Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/5e6bae-962f-4057-8ec5-279f594b3a2f/1/5BdPTS9pkcZFPkOTSatUjT2XPA4.roa
File: 5BdPTS9pkcZFPkOTSatUjT2XPA4.roa (raw, json)
Hash identifier: Lb0JNwVSlgOK+zFQG0Mv474EnVGHJ6+P3dHlQDEGNvY=
Subject key identifier: E4:17:4F:4D:2F:69:91:C6:45:3E:43:93:49:AB:54:8D:3D:97:3C:0E
Certificate issuer: /CN=5cae7aa1594d89929b111a371f0ff26f202f58e2
Certificate serial: 01856BB7D791F6B3817CEE89A577F4E85409
Authority key identifier: 5C:AE:7A:A1:59:4D:89:92:9B:11:1A:37:1F:0F:F2:6F:20:2F:58:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XK56oVlNiZKbERo3Hw_ybyAvWOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/5e6bae-962f-4057-8ec5-279f594b3a2f/1/5BdPTS9pkcZFPkOTSatUjT2XPA4.roa
Signing time: Sun 01 Jan 2023 05:04:48 +0000
ROA not before: Sun 01 Jan 2023 05:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50474
IP address blocks: 185.154.136.0/22 maxlen: 22
109.234.164.0/22 maxlen: 22
109.234.161.0/24 maxlen: 24
109.234.162.0/24 maxlen: 24
109.234.163.0/24 maxlen: 24
109.234.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:b7:d7:91:f6:b3:81:7c:ee:89:a5:77:f4:e8:54:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cae7aa1594d89929b111a371f0ff26f202f58e2
Validity
Not Before: Jan 1 05:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4174f4d2f6991c6453e439349ab548d3d973c0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7b:82:4e:61:0f:af:70:b4:9a:cb:1c:7d:bc:
e1:c7:d4:4c:df:50:a3:5a:ad:db:e4:ad:7a:3a:0e:
87:c6:a0:54:e5:66:ad:f5:23:05:64:b2:a7:99:a9:
b1:20:ef:6f:6d:00:4f:cb:3c:18:62:5f:a8:f4:02:
a7:06:53:5f:2c:d6:b8:71:3e:dc:b1:b7:67:07:f7:
40:f0:6e:c8:3b:8a:3b:c4:43:10:5b:62:89:a7:5d:
f6:e2:8b:cc:66:8e:8d:b3:af:cf:95:af:b6:76:a0:
01:a2:b6:57:a2:23:fe:0a:ee:bf:36:44:ab:b0:0d:
b2:51:09:2b:9d:1f:cb:01:a0:8c:4b:d9:67:c9:78:
33:40:08:35:d6:69:d6:0f:be:f5:1f:d9:33:ec:ae:
ec:a9:3b:38:29:77:f9:fe:9c:ff:0b:19:da:a6:f9:
a5:13:a1:85:88:00:a7:ca:5a:4e:e4:78:e7:cc:2f:
f5:07:09:fc:0b:32:e7:43:8a:5f:3b:e5:db:86:f7:
a0:b7:3e:19:1e:00:e1:db:13:27:cc:10:86:f5:9c:
e0:64:d6:dd:f7:9d:32:0c:90:88:8b:a8:d5:94:62:
35:34:be:7f:f4:51:2a:53:6a:eb:ab:27:fd:03:e7:
39:04:5c:c4:58:a4:c2:05:5d:9b:48:1e:f9:08:94:
2a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:17:4F:4D:2F:69:91:C6:45:3E:43:93:49:AB:54:8D:3D:97:3C:0E
X509v3 Authority Key Identifier:
keyid:5C:AE:7A:A1:59:4D:89:92:9B:11:1A:37:1F:0F:F2:6F:20:2F:58:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XK56oVlNiZKbERo3Hw_ybyAvWOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5e6bae-962f-4057-8ec5-279f594b3a2f/1/5BdPTS9pkcZFPkOTSatUjT2XPA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5e6bae-962f-4057-8ec5-279f594b3a2f/1/XK56oVlNiZKbERo3Hw_ybyAvWOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.160.0/21
185.154.136.0/22
Signature Algorithm: sha256WithRSAEncryption
60:b7:ed:04:6a:1b:df:fb:33:c5:6d:ca:f6:61:3b:12:72:9a:
28:0d:d8:60:d7:d5:e1:11:73:8c:77:b0:a6:c7:ec:bc:5a:52:
f5:16:32:32:d0:9c:7e:9c:ad:5f:08:58:54:71:45:2a:ce:c3:
f6:4f:31:4d:7d:74:21:5d:b9:4d:55:cc:42:2c:2b:9e:c6:8a:
ea:58:20:c3:5b:83:e4:93:e5:fe:3b:a1:df:b8:78:52:73:71:
bc:be:50:62:6a:61:8e:80:96:a3:1f:c5:65:57:45:48:d6:83:
c8:fa:d3:43:df:90:1a:40:ac:4d:4c:e9:ff:d6:a3:52:41:36:
fa:41:21:99:47:96:59:38:0d:cd:c2:30:8e:60:37:59:6b:cf:
fa:31:68:33:71:09:38:c8:75:3e:cc:c1:f7:bd:71:0e:ee:98:
78:3f:cd:5d:07:a5:06:7c:bb:0e:06:48:51:31:1d:d9:21:47:
21:42:08:0f:6f:fd:f2:78:cc:82:98:74:cd:20:9e:3b:c7:ba:
75:5f:96:7d:c0:a6:37:08:39:45:77:a7:9f:1a:af:74:6b:43:
f7:71:36:4b:4e:5b:e5:b0:ef:e1:af:60:66:12:07:64:ac:f7:
4b:72:9a:61:6a:e1:87:e7:15:60:a6:a7:8d:4c:17:67:74:69:
05:07:aa:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrt9eR9rOBfO6JpXf06FQJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYWU3YWExNTk0ZDg5OTI5YjExMWEzNzFmMGZmMjZmMjAy
ZjU4ZTIwHhcNMjMwMTAxMDUwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDE3NGY0ZDJmNjk5MWM2NDUzZTQzOTM0OWFiNTQ4ZDNkOTczYzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXuCTmEPr3C0msscfbzhx9RM31Cj
Wq3b5K16Og6HxqBU5Wat9SMFZLKnmamxIO9vbQBPyzwYYl+o9AKnBlNfLNa4cT7c
sbdnB/dA8G7IO4o7xEMQW2KJp1324ovMZo6Ns6/Pla+2dqABorZXoiP+Cu6/NkSr
sA2yUQkrnR/LAaCMS9lnyXgzQAg11mnWD771H9kz7K7sqTs4KXf5/pz/Cxnapvml
E6GFiACnylpO5HjnzC/1Bwn8CzLnQ4pfO+Xbhvegtz4ZHgDh2xMnzBCG9ZzgZNbd
950yDJCIi6jVlGI1NL5/9FEqU2rrqyf9A+c5BFzEWKTCBV2bSB75CJQqBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOQXT00vaZHGRT5Dk0mrVI09lzwOMB8GA1UdIwQY
MBaAFFyueqFZTYmSmxEaNx8P8m8gL1jiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEs1Nm9WbE5pWktiRVJvM0h3X3lieUF2V09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy81ZTZiYWUtOTYyZi00MDU3LThlYzUt
Mjc5ZjU5NGIzYTJmLzEvNUJkUFRTOXBrY1pGUGtPVFNhdFVqVDJYUEE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy81ZTZiYWUtOTYyZi00MDU3LThlYzUtMjc5ZjU5NGIzYTJm
LzEvWEs1Nm9WbE5pWktiRVJvM0h3X3lieUF2V09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDbeqgAwQC
uZqIMA0GCSqGSIb3DQEBCwUAA4IBAQBgt+0Eahvf+zPFbcr2YTsScpooDdhg19Xh
EXOMd7Cmx+y8WlL1FjIy0Jx+nK1fCFhUcUUqzsP2TzFNfXQhXblNVcxCLCuexorq
WCDDW4Pkk+X+O6HfuHhSc3G8vlBiamGOgJajH8VlV0VI1oPI+tND35AaQKxNTOn/
1qNSQTb6QSGZR5ZZOA3NwjCOYDdZa8/6MWgzcQk4yHU+zMH3vXEO7ph4P81dB6UG
fLsOBkhRMR3ZIUchQggPb/3yeMyCmHTNIJ47x7p1X5Z9wKY3CDlFd6efGq90a0P3
cTZLTlvlsO/hr2BmEgdkrPdLcpphauGH5xVgpqeNTBdndGkFB6pD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:36 2024 by rpki-client on console-ams.rpki-client.org