Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/5SgirRWq95wFTmtKf-m7SjWz70o.roa
File: 5SgirRWq95wFTmtKf-m7SjWz70o.roa (raw, json)
Hash identifier: 7zZzK1gS1lbuHX7PgZlvZloNK66zDWa4myP0cc8SE7o=
Subject key identifier: E5:28:22:AD:15:AA:F7:9C:05:4E:6B:4A:7F:E9:BB:4A:35:B3:EF:4A
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018FE945F7EC26AAE7B157D43700DC4F02A8
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/5SgirRWq95wFTmtKf-m7SjWz70o.roa
Signing time: Wed 05 Jun 2024 16:40:27 +0000
ROA not before: Wed 05 Jun 2024 16:40:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 2.56.0.0/22 maxlen: 22
5.180.4.0/22 maxlen: 22
5.182.28.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.86.16.0/21 maxlen: 21
45.88.124.0/22 maxlen: 22
45.143.44.0/22 maxlen: 22
45.151.196.0/22 maxlen: 22
85.159.117.0/24 maxlen: 24
89.39.242.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
91.239.59.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
91.242.94.0/24 maxlen: 24
91.242.95.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.123.0/24 maxlen: 24
91.242.124.0/24 maxlen: 24
91.242.125.0/24 maxlen: 24
91.242.126.0/24 maxlen: 24
91.242.127.0/24 maxlen: 24
94.231.198.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
178.175.176.0/22 maxlen: 22
185.40.105.0/24 maxlen: 24
185.173.244.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
193.46.204.0/24 maxlen: 24
194.50.200.0/23 maxlen: 24
194.50.201.0/24 maxlen: 24
194.50.206.0/23 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/24 maxlen: 24
195.138.105.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.108.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.112.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.116.0/24 maxlen: 24
195.138.118.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.138.122.0/23 maxlen: 23
195.138.124.0/22 maxlen: 22
195.216.156.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 24 Jun 2024 14:57:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e9:45:f7:ec:26:aa:e7:b1:57:d4:37:00:dc:4f:02:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jun 5 16:40:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e52822ad15aaf79c054e6b4a7fe9bb4a35b3ef4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:1c:b8:5d:5a:7b:c9:3d:dd:bd:99:84:25:f6:
31:c1:fc:62:70:6e:52:71:a9:02:d8:26:7c:af:47:
57:89:1c:44:66:27:23:1e:f2:03:14:f9:a7:9b:dc:
20:d0:88:35:65:43:45:67:60:b5:72:b0:0e:fd:35:
e0:8e:4f:bb:ac:30:df:0e:a2:f8:ce:74:49:ff:65:
db:10:df:5c:bf:e7:5b:f8:e7:a1:d7:b9:3f:be:8c:
9e:68:49:af:54:a3:6a:5f:68:c2:26:81:05:b4:4b:
51:e6:82:9b:a8:29:00:e0:6b:e4:b2:e4:d6:cd:5f:
06:39:1a:5b:b2:6b:81:35:74:86:0f:1c:96:7c:2b:
24:b4:71:d9:58:01:ee:9d:a6:4e:6f:f3:11:83:ef:
29:f5:56:88:c0:c4:61:f9:d5:6f:c2:65:e8:ab:97:
49:e4:39:3a:1c:fd:3a:f6:02:05:b7:db:d1:24:de:
d8:ea:5b:f0:d6:44:6f:bf:a6:e6:87:1f:19:df:6a:
c3:b7:a6:3e:10:00:ec:48:47:e4:0e:67:1e:29:21:
f5:db:9b:8a:ae:9e:bb:b1:79:0a:84:4e:87:2a:cd:
c5:65:a6:9c:aa:5c:16:4c:8a:a0:a6:bf:47:d9:4a:
08:b0:55:1e:4a:7f:45:38:ac:1b:70:59:57:eb:05:
37:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:28:22:AD:15:AA:F7:9C:05:4E:6B:4A:7F:E9:BB:4A:35:B3:EF:4A
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/5SgirRWq95wFTmtKf-m7SjWz70o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.0.0/22
5.180.4.0/22
5.182.28.0/22
45.67.117.0/24
45.86.16.0/21
45.88.124.0/22
45.143.44.0/22
45.151.196.0/22
85.159.117.0/24
89.39.242.0/24
89.40.161.0/24
91.239.59.0/24
91.242.70.0/24
91.242.72.0/22
91.242.94.0/23
91.242.103.0/24
91.242.105.0/24
91.242.123.0-91.242.127.255
94.231.198.0/24
176.126.223.0/24
178.175.176.0/22
185.40.105.0/24
185.173.244.0/24
185.173.247.0/24
185.180.145.0/24
185.212.11.0/24
193.46.204.0/24
194.50.200.0/23
194.50.206.0/23
195.138.103.0-195.138.108.255
195.138.111.0-195.138.112.255
195.138.114.0/24
195.138.116.0/24
195.138.118.0/24
195.138.120.0/24
195.138.122.0-195.138.127.255
195.216.156.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:79:89:d1:9c:61:6e:52:b0:bc:64:40:f0:26:ee:b8:6a:0a:
a6:97:c5:37:88:5d:05:ed:60:1b:7a:a7:9b:c9:30:9f:d4:19:
97:cc:db:41:a8:68:ce:75:99:7c:14:2d:df:f5:97:c8:e8:4d:
fb:cc:78:e3:1a:35:b3:d4:b0:a1:64:24:24:f0:09:01:c1:b0:
04:42:f1:6a:e9:cb:15:38:a6:02:9d:fc:e2:3d:f3:e7:6d:c4:
d6:e5:91:36:67:1f:f8:ce:9d:07:b5:f4:95:40:c3:a0:61:57:
ae:92:77:64:53:cc:64:20:15:05:5d:f6:59:75:1a:6c:86:a4:
94:c2:99:26:9c:81:4a:00:e2:5d:4e:8c:c1:d5:71:6e:d9:9e:
0d:27:25:b9:53:25:59:40:de:4d:ca:b4:f3:5d:d3:95:9f:9f:
87:fb:fb:1b:5f:9f:6e:c3:e4:79:a3:fd:bd:24:00:60:60:a6:
cb:fe:87:6f:8f:5c:93:33:64:c8:4b:ce:51:0a:22:ff:b2:bf:
00:82:28:0d:56:bb:8b:c8:9a:5b:cd:3d:ad:75:86:cf:b4:70:
7c:ae:8e:a8:5d:bd:5a:34:2d:50:ad:55:99:a9:31:d1:79:68:
63:69:68:4a:e4:c4:98:33:0e:a4:f0:00:a7:55:5f:dd:f1:6a:
14:8a:6a:9b
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISAY/pRffsJqrnsVfUNwDcTwKoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwNjA1MTY0MDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTI4MjJhZDE1YWFmNzljMDU0ZTZiNGE3ZmU5YmI0YTM1YjNlZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xy4XVp7yT3dvZmEJfYxwfxicG5S
cakC2CZ8r0dXiRxEZicjHvIDFPmnm9wg0Ig1ZUNFZ2C1crAO/TXgjk+7rDDfDqL4
znRJ/2XbEN9cv+db+Oeh17k/voyeaEmvVKNqX2jCJoEFtEtR5oKbqCkA4GvksuTW
zV8GORpbsmuBNXSGDxyWfCsktHHZWAHunaZOb/MRg+8p9VaIwMRh+dVvwmXoq5dJ
5Dk6HP069gIFt9vRJN7Y6lvw1kRvv6bmhx8Z32rDt6Y+EADsSEfkDmceKSH125uK
rp67sXkKhE6HKs3FZaacqlwWTIqgpr9H2UoIsFUeSn9FOKwbcFlX6wU3WwIDAQAB
o4IDCjCCAwYwHQYDVR0OBBYEFOUoIq0VqvecBU5rSn/pu0o1s+9KMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvNVNnaXJSV3E5NXdGVG10S2YtbTdTald6NzBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHgYIKwYBBQUHAQcBAf8EggENMIIBCTCCAQUEAgABMIH+
AwQCAjgAAwQCBbQEAwQCBbYcAwQALUN1AwQDLVYQAwQCLVh8AwQCLY8sAwQCLZfE
AwQAVZ91AwQAWSfyAwQAWSihAwQAW+87AwQAW/JGAwQCW/JIAwQBW/JeAwQAW/Jn
AwQAW/JpMAwDBABb8nsDBAdb8gADBABe58YDBACwft8DBAKyr7ADBAC5KGkDBAC5
rfQDBAC5rfcDBAC5tJEDBAC51AsDBADBLswDBAHCMsgDBAHCMs4wDAMEAMOKZwME
AMOKbDAMAwQAw4pvAwQAw4pwAwQAw4pyAwQAw4p0AwQAw4p2AwQAw4p4MAwDBAHD
inoDBAfDigADBALD2JwwDQYJKoZIhvcNAQELBQADggEBALF5idGcYW5SsLxkQPAm
7rhqCqaXxTeIXQXtYBt6p5vJMJ/UGZfM20GoaM51mXwULd/1l8joTfvMeOMaNbPU
sKFkJCTwCQHBsARC8WrpyxU4pgKd/OI98+dtxNblkTZnH/jOnQe19JVAw6BhV66S
d2RTzGQgFQVd9ll1GmyGpJTCmSacgUoA4l1OjMHVcW7Zng0nJblTJVlA3k3KtPNd
05Wfn4f7+xtfn27D5Hmj/b0kAGBgpsv+h2+PXJMzZMhLzlEKIv+yvwCCKA1Wu4vI
mlvNPa11hs+0cHyujqhdvVo0LVCtVZmpMdF5aGNpaErkxJgzDqTwAKdVX93xahSK
aps=
-----END CERTIFICATE-----
Generated at Mon Jun 24 20:20:29 2024 by rpki-client on console-ams.rpki-client.org