Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/5jlD5xo0ldJkU3bzYiy5qtTYpyw.roa
File: 5jlD5xo0ldJkU3bzYiy5qtTYpyw.roa (raw, json)
Hash identifier: f09lbSf+tDdOGxUMpVjcILLO+1CbbPktA3f3kf1kEPg=
Subject key identifier: E6:39:43:E7:1A:34:95:D2:64:53:76:F3:62:2C:B9:AA:D4:D8:A7:2C
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 018E343B4D16CE031E968EBD3DE823D96D6D
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/5jlD5xo0ldJkU3bzYiy5qtTYpyw.roa
Signing time: Tue 12 Mar 2024 19:54:45 +0000
ROA not before: Tue 12 Mar 2024 19:54:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24961
IP address blocks: 5.104.104.0/21 maxlen: 24
5.199.128.0/20 maxlen: 24
37.157.248.0/21 maxlen: 24
46.20.32.0/20 maxlen: 24
46.228.192.0/20 maxlen: 24
62.141.32.0/20 maxlen: 24
78.31.64.0/21 maxlen: 24
80.82.208.0/20 maxlen: 24
81.30.144.0/20 maxlen: 24
83.136.80.0/21 maxlen: 24
85.14.192.0/18 maxlen: 24
85.114.128.0/19 maxlen: 24
89.163.128.0/17 maxlen: 24
91.194.84.0/24 maxlen: 24
91.212.153.0/24 maxlen: 24
91.212.159.0/24 maxlen: 24
93.186.192.0/20 maxlen: 24
146.0.32.0/20 maxlen: 24
152.89.92.0/22 maxlen: 24
185.15.244.0/22 maxlen: 24
185.45.248.0/22 maxlen: 24
185.219.208.0/22 maxlen: 24
193.111.198.0/23 maxlen: 24
194.107.129.0/24 maxlen: 24
194.126.198.0/24 maxlen: 24
213.202.192.0/18 maxlen: 24
217.79.176.0/20 maxlen: 24
2001:4ba0::/32 maxlen: 32
2001:4ba1::/32 maxlen: 32
2001:4ba3::/32 maxlen: 32
2001:4ba4::/32 maxlen: 32
2a01:480::/32 maxlen: 32
2a0c:6b00::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 26 Apr 2024 15:59:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:34:3b:4d:16:ce:03:1e:96:8e:bd:3d:e8:23:d9:6d:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Mar 12 19:54:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e63943e71a3495d2645376f3622cb9aad4d8a72c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:82:1b:ea:e8:06:e0:7d:4f:59:fb:e2:85:91:
d9:a5:ed:0e:57:0f:4f:0b:f6:0a:53:a2:da:b7:cd:
82:db:d4:23:67:54:0b:42:68:3e:60:37:4d:88:e4:
97:da:95:ae:ed:b3:5b:29:79:d9:8c:47:36:2b:e2:
38:d6:34:c8:37:54:e2:d1:76:89:d8:c1:42:6a:cf:
7f:b6:b1:31:82:dc:78:65:b9:32:3f:34:28:c2:78:
b3:f0:19:32:92:d1:dd:67:8b:b9:1d:61:55:c6:00:
9c:b5:f8:ab:b9:eb:28:ab:fe:67:d8:6c:c9:9c:30:
89:1f:a2:87:c2:02:b8:69:5b:58:62:1f:32:2d:b0:
be:cf:0c:48:a3:45:f5:eb:82:48:8d:9d:59:ac:6f:
0a:2a:2e:78:87:ae:b2:e2:6a:16:01:96:ad:2f:dc:
e3:cc:5b:6c:71:96:fb:4b:c5:2c:a3:7a:6b:70:c4:
0f:2f:a1:cd:2c:0d:5d:43:30:d4:45:f4:0f:2a:25:
f8:26:cb:f1:10:52:4a:27:8e:b5:f8:e1:15:7e:8f:
18:56:a2:f1:fd:6a:da:b6:53:ac:33:f7:25:db:55:
28:4f:f1:4c:fb:ef:47:ac:56:ea:21:8a:f0:b8:ca:
01:c7:27:78:77:7b:cd:ad:92:87:ac:08:41:c9:ce:
c9:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:39:43:E7:1A:34:95:D2:64:53:76:F3:62:2C:B9:AA:D4:D8:A7:2C
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/5jlD5xo0ldJkU3bzYiy5qtTYpyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.104.0/21
5.199.128.0/20
37.157.248.0/21
46.20.32.0/20
46.228.192.0/20
62.141.32.0/20
78.31.64.0/21
80.82.208.0/20
81.30.144.0/20
83.136.80.0/21
85.14.192.0/18
85.114.128.0/19
89.163.128.0/17
91.194.84.0/24
91.212.153.0/24
91.212.159.0/24
93.186.192.0/20
146.0.32.0/20
152.89.92.0/22
185.15.244.0/22
185.45.248.0/22
185.219.208.0/22
193.111.198.0/23
194.107.129.0/24
194.126.198.0/24
213.202.192.0/18
217.79.176.0/20
IPv6:
2001:4ba0::/31
2001:4ba3::-2001:4ba4:ffff:ffff:ffff:ffff:ffff:ffff
2a01:480::/32
2a0c:6b00::/32
Signature Algorithm: sha256WithRSAEncryption
2c:25:65:b7:3a:78:e8:3c:f4:f6:d5:eb:83:1a:5c:54:66:b9:
d4:dd:fd:2e:8f:75:0a:76:07:5a:2c:cc:b8:78:78:89:c9:b6:
9f:ca:c5:31:6a:8a:34:c6:f8:b3:24:01:4a:98:7a:28:3f:0b:
a4:79:27:56:e4:ce:f9:a4:83:84:c5:a3:6f:fc:45:10:9b:46:
1e:87:3d:b6:5f:5f:d4:dc:93:cb:62:f1:3d:b5:30:3b:67:4c:
94:24:ea:c7:93:0f:33:5b:fd:a9:0e:1a:df:50:e8:e9:f4:72:
ee:e0:a8:d3:20:a0:00:ae:e3:3a:97:93:13:d0:6e:7e:24:fa:
6f:42:80:2e:87:d8:83:ea:1d:cf:d7:a9:14:20:e2:13:2e:ed:
a7:36:e9:34:e2:6e:66:80:aa:e7:ef:36:cf:6d:aa:74:97:07:
b4:f2:ad:7f:60:56:81:ff:5a:23:96:4a:09:99:56:61:2d:00:
6c:ff:74:7b:92:b1:84:52:5c:c9:07:12:2c:2f:0b:ec:8a:32:
12:0c:f2:cb:d2:7b:c3:aa:26:c5:9c:ff:46:b6:30:87:d9:4f:
21:79:fb:60:a3:dd:5c:ee:91:e7:cc:ca:bf:64:f1:d5:b9:83:
8f:84:89:c9:d7:9c:75:a1:c1:17:b5:0a:02:74:fe:44:ee:5d:
36:ab:e2:7f
-----BEGIN CERTIFICATE-----
MIIFyzCCBLOgAwIBAgISAY40O00WzgMelo69Pegj2W1tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjQwMzEyMTk1NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjM5NDNlNzFhMzQ5NWQyNjQ1Mzc2ZjM2MjJjYjlhYWQ0ZDhhNzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYIb6ugG4H1PWfvihZHZpe0OVw9P
C/YKU6Lat82C29QjZ1QLQmg+YDdNiOSX2pWu7bNbKXnZjEc2K+I41jTIN1Ti0XaJ
2MFCas9/trExgtx4ZbkyPzQowniz8BkyktHdZ4u5HWFVxgCctfiruesoq/5n2GzJ
nDCJH6KHwgK4aVtYYh8yLbC+zwxIo0X164JIjZ1ZrG8KKi54h66y4moWAZatL9zj
zFtscZb7S8Uso3prcMQPL6HNLA1dQzDURfQPKiX4JsvxEFJKJ461+OEVfo8YVqLx
/WratlOsM/cl21UoT/FM++9HrFbqIYrwuMoBxyd4d3vNrZKHrAhByc7JFQIDAQAB
o4IC1zCCAtMwHQYDVR0OBBYEFOY5Q+caNJXSZFN282IsuarU2KcsMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvNWpsRDV4bzBsZEprVTNiellpeTVxdFRZcHl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHsBggrBgEFBQcBBwEB/wSB3DCB2TCBqQQCAAEwgaIDBAMF
aGgDBAQFx4ADBAMlnfgDBAQuFCADBAQu5MADBAQ+jSADBANOH0ADBARQUtADBARR
HpADBANTiFADBAZVDsADBAVVcoADBAdZo4ADBABbwlQDBABb1JkDBABb1J8DBARd
usADBASSACADBAKYWVwDBAK5D/QDBAK5LfgDBAK529ADBAHBb8YDBADCa4EDBADC
fsYDBAbVysADBATZT7AwKwQCAAIwJQMFASABS6AwDgMFACABS6MDBQAgAUukAwUA
KgEEgAMFACoMawAwDQYJKoZIhvcNAQELBQADggEBACwlZbc6eOg89PbV64MaXFRm
udTd/S6PdQp2B1oszLh4eInJtp/KxTFqijTG+LMkAUqYeig/C6R5J1bkzvmkg4TF
o2/8RRCbRh6HPbZfX9Tck8ti8T21MDtnTJQk6seTDzNb/akOGt9Q6On0cu7gqNMg
oACu4zqXkxPQbn4k+m9CgC6H2IPqHc/XqRQg4hMu7ac26TTibmaAqufvNs9tqnSX
B7TyrX9gVoH/WiOWSgmZVmEtAGz/dHuSsYRSXMkHEiwvC+yKMhIM8svSe8OqJsWc
/0a2MIfZTyF5+2Cj3VzukefMyr9k8dW5g4+EicnXnHWhwRe1CgJ0/kTuXTar4n8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:26 2024 by rpki-client on console-fra.rpki-client.org