Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/5CeSgT5RTSSFAl48-9D1tIuEZNM.roa
File: 5CeSgT5RTSSFAl48-9D1tIuEZNM.roa (raw, json)
Hash identifier: ZSG2bU2lTxW2Y6Xlq86PqW03pfV9jw87zIszHDdyP7w=
Subject key identifier: E4:27:92:81:3E:51:4D:24:85:02:5E:3C:FB:D0:F5:B4:8B:84:64:D3
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 018CC94D3C4CC808102AC86B27623B61896B
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/5CeSgT5RTSSFAl48-9D1tIuEZNM.roa
Signing time: Tue 02 Jan 2024 08:32:11 +0000
ROA not before: Tue 02 Jan 2024 08:32:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12687
IP address blocks: 212.111.206.0/24 maxlen: 24
212.111.205.0/24 maxlen: 24
212.111.202.0/23 maxlen: 24
212.111.201.0/24 maxlen: 24
212.111.213.0/24 maxlen: 24
212.111.212.0/23 maxlen: 23
212.111.208.0/22 maxlen: 22
212.111.192.0/19 maxlen: 24
212.111.192.0/20 maxlen: 24
212.111.192.0/21 maxlen: 24
212.111.199.0/24 maxlen: 24
212.111.198.0/24 maxlen: 24
2a01:5c40::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 25 Mar 2024 20:41:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:3c:4c:c8:08:10:2a:c8:6b:27:62:3b:61:89:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Jan 2 08:32:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e42792813e514d2485025e3cfbd0f5b48b8464d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e8:61:72:ea:f6:3f:be:ac:21:21:df:15:7c:
3f:13:cc:da:88:ef:b7:98:40:29:c3:b8:37:a2:fc:
7a:35:ab:dd:f9:81:22:bd:e9:17:d0:4f:55:cf:0b:
6e:d6:c8:ec:ab:fa:9b:ac:42:67:49:29:86:ec:60:
74:ac:0a:aa:71:a8:4e:73:96:f7:d5:cc:3e:2e:ef:
8f:0e:f9:d1:4b:96:db:da:e2:0d:0a:1a:5d:36:f2:
31:f4:9a:8c:37:2a:8e:48:d6:a8:79:d7:3d:1a:aa:
de:ff:eb:6f:3e:a5:06:2a:a1:b6:d8:77:fa:47:d8:
75:15:00:fe:67:13:7d:41:d1:17:2a:a0:15:e2:2a:
61:30:93:c1:72:1b:b8:7e:9b:6b:1b:5a:ff:be:2c:
84:0e:64:04:b4:42:60:b3:fd:0f:9f:ac:60:23:1b:
d5:0d:37:fd:6f:2a:a6:8e:54:85:03:c0:fe:df:57:
b9:85:86:2c:b2:92:01:ad:07:a1:26:9c:cb:a0:b3:
77:ed:cd:b9:5a:0c:66:4d:19:df:9b:26:ee:eb:b0:
b2:dd:ef:70:e9:6c:46:83:ec:0d:81:0d:15:de:69:
d2:a5:11:93:c2:3d:02:90:7d:b9:74:87:7f:6f:dd:
2a:60:e6:b5:fa:df:ba:88:77:02:79:39:6c:37:76:
22:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:27:92:81:3E:51:4D:24:85:02:5E:3C:FB:D0:F5:B4:8B:84:64:D3
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/5CeSgT5RTSSFAl48-9D1tIuEZNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.111.192.0/19
IPv6:
2a01:5c40::/32
Signature Algorithm: sha256WithRSAEncryption
c3:11:48:f5:ec:d7:8d:02:1c:83:fe:00:c9:a9:bf:b5:4e:4d:
f7:06:00:f0:ab:74:6d:bd:36:dd:f7:97:14:db:e6:a4:c8:b4:
79:54:f1:6c:1a:51:27:3e:ce:ce:a9:7f:c8:9f:cd:46:bc:f2:
3a:a3:b5:e2:5b:c2:6c:5d:40:f4:e8:eb:cb:99:1d:18:37:70:
07:27:a1:72:33:b3:fa:fc:0d:3d:0f:47:70:26:46:6e:ce:76:
cf:e5:98:7a:66:29:17:90:cd:8f:44:c7:d2:a5:c6:46:c2:10:
5f:a2:5b:3c:1f:6d:3e:04:b4:de:f1:fd:1f:14:e4:2a:8a:79:
41:3a:47:45:54:4c:34:f7:59:c4:a3:86:bd:04:78:fb:da:bd:
26:fc:c3:11:3d:32:b2:80:82:ce:90:28:30:da:a4:96:29:69:
02:21:a3:72:a1:1d:ae:a2:d2:5d:b9:b7:50:5f:3a:f7:67:b3:
1b:4b:a1:01:c8:4c:09:81:55:9e:6a:9b:2f:95:3d:30:99:f8:
06:16:d9:53:81:27:49:42:90:7d:e5:dd:98:bb:46:00:d1:58:
cf:2c:3a:7c:62:73:51:92:e5:52:ef:fd:de:e8:f4:2d:13:59:
bc:30:dc:d0:58:16:96:1c:b4:f3:9b:85:c7:26:6e:71:df:f8:
df:37:55:eb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTTxMyAgQKshrJ2I7YYlrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjQwMTAyMDgzMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDI3OTI4MTNlNTE0ZDI0ODUwMjVlM2NmYmQwZjViNDhiODQ2NGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOhhcur2P76sISHfFXw/E8zaiO+3
mEApw7g3ovx6Navd+YEivekX0E9Vzwtu1sjsq/qbrEJnSSmG7GB0rAqqcahOc5b3
1cw+Lu+PDvnRS5bb2uINChpdNvIx9JqMNyqOSNaoedc9Gqre/+tvPqUGKqG22Hf6
R9h1FQD+ZxN9QdEXKqAV4iphMJPBchu4fptrG1r/viyEDmQEtEJgs/0Pn6xgIxvV
DTf9byqmjlSFA8D+31e5hYYsspIBrQehJpzLoLN37c25WgxmTRnfmybu67Cy3e9w
6WxGg+wNgQ0V3mnSpRGTwj0CkH25dId/b90qYOa1+t+6iHcCeTlsN3YiOQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOQnkoE+UU0khQJePPvQ9bSLhGTTMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvNUNlU2dUNVJUU1NGQWw0OC05RDF0SXVFWk5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1G/AMA0E
AgACMAcDBQAqAVxAMA0GCSqGSIb3DQEBCwUAA4IBAQDDEUj17NeNAhyD/gDJqb+1
Tk33BgDwq3RtvTbd95cU2+akyLR5VPFsGlEnPs7OqX/In81GvPI6o7XiW8JsXUD0
6OvLmR0YN3AHJ6FyM7P6/A09D0dwJkZuznbP5Zh6ZikXkM2PRMfSpcZGwhBfols8
H20+BLTe8f0fFOQqinlBOkdFVEw091nEo4a9BHj72r0m/MMRPTKygILOkCgw2qSW
KWkCIaNyoR2uotJdubdQXzr3Z7MbS6EByEwJgVWeapsvlT0wmfgGFtlTgSdJQpB9
5d2Yu0YA0VjPLDp8YnNRkuVS7/3e6PQtE1m8MNzQWBaWHLTzm4XHJm5x3/jfN1Xr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:42 2024 by rpki-client on console-fra.rpki-client.org