Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/5amTR5R-a3qPIa8MaTU3Hdh3iEk.roa
File: 5amTR5R-a3qPIa8MaTU3Hdh3iEk.roa (raw, json)
Hash identifier: Z3wNVnpIHwZKYixQXE9Zt4vmbhktLJxeoyNZaHdGCU0=
Subject key identifier: E5:A9:93:47:94:7E:6B:7A:8F:21:AF:0C:69:35:37:1D:D8:77:88:49
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018CC348AFE721319EB2EC4ED9A96F19F30C
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/5amTR5R-a3qPIa8MaTU3Hdh3iEk.roa
Signing time: Mon 01 Jan 2024 04:29:29 +0000
ROA not before: Mon 01 Jan 2024 04:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212477
IP address blocks: 45.90.116.0/22 maxlen: 24
94.154.115.0/24 maxlen: 24
193.221.208.0/24 maxlen: 24
37.77.151.0/24 maxlen: 24
178.212.79.0/24 maxlen: 24
146.19.119.0/24 maxlen: 24
62.3.53.0/24 maxlen: 24
89.248.65.0/24 maxlen: 24
77.87.126.0/24 maxlen: 24
45.90.12.0/22 maxlen: 24
185.138.165.0/24 maxlen: 24
146.19.231.0/24 maxlen: 24
185.149.150.0/24 maxlen: 24
109.205.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 09:02:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:af:e7:21:31:9e:b2:ec:4e:d9:a9:6f:19:f3:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 04:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5a99347947e6b7a8f21af0c6935371dd8778849
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:83:f2:d0:59:09:c3:2e:12:ad:14:be:d4:6b:
f4:c9:a2:3a:cf:df:da:cf:93:8f:6e:9f:84:65:29:
8b:ea:b5:47:f9:8c:dd:81:ea:bd:b5:12:de:f8:77:
db:1c:2b:e5:e1:eb:40:d7:48:20:27:e0:fe:ac:0f:
46:f2:41:76:f8:e3:66:11:71:0b:4a:f2:c9:32:91:
62:a8:a2:97:8d:17:6a:2c:7c:9a:b8:96:92:75:a8:
e9:f3:05:3f:f2:3f:bc:3a:63:1f:0c:6c:7a:81:5a:
63:e0:db:6f:c4:11:cb:2d:76:45:32:86:26:02:e6:
a7:1e:90:f1:e7:fe:38:ff:03:51:3d:5c:3b:0b:a7:
ad:d5:6a:77:cf:97:7b:9a:92:c4:79:a5:09:b9:e7:
97:cb:82:70:98:94:72:a9:72:e7:de:6b:a1:1f:85:
41:72:da:2d:b5:c7:1f:1b:39:1e:be:8c:fe:15:5b:
71:ec:6e:ec:c0:af:63:db:ca:ae:fb:96:55:19:4a:
92:9f:ed:6c:b4:25:2b:c3:f5:44:9e:ed:3d:00:82:
a6:78:68:89:f8:b4:f3:35:a3:79:9e:c3:7a:eb:56:
89:7c:59:ea:5d:de:5f:1a:2d:29:9a:80:86:6a:96:
f4:b3:8a:e5:87:65:75:6b:a7:ca:23:58:f2:a4:32:
0b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:A9:93:47:94:7E:6B:7A:8F:21:AF:0C:69:35:37:1D:D8:77:88:49
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/5amTR5R-a3qPIa8MaTU3Hdh3iEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.151.0/24
45.90.12.0/22
45.90.116.0/22
62.3.53.0/24
77.87.126.0/24
89.248.65.0/24
94.154.115.0/24
109.205.63.0/24
146.19.119.0/24
146.19.231.0/24
178.212.79.0/24
185.138.165.0/24
185.149.150.0/24
193.221.208.0/24
Signature Algorithm: sha256WithRSAEncryption
58:de:23:c3:cb:a5:c2:4d:f5:84:fe:c0:22:7a:77:fb:03:f5:
11:15:f0:55:94:9c:42:c4:3c:e3:56:c9:f4:7c:f5:aa:05:7d:
b3:ed:09:3d:58:dc:55:95:44:3e:af:85:15:ca:b7:00:a9:95:
a7:7b:b6:b4:49:40:84:a0:00:44:d2:e7:5c:13:4c:50:44:60:
cb:96:a2:a4:0e:3f:16:75:49:37:83:3a:a2:63:fb:a4:5d:50:
c5:f4:d3:92:da:3f:0d:3c:14:24:48:1f:36:07:eb:a2:98:62:
a8:09:ad:da:83:36:8b:af:16:1d:a1:ae:21:cc:0b:42:a6:3f:
a8:d0:9f:ce:b4:91:e5:6d:39:dc:be:f5:51:7f:e2:fa:ce:8f:
f1:03:16:2b:62:6f:c9:ef:4c:63:dc:d7:f2:99:a1:2c:fe:9d:
9c:6a:43:8b:68:3e:10:de:49:02:39:5b:a8:c7:9d:87:86:26:
ce:08:eb:66:0d:43:47:a2:66:c4:4d:99:ab:d6:32:81:00:4c:
0a:41:af:b2:75:8b:8b:6e:4d:6e:fc:3a:6c:ac:83:75:e8:67:
76:ed:19:17:fe:97:b5:00:32:01:2d:12:39:7a:e1:81:17:4f:
b2:78:28:d8:f2:54:e0:49:12:94:74:bf:03:64:ad:ab:ae:74:
03:54:f7:a0
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYzDSK/nITGesuxO2alvGfMMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjQwMTAxMDQyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWE5OTM0Nzk0N2U2YjdhOGYyMWFmMGM2OTM1MzcxZGQ4Nzc4ODQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4Py0FkJwy4SrRS+1Gv0yaI6z9/a
z5OPbp+EZSmL6rVH+Yzdgeq9tRLe+HfbHCvl4etA10ggJ+D+rA9G8kF2+ONmEXEL
SvLJMpFiqKKXjRdqLHyauJaSdajp8wU/8j+8OmMfDGx6gVpj4NtvxBHLLXZFMoYm
AuanHpDx5/44/wNRPVw7C6et1Wp3z5d7mpLEeaUJueeXy4JwmJRyqXLn3muhH4VB
ctottccfGzkevoz+FVtx7G7swK9j28qu+5ZVGUqSn+1stCUrw/VEnu09AIKmeGiJ
+LTzNaN5nsN661aJfFnqXd5fGi0pmoCGapb0s4rlh2V1a6fKI1jypDILFQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFOWpk0eUfmt6jyGvDGk1Nx3Yd4hJMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvNWFtVFI1Ui1hM3FQSWE4TWFUVTNIZGgzaUVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAJU2XAwQC
LVoMAwQCLVp0AwQAPgM1AwQATVd+AwQAWfhBAwQAXppzAwQAbc0/AwQAkhN3AwQA
khPnAwQAstRPAwQAuYqlAwQAuZWWAwQAwd3QMA0GCSqGSIb3DQEBCwUAA4IBAQBY
3iPDy6XCTfWE/sAienf7A/URFfBVlJxCxDzjVsn0fPWqBX2z7Qk9WNxVlUQ+r4UV
yrcAqZWne7a0SUCEoABE0udcE0xQRGDLlqKkDj8WdUk3gzqiY/ukXVDF9NOS2j8N
PBQkSB82B+uimGKoCa3agzaLrxYdoa4hzAtCpj+o0J/OtJHlbTncvvVRf+L6zo/x
AxYrYm/J70xj3NfymaEs/p2cakOLaD4Q3kkCOVuox52HhibOCOtmDUNHombETZmr
1jKBAEwKQa+ydYuLbk1u/DpsrIN16Gd27RkX/pe1ADIBLRI5euGBF0+yeCjY8lTg
SRKUdL8DZK2rrnQDVPeg
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:21:13 2025 by rpki-client