Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/s5YDxBY3B8DLa3WB02qU7Ai08Ps.roa
File: s5YDxBY3B8DLa3WB02qU7Ai08Ps.roa (raw, json)
Hash identifier: kI7tMG9u4EbnSMXrszjCJClyoUV/vZVgpR8+1bdZC4c=
Subject key identifier: B3:96:03:C4:16:37:07:C0:CB:6B:75:81:D3:6A:94:EC:08:B4:F0:FB
Certificate issuer: /CN=f14a6318b2ed6d0c8234f98208f88de0e9d4698e
Certificate serial: 018F137077E06128644E1975012269ACAB56
Authority key identifier: F1:4A:63:18:B2:ED:6D:0C:82:34:F9:82:08:F8:8D:E0:E9:D4:69:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/s5YDxBY3B8DLa3WB02qU7Ai08Ps.roa
Signing time: Thu 25 Apr 2024 04:08:08 +0000
ROA not before: Thu 25 Apr 2024 04:08:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56798
IP address blocks: 45.66.220.0/22 maxlen: 22
45.86.36.0/24 maxlen: 24
185.34.102.0/24 maxlen: 24
185.54.7.0/24 maxlen: 24
193.17.33.0/24 maxlen: 24
2a0f:9180::/29 maxlen: 29
2a0f:9180:1::/48 maxlen: 48
2a10:d440:1::/48 maxlen: 48
2a10:d440:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 11 Jun 2024 07:45:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:13:70:77:e0:61:28:64:4e:19:75:01:22:69:ac:ab:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f14a6318b2ed6d0c8234f98208f88de0e9d4698e
Validity
Not Before: Apr 25 04:08:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b39603c4163707c0cb6b7581d36a94ec08b4f0fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e3:c7:14:81:d6:f6:75:b2:63:f8:82:ca:92:
6f:28:49:5c:a4:38:39:4e:33:6a:32:f4:52:ec:aa:
37:b9:c6:30:1c:5a:0d:43:37:17:7d:36:61:a9:42:
b2:e8:29:ca:68:83:f1:2f:5d:4e:3e:e8:17:c0:bc:
1d:9c:cf:e5:51:48:1b:b3:b0:93:2f:68:7d:26:66:
73:3f:8e:28:aa:c3:c4:5a:4e:8f:5d:77:f6:c7:9c:
34:60:c3:b3:45:49:b9:3d:14:d4:2a:96:f7:0a:5f:
68:d3:79:3e:2d:c4:3c:66:c7:7a:a2:b1:cc:8c:cd:
5e:b7:7a:5e:92:09:f2:f5:a0:70:31:0b:af:ef:f8:
e0:fd:71:56:c6:78:ba:e4:f5:6d:38:98:6a:f1:35:
19:8c:23:43:e9:df:34:f0:59:77:f3:16:9c:9c:21:
18:c3:66:36:15:a4:e9:96:b9:1a:4c:05:41:1d:3c:
42:ec:d9:31:83:a3:69:04:0a:aa:ff:46:8d:84:cd:
76:90:e3:de:7d:5b:df:29:cb:7e:7f:f5:9c:7b:24:
aa:2e:b7:fd:a3:52:1d:d5:8f:00:c4:a1:03:2d:bf:
de:2c:f7:2a:55:41:f1:c7:51:7b:87:c3:8a:5c:e3:
58:c6:6a:bb:1f:f4:af:6c:c2:02:c2:23:89:3b:be:
06:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:96:03:C4:16:37:07:C0:CB:6B:75:81:D3:6A:94:EC:08:B4:F0:FB
X509v3 Authority Key Identifier:
keyid:F1:4A:63:18:B2:ED:6D:0C:82:34:F9:82:08:F8:8D:E0:E9:D4:69:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/s5YDxBY3B8DLa3WB02qU7Ai08Ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/8UpjGLLtbQyCNPmCCPiN4OnUaY4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.220.0/22
45.86.36.0/24
185.34.102.0/24
185.54.7.0/24
193.17.33.0/24
IPv6:
2a0f:9180::/29
2a10:d440:1::-2a10:d440:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ab:43:9b:72:c3:6b:0e:01:8c:be:04:40:eb:df:b1:9c:a6:e3:
67:17:2c:85:9f:8a:fb:10:2f:78:62:27:05:39:4e:83:c0:a3:
d9:19:c1:98:24:0f:cb:5d:20:c7:5e:fd:01:90:35:35:a9:60:
7e:ab:48:68:e5:b2:c4:af:1d:87:0f:37:06:dc:5f:2b:ec:c3:
ba:68:c8:6d:38:6c:ee:42:91:6b:df:a5:2b:eb:4f:37:c8:f0:
26:93:5a:07:20:99:e5:c4:29:0b:4a:0f:87:7f:65:33:d8:3e:
05:8d:52:94:ed:da:94:49:51:7c:da:ab:6d:e6:44:f4:cc:4b:
6c:72:b9:ee:64:9d:71:46:a1:2a:1d:88:7d:b8:82:92:7a:77:
6d:be:85:7e:8a:7f:25:22:32:88:61:87:9e:69:d7:75:e7:80:
8e:18:cb:84:ff:9f:83:55:cf:db:dc:f5:c5:18:c2:ee:95:12:
08:73:4b:64:35:84:52:89:29:be:b0:98:c4:94:44:40:d4:84:
9c:fd:39:5c:88:44:c2:30:35:c2:78:65:77:55:dc:18:39:50:
9d:e5:de:77:cb:5d:5f:01:fb:df:b8:fc:b5:a5:39:d7:c0:2b:
ed:31:5d:8b:60:79:7a:27:a3:f1:91:a6:96:20:2d:58:75:b4:
43:c2:f6:6c
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAY8TcHfgYShkThl1ASJprKtWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNGE2MzE4YjJlZDZkMGM4MjM0Zjk4MjA4Zjg4ZGUwZTlk
NDY5OGUwHhcNMjQwNDI1MDQwODA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzk2MDNjNDE2MzcwN2MwY2I2Yjc1ODFkMzZhOTRlYzA4YjRmMGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgePHFIHW9nWyY/iCypJvKElcpDg5
TjNqMvRS7Ko3ucYwHFoNQzcXfTZhqUKy6CnKaIPxL11OPugXwLwdnM/lUUgbs7CT
L2h9JmZzP44oqsPEWk6PXXf2x5w0YMOzRUm5PRTUKpb3Cl9o03k+LcQ8Zsd6orHM
jM1et3pekgny9aBwMQuv7/jg/XFWxni65PVtOJhq8TUZjCND6d808Fl38xacnCEY
w2Y2FaTplrkaTAVBHTxC7Nkxg6NpBAqq/0aNhM12kOPefVvfKct+f/WceySqLrf9
o1Id1Y8AxKEDLb/eLPcqVUHxx1F7h8OKXONYxmq7H/SvbMICwiOJO74GSwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFLOWA8QWNwfAy2t1gdNqlOwItPD7MB8GA1UdIwQY
MBaAFPFKYxiy7W0MgjT5ggj4jeDp1GmOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVwakdMTHRiUXlDTlBtQ0NQaU40T25VYVk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8zMzU3OTctOWIyMS00YzUwLWIwNDQt
Yzg2ZWQ0ODYyNTAxLzEvczVZRHhCWTNCOERMYTNXQjAycVU3QWkwOFBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8zMzU3OTctOWIyMS00YzUwLWIwNDQtYzg2ZWQ0ODYyNTAx
LzEvOFVwakdMTHRiUXlDTlBtQ0NQaU40T25VYVk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAkBAIAATAeAwQCLULcAwQA
LVYkAwQAuSJmAwQAuTYHAwQAwREhMCEEAgACMBsDBQMqD5GAMBIDBwAqENRAAAED
BwAqENRAAAIwDQYJKoZIhvcNAQELBQADggEBAKtDm3LDaw4BjL4EQOvfsZym42cX
LIWfivsQL3hiJwU5ToPAo9kZwZgkD8tdIMde/QGQNTWpYH6rSGjlssSvHYcPNwbc
Xyvsw7poyG04bO5CkWvfpSvrTzfI8CaTWgcgmeXEKQtKD4d/ZTPYPgWNUpTt2pRJ
UXzaq23mRPTMS2xyue5knXFGoSodiH24gpJ6d22+hX6KfyUiMohhh55p13XngI4Y
y4T/n4NVz9vc9cUYwu6VEghzS2Q1hFKJKb6wmMSUREDUhJz9OVyIRMIwNcJ4ZXdV
3Bg5UJ3l3nfLXV8B+9+4/LWlOdfAK+0xXYtgeXono/GRppYgLVh1tEPC9mw=
-----END CERTIFICATE-----
Generated at Tue Jun 11 12:41:26 2024 by rpki-client on console-ams.rpki-client.org