Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/5aE0P35CktD8KlrguHnotMRw-hc.roa
File: 5aE0P35CktD8KlrguHnotMRw-hc.roa (raw, json)
Hash identifier: 9nSr4WxqpIJaSkkUh5FoziMgR+gAjUnWf6VTYb10rbE=
Subject key identifier: E5:A1:34:3F:7E:42:92:D0:FC:2A:5A:E0:B8:79:E8:B4:C4:70:FA:17
Certificate issuer: /CN=63f14f8e144c6d50c38ab4faff5ac6e547fe1d47
Certificate serial: 018C3F432223B2D22AAA51EFFF60182D5711
Authority key identifier: 63:F1:4F:8E:14:4C:6D:50:C3:8A:B4:FA:FF:5A:C6:E5:47:FE:1D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y_FPjhRMbVDDirT6_1rG5Uf-HUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/5aE0P35CktD8KlrguHnotMRw-hc.roa
Signing time: Wed 06 Dec 2023 13:13:33 +0000
ROA not before: Wed 06 Dec 2023 13:13:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43926
IP address blocks: 46.253.36.0/24 maxlen: 24
46.253.35.0/24 maxlen: 24
46.253.37.0/24 maxlen: 24
46.253.38.0/24 maxlen: 24
46.253.32.0/24 maxlen: 24
46.253.34.0/24 maxlen: 24
46.253.33.0/24 maxlen: 24
46.253.39.0/24 maxlen: 24
185.58.172.0/24 maxlen: 24
185.58.173.0/24 maxlen: 24
185.58.174.0/24 maxlen: 24
185.58.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:43:22:23:b2:d2:2a:aa:51:ef:ff:60:18:2d:57:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63f14f8e144c6d50c38ab4faff5ac6e547fe1d47
Validity
Not Before: Dec 6 13:13:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5a1343f7e4292d0fc2a5ae0b879e8b4c470fa17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:eb:b0:e1:11:fe:eb:6f:e8:f3:a8:51:25:48:
22:9e:6f:5e:04:64:01:dc:11:bd:4b:a1:4f:c2:24:
e8:32:f3:34:88:5c:0d:ce:dc:a0:74:36:46:f4:a3:
bb:04:ca:89:05:a0:b1:d9:fb:b3:f9:f2:1e:e0:22:
69:39:95:da:25:a0:32:51:1f:b8:6e:61:28:ca:e2:
cc:0e:9c:c7:cb:d7:07:f5:f8:91:f0:c6:b7:6a:fa:
9a:36:53:ff:82:f2:d8:7b:e2:8f:3f:09:22:6f:ac:
00:e4:73:c6:5b:01:c6:de:22:8c:6f:af:51:c6:fa:
e1:d1:6f:ce:af:01:e6:df:cf:1f:63:c7:7d:a2:1f:
a3:aa:64:d9:0a:2a:13:6a:67:2f:2f:2c:01:b8:e6:
f4:b0:53:16:62:95:b8:a5:89:9e:20:79:d5:8d:45:
66:cd:78:b8:e4:dc:d8:f6:d3:10:46:8a:a1:fb:8b:
47:9f:73:ce:6f:31:0f:9a:a1:8f:8c:cf:ba:89:de:
d6:d9:2c:35:02:91:cd:3b:20:3f:a4:a7:21:ca:4c:
b1:aa:c2:46:8e:1b:52:40:0c:e0:dd:3b:c9:d8:96:
5f:d9:56:7a:61:ee:4a:a8:6a:39:b5:1c:a2:3b:7a:
aa:bb:ec:63:46:f7:dc:d5:f0:d5:c9:4e:d7:d5:2d:
0b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:A1:34:3F:7E:42:92:D0:FC:2A:5A:E0:B8:79:E8:B4:C4:70:FA:17
X509v3 Authority Key Identifier:
keyid:63:F1:4F:8E:14:4C:6D:50:C3:8A:B4:FA:FF:5A:C6:E5:47:FE:1D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y_FPjhRMbVDDirT6_1rG5Uf-HUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/5aE0P35CktD8KlrguHnotMRw-hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/Y_FPjhRMbVDDirT6_1rG5Uf-HUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.32.0/21
185.58.172.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:e6:49:c4:d2:a5:bf:4e:6e:bf:ea:00:dd:06:37:56:f2:08:
e9:bb:89:73:99:b1:59:cb:82:cf:79:ea:70:d2:43:0d:7a:de:
9a:c1:7b:4a:9a:57:38:19:29:19:31:2a:e9:89:4d:4b:55:e9:
87:fa:1a:18:a2:8b:a9:b9:b9:a4:d0:59:1f:f7:7b:a9:00:dc:
b3:1f:fe:dc:ae:75:76:40:85:f8:3c:f4:d3:26:4d:f1:b4:49:
89:99:6b:5a:cf:2f:21:55:72:e3:ab:d1:9a:97:58:0a:0c:24:
4c:62:56:75:7f:04:79:01:8d:0e:60:01:fc:1f:9b:0f:e8:fc:
14:93:0c:5e:3c:85:c9:31:1b:e6:1a:a6:ad:d6:2d:b5:8b:ca:
c4:a5:04:91:ba:11:40:42:96:bf:33:f2:95:78:9d:21:19:63:
35:d2:7d:7f:64:a0:9b:2c:48:08:f7:f9:90:c9:46:ce:cb:b6:
a4:54:ab:79:66:28:61:8a:0a:fd:28:18:11:0c:3b:0c:f5:49:
fa:46:c6:78:f2:e8:79:28:97:6f:77:53:2b:d4:f4:cf:4c:b6:
af:5e:7c:78:3f:42:a0:0a:de:71:b9:5b:fd:37:64:90:33:4e:
47:29:6e:de:7a:99:f3:3d:1d:0a:68:a6:03:a0:be:b8:79:61:
89:d9:d5:88
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYw/QyIjstIqqlHv/2AYLVcRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZjE0ZjhlMTQ0YzZkNTBjMzhhYjRmYWZmNWFjNmU1NDdm
ZTFkNDcwHhcNMjMxMjA2MTMxMzMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWExMzQzZjdlNDI5MmQwZmMyYTVhZTBiODc5ZThiNGM0NzBmYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquuw4RH+62/o86hRJUginm9eBGQB
3BG9S6FPwiToMvM0iFwNztygdDZG9KO7BMqJBaCx2fuz+fIe4CJpOZXaJaAyUR+4
bmEoyuLMDpzHy9cH9fiR8Ma3avqaNlP/gvLYe+KPPwkib6wA5HPGWwHG3iKMb69R
xvrh0W/OrwHm388fY8d9oh+jqmTZCioTamcvLywBuOb0sFMWYpW4pYmeIHnVjUVm
zXi45NzY9tMQRoqh+4tHn3PObzEPmqGPjM+6id7W2Sw1ApHNOyA/pKchykyxqsJG
jhtSQAzg3TvJ2JZf2VZ6Ye5KqGo5tRyiO3qqu+xjRvfc1fDVyU7X1S0LGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOWhND9+QpLQ/Cpa4Lh56LTEcPoXMB8GA1UdIwQY
MBaAFGPxT44UTG1Qw4q0+v9axuVH/h1HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWV9GUGpoUk1iVkREaXJUNl8xckc1VWYtSFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS83YjBhYWUtOWQyNy00OTUxLWJhYjct
ZGEzOTQzODRlOTI1LzEvNWFFMFAzNUNrdEQ4S2xyZ3VIbm90TVJ3LWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS83YjBhYWUtOWQyNy00OTUxLWJhYjctZGEzOTQzODRlOTI1
LzEvWV9GUGpoUk1iVkREaXJUNl8xckc1VWYtSFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLv0gAwQC
uTqsMA0GCSqGSIb3DQEBCwUAA4IBAQCN5knE0qW/Tm6/6gDdBjdW8gjpu4lzmbFZ
y4LPeepw0kMNet6awXtKmlc4GSkZMSrpiU1LVemH+hoYooupubmk0Fkf93upANyz
H/7crnV2QIX4PPTTJk3xtEmJmWtazy8hVXLjq9Gal1gKDCRMYlZ1fwR5AY0OYAH8
H5sP6PwUkwxePIXJMRvmGqat1i21i8rEpQSRuhFAQpa/M/KVeJ0hGWM10n1/ZKCb
LEgI9/mQyUbOy7akVKt5Zihhigr9KBgRDDsM9Un6RsZ48uh5KJdvd1Mr1PTPTLav
Xnx4P0KgCt5xuVv9N2SQM05HKW7eepnzPR0KaKYDoL64eWGJ2dWI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:42 2024 by rpki-client on console-fra.rpki-client.org