Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/j0-5Yslf57UUEyns6seLA5KlcN4.roa
File: j0-5Yslf57UUEyns6seLA5KlcN4.roa (raw, json)
Hash identifier: rEVzjQdQuajGpBb5BfhHKx4I2z/eIGrcWDm78zUqGzk=
Subject key identifier: 8F:4F:B9:62:C9:5F:E7:B5:14:13:29:EC:EA:C7:8B:03:92:A5:70:DE
Certificate issuer: /CN=9812e491aaa655b6324dbcc0cff00a8d63191076
Certificate serial: 018CC348FFF0C1F9BCBC86A9586C09FBF140
Authority key identifier: 98:12:E4:91:AA:A6:55:B6:32:4D:BC:C0:CF:F0:0A:8D:63:19:10:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/j0-5Yslf57UUEyns6seLA5KlcN4.roa
Signing time: Mon 01 Jan 2024 04:29:50 +0000
ROA not before: Mon 01 Jan 2024 04:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8362
IP address blocks: 5.158.240.0/20 maxlen: 20
79.141.192.0/24 maxlen: 24
79.141.197.0/24 maxlen: 24
79.141.193.0/24 maxlen: 24
79.141.206.0/23 maxlen: 23
195.146.224.0/20 maxlen: 20
37.220.48.0/20 maxlen: 20
46.162.128.0/18 maxlen: 18
195.146.240.0/20 maxlen: 20
185.9.96.0/22 maxlen: 22
62.64.32.0/19 maxlen: 19
2a01:8e80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 15 Jan 2024 10:17:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ff:f0:c1:f9:bc:bc:86:a9:58:6c:09:fb:f1:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9812e491aaa655b6324dbcc0cff00a8d63191076
Validity
Not Before: Jan 1 04:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f4fb962c95fe7b5141329eceac78b0392a570de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b2:bd:55:46:ad:c8:fe:9e:72:06:29:9e:1a:
7b:44:3d:3b:11:f5:ed:e5:df:13:4c:cb:55:53:e0:
b8:92:70:94:80:9d:fb:e4:48:88:7d:52:2a:a4:b9:
f3:e9:c7:69:cd:e9:3a:0d:11:97:01:00:1f:91:20:
9d:c6:9f:06:1e:d0:36:75:18:44:31:82:1d:51:5b:
b5:7a:14:15:d1:b5:78:eb:bd:bc:33:3d:a3:d5:c7:
12:7b:8d:9e:84:bf:3e:b9:74:b3:9d:29:57:02:ac:
1c:6b:ea:c2:c4:59:9a:a8:69:e2:39:86:5e:b2:94:
c6:b8:91:b2:ac:92:fb:2c:6f:e7:ec:98:c6:e8:da:
27:28:6f:b8:37:92:e3:14:cd:0b:52:47:20:da:d1:
bb:cf:4b:6b:99:cc:72:6a:03:3e:e2:2f:45:76:be:
80:6d:c9:e3:db:24:52:8c:bb:42:13:42:6b:b5:65:
3c:8c:6a:e1:84:b3:7b:0b:d7:1e:70:61:b0:0a:9f:
06:16:f4:d2:f6:b7:c0:33:5c:e3:d3:17:12:82:d3:
dd:69:47:14:2e:d3:07:e6:25:52:33:95:9c:a3:3d:
42:36:94:76:84:21:5c:4c:99:7a:86:42:c0:35:d8:
b4:68:5b:2a:3c:b1:1a:5a:d2:f5:8f:55:47:d9:45:
83:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:4F:B9:62:C9:5F:E7:B5:14:13:29:EC:EA:C7:8B:03:92:A5:70:DE
X509v3 Authority Key Identifier:
keyid:98:12:E4:91:AA:A6:55:B6:32:4D:BC:C0:CF:F0:0A:8D:63:19:10:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/j0-5Yslf57UUEyns6seLA5KlcN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/mBLkkaqmVbYyTbzAz_AKjWMZEHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.158.240.0/20
37.220.48.0/20
46.162.128.0/18
62.64.32.0/19
79.141.192.0/23
79.141.197.0/24
79.141.206.0/23
185.9.96.0/22
195.146.224.0/19
IPv6:
2a01:8e80::/29
Signature Algorithm: sha256WithRSAEncryption
42:b3:b7:4f:d1:60:7f:d8:50:6b:10:9d:bf:50:a8:89:f7:ae:
cf:d3:3d:92:04:9c:ff:98:fa:dd:eb:47:4e:21:d7:82:b8:99:
0f:5a:c0:7a:ff:54:e3:d3:c7:3f:3a:30:01:82:fd:95:c0:6b:
3c:52:dc:1e:5f:f6:a1:18:4c:19:db:48:bc:99:ba:5a:cd:0c:
9a:0e:bd:51:8a:c6:36:86:4b:7a:5e:de:40:8b:e6:55:f5:d2:
80:2f:ff:88:87:cc:52:b7:25:b0:7f:77:d9:d8:1a:49:fd:eb:
f0:07:9e:d4:16:95:13:f8:30:6a:15:45:4a:c8:93:7a:a3:42:
93:45:0a:82:97:ed:d2:8b:51:ef:8b:a6:7e:0e:69:db:e5:7f:
45:b1:bd:ed:22:3d:80:18:ac:2a:97:97:36:d5:5e:1d:e6:74:
a3:68:31:0e:71:54:f7:0e:67:48:20:17:45:c1:a2:c2:34:aa:
16:bc:80:58:6b:a4:19:1f:46:4f:cc:3e:34:10:ba:48:bd:ea:
f9:b6:47:11:09:a1:eb:3a:01:87:16:ca:3f:d3:d7:ad:4d:4c:
c1:31:c2:2f:6a:9c:77:79:b5:60:5c:b2:84:e0:c2:e9:21:df:
46:cb:55:a4:52:a8:5b:1d:9f:89:9a:df:cb:6e:87:69:a6:67:
63:a1:35:63
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYzDSP/wwfm8vIapWGwJ+/FAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MTJlNDkxYWFhNjU1YjYzMjRkYmNjMGNmZjAwYThkNjMx
OTEwNzYwHhcNMjQwMTAxMDQyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjRmYjk2MmM5NWZlN2I1MTQxMzI5ZWNlYWM3OGIwMzkyYTU3MGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LK9VUatyP6ecgYpnhp7RD07EfXt
5d8TTMtVU+C4knCUgJ375EiIfVIqpLnz6cdpzek6DRGXAQAfkSCdxp8GHtA2dRhE
MYIdUVu1ehQV0bV46728Mz2j1ccSe42ehL8+uXSznSlXAqwca+rCxFmaqGniOYZe
spTGuJGyrJL7LG/n7JjG6NonKG+4N5LjFM0LUkcg2tG7z0trmcxyagM+4i9Fdr6A
bcnj2yRSjLtCE0JrtWU8jGrhhLN7C9cecGGwCp8GFvTS9rfAM1zj0xcSgtPdaUcU
LtMH5iVSM5Wcoz1CNpR2hCFcTJl6hkLANdi0aFsqPLEaWtL1j1VH2UWDaQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFI9PuWLJX+e1FBMp7OrHiwOSpXDeMB8GA1UdIwQY
MBaAFJgS5JGqplW2Mk28wM/wCo1jGRB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUJMa2thcW1WYll5VGJ6QXpfQUtqV01aRUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8wZTdlZDMtNDhjYi00YWZlLThkMTUt
ZGZmZTE3ZjNkYjU0LzEvajAtNVlzbGY1N1VVRXluczZzZUxBNUtsY040LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8wZTdlZDMtNDhjYi00YWZlLThkMTUtZGZmZTE3ZjNkYjU0
LzEvbUJMa2thcW1WYll5VGJ6QXpfQUtqV01aRUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQEBZ7wAwQE
JdwwAwQGLqKAAwQFPkAgAwQBT43AAwQAT43FAwQBT43OAwQCuQlgAwQFw5LgMA0E
AgACMAcDBQMqAY6AMA0GCSqGSIb3DQEBCwUAA4IBAQBCs7dP0WB/2FBrEJ2/UKiJ
967P0z2SBJz/mPrd60dOIdeCuJkPWsB6/1Tj08c/OjABgv2VwGs8UtweX/ahGEwZ
20i8mbpazQyaDr1RisY2hkt6Xt5Ai+ZV9dKAL/+Ih8xStyWwf3fZ2BpJ/evwB57U
FpUT+DBqFUVKyJN6o0KTRQqCl+3Si1Hvi6Z+Dmnb5X9Fsb3tIj2AGKwql5c21V4d
5nSjaDEOcVT3DmdIIBdFwaLCNKoWvIBYa6QZH0ZPzD40ELpIver5tkcRCaHrOgGH
Fso/09etTUzBMcIvapx3ebVgXLKE4MLpId9Gy1WkUqhbHZ+Jmt/LbodppmdjoTVj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:16 2024 by rpki-client on console-fra.rpki-client.org