Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/F_GAIWd3k345fQ_DAIsxA1O0An4.roa
File: F_GAIWd3k345fQ_DAIsxA1O0An4.roa (raw, json)
Hash identifier: N5gUorAVKQz7qseCPTjg/mq0ahW4QRODjWa5d3LkrHU=
Subject key identifier: 17:F1:80:21:67:77:93:7E:39:7D:0F:C3:00:8B:31:03:53:B4:02:7E
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 018DFC4D6A2F031B409DB2BF14A8A600D15B
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/F_GAIWd3k345fQ_DAIsxA1O0An4.roa
Signing time: Fri 01 Mar 2024 23:15:48 +0000
ROA not before: Fri 01 Mar 2024 23:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30938
IP address blocks: 5.39.248.0/24 maxlen: 24
5.39.250.0/24 maxlen: 24
5.39.252.0/24 maxlen: 24
5.39.254.0/24 maxlen: 24
5.178.96.0/24 maxlen: 24
5.178.97.0/24 maxlen: 24
5.178.99.0/24 maxlen: 24
5.178.104.0/24 maxlen: 24
31.192.240.0/21 maxlen: 21
31.192.246.0/24 maxlen: 24
45.12.216.0/24 maxlen: 24
45.12.217.0/24 maxlen: 24
45.12.218.0/24 maxlen: 24
45.12.219.0/24 maxlen: 24
185.5.36.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 14 Mar 2024 16:43:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fc:4d:6a:2f:03:1b:40:9d:b2:bf:14:a8:a6:00:d1:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Mar 1 23:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17f180216777937e397d0fc3008b310353b4027e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:7b:4c:17:2f:08:a8:3b:ce:76:16:1a:71:9b:
79:92:a7:a6:dd:6a:66:35:e5:60:27:1e:18:e9:53:
22:64:73:71:b0:32:62:61:b8:22:42:07:70:25:d4:
94:b2:2c:8e:b6:90:fb:27:a9:a5:f2:f1:09:43:c5:
8f:2f:0c:db:73:cf:7c:a6:b3:10:df:fe:94:de:7c:
22:0e:3d:68:2a:a0:65:af:d0:f0:b1:50:e0:ff:26:
61:18:42:df:4d:ff:47:4b:36:2c:71:1c:06:5f:5e:
aa:62:28:d8:1b:76:56:f8:a4:61:1a:97:5c:37:20:
51:8e:0f:3e:06:25:62:9f:78:d9:71:4f:3e:10:0b:
33:b4:a2:f6:c2:45:68:d5:ba:02:3b:f7:ff:2c:36:
d4:43:c5:69:bc:ca:fd:df:9b:3f:1f:6e:3f:29:01:
e7:2a:6c:e2:00:a8:39:fe:e7:cd:0d:34:22:54:6a:
66:4b:0b:af:12:56:73:ef:e8:10:be:4e:b0:89:9f:
17:d2:1a:84:67:17:60:25:e0:57:a6:51:5d:c8:f7:
1d:23:25:e4:22:68:dd:fa:82:df:98:5b:72:e6:d5:
02:e3:b2:34:ea:37:f6:eb:b5:70:33:3b:97:5e:27:
e2:77:ed:61:c6:e4:8a:3a:67:d4:17:43:ca:e6:14:
30:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:F1:80:21:67:77:93:7E:39:7D:0F:C3:00:8B:31:03:53:B4:02:7E
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/F_GAIWd3k345fQ_DAIsxA1O0An4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.248.0/24
5.39.250.0/24
5.39.252.0/24
5.39.254.0/24
5.178.96.0/23
5.178.99.0/24
5.178.104.0/24
31.192.240.0/21
45.12.216.0/22
185.5.36.0/22
Signature Algorithm: sha256WithRSAEncryption
64:ff:e3:bd:90:58:e4:f5:b5:86:30:3b:4a:23:d4:11:6b:d7:
34:ed:ba:3f:cf:51:9a:0b:f4:4d:d0:46:b7:be:cd:47:f1:05:
b1:62:8b:42:a5:10:37:52:48:5d:fd:22:6e:52:2e:85:b9:64:
1f:cb:b0:21:62:db:08:e4:e5:d3:70:56:84:a4:f1:c2:09:81:
cf:7f:79:22:64:18:9b:ec:a3:d4:a4:77:aa:ae:17:82:35:76:
3e:75:3c:16:fe:4e:2f:a1:f6:ad:cb:02:27:eb:dd:e4:ab:b0:
bd:4e:4c:dc:c1:6e:f3:dd:9e:b4:a1:3a:53:e9:02:8d:b4:c9:
4e:6b:ff:3c:3e:b4:af:41:7f:2d:e9:95:12:c8:f9:2f:29:b3:
d0:3d:bf:74:c7:9f:71:ce:42:13:4a:a2:7a:ce:11:7f:53:f3:
0a:96:5e:80:52:81:ba:7a:fb:da:e0:54:09:02:82:ae:58:4e:
66:5d:46:d7:9d:ad:38:0e:7c:d6:4d:ee:37:79:4b:72:92:bc:
09:76:8a:32:8c:6f:21:f2:f5:42:59:c7:da:d4:16:73:3a:53:
3a:17:7e:fd:65:d1:08:65:c2:b3:79:b9:7a:2a:59:d8:bc:dc:
fb:17:0e:39:c7:96:5a:5a:6d:c6:6e:57:cd:eb:ef:ac:90:d3:
f5:6d:10:85
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY38TWovAxtAnbK/FKimANFbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQwMzAxMjMxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2YxODAyMTY3Nzc5MzdlMzk3ZDBmYzMwMDhiMzEwMzUzYjQwMjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3XtMFy8IqDvOdhYacZt5kqem3Wpm
NeVgJx4Y6VMiZHNxsDJiYbgiQgdwJdSUsiyOtpD7J6ml8vEJQ8WPLwzbc898prMQ
3/6U3nwiDj1oKqBlr9DwsVDg/yZhGELfTf9HSzYscRwGX16qYijYG3ZW+KRhGpdc
NyBRjg8+BiVin3jZcU8+EAsztKL2wkVo1boCO/f/LDbUQ8VpvMr935s/H24/KQHn
KmziAKg5/ufNDTQiVGpmSwuvElZz7+gQvk6wiZ8X0hqEZxdgJeBXplFdyPcdIyXk
Imjd+oLfmFty5tUC47I06jf267VwMzuXXifid+1hxuSKOmfUF0PK5hQwTwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFBfxgCFnd5N+OX0PwwCLMQNTtAJ+MB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvRl9HQUlXZDNrMzQ1ZlFfREFJc3hBMU8wQW40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQABSf4AwQA
BSf6AwQABSf8AwQABSf+AwQBBbJgAwQABbJjAwQABbJoAwQDH8DwAwQCLQzYAwQC
uQUkMA0GCSqGSIb3DQEBCwUAA4IBAQBk/+O9kFjk9bWGMDtKI9QRa9c07bo/z1Ga
C/RN0Ea3vs1H8QWxYotCpRA3Ukhd/SJuUi6FuWQfy7AhYtsI5OXTcFaEpPHCCYHP
f3kiZBib7KPUpHeqrheCNXY+dTwW/k4vofatywIn693kq7C9TkzcwW7z3Z60oTpT
6QKNtMlOa/88PrSvQX8t6ZUSyPkvKbPQPb90x59xzkITSqJ6zhF/U/MKll6AUoG6
evva4FQJAoKuWE5mXUbXna04DnzWTe43eUtykrwJdooyjG8h8vVCWcfa1BZzOlM6
F379ZdEIZcKzebl6KlnYvNz7Fw45x5ZaWm3GblfN6++skNP1bRCF
-----END CERTIFICATE-----
Generated at Thu Mar 14 20:26:45 2024 by rpki-client on console-ams.rpki-client.org