Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/2DzsvKnj_lq2pcX9fHGI4IcIvQg.roa
File: 2DzsvKnj_lq2pcX9fHGI4IcIvQg.roa (raw, json)
Hash identifier: gGE4QDG2yVBDjMMeDmURs56K6QJQEraeqhvDps5hHSQ=
Subject key identifier: D8:3C:EC:BC:A9:E3:FE:5A:B6:A5:C5:FD:7C:71:88:E0:87:08:BD:08
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0192F9F08156CFA13446ADEA22F4C3B25C0A
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/2DzsvKnj_lq2pcX9fHGI4IcIvQg.roa
Signing time: Tue 05 Nov 2024 01:29:01 +0000
ROA not before: Tue 05 Nov 2024 01:29:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44050
IP address blocks: 5.101.89.0/24 maxlen: 24
45.156.212.0/22 maxlen: 22
45.159.200.0/22 maxlen: 22
46.161.16.0/22 maxlen: 22
91.151.176.0/20 maxlen: 20
95.215.0.0/22 maxlen: 24
188.143.128.0/17 maxlen: 24
195.2.240.0/23 maxlen: 24
2a00:1d78::/32 maxlen: 48
2a00:1d78:666::/64 maxlen: 64
2a01:8380::/32 maxlen: 32
2a0c:8700::/29 maxlen: 29
2a0d:8fc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 02 Dec 2024 06:47:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f9:f0:81:56:cf:a1:34:46:ad:ea:22:f4:c3:b2:5c:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Nov 5 01:29:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d83cecbca9e3fe5ab6a5c5fd7c7188e08708bd08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c7:09:4c:e6:e6:dd:68:b1:f1:c0:7e:ed:5a:
76:49:93:6d:12:3b:84:1b:54:ea:32:29:ba:d9:34:
25:59:29:96:7f:3b:d1:22:19:63:5a:3f:e8:de:53:
37:bd:bc:49:34:18:88:30:3c:6b:7f:ac:51:b0:ba:
52:f3:c0:71:9d:21:00:37:11:15:84:fb:7d:30:62:
b3:3d:72:fd:84:70:f9:f3:af:c6:55:2a:ad:a5:59:
bd:bb:6d:ac:87:89:6c:6a:2c:c2:50:20:6d:92:76:
f6:17:d7:e9:5c:a8:4a:d1:84:47:c0:3c:3e:1d:b3:
38:54:3c:34:06:50:6c:66:7f:94:f6:45:0b:17:86:
96:8f:c7:62:90:a7:40:d4:0a:4c:7b:d5:6a:2a:db:
f8:fb:0b:8b:e2:43:df:1f:87:c2:f6:ab:d8:81:71:
55:80:33:35:21:1a:21:7a:8d:4c:f4:34:33:2a:2f:
48:e4:46:d1:a6:03:34:1b:f2:79:f4:eb:f5:30:0b:
bc:8a:52:a5:4c:15:2d:f7:80:30:55:f3:51:02:f9:
c2:5f:0e:2e:ae:02:18:69:86:ff:85:7c:d0:be:b3:
1a:60:a9:6b:6d:3e:84:90:1e:93:d5:72:2e:bf:85:
90:81:a4:ff:77:38:4c:14:66:03:13:cf:65:25:b8:
c4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:3C:EC:BC:A9:E3:FE:5A:B6:A5:C5:FD:7C:71:88:E0:87:08:BD:08
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/2DzsvKnj_lq2pcX9fHGI4IcIvQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.89.0/24
45.156.212.0/22
45.159.200.0/22
46.161.16.0/22
91.151.176.0/20
95.215.0.0/22
188.143.128.0/17
195.2.240.0/23
IPv6:
2a00:1d78::/32
2a01:8380::/32
2a0c:8700::/29
2a0d:8fc0::/29
Signature Algorithm: sha256WithRSAEncryption
1e:76:ef:03:10:2c:17:bb:e8:28:1c:cb:b9:12:af:44:2e:ef:
49:1a:6a:3a:9e:ca:f8:60:bd:cf:b7:75:6a:02:82:22:d9:99:
56:93:9f:9d:16:e4:a8:c7:0b:dd:49:82:37:c5:53:27:15:16:
84:dd:3a:e7:73:94:43:10:bc:69:bc:e1:ea:95:ba:d3:08:a5:
fb:56:d7:d2:72:9f:36:91:0d:38:17:56:35:04:b9:5c:08:60:
0e:e7:32:a2:c1:8a:e3:10:ec:73:c7:0e:11:df:af:c8:bf:3c:
81:6c:ca:32:26:e9:12:74:f1:eb:28:63:84:d5:1b:2e:db:8a:
7f:d3:17:86:79:c6:c4:7f:bb:41:da:16:3f:4d:78:e0:1a:32:
32:3f:94:d5:1b:a9:7e:41:d1:48:21:bc:b1:56:6a:70:32:4c:
2b:74:89:a7:3a:9a:7d:7a:38:6c:71:27:02:fa:c1:b8:cd:b8:
6e:17:ed:e3:87:7b:7d:cd:71:5a:2e:75:3c:29:80:67:1c:e8:
25:dd:47:73:8c:50:0f:01:db:ed:e0:14:6b:b2:6f:42:0f:98:
32:cb:8f:24:58:de:98:e3:6d:13:3f:76:10:49:f4:4e:8c:51:
b6:c2:e6:6f:00:90:54:5a:e3:fa:53:9c:29:a4:1d:09:f7:4c:
ab:59:13:8e
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZL58IFWz6E0Rq3qIvTDslwKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjQxMTA1MDEyOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODNjZWNiY2E5ZTNmZTVhYjZhNWM1ZmQ3YzcxODhlMDg3MDhiZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8cJTObm3Wix8cB+7Vp2SZNtEjuE
G1TqMim62TQlWSmWfzvRIhljWj/o3lM3vbxJNBiIMDxrf6xRsLpS88BxnSEANxEV
hPt9MGKzPXL9hHD586/GVSqtpVm9u22sh4lsaizCUCBtknb2F9fpXKhK0YRHwDw+
HbM4VDw0BlBsZn+U9kULF4aWj8dikKdA1ApMe9VqKtv4+wuL4kPfH4fC9qvYgXFV
gDM1IRoheo1M9DQzKi9I5EbRpgM0G/J59Ov1MAu8ilKlTBUt94AwVfNRAvnCXw4u
rgIYaYb/hXzQvrMaYKlrbT6EkB6T1XIuv4WQgaT/dzhMFGYDE89lJbjEsQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFNg87Lyp4/5atqXF/XxxiOCHCL0IMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvMkR6c3ZLbmpfbHEycGNYOWZIR0k0SWNJdlFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDA2BAIAATAwAwQABWVZAwQC
LZzUAwQCLZ/IAwQCLqEQAwQEW5ewAwQCX9cAAwQHvI+AAwQBwwLwMCIEAgACMBwD
BQAqAB14AwUAKgGDgAMFAyoMhwADBQMqDY/AMA0GCSqGSIb3DQEBCwUAA4IBAQAe
du8DECwXu+goHMu5Eq9ELu9JGmo6nsr4YL3Pt3VqAoIi2ZlWk5+dFuSoxwvdSYI3
xVMnFRaE3Trnc5RDELxpvOHqlbrTCKX7VtfScp82kQ04F1Y1BLlcCGAO5zKiwYrj
EOxzxw4R36/IvzyBbMoyJukSdPHrKGOE1Rsu24p/0xeGecbEf7tB2hY/TXjgGjIy
P5TVG6l+QdFIIbyxVmpwMkwrdImnOpp9ejhscScC+sG4zbhuF+3jh3t9zXFaLnU8
KYBnHOgl3UdzjFAPAdvt4BRrsm9CD5gyy48kWN6Y420TP3YQSfROjFG2wuZvAJBU
WuP6U5wppB0J90yrWROO
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:49:15 2025 by rpki-client