Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/LYyIULFzgC_fDKiTzHLl3kO3x-w.roa
File: LYyIULFzgC_fDKiTzHLl3kO3x-w.roa (raw, json)
Hash identifier: p1JUVKzOlE3xLjtEivUZcygXbLKlPKHe9BP4kRNdwnI=
Subject key identifier: 2D:8C:88:50:B1:73:80:2F:DF:0C:A8:93:CC:72:E5:DE:43:B7:C7:EC
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0193DA2DF0992078C53F55D633F817470099
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/LYyIULFzgC_fDKiTzHLl3kO3x-w.roa
Signing time: Wed 18 Dec 2024 14:31:04 +0000
ROA not before: Wed 18 Dec 2024 14:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214790
IP address blocks: 5.8.44.0/24 maxlen: 24
5.101.47.0/24 maxlen: 24
5.188.51.0/24 maxlen: 24
5.188.200.0/24 maxlen: 24
5.188.203.0/24 maxlen: 24
5.189.219.0/24 maxlen: 24
5.189.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:da:2d:f0:99:20:78:c5:3f:55:d6:33:f8:17:47:00:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Dec 18 14:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d8c8850b173802fdf0ca893cc72e5de43b7c7ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:dc:4e:e4:7a:d9:6c:10:a0:7b:58:e3:b8:d4:
a4:a7:c8:19:9f:54:25:72:49:8f:36:72:63:ca:f3:
2c:0b:6c:c4:e2:6e:96:ec:0b:9b:0a:f9:dc:f6:2a:
c4:f4:03:ef:05:cf:19:4d:d8:dd:41:d5:52:b2:81:
38:f3:d9:13:d7:9e:93:99:e2:6d:da:f2:eb:ad:9d:
43:b5:80:ea:d7:1d:6b:22:5a:51:68:19:3b:bd:9b:
cc:02:13:bf:97:cd:a3:5d:bd:cb:ca:f7:83:6e:7b:
54:db:1a:f3:0c:69:07:0c:7f:92:98:f2:1c:cb:6a:
ae:2d:ca:91:50:e5:d2:5e:61:ee:eb:9d:10:f0:53:
91:29:88:6d:95:e1:57:16:2e:39:c7:e0:ac:c5:02:
8b:1a:fb:9c:f6:bb:92:f6:61:ac:51:e0:30:28:3f:
b2:5a:74:3b:53:64:75:5c:73:8c:93:f2:4b:66:a7:
b4:9b:37:d3:73:83:29:14:18:08:a4:d5:4f:d4:d7:
f0:0c:b1:61:6c:16:82:23:5d:9f:58:5b:ff:e5:b2:
a1:68:c2:14:70:6c:b7:fa:ad:a3:0e:a4:1c:7e:b6:
18:96:b4:d7:70:64:6f:0f:c7:b8:f0:e8:ac:5e:60:
61:69:75:14:5a:05:b5:b5:6f:fd:e1:09:11:de:f7:
78:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:8C:88:50:B1:73:80:2F:DF:0C:A8:93:CC:72:E5:DE:43:B7:C7:EC
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/LYyIULFzgC_fDKiTzHLl3kO3x-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.44.0/24
5.101.47.0/24
5.188.51.0/24
5.188.200.0/24
5.188.203.0/24
5.189.219.0/24
5.189.254.0/24
Signature Algorithm: sha256WithRSAEncryption
20:d2:c8:ec:ea:df:07:75:f5:88:04:b7:4c:f5:f9:cf:c3:59:
c0:11:6a:50:20:f6:df:93:8b:78:44:a4:f3:02:ff:b0:c4:51:
24:63:5e:56:a7:16:15:22:3e:c6:26:0d:64:11:a2:81:82:33:
af:fc:f9:e8:6c:4c:e5:ef:3b:77:69:7f:43:24:e3:bc:d8:09:
7f:d0:11:7d:d0:ba:26:20:7c:d0:99:0c:e5:73:47:c0:fe:06:
8f:90:cf:3b:61:c8:56:70:4c:21:69:a4:76:52:6b:5b:cd:34:
a5:ad:68:95:25:4e:25:59:01:60:19:81:77:72:7e:fd:3f:5d:
6d:0d:d4:2b:df:f0:90:c3:86:b7:fa:5b:d3:de:27:cd:2d:04:
3b:4a:a2:3e:7f:e6:64:92:a3:d7:74:c9:db:c9:f0:7b:91:ef:
30:99:65:6e:81:d3:4c:58:df:d8:30:dd:d8:f4:9c:13:83:3b:
50:48:f6:53:0f:26:e7:a1:dd:f3:8a:96:b0:ca:a5:bb:82:b5:
08:86:e2:86:94:bc:db:83:1b:0b:96:8e:4c:d7:c6:b3:7f:d0:
32:7d:ca:7c:7b:2b:ed:b1:c6:6b:69:ae:71:54:5c:f6:64:ba:
3e:d4:8e:64:56:fb:eb:61:de:1d:a5:02:5a:2d:27:48:3a:c2:
8c:55:a1:e8
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZPaLfCZIHjFP1XWM/gXRwCZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjQxMjE4MTQzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDhjODg1MGIxNzM4MDJmZGYwY2E4OTNjYzcyZTVkZTQzYjdjN2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9xO5HrZbBCge1jjuNSkp8gZn1Ql
ckmPNnJjyvMsC2zE4m6W7AubCvnc9irE9APvBc8ZTdjdQdVSsoE489kT156TmeJt
2vLrrZ1DtYDq1x1rIlpRaBk7vZvMAhO/l82jXb3LyveDbntU2xrzDGkHDH+SmPIc
y2quLcqRUOXSXmHu650Q8FORKYhtleFXFi45x+CsxQKLGvuc9ruS9mGsUeAwKD+y
WnQ7U2R1XHOMk/JLZqe0mzfTc4MpFBgIpNVP1NfwDLFhbBaCI12fWFv/5bKhaMIU
cGy3+q2jDqQcfrYYlrTXcGRvD8e48OisXmBhaXUUWgW1tW/94QkR3vd45QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFC2MiFCxc4Av3wyok8xy5d5Dt8fsMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvTFl5SVVMRnpnQ19mREtpVHpITGwza08zeC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABQgsAwQA
BWUvAwQABbwzAwQABbzIAwQABbzLAwQABb3bAwQABb3+MA0GCSqGSIb3DQEBCwUA
A4IBAQAg0sjs6t8HdfWIBLdM9fnPw1nAEWpQIPbfk4t4RKTzAv+wxFEkY15WpxYV
Ij7GJg1kEaKBgjOv/PnobEzl7zt3aX9DJOO82Al/0BF90LomIHzQmQzlc0fA/gaP
kM87YchWcEwhaaR2UmtbzTSlrWiVJU4lWQFgGYF3cn79P11tDdQr3/CQw4a3+lvT
3ifNLQQ7SqI+f+ZkkqPXdMnbyfB7ke8wmWVugdNMWN/YMN3Y9JwTgztQSPZTDybn
od3zipawyqW7grUIhuKGlLzbgxsLlo5M18azf9Ayfcp8eyvtscZraa5xVFz2ZLo+
1I5kVvvrYd4dpQJaLSdIOsKMVaHo
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:31:35 2025 by rpki-client