Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/eJlFVkGr1P53DGYbS8II1x2iIfY.roa
File: eJlFVkGr1P53DGYbS8II1x2iIfY.roa (raw, json)
Hash identifier: 3wIaYpkE5fkKQSOZYBl/jTEDtNABc8jTz/dWMfv+xQE=
Subject key identifier: 78:99:45:56:41:AB:D4:FE:77:0C:66:1B:4B:C2:08:D7:1D:A2:21:F6
Certificate issuer: /CN=5324defbaade93e998e13a942029dd593b8b2ea3
Certificate serial: 01874E58301DE9E724DE752930F2163FFF88
Authority key identifier: 53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/eJlFVkGr1P53DGYbS8II1x2iIfY.roa
Signing time: Tue 04 Apr 2023 22:16:54 +0000
ROA not before: Tue 04 Apr 2023 22:16:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197328
IP address blocks: 162.222.88.0/24 maxlen: 24
167.160.13.0/24 maxlen: 24
5.255.57.0/24 maxlen: 24
5.255.62.0/24 maxlen: 24
5.255.61.0/24 maxlen: 24
5.255.63.0/24 maxlen: 24
185.150.2.0/24 maxlen: 24
167.160.27.0/24 maxlen: 24
91.92.112.0/23 maxlen: 23
185.4.225.0/24 maxlen: 24
185.4.227.0/24 maxlen: 24
107.150.172.0/24 maxlen: 24
107.150.177.0/24 maxlen: 24
185.212.175.0/24 maxlen: 24
23.252.66.0/24 maxlen: 24
185.162.72.0/23 maxlen: 23
2a07:5140::/29 maxlen: 29
2a06:4b40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4e:58:30:1d:e9:e7:24:de:75:29:30:f2:16:3f:ff:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5324defbaade93e998e13a942029dd593b8b2ea3
Validity
Not Before: Apr 4 22:16:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7899455641abd4fe770c661b4bc208d71da221f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:fb:fd:73:57:cc:52:db:b5:6b:38:5e:1e:3a:
5b:71:14:a5:2a:a2:d3:54:7a:91:d5:52:e6:f8:34:
51:1b:3b:79:04:33:93:19:4c:09:24:f4:78:29:c0:
58:97:01:9c:b8:95:44:57:6b:eb:9c:35:09:06:57:
44:a5:19:af:27:18:38:bb:1b:57:18:54:e3:12:e0:
52:69:81:15:46:be:07:ce:d7:95:d0:0e:63:26:af:
e2:30:8f:1b:8a:70:41:2f:35:91:a8:97:2f:9a:ee:
d1:50:a6:9a:17:aa:02:15:56:9a:06:c6:1b:5b:95:
eb:e6:c1:e8:d0:7a:20:0a:91:e6:18:1a:d7:61:9f:
7d:91:91:ce:14:67:4f:e4:a0:a1:84:35:6d:d8:a1:
07:9c:b9:b7:a4:11:ee:76:77:67:eb:c9:f8:6e:0e:
77:03:f4:67:cd:16:57:5f:d3:9c:4f:b7:51:d2:f6:
a7:a7:b2:40:3b:2a:4f:cf:a4:0b:cf:b0:e9:96:8c:
b2:12:5b:9f:99:f8:1f:48:e4:00:1f:cc:62:aa:5f:
f6:6c:eb:4d:ea:6d:67:4f:e2:9c:cc:93:57:8f:d7:
d5:03:35:14:de:bd:b7:43:45:63:a4:74:8e:68:14:
9d:c1:98:b4:8a:3a:5e:02:bc:29:2c:c2:52:ba:e9:
b2:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:99:45:56:41:AB:D4:FE:77:0C:66:1B:4B:C2:08:D7:1D:A2:21:F6
X509v3 Authority Key Identifier:
keyid:53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/eJlFVkGr1P53DGYbS8II1x2iIfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UyTe-6rek-mY4TqUICndWTuLLqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.57.0/24
5.255.61.0-5.255.63.255
23.252.66.0/24
91.92.112.0/23
107.150.172.0/24
107.150.177.0/24
162.222.88.0/24
167.160.13.0/24
167.160.27.0/24
185.4.225.0/24
185.4.227.0/24
185.150.2.0/24
185.162.72.0/23
185.212.175.0/24
IPv6:
2a06:4b40::/29
2a07:5140::/29
Signature Algorithm: sha256WithRSAEncryption
60:89:ee:e0:d6:0d:0d:56:1e:b3:bd:72:c2:ca:63:c1:25:93:
69:fe:68:b0:e4:a2:0c:f6:d4:93:88:f6:99:67:64:b0:d0:55:
b2:fe:6d:d9:f4:a7:83:2d:51:99:ba:98:d8:85:b2:bd:de:d2:
ad:b3:9f:0d:61:f1:6d:95:e3:ca:e1:2d:8c:34:ad:c8:b6:df:
73:7e:b7:34:e3:09:99:0a:4c:bb:e0:f9:80:14:06:4e:c8:a2:
66:f9:5d:82:88:35:77:69:d4:45:36:5a:e4:64:a2:cb:81:1d:
12:e7:c3:2a:ca:2d:27:49:df:de:55:18:2e:7e:b3:64:71:ee:
88:39:10:6a:39:c3:4f:26:0c:29:c5:ff:e8:f8:0d:0e:fa:81:
42:3c:ae:80:95:f9:8a:fe:b8:a8:1d:0c:41:2b:16:50:34:44:
56:23:03:88:42:91:f8:9b:67:82:b6:a0:2d:ab:be:d0:70:f2:
a1:2e:60:35:0d:df:d0:76:1e:82:bc:de:13:a0:06:98:26:26:
9f:f0:ab:51:08:5b:a2:02:62:ba:05:48:b4:4c:b7:28:93:96:
75:b6:ec:98:84:f0:46:23:f3:6e:9d:d5:eb:50:df:80:aa:15:
8f:1d:5a:0f:51:0f:a4:06:6f:dd:dc:18:b1:7b:c0:ad:76:41:
82:fb:37:67
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYdOWDAd6eck3nUpMPIWP/+IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMjRkZWZiYWFkZTkzZTk5OGUxM2E5NDIwMjlkZDU5M2I4
YjJlYTMwHhcNMjMwNDA0MjIxNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODk5NDU1NjQxYWJkNGZlNzcwYzY2MWI0YmMyMDhkNzFkYTIyMWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/v9c1fMUtu1azheHjpbcRSlKqLT
VHqR1VLm+DRRGzt5BDOTGUwJJPR4KcBYlwGcuJVEV2vrnDUJBldEpRmvJxg4uxtX
GFTjEuBSaYEVRr4HzteV0A5jJq/iMI8binBBLzWRqJcvmu7RUKaaF6oCFVaaBsYb
W5Xr5sHo0HogCpHmGBrXYZ99kZHOFGdP5KChhDVt2KEHnLm3pBHudndn68n4bg53
A/RnzRZXX9OcT7dR0vanp7JAOypPz6QLz7DployyElufmfgfSOQAH8xiql/2bOtN
6m1nT+KczJNXj9fVAzUU3r23Q0VjpHSOaBSdwZi0ijpeArwpLMJSuumyXQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFHiZRVZBq9T+dwxmG0vCCNcdoiH2MB8GA1UdIwQY
MBaAFFMk3vuq3pPpmOE6lCAp3Vk7iy6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2Qt
MzNiNzQ1OTk3NWUwLzEvZUpsRlZrR3IxUDUzREdZYlM4SUkxeDJpSWZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2QtMzNiNzQ1OTk3NWUw
LzEvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowYgQCAAEwXAMEAAX/OTAM
AwQABf89AwQGBf8AAwQAF/xCAwQBW1xwAwQAa5asAwQAa5axAwQAot5YAwQAp6AN
AwQAp6AbAwQAuQThAwQAuQTjAwQAuZYCAwQBuaJIAwQAudSvMBQEAgACMA4DBQMq
BktAAwUDKgdRQDANBgkqhkiG9w0BAQsFAAOCAQEAYInu4NYNDVYes71ywspjwSWT
af5osOSiDPbUk4j2mWdksNBVsv5t2fSngy1RmbqY2IWyvd7SrbOfDWHxbZXjyuEt
jDStyLbfc363NOMJmQpMu+D5gBQGTsiiZvldgog1d2nURTZa5GSiy4EdEufDKsot
J0nf3lUYLn6zZHHuiDkQajnDTyYMKcX/6PgNDvqBQjyugJX5iv64qB0MQSsWUDRE
ViMDiEKR+JtngragLau+0HDyoS5gNQ3f0HYegrzeE6AGmCYmn/CrUQhbogJiugVI
tEy3KJOWdbbsmITwRiPzbp3V61DfgKoVjx1aD1EPpAZv3dwYsXvArXZBgvs3Zw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:19 2024 by rpki-client on console-fra.rpki-client.org