Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/5bhRWX6Bqk0wC-8PxCObE2s3AHI.roa
File: 5bhRWX6Bqk0wC-8PxCObE2s3AHI.roa (raw, json)
Hash identifier: f6vndeldgHrDqNq8HhblsP7CUNTYA5eLFbsX1L+131A=
Subject key identifier: E5:B8:51:59:7E:81:AA:4D:30:0B:EF:0F:C4:23:9B:13:6B:37:00:72
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 0193407C550B022816C612E55626E9B9A13F
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/5bhRWX6Bqk0wC-8PxCObE2s3AHI.roa
Signing time: Mon 18 Nov 2024 18:15:10 +0000
ROA not before: Mon 18 Nov 2024 18:15:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6939
IP address blocks: 5.133.124.0/22 maxlen: 22
31.40.196.0/22 maxlen: 22
83.171.244.0/22 maxlen: 22
84.54.0.0/22 maxlen: 22
85.8.144.0/22 maxlen: 22
85.235.72.0/22 maxlen: 22
139.28.212.0/22 maxlen: 22
212.87.196.0/22 maxlen: 22
212.115.100.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 21 Nov 2024 19:51:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:40:7c:55:0b:02:28:16:c6:12:e5:56:26:e9:b9:a1:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Nov 18 18:15:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5b851597e81aa4d300bef0fc4239b136b370072
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c2:b7:9c:dd:7a:01:9d:ce:77:a7:b9:28:ba:
a5:ca:d2:6c:5d:ca:b5:99:22:17:40:5b:57:fe:e8:
1c:53:a2:e4:dc:cf:ec:7e:08:8f:7f:c1:76:fa:cc:
fa:30:2a:ff:23:0f:3c:b9:c3:46:48:cb:da:34:2c:
6b:90:b5:41:61:e8:98:b4:28:81:f2:09:fa:7b:de:
03:38:9f:ff:bc:fb:57:08:e5:0f:58:ae:bc:79:37:
c1:93:34:08:93:2e:b4:e9:ee:af:ce:00:e3:61:72:
b5:20:f1:67:93:fb:a8:3e:d9:a8:9a:de:cc:4b:4b:
f3:f9:be:cc:c6:8d:81:9f:f2:e5:05:f3:5a:58:45:
8d:25:1b:37:d0:dc:e4:d7:68:22:d7:fc:2c:cb:f5:
8e:a4:83:e0:c2:da:07:dd:6f:73:38:a5:ab:17:67:
2e:06:f0:a3:34:a8:05:7a:82:81:08:d5:fe:41:7a:
cf:59:39:8d:bd:ed:9a:35:48:16:19:0a:e6:8c:71:
39:89:bb:0c:e7:f0:88:9c:5b:91:1f:7e:b1:00:59:
a0:99:c8:22:bf:29:23:6c:8e:63:c6:b9:4b:3a:b2:
54:07:6c:48:c5:90:53:53:46:52:ea:53:97:93:3f:
7b:c4:b5:22:1b:23:c6:26:bd:dd:5f:bd:80:2a:2b:
c5:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:B8:51:59:7E:81:AA:4D:30:0B:EF:0F:C4:23:9B:13:6B:37:00:72
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/5bhRWX6Bqk0wC-8PxCObE2s3AHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.124.0/22
31.40.196.0/22
83.171.244.0/22
84.54.0.0/22
85.8.144.0/22
85.235.72.0/22
139.28.212.0/22
212.87.196.0/22
212.115.100.0/22
Signature Algorithm: sha256WithRSAEncryption
73:ba:cb:03:a3:2d:30:2b:bc:f3:7a:3e:b0:f5:ba:65:91:7e:
6a:48:8a:e6:72:d1:c3:5b:ae:a6:12:a3:47:6f:0d:8a:24:f3:
d9:b0:cd:04:75:dc:00:a0:52:d9:ba:33:5f:98:71:e7:65:93:
ff:9d:5f:b3:ea:9d:29:a5:1f:79:63:ce:07:a4:57:55:64:a6:
e6:2d:d4:69:3f:f6:bc:2a:4a:40:93:49:f5:c4:b6:cc:9f:d4:
36:fb:71:8d:c6:a4:a7:b1:ce:37:ee:47:1f:98:43:5c:97:fb:
9d:b8:b1:97:ec:3e:6c:50:fa:c4:3a:b9:27:c7:fd:0c:d7:91:
31:70:9c:07:09:aa:44:e3:30:ac:76:bf:11:01:87:05:9f:f0:
2f:b8:9d:49:62:3e:16:ee:fb:1b:a0:d9:29:7c:29:8b:40:03:
4b:8f:3c:c1:b7:df:e7:26:5f:17:d5:e8:00:b6:80:3a:9a:c4:
93:f6:0d:b4:fe:8b:8b:42:33:29:3b:18:dc:32:f2:a3:8c:a0:
61:d5:59:4b:39:36:6f:44:2b:9f:2a:72:b3:d2:c3:d3:95:7c:
c6:c9:5e:31:be:bf:66:af:df:55:f6:71:95:6c:88:89:75:bc:
dc:af:ff:5e:49:cd:af:ca:be:32:19:17:fb:3c:b2:4c:1b:ea:
71:90:ce:94
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZNAfFULAigWxhLlVibpuaE/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQxMTE4MTgxNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWI4NTE1OTdlODFhYTRkMzAwYmVmMGZjNDIzOWIxMzZiMzcwMDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsK3nN16AZ3Od6e5KLqlytJsXcq1
mSIXQFtX/ugcU6Lk3M/sfgiPf8F2+sz6MCr/Iw88ucNGSMvaNCxrkLVBYeiYtCiB
8gn6e94DOJ//vPtXCOUPWK68eTfBkzQIky606e6vzgDjYXK1IPFnk/uoPtmomt7M
S0vz+b7Mxo2Bn/LlBfNaWEWNJRs30Nzk12gi1/wsy/WOpIPgwtoH3W9zOKWrF2cu
BvCjNKgFeoKBCNX+QXrPWTmNve2aNUgWGQrmjHE5ibsM5/CInFuRH36xAFmgmcgi
vykjbI5jxrlLOrJUB2xIxZBTU0ZS6lOXkz97xLUiGyPGJr3dX72AKivFTwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOW4UVl+gapNMAvvD8QjmxNrNwByMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvNWJoUldYNkJxazB3Qy04UHhDT2JFMnMzQUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCBYV8AwQC
HyjEAwQCU6v0AwQCVDYAAwQCVQiQAwQCVetIAwQCixzUAwQC1FfEAwQC1HNkMA0G
CSqGSIb3DQEBCwUAA4IBAQBzussDoy0wK7zzej6w9bplkX5qSIrmctHDW66mEqNH
bw2KJPPZsM0EddwAoFLZujNfmHHnZZP/nV+z6p0ppR95Y84HpFdVZKbmLdRpP/a8
KkpAk0n1xLbMn9Q2+3GNxqSnsc437kcfmENcl/uduLGX7D5sUPrEOrknx/0M15Ex
cJwHCapE4zCsdr8RAYcFn/AvuJ1JYj4W7vsboNkpfCmLQANLjzzBt9/nJl8X1egA
toA6msST9g20/ouLQjMpOxjcMvKjjKBh1VlLOTZvRCufKnKz0sPTlXzGyV4xvr9m
r99V9nGVbIiJdbzcr/9eSc2vyr4yGRf7PLJMG+pxkM6U
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:32 2024 by rpki-client on console-ams.rpki-client.org