Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/1-l7cA8ewwhlGYVkHi7CeWdH6fDA.roa
File: 1-l7cA8ewwhlGYVkHi7CeWdH6fDA.roa (raw, json)
Hash identifier: tdhG9WGYhAnkV8XY+Ywa2eOWFwntf90XbL0xbUnE/8U=
Subject key identifier: FA:5E:DC:03:C7:B0:C2:19:46:61:59:07:8B:B0:9E:59:D1:FA:7C:30
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 018E72574315A4EF12AFA78268370309A8C1
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/1-l7cA8ewwhlGYVkHi7CeWdH6fDA.roa
Signing time: Sun 24 Mar 2024 21:21:45 +0000
ROA not before: Sun 24 Mar 2024 21:21:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30938
IP address blocks: 5.39.248.0/24 maxlen: 24
5.39.252.0/24 maxlen: 24
5.39.254.0/24 maxlen: 24
5.178.97.0/24 maxlen: 24
5.178.99.0/24 maxlen: 24
5.178.104.0/24 maxlen: 24
31.192.240.0/21 maxlen: 21
45.12.216.0/24 maxlen: 24
185.5.36.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 29 Mar 2024 10:23:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:72:57:43:15:a4:ef:12:af:a7:82:68:37:03:09:a8:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Mar 24 21:21:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa5edc03c7b0c219466159078bb09e59d1fa7c30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9f:c8:05:44:81:53:75:51:ed:3c:ed:f0:fc:
15:90:f8:3e:b1:97:cd:08:63:0a:e1:1d:f9:eb:3b:
53:82:fa:cf:f6:7d:7f:62:91:2b:f6:de:c0:2c:70:
46:02:c5:83:bc:39:79:0e:66:7f:44:75:4b:99:21:
05:aa:c3:2f:94:fb:08:21:c7:b8:26:04:8b:3b:df:
c6:01:62:35:57:17:fe:8b:df:b0:79:20:6f:59:6a:
e2:39:83:f1:c7:1b:f2:a2:eb:aa:41:8a:bc:64:7f:
e2:6f:85:4d:f7:30:be:8e:4e:81:ea:d6:cf:8a:77:
4e:f3:8e:c5:78:3a:44:b2:be:88:8a:20:da:67:0d:
d1:64:ed:e7:1a:42:07:2e:d1:3b:4b:b5:91:3e:cd:
35:1e:09:03:f7:0f:cd:ea:7d:86:46:71:2b:4c:f3:
d9:8d:0f:26:a1:8c:61:49:de:54:fa:d1:4f:98:a7:
4b:db:88:a8:6d:b9:cc:17:85:31:05:61:f8:06:38:
cb:ec:a1:1d:f2:2f:4e:c7:f8:f0:35:ef:47:37:aa:
16:24:bb:08:a2:41:91:bd:8c:eb:43:6c:fc:ff:5f:
44:38:c1:cd:bc:c0:43:2c:bb:25:d0:92:da:1c:c1:
db:d5:95:75:f4:f3:ee:29:a0:90:2f:10:79:42:d9:
c6:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:5E:DC:03:C7:B0:C2:19:46:61:59:07:8B:B0:9E:59:D1:FA:7C:30
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/1-l7cA8ewwhlGYVkHi7CeWdH6fDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.248.0/24
5.39.252.0/24
5.39.254.0/24
5.178.97.0/24
5.178.99.0/24
5.178.104.0/24
31.192.240.0/21
45.12.216.0/24
185.5.36.0/22
Signature Algorithm: sha256WithRSAEncryption
22:b9:50:60:47:fd:aa:23:e8:c2:3b:ac:6f:bd:1e:b1:2a:69:
02:72:df:ad:01:15:f7:4a:97:40:7b:cb:3a:21:89:cb:38:0a:
58:e9:f1:2a:82:65:5e:bd:39:c9:bf:4e:f8:6c:24:85:75:d5:
1f:bc:99:95:7a:40:6a:a7:33:fb:95:4f:cf:b9:c5:a7:db:91:
88:d3:8a:ea:89:b5:37:d8:9d:4f:c2:11:29:b0:fb:98:a4:7e:
29:33:16:33:22:1e:10:ce:a9:43:42:24:53:a8:ac:2f:37:78:
fe:f6:c0:4c:f7:a1:63:7a:ba:65:6b:92:a2:4a:1b:f3:ba:31:
ff:d6:a0:aa:09:91:e9:6e:d5:bd:1d:b1:14:a5:c1:fb:67:ee:
b9:5e:62:bf:ee:37:ae:a9:4f:17:8a:03:54:82:7e:4b:65:93:
00:4b:4a:f2:a4:01:e5:5a:25:d4:b6:eb:2a:09:48:d4:2f:e0:
31:1b:6b:fb:63:ea:1d:48:22:90:01:2b:b8:6e:48:62:1e:bd:
e8:c4:1b:94:44:7e:d1:2e:ea:7d:c8:12:ba:84:02:6f:76:3f:
81:aa:8e:44:98:8d:60:31:59:ce:e1:2c:ff:d6:f4:30:cc:a3:
07:d6:e1:2b:67:23:17:11:b9:49:1b:82:fd:4e:ec:f9:a1:dd:
e9:3f:dc:84
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAY5yV0MVpO8Sr6eCaDcDCajBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQwMzI0MjEyMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTVlZGMwM2M3YjBjMjE5NDY2MTU5MDc4YmIwOWU1OWQxZmE3YzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZ/IBUSBU3VR7Tzt8PwVkPg+sZfN
CGMK4R356ztTgvrP9n1/YpEr9t7ALHBGAsWDvDl5DmZ/RHVLmSEFqsMvlPsIIce4
JgSLO9/GAWI1Vxf+i9+weSBvWWriOYPxxxvyouuqQYq8ZH/ib4VN9zC+jk6B6tbP
indO847FeDpEsr6IiiDaZw3RZO3nGkIHLtE7S7WRPs01HgkD9w/N6n2GRnErTPPZ
jQ8moYxhSd5U+tFPmKdL24iobbnMF4UxBWH4BjjL7KEd8i9Ox/jwNe9HN6oWJLsI
okGRvYzrQ2z8/19EOMHNvMBDLLsl0JLaHMHb1ZV19PPuKaCQLxB5QtnGXQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFPpe3APHsMIZRmFZB4uwnlnR+nwwMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvMS1sN2NBOGV3d2hsR1lWa0hpN0NlV2RINmZEQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmEvODlmMDcxLTU2MzEtNDVkYi1hN2U1LWNkNjE1MjI2MWM2
Zi8xL0V4aUJjeW8tSkZxVm04WjU0RVdNT2ZpVDVHcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBPBggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAAUn+AME
AAUn/AMEAAUn/gMEAAWyYQMEAAWyYwMEAAWyaAMEAx/A8AMEAC0M2AMEArkFJDAN
BgkqhkiG9w0BAQsFAAOCAQEAIrlQYEf9qiPowjusb70esSppAnLfrQEV90qXQHvL
OiGJyzgKWOnxKoJlXr05yb9O+GwkhXXVH7yZlXpAaqcz+5VPz7nFp9uRiNOK6om1
N9idT8IRKbD7mKR+KTMWMyIeEM6pQ0IkU6isLzd4/vbATPehY3q6ZWuSokob87ox
/9agqgmR6W7VvR2xFKXB+2fuuV5iv+43rqlPF4oDVIJ+S2WTAEtK8qQB5Vol1Lbr
KglI1C/gMRtr+2PqHUgikAEruG5IYh696MQblER+0S7qfcgSuoQCb3Y/gaqORJiN
YDFZzuEs/9b0MMyjB9bhK2cjFxG5SRuC/U7s+aHd6T/chA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 11:47:05 2024 by rpki-client on console-fra.rpki-client.org