Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/cLAf8PzF-gh7yOb8EeIpAd5QyYo.roa
File: cLAf8PzF-gh7yOb8EeIpAd5QyYo.roa (raw, json)
Hash identifier: cag1t72Gs/HIakws0uc4yzs+S4nbgl72edVYuvK6Klk=
Subject key identifier: 70:B0:1F:F0:FC:C5:FA:08:7B:C8:E6:FC:11:E2:29:01:DE:50:C9:8A
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 018731A0386FD2314398C29809BF82146ED1
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/cLAf8PzF-gh7yOb8EeIpAd5QyYo.roa
Signing time: Thu 30 Mar 2023 08:26:36 +0000
ROA not before: Thu 30 Mar 2023 08:26:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30938
IP address blocks: 45.12.216.0/24 maxlen: 24
45.12.217.0/24 maxlen: 24
45.12.219.0/24 maxlen: 24
45.12.218.0/24 maxlen: 24
5.39.248.0/24 maxlen: 24
5.39.251.0/24 maxlen: 24
5.39.252.0/24 maxlen: 24
5.39.250.0/24 maxlen: 24
5.39.253.0/24 maxlen: 24
31.192.240.0/21 maxlen: 21
5.178.98.0/24 maxlen: 24
5.178.97.0/24 maxlen: 24
5.178.96.0/24 maxlen: 24
5.144.176.0/21 maxlen: 21
5.178.99.0/24 maxlen: 24
5.178.101.0/24 maxlen: 24
5.144.182.0/24 maxlen: 24
5.178.105.0/24 maxlen: 24
5.178.104.0/24 maxlen: 24
5.178.111.0/24 maxlen: 24
5.178.110.0/24 maxlen: 24
5.178.108.0/24 maxlen: 24
5.39.254.0/24 maxlen: 24
5.39.255.0/24 maxlen: 24
185.5.36.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 10 Apr 2023 18:09:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:31:a0:38:6f:d2:31:43:98:c2:98:09:bf:82:14:6e:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Mar 30 08:26:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70b01ff0fcc5fa087bc8e6fc11e22901de50c98a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:96:d4:04:44:ec:94:ec:16:79:d7:c9:f1:72:
44:0a:02:25:a4:1e:63:d2:be:10:d6:f6:f1:95:f2:
c4:85:81:73:9c:55:2d:c8:95:a5:8d:28:ce:01:a5:
c6:f7:4b:9c:99:2b:35:98:e8:91:15:51:e3:9a:8e:
fb:32:1e:48:2a:da:87:43:59:54:df:02:e7:2d:28:
62:fa:e2:b0:0f:86:ae:3b:2e:49:7d:f2:aa:50:c8:
f3:56:91:28:eb:d6:2d:ec:ea:fb:49:f6:ec:91:50:
b0:7f:df:da:b8:62:50:ce:7f:dd:fe:bc:b9:b2:87:
a5:83:c9:de:ed:33:01:61:2d:ee:cf:5b:94:11:d2:
cf:dc:28:0c:95:69:9d:cd:e9:a5:ea:73:1d:1f:0e:
d2:2b:9f:99:20:30:d3:02:39:c9:40:37:a3:05:20:
69:11:75:d3:17:9c:95:0b:6d:e7:0c:29:0e:95:36:
2a:53:97:9f:be:dd:8a:23:d7:23:25:78:c3:55:33:
05:a5:30:34:15:c6:b5:4f:10:de:dc:9a:68:d5:e7:
a1:7d:4e:69:97:00:22:15:a3:17:10:4c:a3:e3:10:
1d:e4:90:04:8d:65:2a:ad:58:65:01:ef:8f:d5:1e:
d5:6a:6e:fb:0f:b5:44:de:9a:9f:95:ec:4a:08:69:
d3:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:B0:1F:F0:FC:C5:FA:08:7B:C8:E6:FC:11:E2:29:01:DE:50:C9:8A
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/cLAf8PzF-gh7yOb8EeIpAd5QyYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.248.0/24
5.39.250.0-5.39.255.255
5.144.176.0/21
5.178.96.0/22
5.178.101.0/24
5.178.104.0/23
5.178.108.0/24
5.178.110.0/23
31.192.240.0/21
45.12.216.0/22
185.5.36.0/22
Signature Algorithm: sha256WithRSAEncryption
d8:c8:28:48:f3:e7:59:81:60:53:f3:a0:c7:52:58:aa:83:2b:
58:4d:b0:e5:ea:c3:6c:b0:30:ae:f5:83:44:a8:b8:49:5a:9e:
1f:77:ad:8c:61:35:97:4c:b8:e3:e3:09:97:1c:89:84:08:2c:
64:0c:4a:9f:2c:d2:0f:91:57:07:7d:f2:0e:6c:84:eb:91:44:
a3:30:8c:86:bd:78:19:ce:c8:0f:70:d1:b8:bb:27:7b:db:1a:
54:6f:cf:28:3a:9d:ea:06:39:30:90:e5:ca:12:d8:27:14:69:
ca:8f:e1:2e:9e:1d:ca:e7:7b:85:51:a9:30:3d:54:99:13:fd:
a5:09:dc:7b:7c:8e:f9:65:de:1b:cf:53:a6:9e:4b:2d:26:fd:
85:87:94:17:4b:f6:63:c5:db:c8:64:7e:d2:3b:8b:44:13:8d:
de:eb:6b:dc:74:68:ae:d8:a9:a4:dc:71:0a:31:e9:43:9b:46:
0d:29:27:58:35:9b:43:e0:eb:08:72:cd:6e:67:9d:d0:34:06:
19:75:7d:5c:49:c2:6a:b0:a6:ef:cb:29:d9:ed:3b:e3:13:6f:
64:3c:47:65:5e:f4:a5:8b:f6:5f:0f:bd:53:b6:8e:6e:4b:5e:
af:1e:df:f4:33:1d:48:5d:4a:dd:6c:68:fe:30:46:7e:3e:98:
f5:15:6c:4f
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYcxoDhv0jFDmMKYCb+CFG7RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjMwMzMwMDgyNjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGIwMWZmMGZjYzVmYTA4N2JjOGU2ZmMxMWUyMjkwMWRlNTBjOThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZbUBETslOwWedfJ8XJECgIlpB5j
0r4Q1vbxlfLEhYFznFUtyJWljSjOAaXG90ucmSs1mOiRFVHjmo77Mh5IKtqHQ1lU
3wLnLShi+uKwD4auOy5JffKqUMjzVpEo69Yt7Or7SfbskVCwf9/auGJQzn/d/ry5
soelg8ne7TMBYS3uz1uUEdLP3CgMlWmdzeml6nMdHw7SK5+ZIDDTAjnJQDejBSBp
EXXTF5yVC23nDCkOlTYqU5efvt2KI9cjJXjDVTMFpTA0Fca1TxDe3Jpo1eehfU5p
lwAiFaMXEEyj4xAd5JAEjWUqrVhlAe+P1R7Vam77D7VE3pqflexKCGnTHwIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFHCwH/D8xfoIe8jm/BHiKQHeUMmKMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvY0xBZjhQekYtZ2g3eU9iOEVlSXBBZDVReVlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTBPBAIAATBJAwQABSf4MAsD
BAEFJ/oDAwMFIAMEAwWQsAMEAgWyYAMEAAWyZQMEAQWyaAMEAAWybAMEAQWybgME
Ax/A8AMEAi0M2AMEArkFJDANBgkqhkiG9w0BAQsFAAOCAQEA2MgoSPPnWYFgU/Og
x1JYqoMrWE2w5erDbLAwrvWDRKi4SVqeH3etjGE1l0y44+MJlxyJhAgsZAxKnyzS
D5FXB33yDmyE65FEozCMhr14Gc7ID3DRuLsne9saVG/PKDqd6gY5MJDlyhLYJxRp
yo/hLp4dyud7hVGpMD1UmRP9pQnce3yO+WXeG89Tpp5LLSb9hYeUF0v2Y8XbyGR+
0juLRBON3utr3HRortippNxxCjHpQ5tGDSknWDWbQ+DrCHLNbmed0DQGGXV9XEnC
arCm78sp2e074xNvZDxHZV70pYv2Xw+9U7aObkterx7f9DMdSF1K3Wxo/jBGfj6Y
9RVsTw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:33 2024 by rpki-client on console-fra.rpki-client.org