Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/5Fni_awwOS0-H-BAjtOnKCEXK0Q.roa
File: 5Fni_awwOS0-H-BAjtOnKCEXK0Q.roa (raw, json)
Hash identifier: JLe7ITp3cYk6k7fF0CyF5LpSjpQ5kMK5U36Dyt15R6Q=
Subject key identifier: E4:59:E2:FD:AC:30:39:2D:3E:1F:E0:40:8E:D3:A7:28:21:17:2B:44
Certificate issuer: /CN=e067a7b9de767eb97db64e516478494633bd54ea
Certificate serial: 01856F8B97A7E491D159BE8DF43715120EA5
Authority key identifier: E0:67:A7:B9:DE:76:7E:B9:7D:B6:4E:51:64:78:49:46:33:BD:54:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/5Fni_awwOS0-H-BAjtOnKCEXK0Q.roa
Signing time: Sun 01 Jan 2023 22:54:57 +0000
ROA not before: Sun 01 Jan 2023 22:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39878
IP address blocks: 45.67.168.0/22 maxlen: 22
185.196.240.0/22 maxlen: 22
185.87.238.0/23 maxlen: 23
185.87.237.0/24 maxlen: 24
91.135.160.0/20 maxlen: 20
185.33.8.0/22 maxlen: 22
2a04:40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 05 Jun 2023 14:16:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:97:a7:e4:91:d1:59:be:8d:f4:37:15:12:0e:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e067a7b9de767eb97db64e516478494633bd54ea
Validity
Not Before: Jan 1 22:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e459e2fdac30392d3e1fe0408ed3a72821172b44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:30:06:fb:9f:3b:42:4b:70:82:0a:8a:3e:26:
79:7f:9c:b5:e8:8a:52:c1:07:fa:88:f2:9b:e2:ea:
99:5a:fb:bc:65:87:cd:cf:7c:1d:b0:59:9e:c0:5c:
ba:7a:13:40:82:a9:25:13:26:61:fe:9d:d1:be:ae:
6a:ab:e0:77:9a:4d:ec:a7:88:a7:bb:dc:0d:ee:d8:
59:d7:3c:63:a7:88:89:10:72:5d:91:98:7a:1d:61:
4e:14:d5:9c:8e:63:ea:d3:f2:32:1d:73:de:6f:93:
73:ff:9a:43:e5:16:0a:64:b0:98:cd:09:8b:ff:9f:
be:de:18:bf:ee:20:a4:bb:fb:07:31:8a:d2:b5:f6:
ba:94:d1:18:88:7d:c9:e9:ec:9a:97:a5:c9:9e:92:
dd:80:29:72:75:d8:38:90:66:bf:64:77:69:b3:09:
89:85:85:ff:43:ef:50:57:1d:ca:17:10:7b:e2:92:
92:d0:66:45:57:11:70:6f:ba:e2:03:41:47:ed:3b:
e2:a7:25:df:8a:f8:c7:64:01:19:fb:d3:44:c9:cc:
d4:6c:c3:e6:7f:77:1a:16:d4:93:14:b4:af:2d:51:
d2:d0:1e:cf:83:f8:1a:c8:6d:1f:1f:d0:6b:56:60:
ae:60:33:55:44:07:c8:4c:85:37:24:92:07:f5:9f:
c8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:59:E2:FD:AC:30:39:2D:3E:1F:E0:40:8E:D3:A7:28:21:17:2B:44
X509v3 Authority Key Identifier:
keyid:E0:67:A7:B9:DE:76:7E:B9:7D:B6:4E:51:64:78:49:46:33:BD:54:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/5Fni_awwOS0-H-BAjtOnKCEXK0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.168.0/22
91.135.160.0/20
185.33.8.0/22
185.87.237.0-185.87.239.255
185.196.240.0/22
IPv6:
2a04:40::/29
Signature Algorithm: sha256WithRSAEncryption
57:fb:38:68:e1:e1:6b:d6:1b:1f:5d:98:11:5b:34:a8:a7:de:
58:15:89:4c:bf:be:23:15:31:77:7f:07:e7:ec:cf:79:3d:c9:
9e:fc:8c:34:2e:df:a3:6b:ad:2a:65:63:d5:b2:73:91:91:43:
37:ba:c9:9a:4d:7e:16:32:6f:6e:b2:b4:e4:b3:51:c8:79:9c:
66:89:c7:69:22:f4:72:3a:2f:3f:c6:2b:e4:9a:7a:e0:41:b4:
8a:2f:43:81:2f:3c:ab:e3:db:aa:07:4a:b8:8f:2a:8f:34:2c:
8d:5c:7d:ae:7f:6b:7a:1c:23:bd:1d:f1:4e:54:41:8d:7e:b0:
24:7a:c5:20:80:de:27:5b:74:b3:bb:ce:80:aa:3f:f0:06:45:
e8:8c:00:30:73:f4:26:c0:e7:2e:15:05:50:00:da:d0:ec:be:
a7:5f:41:f4:14:d4:30:bd:eb:22:41:5a:69:d5:8e:bb:bb:a9:
c7:2f:94:58:70:3a:3d:c3:37:c9:1c:eb:a1:09:21:ff:b8:58:
a5:3f:da:f9:cb:11:5c:b9:7b:78:27:62:84:65:ec:8d:67:86:
70:9c:18:7d:d7:69:89:13:2b:47:79:03:6b:33:5c:86:e3:e4:
cb:e6:fc:0b:1d:aa:dc:09:e7:e5:70:ff:5a:4d:1a:f9:60:d3:
d6:17:c9:5f
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVvi5en5JHRWb6N9DcVEg6lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNjdhN2I5ZGU3NjdlYjk3ZGI2NGU1MTY0Nzg0OTQ2MzNi
ZDU0ZWEwHhcNMjMwMTAxMjI1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDU5ZTJmZGFjMzAzOTJkM2UxZmUwNDA4ZWQzYTcyODIxMTcyYjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjAG+587QktwggqKPiZ5f5y16IpS
wQf6iPKb4uqZWvu8ZYfNz3wdsFmewFy6ehNAgqklEyZh/p3Rvq5qq+B3mk3sp4in
u9wN7thZ1zxjp4iJEHJdkZh6HWFOFNWcjmPq0/IyHXPeb5Nz/5pD5RYKZLCYzQmL
/5++3hi/7iCku/sHMYrStfa6lNEYiH3J6eyal6XJnpLdgClyddg4kGa/ZHdpswmJ
hYX/Q+9QVx3KFxB74pKS0GZFVxFwb7riA0FH7TvipyXfivjHZAEZ+9NEyczUbMPm
f3caFtSTFLSvLVHS0B7Pg/gayG0fH9BrVmCuYDNVRAfITIU3JJIH9Z/I5wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFORZ4v2sMDktPh/gQI7TpyghFytEMB8GA1UdIwQY
MBaAFOBnp7nedn65fbZOUWR4SUYzvVTqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kNTIwYzQtZGViNC00MzhiLTkzYmYt
NzY4ZjNkNmVlMTllLzEvNUZuaV9hd3dPUzAtSC1CQWp0T25LQ0VYSzBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kNTIwYzQtZGViNC00MzhiLTkzYmYtNzY4ZjNkNmVlMTll
LzEvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQCLUOoAwQE
W4egAwQCuSEIMAwDBAC5V+0DBAS5V+ADBAK5xPAwDQQCAAIwBwMFAyoEAEAwDQYJ
KoZIhvcNAQELBQADggEBAFf7OGjh4WvWGx9dmBFbNKin3lgViUy/viMVMXd/B+fs
z3k9yZ78jDQu36NrrSplY9Wyc5GRQze6yZpNfhYyb26ytOSzUch5nGaJx2ki9HI6
Lz/GK+SaeuBBtIovQ4EvPKvj26oHSriPKo80LI1cfa5/a3ocI70d8U5UQY1+sCR6
xSCA3idbdLO7zoCqP/AGReiMADBz9CbA5y4VBVAA2tDsvqdfQfQU1DC96yJBWmnV
jru7qccvlFhwOj3DN8kc66EJIf+4WKU/2vnLEVy5e3gnYoRl7I1nhnCcGH3XaYkT
K0d5A2szXIbj5Mvm/AsdqtwJ5+Vw/1pNGvlg09YXyV8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:11 2024 by rpki-client on console-ams.rpki-client.org