Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/tF_WbE3lvtf0xG6TkifPgoN-feA.roa
File: tF_WbE3lvtf0xG6TkifPgoN-feA.roa (raw, json)
Hash identifier: rLbjWDpv8EzjLsWWiTXPkaPKo9UaqBXm5BkNVi7wZlg=
Subject key identifier: B4:5F:D6:6C:4D:E5:BE:D7:F4:C4:6E:93:92:27:CF:82:83:7E:7D:E0
Certificate issuer: /CN=d26a4409ea91f506d633871c6c35540d460337d1
Certificate serial: 018D5F6F8256C341651D2B9EDD816E2D18A6
Authority key identifier: D2:6A:44:09:EA:91:F5:06:D6:33:87:1C:6C:35:54:0D:46:03:37:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mpECeqR9QbWM4ccbDVUDUYDN9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/tF_WbE3lvtf0xG6TkifPgoN-feA.roa
Signing time: Wed 31 Jan 2024 12:12:39 +0000
ROA not before: Wed 31 Jan 2024 12:12:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60203
IP address blocks: 5.45.160.0/21 maxlen: 21
5.45.160.0/24 maxlen: 24
5.45.165.0/24 maxlen: 24
5.45.166.0/24 maxlen: 24
5.45.168.0/21 maxlen: 21
5.45.168.0/22 maxlen: 22
5.45.169.0/24 maxlen: 24
5.45.172.0/24 maxlen: 24
5.45.174.0/23 maxlen: 23
171.22.8.0/24 maxlen: 24
171.22.9.0/24 maxlen: 24
171.22.10.0/24 maxlen: 24
171.22.11.0/24 maxlen: 24
185.43.72.0/24 maxlen: 24
185.43.73.0/24 maxlen: 24
185.43.74.0/23 maxlen: 23
185.62.20.0/24 maxlen: 24
185.62.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 May 2024 18:16:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5f:6f:82:56:c3:41:65:1d:2b:9e:dd:81:6e:2d:18:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d26a4409ea91f506d633871c6c35540d460337d1
Validity
Not Before: Jan 31 12:12:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b45fd66c4de5bed7f4c46e939227cf82837e7de0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:99:62:f6:bd:2d:37:81:34:00:e4:0a:2c:89:
12:1e:a7:06:e5:a7:df:25:07:66:f5:0a:37:98:c2:
84:43:42:95:bf:98:61:77:b5:fc:e6:75:ce:fa:b5:
ce:b9:85:ba:25:1d:8c:03:2e:7b:1f:ea:dd:49:fb:
e6:dd:5f:68:d6:5d:3d:a9:c1:eb:e7:35:e2:e9:ac:
7d:17:cf:c2:b3:4f:8e:2c:4f:69:f5:6b:93:eb:3a:
dc:7b:3f:0e:a4:e4:1e:5c:02:7a:57:0c:8b:97:5b:
e1:19:64:67:cf:02:72:bd:40:97:b6:f3:b2:31:da:
f5:d4:60:70:4e:4e:01:75:1a:d4:34:7e:b6:76:29:
d7:58:87:75:47:5c:64:b9:22:a0:cc:d1:39:08:94:
1b:55:69:67:7c:b0:0b:b1:45:fc:1c:0b:0f:88:40:
69:5b:a7:2e:69:5e:27:7a:82:1b:6d:44:9a:1f:ee:
50:00:ee:d3:76:02:bc:61:e0:ad:b3:35:54:90:52:
d1:ed:28:83:eb:90:c2:2e:4c:10:5f:2b:41:7d:63:
77:16:97:64:80:92:44:39:4d:87:03:0c:72:2a:60:
83:b4:58:56:46:3d:14:62:02:94:73:17:09:b4:02:
bf:32:59:1e:a4:9f:21:98:1e:b5:9a:47:f7:36:15:
cb:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:5F:D6:6C:4D:E5:BE:D7:F4:C4:6E:93:92:27:CF:82:83:7E:7D:E0
X509v3 Authority Key Identifier:
keyid:D2:6A:44:09:EA:91:F5:06:D6:33:87:1C:6C:35:54:0D:46:03:37:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mpECeqR9QbWM4ccbDVUDUYDN9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/tF_WbE3lvtf0xG6TkifPgoN-feA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/0mpECeqR9QbWM4ccbDVUDUYDN9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.160.0/20
171.22.8.0/22
185.43.72.0/22
185.62.20.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:dc:08:1e:27:85:41:1e:8c:ed:5c:2f:63:a8:e9:d4:6b:c9:
f8:3d:fe:94:85:2c:dd:28:68:2f:d7:5b:3c:a1:76:e9:46:ba:
d4:bb:a6:da:28:33:f6:b2:51:8d:3d:7f:1a:b0:ad:1e:65:5a:
01:8c:fe:b0:b2:b5:02:7a:65:f4:16:35:75:a5:f3:4a:96:3a:
90:cd:14:89:c5:80:a0:3b:a3:b1:0d:e5:64:91:63:e2:81:17:
2d:59:52:ad:5e:e5:a2:8f:16:7b:a2:82:54:a1:bf:b1:f8:f5:
dd:92:51:47:8e:2e:2b:01:ef:67:0b:a8:1e:d8:1c:70:ed:df:
e1:ba:b5:52:e5:ac:7b:58:b9:0c:cb:bf:ad:85:43:4e:75:10:
db:ce:45:d4:e3:e2:cd:48:a2:67:44:5e:3a:d1:68:72:ef:a0:
b7:9a:a0:0c:1d:02:56:92:69:30:6d:16:f5:44:3b:b2:f3:85:
49:c0:8f:84:ba:04:7b:af:8f:06:c1:5b:00:06:ca:6c:4b:58:
aa:43:39:1f:d8:59:9a:e2:fc:8a:c1:af:8b:31:48:8f:e9:67:
88:2b:b2:9d:5c:3d:31:ce:1d:61:45:59:9e:d2:82:8b:0c:18:
f9:32:96:3b:50:a2:1b:57:26:26:9b:b2:aa:74:51:80:55:d2:
a9:21:91:ad
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY1fb4JWw0FlHSue3YFuLRimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNmE0NDA5ZWE5MWY1MDZkNjMzODcxYzZjMzU1NDBkNDYw
MzM3ZDEwHhcNMjQwMTMxMTIxMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDVmZDY2YzRkZTViZWQ3ZjRjNDZlOTM5MjI3Y2Y4MjgzN2U3ZGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppli9r0tN4E0AOQKLIkSHqcG5aff
JQdm9Qo3mMKEQ0KVv5hhd7X85nXO+rXOuYW6JR2MAy57H+rdSfvm3V9o1l09qcHr
5zXi6ax9F8/Cs0+OLE9p9WuT6zrcez8OpOQeXAJ6VwyLl1vhGWRnzwJyvUCXtvOy
Mdr11GBwTk4BdRrUNH62dinXWId1R1xkuSKgzNE5CJQbVWlnfLALsUX8HAsPiEBp
W6cuaV4neoIbbUSaH+5QAO7TdgK8YeCtszVUkFLR7SiD65DCLkwQXytBfWN3Fpdk
gJJEOU2HAwxyKmCDtFhWRj0UYgKUcxcJtAK/MlkepJ8hmB61mkf3NhXLiwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLRf1mxN5b7X9MRuk5Inz4KDfn3gMB8GA1UdIwQY
MBaAFNJqRAnqkfUG1jOHHGw1VA1GAzfRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG1wRUNlcVI5UWJXTTRjY2JEVlVEVVlETjlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9mNDEwNTEtMDgxMC00M2ZmLWIxOTYt
Y2ZlZmRmZGZiZTZiLzEvdEZfV2JFM2x2dGYweEc2VGtpZlBnb04tZmVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9mNDEwNTEtMDgxMC00M2ZmLWIxOTYtY2ZlZmRmZGZiZTZi
LzEvMG1wRUNlcVI5UWJXTTRjY2JEVlVEVVlETjlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEBS2gAwQC
qxYIAwQCuStIAwQBuT4UMA0GCSqGSIb3DQEBCwUAA4IBAQBs3AgeJ4VBHoztXC9j
qOnUa8n4Pf6UhSzdKGgv11s8oXbpRrrUu6baKDP2slGNPX8asK0eZVoBjP6wsrUC
emX0FjV1pfNKljqQzRSJxYCgO6OxDeVkkWPigRctWVKtXuWijxZ7ooJUob+x+PXd
klFHji4rAe9nC6ge2Bxw7d/hurVS5ax7WLkMy7+thUNOdRDbzkXU4+LNSKJnRF46
0Why76C3mqAMHQJWkmkwbRb1RDuy84VJwI+EugR7r48GwVsABspsS1iqQzkf2Fma
4vyKwa+LMUiP6WeIK7KdXD0xzh1hRVme0oKLDBj5MpY7UKIbVyYmm7KqdFGAVdKp
IZGt
-----END CERTIFICATE-----
Generated at Wed May 22 20:06:30 2024 by rpki-client on console-fra.rpki-client.org