Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/s5eCEphK6zI_g59UWODZkwpxOSQ.roa
File: s5eCEphK6zI_g59UWODZkwpxOSQ.roa (raw, json)
Hash identifier: Bi3qYjLfK9hm12rN1qrQOJsFeQ6sPs2Vd0S/yCRFr18=
Subject key identifier: B3:97:82:12:98:4A:EB:32:3F:83:9F:54:58:E0:D9:93:0A:71:39:24
Certificate issuer: /CN=5324defbaade93e998e13a942029dd593b8b2ea3
Certificate serial: 018570B06426573331A3DD7846E1D5C38C3A
Authority key identifier: 53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/s5eCEphK6zI_g59UWODZkwpxOSQ.roa
Signing time: Mon 02 Jan 2023 04:14:46 +0000
ROA not before: Mon 02 Jan 2023 04:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197328
IP address blocks: 167.160.11.0/24 maxlen: 24
162.222.88.0/24 maxlen: 24
167.160.13.0/24 maxlen: 24
5.255.57.0/24 maxlen: 24
5.255.62.0/24 maxlen: 24
5.255.61.0/24 maxlen: 24
5.255.63.0/24 maxlen: 24
185.150.2.0/24 maxlen: 24
167.160.27.0/24 maxlen: 24
185.165.47.0/24 maxlen: 24
91.92.112.0/23 maxlen: 23
185.4.225.0/24 maxlen: 24
185.4.224.0/23 maxlen: 23
185.4.227.0/24 maxlen: 24
107.150.172.0/24 maxlen: 24
107.150.177.0/24 maxlen: 24
185.212.172.0/24 maxlen: 24
185.212.173.0/24 maxlen: 24
185.212.175.0/24 maxlen: 24
23.252.66.0/24 maxlen: 24
185.162.72.0/23 maxlen: 23
2a07:5140::/29 maxlen: 29
2a06:4b40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 04 Apr 2023 22:16:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:64:26:57:33:31:a3:dd:78:46:e1:d5:c3:8c:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5324defbaade93e998e13a942029dd593b8b2ea3
Validity
Not Before: Jan 2 04:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3978212984aeb323f839f5458e0d9930a713924
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:eb:cd:2e:49:f7:e6:aa:fa:20:0d:5b:c0:65:
7f:ba:b1:7f:22:1c:57:20:cd:7c:e9:95:d2:c6:85:
e9:7d:4f:7e:1d:fe:b9:af:cf:f3:fe:95:7a:96:d9:
1a:ae:5c:1b:ee:ba:43:ad:ee:2c:aa:75:83:ca:38:
d2:c1:36:83:5d:0e:58:19:67:c3:73:a3:b0:ce:f9:
64:b6:40:a5:7f:c8:cb:6e:67:fa:0f:bd:8e:67:d1:
56:ed:47:e4:10:3b:06:98:38:8a:c8:0c:af:f1:0b:
b8:5e:05:d6:de:ac:e2:e1:f4:9c:5a:0d:81:54:b9:
b1:a1:74:46:90:f3:31:7f:8d:00:7d:d5:55:60:ad:
89:bb:44:47:91:90:56:16:0d:44:95:a9:48:be:c5:
2a:b2:6c:8c:26:5e:ee:6f:69:01:ae:54:f2:15:43:
f1:69:73:e9:f7:4b:3d:dd:9e:2f:d3:83:68:08:3e:
09:d0:0f:af:1d:52:a6:5a:44:b2:3f:b3:6d:68:97:
fd:1f:56:19:cc:6f:12:22:a0:81:3d:2d:23:4d:ca:
01:23:ee:6f:46:47:89:da:94:62:13:86:c6:01:91:
8c:e0:8f:27:2e:75:ce:72:7f:77:91:c5:eb:18:35:
97:7b:0e:22:03:e3:88:c5:96:1e:4e:ae:2a:c1:b5:
60:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:97:82:12:98:4A:EB:32:3F:83:9F:54:58:E0:D9:93:0A:71:39:24
X509v3 Authority Key Identifier:
keyid:53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/s5eCEphK6zI_g59UWODZkwpxOSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UyTe-6rek-mY4TqUICndWTuLLqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.57.0/24
5.255.61.0-5.255.63.255
23.252.66.0/24
91.92.112.0/23
107.150.172.0/24
107.150.177.0/24
162.222.88.0/24
167.160.11.0/24
167.160.13.0/24
167.160.27.0/24
185.4.224.0/23
185.4.227.0/24
185.150.2.0/24
185.162.72.0/23
185.165.47.0/24
185.212.172.0/23
185.212.175.0/24
IPv6:
2a06:4b40::/29
2a07:5140::/29
Signature Algorithm: sha256WithRSAEncryption
7d:de:d6:07:79:0f:a4:0d:d9:c5:8c:f5:87:ff:be:2e:62:32:
81:e3:53:32:85:2f:c5:a5:47:4f:d4:9d:89:4d:40:e7:6d:e8:
dd:12:f6:59:a7:6e:cf:4b:0c:a8:78:f7:01:7c:cd:8c:5b:ee:
d7:41:8e:43:ee:df:4c:11:fc:e7:29:d4:7d:cb:27:40:0a:97:
c7:bc:cd:76:d4:06:c0:73:7c:a0:70:d6:b2:30:45:65:27:2a:
61:e3:46:7e:05:d6:60:3a:59:a8:fd:ea:8a:e7:3d:f3:d6:d0:
80:4c:c6:8a:aa:8c:b4:25:85:4c:b4:f9:d9:21:e8:59:72:8a:
93:d7:87:0f:a2:25:2b:1f:2f:a4:e8:66:75:82:5b:fa:c8:76:
7d:b7:26:49:8f:1a:fb:6d:d7:fd:79:7a:71:2a:b3:aa:16:0c:
d7:07:53:66:f5:b5:f2:1b:10:32:2e:ed:8a:e1:86:2b:90:8b:
c4:ca:6a:b7:4f:8e:3a:76:58:f2:53:e1:aa:60:1e:0a:b2:69:
d7:c2:f7:26:ef:68:85:39:02:c7:1c:1d:f9:6d:ba:d7:87:96:
a4:fc:55:ee:0f:f6:a2:1b:18:d2:d3:c5:59:0b:c2:ba:f6:c0:
aa:23:0a:b4:23:0f:22:00:e8:f7:52:92:0c:a1:03:83:a6:77:
85:4b:40:2c
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYVwsGQmVzMxo914RuHVw4w6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMjRkZWZiYWFkZTkzZTk5OGUxM2E5NDIwMjlkZDU5M2I4
YjJlYTMwHhcNMjMwMTAyMDQxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzk3ODIxMjk4NGFlYjMyM2Y4MzlmNTQ1OGUwZDk5MzBhNzEzOTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+vNLkn35qr6IA1bwGV/urF/IhxX
IM186ZXSxoXpfU9+Hf65r8/z/pV6ltkarlwb7rpDre4sqnWDyjjSwTaDXQ5YGWfD
c6OwzvlktkClf8jLbmf6D72OZ9FW7UfkEDsGmDiKyAyv8Qu4XgXW3qzi4fScWg2B
VLmxoXRGkPMxf40AfdVVYK2Ju0RHkZBWFg1ElalIvsUqsmyMJl7ub2kBrlTyFUPx
aXPp90s93Z4v04NoCD4J0A+vHVKmWkSyP7NtaJf9H1YZzG8SIqCBPS0jTcoBI+5v
RkeJ2pRiE4bGAZGM4I8nLnXOcn93kcXrGDWXew4iA+OIxZYeTq4qwbVgUQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFLOXghKYSusyP4OfVFjg2ZMKcTkkMB8GA1UdIwQY
MBaAFFMk3vuq3pPpmOE6lCAp3Vk7iy6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2Qt
MzNiNzQ1OTk3NWUwLzEvczVlQ0VwaEs2eklfZzU5VVdPRFprd3B4T1NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2QtMzNiNzQ1OTk3NWUw
LzEvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDB0BAIAATBuAwQABf85
MAwDBAAF/z0DBAYF/wADBAAX/EIDBAFbXHADBABrlqwDBABrlrEDBACi3lgDBACn
oAsDBACnoA0DBACnoBsDBAG5BOADBAC5BOMDBAC5lgIDBAG5okgDBAC5pS8DBAG5
1KwDBAC51K8wFAQCAAIwDgMFAyoGS0ADBQMqB1FAMA0GCSqGSIb3DQEBCwUAA4IB
AQB93tYHeQ+kDdnFjPWH/74uYjKB41MyhS/FpUdP1J2JTUDnbejdEvZZp27PSwyo
ePcBfM2MW+7XQY5D7t9MEfznKdR9yydACpfHvM121AbAc3ygcNayMEVlJyph40Z+
BdZgOlmo/eqK5z3z1tCATMaKqoy0JYVMtPnZIehZcoqT14cPoiUrHy+k6GZ1glv6
yHZ9tyZJjxr7bdf9eXpxKrOqFgzXB1Nm9bXyGxAyLu2K4YYrkIvEymq3T446dljy
U+GqYB4KsmnXwvcm72iFOQLHHB35bbrXh5ak/FXuD/aiGxjS08VZC8K69sCqIwq0
Iw8iAOj3UpIMoQODpneFS0As
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:09 2024 by rpki-client on console-ams.rpki-client.org