Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/gT5KW8B6AZ_K-T6ejYBOe1QYM6k.roa
File: gT5KW8B6AZ_K-T6ejYBOe1QYM6k.roa (raw, json)
Hash identifier: xDKqmrFM6y0HjofyY7p3/686tkzW54tQrlmK+K4wE1E=
Subject key identifier: 81:3E:4A:5B:C0:7A:01:9F:CA:F9:3E:9E:8D:80:4E:7B:54:18:33:A9
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 019386214F44E48F1089095AB06FD0171AC9
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/gT5KW8B6AZ_K-T6ejYBOe1QYM6k.roa
Signing time: Mon 02 Dec 2024 06:49:10 +0000
ROA not before: Mon 02 Dec 2024 06:49:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41909
IP address blocks: 5.8.0.0/21 maxlen: 22
5.8.88.0/22 maxlen: 24
5.188.68.0/23 maxlen: 24
5.188.88.0/22 maxlen: 24
91.243.62.0/23 maxlen: 24
146.185.244.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:86:21:4f:44:e4:8f:10:89:09:5a:b0:6f:d0:17:1a:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Dec 2 06:49:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=813e4a5bc07a019fcaf93e9e8d804e7b541833a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:fe:d8:1c:f3:7e:35:c0:53:45:7b:e9:d3:af:
63:f2:41:d9:11:4d:f0:8a:00:76:10:41:39:c7:f0:
72:ef:0b:70:78:64:a7:d1:9b:e8:be:84:5c:43:51:
bd:4d:2d:b7:84:af:c3:c3:19:36:f0:c0:64:23:40:
a9:99:f1:c5:44:0c:e1:34:5a:bc:6b:1e:86:93:6f:
8d:2f:4e:39:5d:f2:01:a6:eb:ce:66:b2:41:42:88:
81:c0:bc:a8:40:ef:f6:2a:3a:24:94:74:56:db:b7:
24:8f:4d:0d:75:04:f7:45:a3:93:f6:8a:c2:14:ff:
c1:68:9d:b2:1d:b1:18:55:80:6d:ab:17:bf:80:fd:
e6:a1:09:7d:73:c8:e8:89:4a:66:5d:60:e2:9f:a2:
71:0c:f5:87:c0:8c:5f:6f:13:3a:38:2c:6a:a2:58:
49:5a:94:ef:53:ee:4c:76:99:a7:3e:2a:9c:a1:c9:
13:62:cb:4e:80:3e:5f:bb:8f:42:0f:85:c6:1f:23:
8a:a7:7c:04:8f:45:8e:0a:a9:02:ba:e1:71:8f:ac:
53:45:d8:f8:76:57:1b:a1:b7:5a:f8:8b:28:e8:ec:
30:f5:06:fb:a4:f0:78:c3:6e:e9:b9:33:3a:d8:62:
72:13:da:4a:db:69:61:c5:37:36:08:6c:8c:60:8e:
0a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:3E:4A:5B:C0:7A:01:9F:CA:F9:3E:9E:8D:80:4E:7B:54:18:33:A9
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/gT5KW8B6AZ_K-T6ejYBOe1QYM6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.0.0/21
5.8.88.0/22
5.188.68.0/23
5.188.88.0/22
91.243.62.0/23
146.185.244.0/23
Signature Algorithm: sha256WithRSAEncryption
ab:04:7f:c2:11:c4:f8:34:6b:12:90:dc:c7:28:4b:4a:62:1f:
11:36:4e:c1:b4:ed:5b:fa:a9:14:be:e1:bd:db:02:83:54:a5:
e2:9b:2f:8d:b3:ff:8d:75:92:1b:51:e6:00:0f:46:65:a9:95:
e7:b6:a9:b2:89:c9:99:f1:73:64:6c:8e:ff:0f:cf:7b:ab:ef:
25:65:6c:60:8a:ba:7a:ae:45:1d:7d:61:b1:e9:0b:cd:aa:57:
8b:28:ae:02:55:df:61:a6:3d:25:ab:c2:64:d6:a5:56:c9:60:
d2:37:79:1a:11:70:50:fd:12:24:89:68:0f:8c:6a:15:4f:75:
81:43:cb:f5:63:c2:df:38:93:5b:8e:b8:69:85:1e:a3:1e:7d:
6d:76:d3:e3:3b:2b:9f:78:62:00:16:75:6f:33:c9:1e:f1:fb:
a2:7e:1d:59:f0:9a:b9:b2:1f:01:63:dd:46:d7:91:fc:20:bc:
1a:68:8b:0c:c8:dc:91:e2:cd:8f:4b:6d:56:b4:d1:36:f6:4f:
a3:d4:87:4f:38:13:ad:85:60:2f:7b:90:dd:cb:7d:10:6f:bf:
33:d8:92:4b:96:dc:a1:8d:e4:ce:5c:a6:70:8c:72:b7:88:29:
83:a7:ea:cd:44:3a:cf:5f:e6:4a:8e:9d:de:1a:7b:b9:16:58:
4f:25:93:eb
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZOGIU9E5I8QiQlasG/QFxrJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjQxMjAyMDY0OTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTNlNGE1YmMwN2EwMTlmY2FmOTNlOWU4ZDgwNGU3YjU0MTgzM2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzP7YHPN+NcBTRXvp069j8kHZEU3w
igB2EEE5x/By7wtweGSn0ZvovoRcQ1G9TS23hK/Dwxk28MBkI0CpmfHFRAzhNFq8
ax6Gk2+NL045XfIBpuvOZrJBQoiBwLyoQO/2KjoklHRW27ckj00NdQT3RaOT9orC
FP/BaJ2yHbEYVYBtqxe/gP3moQl9c8joiUpmXWDin6JxDPWHwIxfbxM6OCxqolhJ
WpTvU+5MdpmnPiqcockTYstOgD5fu49CD4XGHyOKp3wEj0WOCqkCuuFxj6xTRdj4
dlcbobda+Iso6Oww9Qb7pPB4w27puTM62GJyE9pK22lhxTc2CGyMYI4KYwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIE+SlvAegGfyvk+no2ATntUGDOpMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvZ1Q1S1c4QjZBWl9LLVQ2ZWpZQk9lMVFZTTZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDBQgAAwQC
BQhYAwQBBbxEAwQCBbxYAwQBW/M+AwQBkrn0MA0GCSqGSIb3DQEBCwUAA4IBAQCr
BH/CEcT4NGsSkNzHKEtKYh8RNk7BtO1b+qkUvuG92wKDVKXimy+Ns/+NdZIbUeYA
D0ZlqZXntqmyicmZ8XNkbI7/D897q+8lZWxgirp6rkUdfWGx6QvNqleLKK4CVd9h
pj0lq8Jk1qVWyWDSN3kaEXBQ/RIkiWgPjGoVT3WBQ8v1Y8LfOJNbjrhphR6jHn1t
dtPjOyufeGIAFnVvM8ke8fuifh1Z8Jq5sh8BY91G15H8ILwaaIsMyNyR4s2PS21W
tNE29k+j1IdPOBOthWAve5Ddy30Qb78z2JJLltyhjeTOXKZwjHK3iCmDp+rNRDrP
X+ZKjp3eGnu5FlhPJZPr
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:15:12 2025 by rpki-client