Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/2bJBtQ3lvudTJs8WnM7pISRzzDs.roa
File: 2bJBtQ3lvudTJs8WnM7pISRzzDs.roa (raw, json)
Hash identifier: +y7fKkefwjW4nBlwLvEp5SoWF4haS9eDRRQkUB1OND8=
Subject key identifier: D9:B2:41:B5:0D:E5:BE:E7:53:26:CF:16:9C:CE:E9:21:24:73:CC:3B
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 019427B5B52019525A06396EC2EAD8466C2E
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/2bJBtQ3lvudTJs8WnM7pISRzzDs.roa
Signing time: Thu 02 Jan 2025 15:50:07 +0000
ROA not before: Thu 02 Jan 2025 15:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214790
IP address blocks: 5.8.44.0/24 maxlen: 24
5.101.47.0/24 maxlen: 24
5.188.51.0/24 maxlen: 24
5.188.200.0/24 maxlen: 24
5.188.203.0/24 maxlen: 24
5.189.219.0/24 maxlen: 24
5.189.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Jan 2025 09:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:b5:20:19:52:5a:06:39:6e:c2:ea:d8:46:6c:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 2 15:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9b241b50de5bee75326cf169ccee9212473cc3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:aa:ab:e7:5b:e5:8e:74:43:28:ff:86:83:85:
86:4a:75:36:97:25:f4:bc:d2:60:ff:b8:67:12:9a:
d7:48:d5:e8:c1:f1:81:9d:f2:70:cb:53:d8:94:dc:
8e:67:78:3d:98:f0:6e:53:b2:cc:a2:ba:af:7e:5d:
97:75:80:4c:9b:28:ca:a8:68:fa:ad:91:70:52:f4:
66:6a:1d:d6:5a:19:30:b5:bf:39:3a:8b:cf:2e:fc:
ce:8c:72:2b:d9:0d:3e:6a:6c:87:16:bd:83:cb:ae:
d1:e3:27:59:85:5c:51:13:4c:71:c2:2d:61:2d:04:
e8:a0:57:28:f9:af:1d:b5:c6:df:4e:71:e5:f3:e7:
81:91:c0:db:a1:85:ff:dc:e7:86:54:f5:cd:0c:a3:
c2:64:a9:c3:4c:68:43:0f:ad:b5:ee:75:30:31:4c:
77:a9:cf:a1:02:21:24:04:22:f0:4d:f7:2e:b8:fa:
a0:64:03:e8:17:71:2e:43:40:cf:9f:38:ab:ec:44:
a9:e7:07:79:50:52:e8:bc:b1:25:a0:29:26:b5:25:
53:67:eb:de:0b:ba:68:9c:13:27:24:39:a6:39:45:
99:c3:72:9b:5d:dd:b1:55:f3:28:4b:70:93:03:5d:
60:d3:66:cf:c0:f1:59:c9:92:b0:0a:dc:ae:02:89:
f5:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:B2:41:B5:0D:E5:BE:E7:53:26:CF:16:9C:CE:E9:21:24:73:CC:3B
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/2bJBtQ3lvudTJs8WnM7pISRzzDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.44.0/24
5.101.47.0/24
5.188.51.0/24
5.188.200.0/24
5.188.203.0/24
5.189.219.0/24
5.189.254.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:ab:48:d9:2b:bc:51:87:f5:b9:2e:71:3e:6d:ad:bf:37:bf:
2f:1b:34:e0:ad:b7:f9:2e:04:f1:34:1c:42:71:2f:7c:14:29:
fd:4f:d6:dc:5f:16:ea:64:58:58:33:fc:76:04:21:ef:b3:09:
7b:8e:7a:88:40:2c:23:5e:f8:95:ff:dc:32:0a:af:6c:cd:c9:
ac:7f:62:c0:3c:c4:21:e5:e6:3f:53:c6:e6:0d:50:a4:9f:9c:
dd:b8:52:0d:58:21:83:77:64:50:a1:f4:bf:40:79:0f:22:16:
79:cd:de:96:11:4e:14:db:26:12:2e:33:d8:c8:e4:67:8f:f0:
56:47:3e:6e:e2:75:8d:a6:ad:08:1e:88:72:eb:45:1b:0b:2c:
c6:c4:14:f4:47:52:be:4a:28:92:81:c3:94:43:c7:73:ba:37:
a2:8c:a7:b4:1a:21:94:b4:e9:4d:da:bb:49:0a:79:39:e1:7a:
ee:26:81:1a:53:34:d9:7b:94:08:34:5e:73:1a:0c:b1:1e:fa:
35:5e:ba:34:60:91:4c:31:34:45:a5:f6:29:90:2a:eb:f6:60:
9e:20:d3:13:a0:b1:90:f9:b0:37:54:a3:5e:2d:cc:73:af:60:
55:49:22:d3:80:d0:3a:b5:bf:e0:41:ed:47:00:63:a5:e7:09:
42:45:a9:fe
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQntbUgGVJaBjluwurYRmwuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjUwMTAyMTU1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWIyNDFiNTBkZTViZWU3NTMyNmNmMTY5Y2NlZTkyMTI0NzNjYzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6qr51vljnRDKP+Gg4WGSnU2lyX0
vNJg/7hnEprXSNXowfGBnfJwy1PYlNyOZ3g9mPBuU7LMorqvfl2XdYBMmyjKqGj6
rZFwUvRmah3WWhkwtb85OovPLvzOjHIr2Q0+amyHFr2Dy67R4ydZhVxRE0xxwi1h
LQTooFco+a8dtcbfTnHl8+eBkcDboYX/3OeGVPXNDKPCZKnDTGhDD6217nUwMUx3
qc+hAiEkBCLwTfcuuPqgZAPoF3EuQ0DPnzir7ESp5wd5UFLovLEloCkmtSVTZ+ve
C7ponBMnJDmmOUWZw3KbXd2xVfMoS3CTA11g02bPwPFZyZKwCtyuAon1cQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNmyQbUN5b7nUybPFpzO6SEkc8w7MB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvMmJKQnRRM2x2dWRUSnM4V25NN3BJU1J6ekRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABQgsAwQA
BWUvAwQABbwzAwQABbzIAwQABbzLAwQABb3bAwQABb3+MA0GCSqGSIb3DQEBCwUA
A4IBAQAuq0jZK7xRh/W5LnE+ba2/N78vGzTgrbf5LgTxNBxCcS98FCn9T9bcXxbq
ZFhYM/x2BCHvswl7jnqIQCwjXviV/9wyCq9szcmsf2LAPMQh5eY/U8bmDVCkn5zd
uFINWCGDd2RQofS/QHkPIhZ5zd6WEU4U2yYSLjPYyORnj/BWRz5u4nWNpq0IHohy
60UbCyzGxBT0R1K+SiiSgcOUQ8dzujeijKe0GiGUtOlN2rtJCnk54XruJoEaUzTZ
e5QINF5zGgyxHvo1Xro0YJFMMTRFpfYpkCrr9mCeINMToLGQ+bA3VKNeLcxzr2BV
SSLTgNA6tb/gQe1HAGOl5wlCRan+
-----END CERTIFICATE-----
Generated at Sat Apr 12 15:53:22 2025 by rpki-client