4qiscqwYCB3KoboDdhPL
oB0x1uA4gHGaa/INh8x97ilgn6h4iVRCJV8BbUAKy/nT+ksl7nMeMOzJtwq+2bQv
rH2Xkxb4Fa4cHQ6pH+N9Mw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:58 2024 by rpki-client on console-ams.rpki-client.org