Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/S1aliu9pkXtNQT5qKsohTCrg6KY.roa
File: S1aliu9pkXtNQT5qKsohTCrg6KY.roa (raw, json)
Hash identifier: 4lyrEXmGpJ2RSC7Q0vQTptlM8G33fL5eVJZ1Nlefitc=
Subject key identifier: 4B:56:A5:8A:EF:69:91:7B:4D:41:3E:6A:2A:CA:21:4C:2A:E0:E8:A6
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DCC6503D76C372470765EC132CBBDBC6C
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/S1aliu9pkXtNQT5qKsohTCrg6KY.roa
Signing time: Wed 21 Feb 2024 15:59:48 +0000
ROA not before: Wed 21 Feb 2024 15:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34665
IP address blocks: 5.183.129.0/24 maxlen: 24
45.11.23.0/24 maxlen: 24
45.14.222.0/24 maxlen: 24
45.84.178.0/24 maxlen: 24
45.89.70.0/24 maxlen: 24
45.129.1.0/24 maxlen: 24
88.218.72.0/22 maxlen: 22
91.188.212.0/22 maxlen: 22
94.158.189.0/24 maxlen: 24
194.32.238.0/24 maxlen: 24
194.32.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 17:41:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cc:65:03:d7:6c:37:24:70:76:5e:c1:32:cb:bd:bc:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 21 15:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b56a58aef69917b4d413e6a2aca214c2ae0e8a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:40:1e:a1:68:0e:4a:41:92:4b:25:a9:ea:7c:
30:b7:d0:00:ba:74:31:0c:6e:2f:52:be:92:21:27:
7b:cf:f0:05:9d:57:dc:b4:11:bd:c4:42:54:b1:8c:
30:d8:50:2f:06:41:bd:c0:5d:89:07:3d:d4:0f:d2:
06:6b:1d:7c:81:0b:74:fe:57:dc:0a:d8:56:11:1b:
1b:54:91:5e:2f:9d:94:e9:d9:76:c0:3b:f6:ff:c7:
e1:66:e3:79:da:29:91:1d:54:da:d3:e0:b3:5d:7d:
71:e2:29:19:6a:26:90:d9:4d:b8:33:97:4c:a2:22:
f0:2c:5d:64:b8:16:63:9e:f4:6a:0a:f9:4e:ba:29:
1f:dd:c4:1d:3a:62:ba:12:85:d3:4d:9b:0a:df:82:
aa:eb:aa:5f:83:ed:ac:03:6d:2f:d7:8d:b5:53:e0:
61:bf:9f:0a:0c:8e:bb:9f:a5:b1:9a:a6:cd:b6:fe:
f8:a1:9f:c3:93:1e:3d:bf:da:6f:08:95:22:25:91:
bd:f8:b7:52:f7:40:cf:cd:df:80:87:60:5f:ff:c4:
35:62:a8:72:3a:f4:29:66:8c:68:53:d8:05:0b:a1:
1e:fa:10:45:d8:75:33:7a:c1:28:93:30:58:0f:17:
1c:00:42:59:d8:e7:e5:47:e3:28:b5:41:99:a0:14:
6d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:56:A5:8A:EF:69:91:7B:4D:41:3E:6A:2A:CA:21:4C:2A:E0:E8:A6
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/S1aliu9pkXtNQT5qKsohTCrg6KY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.129.0/24
45.11.23.0/24
45.14.222.0/24
45.84.178.0/24
45.89.70.0/24
45.129.1.0/24
88.218.72.0/22
91.188.212.0/22
94.158.189.0/24
194.32.238.0/23
Signature Algorithm: sha256WithRSAEncryption
92:87:05:ef:a8:92:3a:91:dd:1f:0a:d3:05:b5:6d:ff:07:ba:
d8:92:3d:41:e5:c1:bb:d3:a3:ca:13:73:fe:c2:cd:05:a7:eb:
0b:f2:cb:d7:f2:1a:bb:90:7a:fe:ff:62:86:bf:d1:4b:ef:09:
e3:5d:e7:06:12:9e:8e:3b:ea:36:dc:d8:9f:f9:8b:64:44:ea:
6a:1a:5f:4a:bd:1d:c3:a3:70:61:6f:93:65:51:35:1c:37:18:
f8:cc:0d:99:8b:43:a2:f5:cb:f9:76:b1:a7:69:1d:8e:82:74:
2f:dd:86:3d:ff:1a:6f:99:80:62:d1:fb:bf:27:c4:e2:28:fe:
5e:bd:6b:83:e6:b3:e2:8b:ed:32:91:90:42:54:6c:ff:ac:ba:
16:6d:0f:47:22:aa:98:5a:4b:cf:fa:8f:e3:6e:23:7d:68:a8:
22:a5:7b:81:b8:49:fa:f2:79:2d:db:5c:14:34:73:78:23:2f:
72:52:a6:18:2d:3b:ea:b0:22:5f:b1:ac:c2:ae:12:23:0f:30:
a9:19:ca:ed:13:03:d2:39:89:91:85:19:5d:61:80:6c:8e:79:
eb:c2:41:f3:66:5f:ad:28:a5:b6:35:a9:50:ad:18:58:32:65:
6e:50:26:d3:65:5e:32:d0:91:59:16:bd:d6:2f:b1:4e:20:51:
f7:22:37:b4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY3MZQPXbDckcHZewTLLvbxsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjIxMTU1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjU2YTU4YWVmNjk5MTdiNGQ0MTNlNmEyYWNhMjE0YzJhZTBlOGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0AeoWgOSkGSSyWp6nwwt9AAunQx
DG4vUr6SISd7z/AFnVfctBG9xEJUsYww2FAvBkG9wF2JBz3UD9IGax18gQt0/lfc
CthWERsbVJFeL52U6dl2wDv2/8fhZuN52imRHVTa0+CzXX1x4ikZaiaQ2U24M5dM
oiLwLF1kuBZjnvRqCvlOuikf3cQdOmK6EoXTTZsK34Kq66pfg+2sA20v1421U+Bh
v58KDI67n6WxmqbNtv74oZ/Dkx49v9pvCJUiJZG9+LdS90DPzd+Ah2Bf/8Q1Yqhy
OvQpZoxoU9gFC6Ee+hBF2HUzesEokzBYDxccAEJZ2OflR+MotUGZoBRtlQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFEtWpYrvaZF7TUE+airKIUwq4OimMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvUzFhbGl1OXBrWHROUVQ1cUtzb2hUQ3JnNktZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQABbeBAwQA
LQsXAwQALQ7eAwQALVSyAwQALVlGAwQALYEBAwQCWNpIAwQCW7zUAwQAXp69AwQB
wiDuMA0GCSqGSIb3DQEBCwUAA4IBAQCShwXvqJI6kd0fCtMFtW3/B7rYkj1B5cG7
06PKE3P+ws0Fp+sL8svX8hq7kHr+/2KGv9FL7wnjXecGEp6OO+o23Nif+YtkROpq
Gl9KvR3Do3Bhb5NlUTUcNxj4zA2Zi0Oi9cv5drGnaR2OgnQv3YY9/xpvmYBi0fu/
J8TiKP5evWuD5rPii+0ykZBCVGz/rLoWbQ9HIqqYWkvP+o/jbiN9aKgipXuBuEn6
8nkt21wUNHN4Iy9yUqYYLTvqsCJfsazCrhIjDzCpGcrtEwPSOYmRhRldYYBsjnnr
wkHzZl+tKKW2NalQrRhYMmVuUCbTZV4y0JFZFr3WL7FOIFH3Ije0
-----END CERTIFICATE-----
Generated at Thu Feb 22 20:07:06 2024 by rpki-client on console-ams.rpki-client.org