Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/5CKEZtH3uLy9SRlMQ57MpskZYEs.roa
File: 5CKEZtH3uLy9SRlMQ57MpskZYEs.roa (raw, json)
Hash identifier: J6OMorRHOzQfmO1tlMpIWtazU3ejssByPUY62JOYZrc=
Subject key identifier: E4:22:84:66:D1:F7:B8:BC:BD:49:19:4C:43:9E:CC:A6:C9:19:60:4B
Certificate issuer: /CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Certificate serial: 018CC42550A79C2BF9643E35A64D2E1FA690
Authority key identifier: 1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/5CKEZtH3uLy9SRlMQ57MpskZYEs.roa
Signing time: Mon 01 Jan 2024 08:30:28 +0000
ROA not before: Mon 01 Jan 2024 08:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207021
IP address blocks: 193.46.134.0/24 maxlen: 24
193.46.133.0/24 maxlen: 24
193.46.135.0/24 maxlen: 24
194.0.24.0/24 maxlen: 24
194.0.26.0/24 maxlen: 24
194.0.25.0/24 maxlen: 24
193.46.132.0/24 maxlen: 24
193.46.131.0/24 maxlen: 24
193.46.130.0/24 maxlen: 24
193.46.129.0/24 maxlen: 24
193.46.128.0/24 maxlen: 24
2001:678:20::/48 maxlen: 48
2a02:850:ffe5::/48 maxlen: 48
2a02:850:ffe0::/48 maxlen: 48
2001:67c:1bc::/48 maxlen: 48
2001:678:24::/48 maxlen: 48
2a02:850:ffe4::/48 maxlen: 48
2a02:850:ffe2::/48 maxlen: 48
2a02:850:ffe3::/48 maxlen: 48
2a02:850:ffe6::/48 maxlen: 48
2a02:850:ffe1::/48 maxlen: 48
2a02:850:ffe7::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:50:a7:9c:2b:f9:64:3e:35:a6:4d:2e:1f:a6:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Validity
Not Before: Jan 1 08:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4228466d1f7b8bcbd49194c439ecca6c919604b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:02:de:22:29:9a:04:1d:29:21:80:d0:6a:f2:
68:02:8e:e3:46:6c:95:ee:85:f4:79:ee:7d:73:bb:
95:5c:8e:56:05:65:a8:5f:72:2a:25:e5:f3:43:a2:
2e:e9:ac:70:ac:11:d5:de:70:35:c2:5d:96:5a:6e:
05:e2:0f:d5:61:a0:59:75:db:d9:39:8a:b9:7d:42:
d8:7d:ea:6c:c3:5a:6d:65:79:12:c7:98:bd:fb:ab:
97:c5:64:8a:14:45:4c:3d:50:74:2f:7b:71:cc:f9:
87:3c:e7:dd:ca:cb:c4:ff:8a:4f:d5:2c:81:f8:03:
9c:17:b6:24:8b:9a:b8:f8:b3:4f:77:1b:69:e6:eb:
f4:79:54:08:5f:9d:ac:ae:e1:68:68:ce:bc:47:61:
c4:02:97:c8:8d:b5:42:bf:86:e7:ad:89:3b:06:3c:
e0:35:db:5d:7a:2e:77:ae:cf:70:53:93:1c:ae:a2:
a3:32:16:a0:81:e7:31:2f:b7:7e:61:ed:5b:07:74:
85:76:d6:92:2d:82:2f:23:3f:af:5a:6f:87:f7:27:
f7:92:59:8c:52:6e:22:71:9c:36:cb:3b:95:49:1d:
c9:63:ba:26:8e:23:39:d4:84:cc:ca:24:a0:44:11:
91:66:e4:d2:37:22:79:bb:21:fc:ef:cf:86:ba:0e:
e7:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:22:84:66:D1:F7:B8:BC:BD:49:19:4C:43:9E:CC:A6:C9:19:60:4B
X509v3 Authority Key Identifier:
keyid:1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/5CKEZtH3uLy9SRlMQ57MpskZYEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.46.128.0/21
194.0.24.0-194.0.26.255
IPv6:
2001:678:20::/48
2001:678:24::/48
2001:67c:1bc::/48
2a02:850:ffe0::/45
Signature Algorithm: sha256WithRSAEncryption
27:67:a2:7a:11:6b:37:f7:c0:41:68:2b:1c:25:59:7a:99:37:
5c:f7:b6:30:1a:26:84:26:fc:e1:1d:2b:d0:9b:df:98:06:1c:
ff:5a:4e:18:7b:cd:0f:89:02:6c:21:20:0c:e9:2c:df:d3:4a:
e8:17:27:5d:51:2c:89:be:e0:0c:73:3c:64:54:7d:ea:f7:3b:
78:7e:c0:06:2b:0b:ea:45:41:7f:a5:80:98:55:64:fa:bf:ae:
63:03:89:ec:3e:1f:ce:93:a7:7b:3e:88:df:36:3f:3a:bf:b3:
6e:2d:b9:0e:58:2a:13:fb:fd:9c:8a:81:f8:41:75:d6:f0:bf:
d9:c1:e7:09:49:b9:44:3d:72:e8:91:8f:e3:a4:1f:3c:62:43:
88:c4:34:fb:b9:22:0e:40:57:4d:58:53:d2:3d:f5:13:d5:c0:
7f:20:4c:33:cb:cc:25:9e:20:47:39:e6:41:48:1c:67:86:e3:
14:23:c2:d1:c2:24:a7:75:2a:f7:5c:07:7c:b2:7e:8e:44:a1:
56:be:99:34:2c:0e:6e:28:81:0f:0f:fd:71:aa:7a:b2:6e:a4:
6c:4a:df:4a:35:48:09:34:e1:62:b8:97:14:fb:98:14:b9:e1:
f7:a8:e1:b8:5f:2f:ec:cb:38:95:9d:5c:90:92:5a:56:0e:1e:
62:d2:9e:96
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYzEJVCnnCv5ZD41pk0uH6aQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzkwYmZmNjVkY2VkY2E4MTNkN2ExMGQ3ZWMzMjhjMmY2
ZWFjMzQwHhcNMjQwMTAxMDgzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDIyODQ2NmQxZjdiOGJjYmQ0OTE5NGM0MzllY2NhNmM5MTk2MDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwLeIimaBB0pIYDQavJoAo7jRmyV
7oX0ee59c7uVXI5WBWWoX3IqJeXzQ6Iu6axwrBHV3nA1wl2WWm4F4g/VYaBZddvZ
OYq5fULYfepsw1ptZXkSx5i9+6uXxWSKFEVMPVB0L3txzPmHPOfdysvE/4pP1SyB
+AOcF7Yki5q4+LNPdxtp5uv0eVQIX52sruFoaM68R2HEApfIjbVCv4bnrYk7Bjzg
Ndtdei53rs9wU5McrqKjMhaggecxL7d+Ye1bB3SFdtaSLYIvIz+vWm+H9yf3klmM
Um4icZw2yzuVSR3JY7omjiM51ITMyiSgRBGRZuTSNyJ5uyH878+Gug7ndwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFOQihGbR97i8vUkZTEOezKbJGWBLMB8GA1UdIwQY
MBaAFBw5C/9l3O3KgT16ENfsMowvbqw0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTIt
YTk3NjVlZGM3OTVjLzEvNUNLRVp0SDN1THk5U1JsTVE1N01wc2taWUVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTItYTk3NjVlZGM3OTVj
LzEvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAaBAIAATAUAwQDwS6AMAwD
BAPCABgDBADCABowKgQCAAIwJAMHACABBngAIAMHACABBngAJAMHACABBnwBvAMH
AyoCCFD/4DANBgkqhkiG9w0BAQsFAAOCAQEAJ2eiehFrN/fAQWgrHCVZepk3XPe2
MBomhCb84R0r0JvfmAYc/1pOGHvND4kCbCEgDOks39NK6BcnXVEsib7gDHM8ZFR9
6vc7eH7ABisL6kVBf6WAmFVk+r+uYwOJ7D4fzpOnez6I3zY/Or+zbi25DlgqE/v9
nIqB+EF11vC/2cHnCUm5RD1y6JGP46QfPGJDiMQ0+7kiDkBXTVhT0j31E9XAfyBM
M8vMJZ4gRznmQUgcZ4bjFCPC0cIkp3Uq91wHfLJ+jkShVr6ZNCwObiiBDw/9cap6
sm6kbErfSjVICTThYriXFPuYFLnh96jhuF8v7Ms4lZ1ckJJaVg4eYtKelg==
-----END CERTIFICATE-----
Generated at Fri Apr 18 15:09:42 2025 by rpki-client