Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/5-0kJmNPl4cE5_y2C9PjkS-knlY.roa
File: 5-0kJmNPl4cE5_y2C9PjkS-knlY.roa (raw, json)
Hash identifier: lgiZ4Ctew96xvmj5kj9r0mAIni7aYVa/OETlN9i4Y7k=
Subject key identifier: E7:ED:24:26:63:4F:97:87:04:E7:FC:B6:0B:D3:E3:91:2F:A4:9E:56
Certificate issuer: /CN=b96e8b6d73f2f38548996f66621330a8d7108529
Certificate serial: 0193A1D1D04C0E8A0707428CDE97C9DD56CA
Authority key identifier: B9:6E:8B:6D:73:F2:F3:85:48:99:6F:66:62:13:30:A8:D7:10:85:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uW6LbXPy84VImW9mYhMwqNcQhSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/5-0kJmNPl4cE5_y2C9PjkS-knlY.roa
Signing time: Sat 07 Dec 2024 15:51:42 +0000
ROA not before: Sat 07 Dec 2024 15:51:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43366
IP address blocks: 5.133.84.0/22 maxlen: 24
185.197.188.0/22 maxlen: 24
185.205.240.0/22 maxlen: 24
192.145.24.0/22 maxlen: 24
194.164.116.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a1:d1:d0:4c:0e:8a:07:07:42:8c:de:97:c9:dd:56:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b96e8b6d73f2f38548996f66621330a8d7108529
Validity
Not Before: Dec 7 15:51:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7ed2426634f978704e7fcb60bd3e3912fa49e56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c0:f5:29:a2:51:06:98:9e:09:49:71:fc:fd:
a8:83:06:0a:ab:d7:9c:06:3e:58:72:47:b7:f4:51:
8d:e9:29:48:ad:4a:e1:06:94:29:41:f9:6a:52:ce:
e6:23:d0:5b:cc:18:66:03:0d:23:35:f9:93:07:45:
db:34:27:a0:b9:9e:8d:d4:88:60:53:b7:98:3f:f3:
3e:68:44:fd:f1:94:09:8a:b6:4b:01:b9:91:71:9d:
3e:95:eb:81:bd:4a:b3:7f:35:86:b6:e0:28:89:9b:
21:aa:92:d4:2f:57:96:67:b6:72:70:36:21:81:a4:
a7:50:ec:fc:62:a5:bc:c7:0c:15:d1:e6:d9:84:fd:
1e:37:10:79:b3:e1:e0:75:fe:9b:b4:b1:3a:5b:73:
64:f6:48:75:e4:eb:56:77:9a:95:54:d6:95:38:56:
a5:9a:7a:12:26:e1:33:13:fa:61:0b:9b:d6:70:55:
ff:c8:44:67:7a:49:fb:4f:af:80:7b:d4:db:54:68:
44:31:f8:50:71:4b:c5:32:ff:46:b5:25:03:6a:10:
fa:19:c8:ac:2c:02:f2:f5:70:1e:07:fe:f7:ec:df:
36:f1:77:e7:90:b4:0c:ac:b5:07:19:b4:84:ca:0f:
76:9a:c8:33:10:10:ad:b8:81:9c:3f:12:4a:ab:cf:
ca:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:ED:24:26:63:4F:97:87:04:E7:FC:B6:0B:D3:E3:91:2F:A4:9E:56
X509v3 Authority Key Identifier:
keyid:B9:6E:8B:6D:73:F2:F3:85:48:99:6F:66:62:13:30:A8:D7:10:85:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uW6LbXPy84VImW9mYhMwqNcQhSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/5-0kJmNPl4cE5_y2C9PjkS-knlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/uW6LbXPy84VImW9mYhMwqNcQhSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.84.0/22
185.197.188.0/22
185.205.240.0/22
192.145.24.0/22
194.164.116.0/23
Signature Algorithm: sha256WithRSAEncryption
57:c3:b5:ea:a3:e1:c7:44:71:73:a3:bf:92:4a:51:28:a3:72:
59:fa:ef:2f:e3:6f:fc:9a:9b:5e:fa:69:8c:67:0f:e1:b3:58:
a5:65:0e:89:80:ca:e0:a6:a2:73:6d:14:27:3c:e4:8a:fd:5e:
70:ef:df:df:4e:02:c3:eb:05:5f:f3:65:42:31:59:7a:9f:df:
a1:ec:fd:43:16:ae:72:02:d3:d2:bf:59:9a:e9:2e:62:d5:6f:
e8:b2:b8:7d:5e:5e:cc:72:a5:36:86:22:a9:d1:5b:a9:65:62:
11:b1:bf:1c:6d:f3:4d:18:6d:d2:8a:64:9e:d3:38:8a:94:f8:
52:60:49:23:45:d4:64:53:22:97:a6:be:5a:43:39:0a:f0:08:
93:9b:b8:22:da:5d:5e:5a:22:f9:7e:d7:56:25:a6:52:87:39:
44:eb:81:9e:bb:fc:19:6a:a7:73:49:51:d1:f4:91:bd:e2:bf:
39:6a:e7:e8:0f:9b:3c:de:02:57:77:89:a2:08:db:e3:5c:65:
b3:b0:15:55:83:1c:bf:1c:5c:e1:7f:50:e4:88:2d:63:0c:7f:
57:f1:be:2c:30:53:74:c9:68:7a:a1:63:a3:b1:3d:4c:67:92:
31:66:01:5e:d5:d9:f7:e1:6b:c9:2f:a9:4e:bf:81:f2:57:cb:
37:92:3b:55
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZOh0dBMDooHB0KM3pfJ3VbKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NmU4YjZkNzNmMmYzODU0ODk5NmY2NjYyMTMzMGE4ZDcx
MDg1MjkwHhcNMjQxMjA3MTU1MTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2VkMjQyNjYzNGY5Nzg3MDRlN2ZjYjYwYmQzZTM5MTJmYTQ5ZTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicD1KaJRBpieCUlx/P2ogwYKq9ec
Bj5Ycke39FGN6SlIrUrhBpQpQflqUs7mI9BbzBhmAw0jNfmTB0XbNCeguZ6N1Ihg
U7eYP/M+aET98ZQJirZLAbmRcZ0+leuBvUqzfzWGtuAoiZshqpLUL1eWZ7ZycDYh
gaSnUOz8YqW8xwwV0ebZhP0eNxB5s+Hgdf6btLE6W3Nk9kh15OtWd5qVVNaVOFal
mnoSJuEzE/phC5vWcFX/yERnekn7T6+Ae9TbVGhEMfhQcUvFMv9GtSUDahD6Gcis
LALy9XAeB/737N828XfnkLQMrLUHGbSEyg92msgzEBCtuIGcPxJKq8/KBQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOftJCZjT5eHBOf8tgvT45EvpJ5WMB8GA1UdIwQY
MBaAFLlui21z8vOFSJlvZmITMKjXEIUpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVc2TGJYUHk4NFZJbVc5bVloTXdxTmNRaFNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jMTRhNjItYWE2YS00ODZkLWI5ZTYt
YmMwMDQ2NDllZTk5LzEvNS0wa0ptTlBsNGNFNV95MkM5UGprUy1rbmxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jMTRhNjItYWE2YS00ODZkLWI5ZTYtYmMwMDQ2NDllZTk5
LzEvdVc2TGJYUHk4NFZJbVc5bVloTXdxTmNRaFNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBYVUAwQC
ucW8AwQCuc3wAwQCwJEYAwQBwqR0MA0GCSqGSIb3DQEBCwUAA4IBAQBXw7Xqo+HH
RHFzo7+SSlEoo3JZ+u8v42/8mpte+mmMZw/hs1ilZQ6JgMrgpqJzbRQnPOSK/V5w
79/fTgLD6wVf82VCMVl6n9+h7P1DFq5yAtPSv1ma6S5i1W/osrh9Xl7McqU2hiKp
0VupZWIRsb8cbfNNGG3SimSe0ziKlPhSYEkjRdRkUyKXpr5aQzkK8AiTm7gi2l1e
WiL5ftdWJaZShzlE64Geu/wZaqdzSVHR9JG94r85aufoD5s83gJXd4miCNvjXGWz
sBVVgxy/HFzhf1DkiC1jDH9X8b4sMFN0yWh6oWOjsT1MZ5IxZgFe1dn34WvJL6lO
v4HyV8s3kjtV
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:40:04 2025 by rpki-client