Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/5CTDx8F-j5oDcfuC0JRaqGcDD9g.roa
File: 5CTDx8F-j5oDcfuC0JRaqGcDD9g.roa (raw, json)
Hash identifier: L5AQcLeqxpVgevW7tpo/BUN+Ean2Jhsx5v+lzvhmPNw=
Subject key identifier: E4:24:C3:C7:C1:7E:8F:9A:03:71:FB:82:D0:94:5A:A8:67:03:0F:D8
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018EAA798494A878A6634CC10B40F58DD571
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/5CTDx8F-j5oDcfuC0JRaqGcDD9g.roa
Signing time: Thu 04 Apr 2024 18:57:54 +0000
ROA not before: Thu 04 Apr 2024 18:57:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.85.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
45.144.215.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
146.19.125.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Apr 2024 09:32:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:aa:79:84:94:a8:78:a6:63:4c:c1:0b:40:f5:8d:d5:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 4 18:57:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e424c3c7c17e8f9a0371fb82d0945aa867030fd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:34:1c:a1:c7:7f:1c:e3:48:18:46:92:57:12:
c1:cc:ba:37:02:f1:de:11:30:85:c4:08:4d:29:a5:
07:35:95:9e:4a:27:a8:12:eb:07:9f:2c:60:20:20:
e5:74:19:6f:41:3d:cf:f4:d4:60:8b:80:f3:2e:8f:
33:ee:8a:1f:41:b7:00:cf:13:75:7d:3f:a8:23:dc:
13:92:6b:e0:33:28:77:3d:d3:63:60:7d:b7:cc:0f:
ec:63:e6:1c:64:0c:73:67:c7:30:cb:7c:6a:da:9a:
8c:ab:4e:28:bd:af:5d:ac:99:2c:3f:ca:26:f3:9f:
49:1d:3b:fe:4f:94:da:0a:34:19:fb:4e:be:eb:2f:
39:06:bb:87:24:89:25:be:33:8b:07:63:9a:43:04:
07:db:d3:f9:5c:74:3e:48:a4:78:6f:63:de:a0:eb:
06:53:7f:4d:f0:8b:18:45:2d:c8:ed:47:a6:c4:fe:
a8:a8:0a:75:4e:63:f1:f4:52:f7:46:f1:37:ee:2d:
90:98:10:ef:13:9c:d0:56:52:f2:40:e1:31:42:b7:
c8:bf:83:7d:c4:45:3c:18:6d:a4:e0:35:fe:39:3c:
8d:6f:f9:95:21:11:dd:f3:92:85:a3:c2:89:14:c5:
5b:8e:8c:66:b8:03:09:dd:a5:67:80:3b:47:0b:4a:
41:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:24:C3:C7:C1:7E:8F:9A:03:71:FB:82:D0:94:5A:A8:67:03:0F:D8
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/5CTDx8F-j5oDcfuC0JRaqGcDD9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/23
5.181.87.0/24
45.94.170.0/24
45.144.215.0/24
85.209.120.0/23
146.19.125.0/24
193.30.241.0/24
195.177.95.0/24
Signature Algorithm: sha256WithRSAEncryption
30:97:c1:0d:26:1e:cb:74:d0:be:64:f6:04:66:91:88:9c:71:
cd:b0:51:55:d0:ec:d4:de:ab:0c:8d:5d:49:ff:b9:4d:46:ef:
96:c0:a9:c0:cd:e1:a2:9f:57:db:4a:89:7c:5b:f5:dd:1e:ed:
0f:e4:fd:5d:ff:9f:d2:4c:7b:d2:1f:0f:d1:b5:61:41:92:f5:
83:35:12:7d:f3:0a:dc:1b:08:12:30:57:b1:50:50:55:6e:a2:
4b:3d:5c:d6:58:97:2e:f1:0b:53:b7:40:25:ef:a7:9d:d0:4d:
3b:a9:6c:2e:e5:f7:5a:42:95:1e:71:df:2d:87:1e:49:9a:ed:
cd:50:7d:42:a6:d3:95:e9:8e:26:c9:3f:51:7e:af:85:6c:37:
c6:4b:da:4b:d8:6b:e3:47:56:20:b3:75:a8:0e:be:57:50:6b:
0a:ba:ac:f7:72:df:ba:9b:e0:5e:f4:04:b5:ec:58:f5:ab:6f:
a6:d9:38:de:47:95:5a:6a:93:3c:88:69:c3:a5:09:ef:7e:8d:
5b:9b:75:07:1b:e1:f5:bd:9a:77:3d:d6:74:67:32:69:3a:3f:
9b:96:d8:c2:b5:38:6f:51:ec:9a:95:dc:91:fc:3b:72:7e:a9:
a7:d6:f9:fd:ce:75:ef:2b:9b:75:19:d0:d3:d2:4e:2f:b3:0e:
c1:3d:31:0c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY6qeYSUqHimY0zBC0D1jdVxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNDA0MTg1NzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDI0YzNjN2MxN2U4ZjlhMDM3MWZiODJkMDk0NWFhODY3MDMwZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjQcocd/HONIGEaSVxLBzLo3AvHe
ETCFxAhNKaUHNZWeSieoEusHnyxgICDldBlvQT3P9NRgi4DzLo8z7oofQbcAzxN1
fT+oI9wTkmvgMyh3PdNjYH23zA/sY+YcZAxzZ8cwy3xq2pqMq04ova9drJksP8om
859JHTv+T5TaCjQZ+06+6y85BruHJIklvjOLB2OaQwQH29P5XHQ+SKR4b2PeoOsG
U39N8IsYRS3I7UemxP6oqAp1TmPx9FL3RvE37i2QmBDvE5zQVlLyQOExQrfIv4N9
xEU8GG2k4DX+OTyNb/mVIRHd85KFo8KJFMVbjoxmuAMJ3aVngDtHC0pByQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOQkw8fBfo+aA3H7gtCUWqhnAw/YMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvNUNURHg4Ri1qNW9EY2Z1QzBKUmFxR2NERDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBBbVUAwQA
BbVXAwQALV6qAwQALZDXAwQBVdF4AwQAkhN9AwQAwR7xAwQAw7FfMA0GCSqGSIb3
DQEBCwUAA4IBAQAwl8ENJh7LdNC+ZPYEZpGInHHNsFFV0OzU3qsMjV1J/7lNRu+W
wKnAzeGin1fbSol8W/XdHu0P5P1d/5/STHvSHw/RtWFBkvWDNRJ98wrcGwgSMFex
UFBVbqJLPVzWWJcu8QtTt0Al76ed0E07qWwu5fdaQpUecd8thx5Jmu3NUH1CptOV
6Y4myT9Rfq+FbDfGS9pL2GvjR1Ygs3WoDr5XUGsKuqz3ct+6m+Be9AS17Fj1q2+m
2TjeR5VaapM8iGnDpQnvfo1bm3UHG+H1vZp3PdZ0ZzJpOj+bltjCtThvUeyaldyR
/Dtyfqmn1vn9znXvK5t1GdDT0k4vsw7BPTEM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org