Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/rFOiMJ5YttxQHzJji8Cqy2hLTPo.roa
File: rFOiMJ5YttxQHzJji8Cqy2hLTPo.roa (raw, json)
Hash identifier: WNgA5rfz4HLlWknwahnpB4f5ByOPUv8ZAAwXoiuMUb4=
Subject key identifier: AC:53:A2:30:9E:58:B6:DC:50:1F:32:63:8B:C0:AA:CB:68:4B:4C:FA
Certificate issuer: /CN=33fe80aea100e98c0da5d1ffef98b371d11edda2
Certificate serial: 01856B49F96CBC6A78480AD4AB0A51629F1A
Authority key identifier: 33:FE:80:AE:A1:00:E9:8C:0D:A5:D1:FF:EF:98:B3:71:D1:1E:DD:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M_6ArqEA6YwNpdH_75izcdEe3aI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/rFOiMJ5YttxQHzJji8Cqy2hLTPo.roa
Signing time: Sun 01 Jan 2023 03:04:48 +0000
ROA not before: Sun 01 Jan 2023 03:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31214
IP address blocks: 5.11.64.0/20 maxlen: 20
193.39.220.0/22 maxlen: 22
178.210.0.0/19 maxlen: 19
109.111.128.0/19 maxlen: 19
185.234.120.0/22 maxlen: 22
194.50.12.0/22 maxlen: 22
91.109.128.0/19 maxlen: 19
185.251.216.0/22 maxlen: 22
37.60.208.0/20 maxlen: 20
213.149.0.0/19 maxlen: 19
185.238.76.0/22 maxlen: 22
31.192.128.0/19 maxlen: 19
185.16.136.0/22 maxlen: 22
83.219.128.0/19 maxlen: 19
2a03:5800::/32 maxlen: 32
2a06:50c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:49:f9:6c:bc:6a:78:48:0a:d4:ab:0a:51:62:9f:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33fe80aea100e98c0da5d1ffef98b371d11edda2
Validity
Not Before: Jan 1 03:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac53a2309e58b6dc501f32638bc0aacb684b4cfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ca:9e:32:63:6f:2b:72:c1:93:c2:8f:87:c9:
12:c4:3a:ae:77:77:79:b8:c2:c1:95:3e:9a:2e:a7:
14:16:52:c5:3e:5a:e8:67:51:de:36:90:01:dd:c2:
57:5e:72:af:38:c1:ae:dc:0e:9b:8a:ed:f5:fd:98:
64:e5:f5:9e:80:5d:74:f7:54:84:c3:10:3a:51:e1:
28:40:d5:04:14:e3:39:af:23:68:13:1d:f2:5e:ff:
30:8e:71:5f:a7:0d:73:90:c4:38:ff:f7:a2:58:f1:
3b:0e:a2:74:9c:72:ee:0b:25:d5:78:45:16:da:52:
0a:f5:8c:18:0f:1f:10:12:3e:98:03:13:1e:6e:7f:
06:6c:44:28:91:18:d2:28:47:78:50:5c:90:cc:3d:
3d:c6:3b:bc:1f:94:66:25:ae:f7:d2:73:c8:a0:50:
3f:9b:4a:a3:77:8b:b0:10:0a:20:29:d6:f9:61:b8:
79:1b:58:eb:3a:70:aa:0e:b5:ee:9a:60:4b:6e:1f:
3d:89:ac:b9:25:c7:f7:87:c5:11:f6:82:9c:be:31:
6c:f1:41:e6:d2:01:2d:f7:b4:be:95:d2:8d:86:cf:
56:a6:50:1c:33:d2:d2:d7:ba:f2:fe:c5:b8:03:99:
55:4e:b5:db:c4:84:30:b6:df:7e:78:17:22:61:27:
9f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:53:A2:30:9E:58:B6:DC:50:1F:32:63:8B:C0:AA:CB:68:4B:4C:FA
X509v3 Authority Key Identifier:
keyid:33:FE:80:AE:A1:00:E9:8C:0D:A5:D1:FF:EF:98:B3:71:D1:1E:DD:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M_6ArqEA6YwNpdH_75izcdEe3aI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/rFOiMJ5YttxQHzJji8Cqy2hLTPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/M_6ArqEA6YwNpdH_75izcdEe3aI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.64.0/20
31.192.128.0/19
37.60.208.0/20
83.219.128.0/19
91.109.128.0/19
109.111.128.0/19
178.210.0.0/19
185.16.136.0/22
185.234.120.0/22
185.238.76.0/22
185.251.216.0/22
193.39.220.0/22
194.50.12.0/22
213.149.0.0/19
IPv6:
2a03:5800::/32
2a06:50c0::/32
Signature Algorithm: sha256WithRSAEncryption
50:62:50:96:74:bb:6c:e5:2e:47:a0:b4:1a:cf:9f:66:4c:17:
5c:70:67:c0:4d:04:51:b0:d0:8c:84:05:45:1d:f5:47:ee:3b:
f7:b5:69:53:05:69:89:21:cd:2a:70:b5:7f:ec:a1:6e:9d:cf:
89:7e:93:bf:c1:d8:19:cb:6f:8e:4f:6b:0b:f3:33:45:2d:aa:
dc:97:4f:c8:c5:a4:d3:e0:cd:85:65:c4:cc:6b:6e:c1:7f:fc:
7a:80:b3:05:e9:c4:d4:cf:86:d7:c0:04:13:fa:9c:e9:da:e3:
19:51:61:5d:c9:8d:90:01:f6:52:f9:89:03:46:64:04:2d:a8:
73:0d:b6:76:97:1e:26:ab:30:b7:13:f6:6c:d2:33:c9:a8:68:
1b:17:d3:9a:56:e5:51:18:d0:7f:c5:bc:c8:f1:27:7c:cd:15:
a9:0d:90:5a:50:c9:97:97:58:dd:3a:92:70:64:c7:0e:f8:7f:
8f:1a:ed:72:65:8c:05:39:c1:79:a0:c6:47:36:64:55:96:08:
3d:27:f8:7c:aa:e1:71:a7:04:c6:68:b1:78:31:3d:01:63:95:
f6:e4:08:c8:40:aa:1e:93:c6:b9:50:e5:b8:1a:4e:03:1f:be:
89:ac:fd:22:8f:2f:65:4c:67:96:ff:53:1c:2c:a0:d1:85:80:
05:97:14:94
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYVrSflsvGp4SArUqwpRYp8aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZmU4MGFlYTEwMGU5OGMwZGE1ZDFmZmVmOThiMzcxZDEx
ZWRkYTIwHhcNMjMwMTAxMDMwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzUzYTIzMDllNThiNmRjNTAxZjMyNjM4YmMwYWFjYjY4NGI0Y2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsqeMmNvK3LBk8KPh8kSxDqud3d5
uMLBlT6aLqcUFlLFPlroZ1HeNpAB3cJXXnKvOMGu3A6biu31/Zhk5fWegF1091SE
wxA6UeEoQNUEFOM5ryNoEx3yXv8wjnFfpw1zkMQ4//eiWPE7DqJ0nHLuCyXVeEUW
2lIK9YwYDx8QEj6YAxMebn8GbEQokRjSKEd4UFyQzD09xju8H5RmJa730nPIoFA/
m0qjd4uwEAogKdb5Ybh5G1jrOnCqDrXummBLbh89iay5Jcf3h8UR9oKcvjFs8UHm
0gEt97S+ldKNhs9WplAcM9LS17ry/sW4A5lVTrXbxIQwtt9+eBciYSefowIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFKxTojCeWLbcUB8yY4vAqstoS0z6MB8GA1UdIwQY
MBaAFDP+gK6hAOmMDaXR/++Ys3HRHt2iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTV82QXJxRUE2WXdOcGRIXzc1aXpjZEVlM2FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS84MDI1MjUtNWMyYy00NTY0LWJhNWEt
NmNkNjU5YWNiZjA3LzEvckZPaU1KNVl0dHhRSHpKamk4Q3F5MmhMVFBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS84MDI1MjUtNWMyYy00NTY0LWJhNWEtNmNkNjU5YWNiZjA3
LzEvTV82QXJxRUE2WXdOcGRIXzc1aXpjZEVlM2FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwWgQCAAEwVAMEBAULQAME
BR/AgAMEBCU80AMEBVPbgAMEBVttgAMEBW1vgAMEBbLSAAMEArkQiAMEArnqeAME
ArnuTAMEArn72AMEAsEn3AMEAsIyDAMEBdWVADAUBAIAAjAOAwUAKgNYAAMFACoG
UMAwDQYJKoZIhvcNAQELBQADggEBAFBiUJZ0u2zlLkegtBrPn2ZMF1xwZ8BNBFGw
0IyEBUUd9UfuO/e1aVMFaYkhzSpwtX/soW6dz4l+k7/B2BnLb45PawvzM0UtqtyX
T8jFpNPgzYVlxMxrbsF//HqAswXpxNTPhtfABBP6nOna4xlRYV3JjZAB9lL5iQNG
ZAQtqHMNtnaXHiarMLcT9mzSM8moaBsX05pW5VEY0H/FvMjxJ3zNFakNkFpQyZeX
WN06knBkxw74f48a7XJljAU5wXmgxkc2ZFWWCD0n+Hyq4XGnBMZosXgxPQFjlfbk
CMhAqh6TxrlQ5bgaTgMfvoms/SKPL2VMZ5b/UxwsoNGFgAWXFJQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:38 2024 by rpki-client on console-fra.rpki-client.org