Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/DoJwo9PR1uLF1QMfAfPeV-QOU4k.roa
File: DoJwo9PR1uLF1QMfAfPeV-QOU4k.roa (raw, json)
Hash identifier: iMJi3vyimftiCvfo/IXTymBnJlk8hWEddCMvrXMSWs0=
Subject key identifier: 0E:82:70:A3:D3:D1:D6:E2:C5:D5:03:1F:01:F3:DE:57:E4:0E:53:89
Certificate issuer: /CN=2d9e31c9029ee44bd681b515330335c6a1cfdeee
Certificate serial: 018DFA9F1DE8327B4A34E118D74F879F2A62
Authority key identifier: 2D:9E:31:C9:02:9E:E4:4B:D6:81:B5:15:33:03:35:C6:A1:CF:DE:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/DoJwo9PR1uLF1QMfAfPeV-QOU4k.roa
Signing time: Fri 01 Mar 2024 15:25:48 +0000
ROA not before: Fri 01 Mar 2024 15:25:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209523
IP address blocks: 5.198.192.0/19 maxlen: 19
5.198.193.0/24 maxlen: 24
45.158.68.0/22 maxlen: 22
185.97.140.0/22 maxlen: 22
185.97.140.0/24 maxlen: 24
185.97.141.0/24 maxlen: 24
2a02:e58::/32 maxlen: 32
2a02:e58:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fa:9f:1d:e8:32:7b:4a:34:e1:18:d7:4f:87:9f:2a:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d9e31c9029ee44bd681b515330335c6a1cfdeee
Validity
Not Before: Mar 1 15:25:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e8270a3d3d1d6e2c5d5031f01f3de57e40e5389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3f:5d:7f:5e:74:59:61:70:fc:56:ef:9a:8b:
7e:8b:c7:4f:2f:42:a2:c2:c3:81:82:82:10:62:d0:
43:93:72:16:52:2b:57:65:09:11:57:b1:cc:98:33:
36:cd:d7:9f:73:1e:12:f8:e1:ad:0c:12:74:47:ea:
d4:b3:f8:ec:ec:78:51:12:5f:29:ea:5b:50:c1:70:
a1:cc:d0:d8:2d:83:1d:51:bf:63:a8:26:f8:e8:f8:
f9:e8:96:d5:32:d2:21:53:1b:d9:47:4a:06:8b:03:
e6:43:2a:4a:00:78:28:c4:e8:c3:b0:27:55:77:a0:
97:53:fb:20:21:24:03:b0:e9:60:a1:54:ff:d1:13:
38:27:e5:4c:a7:66:34:ad:98:01:f4:4f:e7:3f:78:
37:dc:c0:e2:fb:69:3b:0d:ac:34:43:c3:65:4c:d3:
15:9f:e4:c3:fb:dc:68:be:1d:8d:30:b2:ec:38:e2:
4b:e4:c1:68:95:36:1a:16:04:cc:4d:95:2c:39:47:
39:e7:e4:53:98:89:22:ea:a3:7c:ad:ca:1f:d2:60:
de:91:18:e6:d9:7f:55:24:2d:02:54:60:4d:a5:91:
8d:f9:39:67:2a:bb:99:c0:5d:a5:2b:39:a3:9c:e2:
22:2c:a9:ca:8f:ab:a4:85:72:70:e6:7c:59:79:a3:
92:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:82:70:A3:D3:D1:D6:E2:C5:D5:03:1F:01:F3:DE:57:E4:0E:53:89
X509v3 Authority Key Identifier:
keyid:2D:9E:31:C9:02:9E:E4:4B:D6:81:B5:15:33:03:35:C6:A1:CF:DE:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/DoJwo9PR1uLF1QMfAfPeV-QOU4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.198.192.0/19
45.158.68.0/22
185.97.140.0/22
IPv6:
2a02:e58::/32
Signature Algorithm: sha256WithRSAEncryption
6e:81:c6:49:10:e4:59:cb:ac:24:5e:f0:6f:5b:73:f8:b9:fa:
36:7e:43:12:dd:ba:e3:4e:8e:ff:0c:13:c2:85:44:31:3f:30:
21:15:21:b8:6a:34:61:a1:d0:8a:e2:8e:6c:d1:3c:c9:2b:10:
d6:64:07:5c:6f:c3:c2:85:73:37:2e:5f:29:43:49:9c:75:36:
d7:89:d7:33:9c:db:c9:2a:b6:c1:c2:21:79:a0:d6:3f:a5:9a:
a6:b9:dc:1b:97:54:13:a7:38:58:92:cf:34:b3:21:57:ca:66:
cb:66:5d:9b:ed:ab:07:44:e9:2f:ac:35:31:51:7b:41:ec:9a:
c6:d2:19:3f:a2:bf:91:e7:97:64:1e:c0:2a:09:7d:80:c1:44:
f8:f5:b7:9b:5f:9b:de:e1:50:49:2b:17:aa:e5:70:08:a2:52:
70:40:b1:4f:73:d1:fb:cd:6c:90:5e:5c:0e:cb:13:61:68:51:
20:57:67:dd:e2:2c:9f:8a:42:d7:db:5e:3e:80:75:bb:92:e0:
91:ad:76:b4:b4:1e:a9:8f:a0:45:75:27:d3:6b:9f:f4:ff:c3:
e1:28:6c:49:13:b5:58:a9:05:d7:7f:7c:af:7d:c8:b3:a4:2b:
fc:0c:3d:72:69:da:87:09:b1:34:c0:a1:d9:39:18:e4:be:1a:
5f:2c:1b:6b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY36nx3oMntKNOEY10+HnypiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkOWUzMWM5MDI5ZWU0NGJkNjgxYjUxNTMzMDMzNWM2YTFj
ZmRlZWUwHhcNMjQwMzAxMTUyNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTgyNzBhM2QzZDFkNmUyYzVkNTAzMWYwMWYzZGU1N2U0MGU1Mzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkj9df150WWFw/Fbvmot+i8dPL0Ki
wsOBgoIQYtBDk3IWUitXZQkRV7HMmDM2zdefcx4S+OGtDBJ0R+rUs/js7HhREl8p
6ltQwXChzNDYLYMdUb9jqCb46Pj56JbVMtIhUxvZR0oGiwPmQypKAHgoxOjDsCdV
d6CXU/sgISQDsOlgoVT/0RM4J+VMp2Y0rZgB9E/nP3g33MDi+2k7Daw0Q8NlTNMV
n+TD+9xovh2NMLLsOOJL5MFolTYaFgTMTZUsOUc55+RTmIki6qN8rcof0mDekRjm
2X9VJC0CVGBNpZGN+TlnKruZwF2lKzmjnOIiLKnKj6ukhXJw5nxZeaOSzwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFA6CcKPT0dbixdUDHwHz3lfkDlOJMB8GA1UdIwQY
MBaAFC2eMckCnuRL1oG1FTMDNcahz97uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFo0eHlRS2U1RXZXZ2JVVk13TTF4cUhQM3U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xNWQ4OTYtMmY2OS00Njk3LWE2ZmMt
MDhkYTY2NTJhODY3LzEvRG9Kd285UFIxdUxGMVFNZkFmUGVWLVFPVTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xNWQ4OTYtMmY2OS00Njk3LWE2ZmMtMDhkYTY2NTJhODY3
LzEvTFo0eHlRS2U1RXZXZ2JVVk13TTF4cUhQM3U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFBcbAAwQC
LZ5EAwQCuWGMMA0EAgACMAcDBQAqAg5YMA0GCSqGSIb3DQEBCwUAA4IBAQBugcZJ
EORZy6wkXvBvW3P4ufo2fkMS3brjTo7/DBPChUQxPzAhFSG4ajRhodCK4o5s0TzJ
KxDWZAdcb8PChXM3Ll8pQ0mcdTbXidcznNvJKrbBwiF5oNY/pZqmudwbl1QTpzhY
ks80syFXymbLZl2b7asHROkvrDUxUXtB7JrG0hk/or+R55dkHsAqCX2AwUT49beb
X5ve4VBJKxeq5XAIolJwQLFPc9H7zWyQXlwOyxNhaFEgV2fd4iyfikLX214+gHW7
kuCRrXa0tB6pj6BFdSfTa5/0/8PhKGxJE7VYqQXXf3yvfcizpCv8DD1yadqHCbE0
wKHZORjkvhpfLBtr
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:28:36 2025 by rpki-client