Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/5jBf-OT-9aJnG6sXKNCQCSsqe3g.roa
File: 5jBf-OT-9aJnG6sXKNCQCSsqe3g.roa (raw, json)
Hash identifier: 0R1pu4Bc7HOkrssCSen2bgwTx0bWOhTXpM/2MtaSIpw=
Subject key identifier: E6:30:5F:F8:E4:FE:F5:A2:67:1B:AB:17:28:D0:90:09:2B:2A:7B:78
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018E86047DF34B9448297F4DC8202D6C9E2E
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/5jBf-OT-9aJnG6sXKNCQCSsqe3g.roa
Signing time: Thu 28 Mar 2024 17:03:45 +0000
ROA not before: Thu 28 Mar 2024 17:03:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 45.86.3.0/24 maxlen: 24
83.171.212.0/22 maxlen: 22
212.60.6.0/24 maxlen: 24
212.107.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 13:07:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:86:04:7d:f3:4b:94:48:29:7f:4d:c8:20:2d:6c:9e:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Mar 28 17:03:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6305ff8e4fef5a2671bab1728d090092b2a7b78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:58:00:d1:84:45:20:88:e6:30:58:be:e7:68:
8e:eb:f5:19:e4:10:2d:26:48:40:d0:7d:62:6b:58:
9c:e2:72:96:75:18:7e:a9:4e:e7:0e:41:07:7d:b5:
bd:b7:34:0f:4b:27:43:2c:f7:b1:f9:f5:73:70:a4:
4c:9e:59:0b:c4:2d:e3:7f:1c:84:83:01:79:a6:b5:
50:7b:19:b3:81:a1:71:40:6f:3f:80:cf:c0:8a:b0:
2a:db:10:5a:03:b1:99:36:06:c8:a5:23:1b:bd:9c:
d9:d6:5b:0e:58:24:d8:c8:14:93:e9:46:11:57:b4:
6a:e0:c0:3a:97:d3:5b:e0:da:65:65:71:d4:f6:57:
ab:26:55:e6:ba:86:db:8f:f4:37:9d:df:c7:f8:53:
75:31:55:88:b5:f8:6b:33:66:a7:d0:28:e2:e0:10:
28:92:66:d7:91:ad:c1:7a:a7:ab:ee:69:78:5a:1f:
4f:11:f5:bc:d2:43:5c:53:36:8b:e7:ac:30:31:cd:
37:b4:4e:cc:4e:eb:3c:c5:b4:76:09:a0:a9:c9:f4:
de:31:24:50:f6:45:11:b0:50:09:68:a2:a1:0d:92:
77:e0:d2:71:95:5a:e6:3b:bd:80:4d:12:2f:9a:92:
05:cb:2d:87:86:43:86:e2:e0:48:07:87:5b:6d:31:
4f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:30:5F:F8:E4:FE:F5:A2:67:1B:AB:17:28:D0:90:09:2B:2A:7B:78
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/5jBf-OT-9aJnG6sXKNCQCSsqe3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.3.0/24
83.171.212.0/22
212.60.6.0/24
212.107.24.0/24
Signature Algorithm: sha256WithRSAEncryption
75:a4:12:60:5c:a3:61:d7:62:65:e7:fa:b3:0e:b1:d9:b2:e9:
bc:18:f7:bf:9c:96:c2:0e:b9:6b:d2:7d:08:d6:1d:3b:ab:1d:
83:43:40:60:c5:f7:a2:34:c6:d5:64:aa:59:c5:a6:a4:f0:a4:
60:b8:4d:c8:c3:11:76:69:ca:04:a6:20:f1:4c:13:3c:de:6e:
10:e3:80:ba:2f:b3:f6:c8:2f:32:6f:35:ec:8d:d2:f3:e7:d1:
d3:73:40:59:3e:a7:ea:3d:3a:0e:0a:ee:90:02:90:b7:2e:a1:
b3:a3:af:3a:e3:d8:5d:3e:b2:c6:11:e2:51:c1:01:7c:1f:f6:
1e:89:c4:ee:f6:fb:fc:ba:87:e8:61:3b:d3:9e:68:6e:2a:17:
ad:58:d5:03:94:04:84:9e:f5:2b:f3:ab:cc:fe:2e:7b:f1:9a:
2b:8d:28:d0:36:9c:06:d7:18:d8:f9:f0:81:81:97:4a:90:42:
61:11:1c:29:65:99:d3:30:dc:8b:dc:6d:52:00:c0:a7:42:da:
d6:dc:f8:79:ac:c3:2c:fd:63:f0:76:7a:5a:d8:09:b3:1d:cb:
f6:ad:ff:53:13:cb:b9:19:9f:9f:1a:fb:d9:d6:c4:b1:6d:45:
71:68:fc:a1:f6:4f:73:c0:30:c6:f9:aa:0f:9b:b0:7e:32:2a:
67:46:57:4e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY6GBH3zS5RIKX9NyCAtbJ4uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwMzI4MTcwMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjMwNWZmOGU0ZmVmNWEyNjcxYmFiMTcyOGQwOTAwOTJiMmE3Yjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVgA0YRFIIjmMFi+52iO6/UZ5BAt
JkhA0H1ia1ic4nKWdRh+qU7nDkEHfbW9tzQPSydDLPex+fVzcKRMnlkLxC3jfxyE
gwF5prVQexmzgaFxQG8/gM/AirAq2xBaA7GZNgbIpSMbvZzZ1lsOWCTYyBST6UYR
V7Rq4MA6l9Nb4NplZXHU9lerJlXmuobbj/Q3nd/H+FN1MVWItfhrM2an0Cji4BAo
kmbXka3Beqer7ml4Wh9PEfW80kNcUzaL56wwMc03tE7MTus8xbR2CaCpyfTeMSRQ
9kURsFAJaKKhDZJ34NJxlVrmO72ATRIvmpIFyy2HhkOG4uBIB4dbbTFPLQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOYwX/jk/vWiZxurFyjQkAkrKnt4MB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvNWpCZi1PVC05YUpuRzZzWEtOQ1FDU3NxZTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVYDAwQC
U6vUAwQA1DwGAwQA1GsYMA0GCSqGSIb3DQEBCwUAA4IBAQB1pBJgXKNh12Jl5/qz
DrHZsum8GPe/nJbCDrlr0n0I1h07qx2DQ0BgxfeiNMbVZKpZxaak8KRguE3IwxF2
acoEpiDxTBM83m4Q44C6L7P2yC8ybzXsjdLz59HTc0BZPqfqPToOCu6QApC3LqGz
o68649hdPrLGEeJRwQF8H/YeicTu9vv8uofoYTvTnmhuKhetWNUDlASEnvUr86vM
/i578ZorjSjQNpwG1xjY+fCBgZdKkEJhERwpZZnTMNyL3G1SAMCnQtrW3Ph5rMMs
/WPwdnpa2AmzHcv2rf9TE8u5GZ+fGvvZ1sSxbUVxaPyh9k9zwDDG+aoPm7B+Mipn
RldO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:08 2024 by rpki-client on console-fra.rpki-client.org