Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/4EMYrTfwLg7x--CwJ-_cdhVup5k.roa
File: 4EMYrTfwLg7x--CwJ-_cdhVup5k.roa (raw, json)
Hash identifier: KewZLrr3AIV5C6tI1tZ5EIG8gFqjOIUsmnuN5/66DVw=
Subject key identifier: E0:43:18:AD:37:F0:2E:0E:F1:FB:E0:B0:27:EF:DC:76:15:6E:A7:99
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 018CDA9A347B6439A74CECCA2F36F73E3B37
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/4EMYrTfwLg7x--CwJ-_cdhVup5k.roa
Signing time: Fri 05 Jan 2024 17:09:48 +0000
ROA not before: Fri 05 Jan 2024 17:09:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30938
IP address blocks: 45.12.216.0/24 maxlen: 24
45.12.217.0/24 maxlen: 24
45.12.219.0/24 maxlen: 24
5.39.248.0/24 maxlen: 24
5.39.251.0/24 maxlen: 24
5.39.252.0/24 maxlen: 24
5.39.250.0/24 maxlen: 24
5.39.253.0/24 maxlen: 24
185.5.36.0/22 maxlen: 22
31.192.240.0/21 maxlen: 21
5.178.98.0/24 maxlen: 24
5.178.97.0/24 maxlen: 24
5.178.96.0/24 maxlen: 24
5.178.99.0/24 maxlen: 24
5.178.100.0/24 maxlen: 24
5.178.105.0/24 maxlen: 24
5.178.104.0/24 maxlen: 24
5.178.106.0/24 maxlen: 24
5.178.109.0/24 maxlen: 24
5.178.110.0/24 maxlen: 24
5.178.108.0/24 maxlen: 24
5.39.254.0/24 maxlen: 24
5.39.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:da:9a:34:7b:64:39:a7:4c:ec:ca:2f:36:f7:3e:3b:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Jan 5 17:09:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e04318ad37f02e0ef1fbe0b027efdc76156ea799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:fd:df:bc:13:fb:2a:6d:cc:03:7c:15:0b:c3:
29:86:85:b7:1e:4a:54:1a:59:c4:f8:01:26:b0:c3:
aa:58:dd:89:d5:52:a9:41:98:66:ac:a5:d3:7a:60:
9d:31:d8:3e:32:74:c8:fb:a7:40:5b:89:c7:0c:c9:
71:54:6c:4f:0b:02:7e:d2:9b:70:ed:8b:4f:28:66:
27:20:56:47:6e:91:a1:4f:2b:af:76:c9:88:52:5b:
fe:95:f2:13:ab:72:2c:04:1e:c3:7b:cb:83:d6:ce:
e9:1d:4e:80:42:12:90:f1:f8:1d:cc:69:ca:78:16:
bf:82:b7:cb:aa:40:84:8f:21:b0:9b:40:5f:b6:e3:
3f:84:f1:9b:56:d6:31:cb:9c:79:bf:ec:af:f9:38:
84:1d:b7:f1:56:cd:cc:f5:8b:91:6f:9c:31:0a:93:
eb:0a:54:ed:a9:7b:b1:49:c1:66:9a:f5:f6:dd:59:
20:68:ea:d8:c5:13:93:95:19:be:27:0c:48:73:34:
6e:35:6d:f1:ac:29:80:31:d2:10:ff:44:c3:3c:3e:
45:47:c0:07:4c:fe:a2:11:05:ea:d5:f6:a9:c0:dc:
5d:2d:65:4e:ae:bf:23:80:88:d1:26:25:75:6e:61:
4d:7a:77:f0:d5:15:d0:d5:25:4e:33:14:4f:1d:a4:
ad:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:43:18:AD:37:F0:2E:0E:F1:FB:E0:B0:27:EF:DC:76:15:6E:A7:99
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/4EMYrTfwLg7x--CwJ-_cdhVup5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.248.0/24
5.39.250.0-5.39.255.255
5.178.96.0-5.178.100.255
5.178.104.0-5.178.106.255
5.178.108.0-5.178.110.255
31.192.240.0/21
45.12.216.0/23
45.12.219.0/24
185.5.36.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:43:bf:48:cd:09:e5:0f:cf:f3:52:ac:57:2e:03:21:39:3a:
d6:c1:9c:3f:7b:44:04:1d:b5:f8:8f:43:e9:23:c1:af:94:02:
97:a6:11:15:4c:68:23:02:bb:f6:83:1c:7c:1b:60:a4:61:2b:
91:61:43:63:10:e4:b1:5a:5f:12:cf:4c:e5:18:69:81:34:be:
b5:d0:d8:31:bc:18:ef:53:42:85:43:d6:b3:38:cc:75:f4:f0:
2b:32:b2:c0:3b:c7:65:48:25:38:99:e5:d5:56:32:18:05:36:
9f:16:ec:b7:0a:9f:b8:65:f4:1c:be:b5:16:6b:09:24:54:c5:
59:e1:41:1e:a0:32:fe:eb:7b:40:f2:f8:86:6e:d1:22:fa:cf:
39:85:7e:ea:49:71:44:e5:6f:c3:76:eb:21:16:da:ee:4f:e3:
42:ea:0e:3d:3a:f6:ab:0e:41:0f:48:29:0e:48:6a:21:10:9f:
53:77:45:bb:7b:41:48:e9:06:83:4c:f3:bc:87:08:2f:9f:a3:
15:bb:1f:7d:4a:8e:67:79:b7:b4:99:a1:18:91:8d:7e:bb:34:
d5:45:60:db:ad:0b:73:8b:08:ca:9f:6f:66:ff:61:e3:77:1b:
de:e7:01:3b:8c:5d:2c:70:1e:d5:47:33:3d:d8:d7:49:ae:11:
96:38:49:a0
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYzamjR7ZDmnTOzKLzb3Pjs3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQwMTA1MTcwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDQzMThhZDM3ZjAyZTBlZjFmYmUwYjAyN2VmZGM3NjE1NmVhNzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/3fvBP7Km3MA3wVC8MphoW3HkpU
GlnE+AEmsMOqWN2J1VKpQZhmrKXTemCdMdg+MnTI+6dAW4nHDMlxVGxPCwJ+0ptw
7YtPKGYnIFZHbpGhTyuvdsmIUlv+lfITq3IsBB7De8uD1s7pHU6AQhKQ8fgdzGnK
eBa/grfLqkCEjyGwm0BftuM/hPGbVtYxy5x5v+yv+TiEHbfxVs3M9YuRb5wxCpPr
ClTtqXuxScFmmvX23VkgaOrYxROTlRm+JwxIczRuNW3xrCmAMdIQ/0TDPD5FR8AH
TP6iEQXq1fapwNxdLWVOrr8jgIjRJiV1bmFNenfw1RXQ1SVOMxRPHaStOQIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFOBDGK038C4O8fvgsCfv3HYVbqeZMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvNEVNWXJUZndMZzd4LS1Dd0otX2NkaFZ1cDVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBbBAIAATBVAwQABSf4MAsD
BAEFJ/oDAwMFIDAMAwQFBbJgAwQABbJkMAwDBAMFsmgDBAAFsmowDAMEAgWybAME
AAWybgMEAx/A8AMEAS0M2AMEAC0M2wMEArkFJDANBgkqhkiG9w0BAQsFAAOCAQEA
bEO/SM0J5Q/P81KsVy4DITk61sGcP3tEBB21+I9D6SPBr5QCl6YRFUxoIwK79oMc
fBtgpGErkWFDYxDksVpfEs9M5RhpgTS+tdDYMbwY71NChUPWszjMdfTwKzKywDvH
ZUglOJnl1VYyGAU2nxbstwqfuGX0HL61FmsJJFTFWeFBHqAy/ut7QPL4hm7RIvrP
OYV+6klxROVvw3brIRba7k/jQuoOPTr2qw5BD0gpDkhqIRCfU3dFu3tBSOkGg0zz
vIcIL5+jFbsffUqOZ3m3tJmhGJGNfrs01UVg260Lc4sIyp9vZv9h43cb3ucBO4xd
LHAe1UczPdjXSa4RljhJoA==
-----END CERTIFICATE-----
Generated at Fri Jan 5 21:23:37 2024 by rpki-client on console-fra.rpki-client.org