Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/b7ceb8-4856-4463-b7b8-353bc6266ee6/1/5rs70rCB_jBQ7lDQjTdL5fm7yz0.roa
File: 5rs70rCB_jBQ7lDQjTdL5fm7yz0.roa (raw, json)
Hash identifier: /uW5IiwOn2VOSNOnvwwYdLKYYAn9Dy1bG3K8xFXW9/I=
Subject key identifier: E6:BB:3B:D2:B0:81:FE:30:50:EE:50:D0:8D:37:4B:E5:F9:BB:CB:3D
Certificate issuer: /CN=db282fd897317c2cadd7b13969f6f015c397e05d
Certificate serial: 018DF5BB97ABFBB3BA8929E0279B7E78D9D8
Authority key identifier: DB:28:2F:D8:97:31:7C:2C:AD:D7:B1:39:69:F6:F0:15:C3:97:E0:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ygv2JcxfCyt17E5afbwFcOX4F0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/b7ceb8-4856-4463-b7b8-353bc6266ee6/1/5rs70rCB_jBQ7lDQjTdL5fm7yz0.roa
Signing time: Thu 29 Feb 2024 16:38:48 +0000
ROA not before: Thu 29 Feb 2024 16:38:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199608
IP address blocks: 185.9.36.0/24 maxlen: 24
185.9.37.0/24 maxlen: 24
185.9.38.0/24 maxlen: 24
185.9.39.0/24 maxlen: 24
185.244.144.0/24 maxlen: 24
185.244.145.0/24 maxlen: 24
185.244.146.0/24 maxlen: 24
185.244.147.0/24 maxlen: 24
2a03:48c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f5:bb:97:ab:fb:b3:ba:89:29:e0:27:9b:7e:78:d9:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db282fd897317c2cadd7b13969f6f015c397e05d
Validity
Not Before: Feb 29 16:38:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6bb3bd2b081fe3050ee50d08d374be5f9bbcb3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:91:5d:f3:e5:33:a6:40:d0:8a:dc:92:22:de:
d9:54:c2:8f:e4:e2:65:1b:7a:11:54:b0:8f:8d:23:
91:4d:b3:24:9b:32:fc:d0:b8:f5:36:ba:34:34:da:
f1:77:10:92:a2:44:74:cc:42:75:2b:b2:4d:59:4c:
31:21:f4:36:3a:59:4a:9d:0e:3c:19:7b:cd:b9:84:
ee:76:94:d0:53:73:d5:b7:fe:6d:25:e0:8f:1f:27:
01:33:10:2b:af:f4:07:d5:41:a9:ce:fd:fe:b8:e9:
6f:64:98:f7:b6:cd:2b:ff:57:90:ce:26:ec:19:5b:
f6:8d:a6:bf:7d:95:d9:d6:ce:b9:b6:e0:82:06:78:
67:2b:02:17:43:0e:3a:d1:21:ab:61:41:a7:69:08:
f5:05:26:da:d3:c5:e8:82:4f:90:bd:a1:fd:a6:b9:
ff:78:4b:62:1e:89:92:bc:5e:95:a0:af:50:9f:7e:
67:74:48:da:0a:0d:51:67:ae:a4:83:ab:2d:e4:90:
c0:23:74:37:89:e6:cb:28:97:32:31:23:9d:28:0f:
4e:d9:15:2a:c2:13:9f:3f:1d:49:f5:08:10:8e:94:
8b:c5:de:eb:0d:b4:e1:e0:f6:1d:9c:25:22:f5:7f:
1d:37:36:1d:ac:01:a1:0a:9d:f5:93:e2:17:0d:4b:
e3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:BB:3B:D2:B0:81:FE:30:50:EE:50:D0:8D:37:4B:E5:F9:BB:CB:3D
X509v3 Authority Key Identifier:
keyid:DB:28:2F:D8:97:31:7C:2C:AD:D7:B1:39:69:F6:F0:15:C3:97:E0:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ygv2JcxfCyt17E5afbwFcOX4F0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/b7ceb8-4856-4463-b7b8-353bc6266ee6/1/5rs70rCB_jBQ7lDQjTdL5fm7yz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/b7ceb8-4856-4463-b7b8-353bc6266ee6/1/2ygv2JcxfCyt17E5afbwFcOX4F0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.36.0/22
185.244.144.0/22
IPv6:
2a03:48c0::/32
Signature Algorithm: sha256WithRSAEncryption
6c:7b:4d:56:42:72:92:1a:8f:69:5f:0b:d9:a1:9c:db:70:c9:
3d:ca:f6:94:fd:b8:98:ab:2b:4d:2b:02:46:0b:51:1d:b1:23:
31:67:a4:0a:7b:fd:41:e1:f3:0f:c1:d8:b7:cc:6b:76:0c:a0:
9f:f1:a6:44:db:18:76:a2:6f:ed:b7:5e:c0:45:c4:f4:97:83:
fc:fc:37:4b:69:6a:a8:ce:21:70:2b:4b:e1:dc:8d:c9:6e:11:
f5:d7:73:3f:d7:d6:74:f0:a6:6f:0d:91:80:5e:7c:13:96:86:
c1:40:4a:8c:b1:41:8e:69:d2:45:f6:76:4d:23:d4:fc:66:78:
00:9d:89:62:24:59:75:bc:5c:b1:93:9f:c8:7b:69:c3:2e:62:
c2:71:67:3a:bc:4b:a1:92:7b:1b:64:de:9c:04:dc:37:28:2a:
40:70:26:dc:50:16:53:56:54:7e:44:00:52:5f:79:c3:85:cb:
13:1d:01:04:b9:ed:b8:d8:ae:7e:42:4e:93:db:fb:fc:72:17:
ca:0f:cf:89:36:87:d9:d6:68:5c:60:56:11:d1:7e:a7:ed:63:
af:a5:7e:76:85:b8:b3:21:bb:0c:0f:20:7f:68:03:05:d3:1f:
33:60:73:f4:8a:4f:fa:04:54:0e:fa:3d:81:1b:30:d8:ab:f5:
1d:d8:79:1a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY31u5er+7O6iSngJ5t+eNnYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjgyZmQ4OTczMTdjMmNhZGQ3YjEzOTY5ZjZmMDE1YzM5
N2UwNWQwHhcNMjQwMjI5MTYzODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmJiM2JkMmIwODFmZTMwNTBlZTUwZDA4ZDM3NGJlNWY5YmJjYjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5Fd8+UzpkDQitySIt7ZVMKP5OJl
G3oRVLCPjSORTbMkmzL80Lj1Nro0NNrxdxCSokR0zEJ1K7JNWUwxIfQ2OllKnQ48
GXvNuYTudpTQU3PVt/5tJeCPHycBMxArr/QH1UGpzv3+uOlvZJj3ts0r/1eQzibs
GVv2jaa/fZXZ1s65tuCCBnhnKwIXQw460SGrYUGnaQj1BSba08Xogk+QvaH9prn/
eEtiHomSvF6VoK9Qn35ndEjaCg1RZ66kg6st5JDAI3Q3iebLKJcyMSOdKA9O2RUq
whOfPx1J9QgQjpSLxd7rDbTh4PYdnCUi9X8dNzYdrAGhCp31k+IXDUvjIQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOa7O9Kwgf4wUO5Q0I03S+X5u8s9MB8GA1UdIwQY
MBaAFNsoL9iXMXwsrdexOWn28BXDl+BdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlndjJKY3hmQ3l0MTdFNWFmYndGY09YNEYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9iN2NlYjgtNDg1Ni00NDYzLWI3Yjgt
MzUzYmM2MjY2ZWU2LzEvNXJzNzByQ0JfakJRN2xEUWpUZEw1Zm03eXowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9iN2NlYjgtNDg1Ni00NDYzLWI3YjgtMzUzYmM2MjY2ZWU2
LzEvMnlndjJKY3hmQ3l0MTdFNWFmYndGY09YNEYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuQkkAwQC
ufSQMA0EAgACMAcDBQAqA0jAMA0GCSqGSIb3DQEBCwUAA4IBAQBse01WQnKSGo9p
XwvZoZzbcMk9yvaU/biYqytNKwJGC1EdsSMxZ6QKe/1B4fMPwdi3zGt2DKCf8aZE
2xh2om/tt17ARcT0l4P8/DdLaWqoziFwK0vh3I3JbhH113M/19Z08KZvDZGAXnwT
lobBQEqMsUGOadJF9nZNI9T8ZngAnYliJFl1vFyxk5/Ie2nDLmLCcWc6vEuhknsb
ZN6cBNw3KCpAcCbcUBZTVlR+RABSX3nDhcsTHQEEue242K5+Qk6T2/v8chfKD8+J
NofZ1mhcYFYR0X6n7WOvpX52hbizIbsMDyB/aAMF0x8zYHP0ik/6BFQO+j2BGzDY
q/Ud2Hka
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:36 2025 by rpki-client