Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/5tHHZMCUqjXizNd51lJ8bMXtmdg.roa
File: 5tHHZMCUqjXizNd51lJ8bMXtmdg.roa (raw, json)
Hash identifier: CFJu3UhA3vDuSGGaq2uvs20UpAq+YuU9t5fwwt7BmVk=
Subject key identifier: E6:D1:C7:64:C0:94:AA:35:E2:CC:D7:79:D6:52:7C:6C:C5:ED:99:D8
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 01926BF9E60AE5CA68648FE5F36B24D29562
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/5tHHZMCUqjXizNd51lJ8bMXtmdg.roa
Signing time: Tue 08 Oct 2024 11:53:12 +0000
ROA not before: Tue 08 Oct 2024 11:53:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60150
IP address blocks: 45.12.100.0/22 maxlen: 24
185.96.56.0/22 maxlen: 24
185.136.16.0/22 maxlen: 24
193.168.201.0/24 maxlen: 24
194.38.48.0/22 maxlen: 24
2a05:ff00::/29 maxlen: 48
2a07:5b40::/29 maxlen: 48
Validation: Failed, certificate revoked on Sun 27 Oct 2024 12:20:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6b:f9:e6:0a:e5:ca:68:64:8f:e5:f3:6b:24:d2:95:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Oct 8 11:53:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6d1c764c094aa35e2ccd779d6527c6cc5ed99d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c1:cf:b5:f1:b4:e3:36:81:5a:a2:1f:68:0f:
27:d9:e4:9a:7b:ff:20:8f:b3:84:3d:00:94:04:81:
ff:97:d0:9c:b8:58:48:01:6a:4a:55:48:03:b1:e0:
08:8f:2d:60:e9:c6:2e:d9:f0:f8:c8:18:63:28:b8:
fe:00:c7:62:de:25:7a:e3:88:92:da:d2:63:40:b7:
b7:5b:5c:3d:15:dd:a2:d4:56:1d:ce:c8:9f:77:d9:
a9:3b:c4:81:f1:53:9b:8f:62:35:7b:46:cb:bf:72:
8f:25:6e:75:ed:76:77:57:43:57:d1:86:2a:fd:6a:
7b:78:8f:ca:1e:55:4e:91:bd:6e:49:26:d0:d5:74:
76:b0:ae:f6:ee:ed:30:cd:54:ad:a9:0f:0a:ac:4e:
7d:66:4c:dc:1a:cf:4c:5d:40:eb:33:b7:26:1c:bd:
18:fd:23:1e:97:97:21:db:56:5f:a3:3b:2c:b8:9e:
dc:1b:8d:54:22:e2:6d:08:6c:34:cf:24:dd:ec:2e:
71:93:b8:58:74:38:51:a5:f6:e8:a9:c1:0f:b8:4b:
07:3d:55:4e:e8:ac:8b:92:bf:6c:9b:99:27:bf:33:
c8:39:32:4b:2a:82:1b:d0:fc:c3:1f:4d:fa:58:8e:
24:8e:07:b3:1a:69:87:57:5e:fc:17:8a:47:5b:d7:
e7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:D1:C7:64:C0:94:AA:35:E2:CC:D7:79:D6:52:7C:6C:C5:ED:99:D8
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/5tHHZMCUqjXizNd51lJ8bMXtmdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.100.0/22
185.96.56.0/22
185.136.16.0/22
193.168.201.0/24
194.38.48.0/22
IPv6:
2a05:ff00::/29
2a07:5b40::/29
Signature Algorithm: sha256WithRSAEncryption
24:50:9e:4a:ae:59:07:8b:ac:7a:68:87:0d:60:b1:36:3c:fa:
c9:9f:fe:75:0c:52:7a:f3:13:44:3b:9d:5c:a0:7e:0f:de:e1:
55:80:92:f5:92:9d:4b:a2:05:d6:79:eb:d9:a6:5b:c3:1d:cb:
df:8f:27:fd:e9:00:ca:80:f0:65:d4:7a:72:48:a2:1d:85:73:
07:64:82:f8:fb:4f:31:81:62:9d:39:79:5d:9c:c2:3e:65:13:
3c:c9:b7:67:d2:e9:d9:a1:6b:d8:15:1f:21:66:10:c7:50:d9:
73:8a:dc:75:a0:b8:b1:c5:6b:11:46:41:69:99:74:eb:44:82:
6b:77:21:cc:05:1b:e3:93:76:33:10:71:38:eb:57:ea:e5:0a:
16:37:5f:dc:a8:12:96:72:41:52:44:38:da:fd:6b:c9:4a:3f:
fa:d7:4f:f6:19:f5:27:4e:01:3e:fc:d3:a6:45:e3:e8:53:d0:
1b:71:20:47:83:a3:af:81:bc:1a:da:26:d9:f1:2c:18:54:66:
dc:c6:c0:72:45:b8:69:90:e7:82:6a:ae:6e:0d:8e:2e:bc:8e:
c3:a8:c8:7b:42:9f:68:99:7d:e5:3b:4b:ab:fd:7f:13:83:0e:
0f:77:1d:9b:29:86:92:58:8f:e7:a6:2f:6f:09:1f:71:dd:c9:
b7:bc:56:b6
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZJr+eYK5cpoZI/l82sk0pViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjQxMDA4MTE1MzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmQxYzc2NGMwOTRhYTM1ZTJjY2Q3NzlkNjUyN2M2Y2M1ZWQ5OWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMHPtfG04zaBWqIfaA8n2eSae/8g
j7OEPQCUBIH/l9CcuFhIAWpKVUgDseAIjy1g6cYu2fD4yBhjKLj+AMdi3iV644iS
2tJjQLe3W1w9Fd2i1FYdzsifd9mpO8SB8VObj2I1e0bLv3KPJW517XZ3V0NX0YYq
/Wp7eI/KHlVOkb1uSSbQ1XR2sK727u0wzVStqQ8KrE59ZkzcGs9MXUDrM7cmHL0Y
/SMel5ch21ZfozssuJ7cG41UIuJtCGw0zyTd7C5xk7hYdDhRpfboqcEPuEsHPVVO
6KyLkr9sm5knvzPIOTJLKoIb0PzDH036WI4kjgezGmmHV178F4pHW9fnAwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFObRx2TAlKo14szXedZSfGzF7ZnYMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvNXRISFpNQ1Vxalhpek5kNTFsSjhiTVh0bWRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQCLQxkAwQC
uWA4AwQCuYgQAwQAwajJAwQCwiYwMBQEAgACMA4DBQMqBf8AAwUDKgdbQDANBgkq
hkiG9w0BAQsFAAOCAQEAJFCeSq5ZB4usemiHDWCxNjz6yZ/+dQxSevMTRDudXKB+
D97hVYCS9ZKdS6IF1nnr2aZbwx3L348n/ekAyoDwZdR6ckiiHYVzB2SC+PtPMYFi
nTl5XZzCPmUTPMm3Z9Lp2aFr2BUfIWYQx1DZc4rcdaC4scVrEUZBaZl060SCa3ch
zAUb45N2MxBxOOtX6uUKFjdf3KgSlnJBUkQ42v1ryUo/+tdP9hn1J04BPvzTpkXj
6FPQG3EgR4Ojr4G8Gtom2fEsGFRm3MbAckW4aZDngmqubg2OLryOw6jIe0KfaJl9
5TtLq/1/E4MOD3cdmymGkliP56Yvbwkfcd3Jt7xWtg==
-----END CERTIFICATE-----
Generated at Sun Oct 27 14:48:06 2024 by rpki-client on console-ams.rpki-client.org