Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/5B3sAwNIahVgxsMKXJMlEIGlAcU.roa
File: 5B3sAwNIahVgxsMKXJMlEIGlAcU.roa (raw, json)
Hash identifier: Wgfcy8H6BY9lsbtLaWRZ0aIlLd/C004b2/jbFuWLgZg=
Subject key identifier: E4:1D:EC:03:03:48:6A:15:60:C6:C3:0A:5C:93:25:10:81:A5:01:C5
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 01902088CCB50516905DB8D8433491376211
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/5B3sAwNIahVgxsMKXJMlEIGlAcU.roa
Signing time: Sun 16 Jun 2024 10:12:34 +0000
ROA not before: Sun 16 Jun 2024 10:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48147
IP address blocks: 212.16.86.0/24 maxlen: 24
212.80.18.0/23 maxlen: 23
212.80.18.0/24 maxlen: 24
212.80.19.0/24 maxlen: 24
212.80.20.0/22 maxlen: 22
212.80.20.0/24 maxlen: 24
212.80.21.0/24 maxlen: 24
212.80.22.0/24 maxlen: 24
212.80.23.0/24 maxlen: 24
212.80.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Sep 2024 13:56:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:20:88:cc:b5:05:16:90:5d:b8:d8:43:34:91:37:62:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jun 16 10:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e41dec0303486a1560c6c30a5c93251081a501c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:8c:e8:d3:a3:e5:0c:71:75:d7:b2:1b:d7:a7:
ec:da:b6:28:e1:a2:77:b6:c1:43:fe:e8:02:f9:31:
32:5a:28:2e:10:36:f8:a5:a3:c7:69:0c:05:a6:c5:
aa:65:86:a4:72:59:9e:53:ad:98:27:b0:63:33:70:
8d:34:46:54:13:3f:0f:93:cc:c9:32:9d:3e:9f:35:
31:ae:18:20:7b:27:d3:25:a7:10:96:94:89:d4:cf:
48:93:35:e6:d5:f3:87:02:73:e1:f9:2d:a2:b0:1e:
88:d7:6c:2a:fd:6d:57:38:f5:7c:e9:90:f7:55:8a:
b6:36:94:d3:d1:2e:c1:20:4d:65:e7:55:2b:dc:15:
c1:9a:38:c2:75:70:0f:04:d0:98:9a:32:19:8d:57:
3c:4a:eb:e5:3c:5a:4d:aa:0d:69:3c:e4:f6:d9:18:
1f:e4:b2:37:22:93:a9:44:44:6b:0d:a1:9a:b6:14:
94:d8:5b:40:51:df:ff:29:b2:aa:6f:87:1e:d7:71:
bb:3a:ac:ef:61:04:58:47:0a:ce:de:d8:af:ae:19:
14:ea:00:60:f9:2e:35:44:b0:8d:43:e1:3d:63:bf:
29:69:a4:c7:93:0f:cb:34:20:1e:25:d2:7c:21:ee:
54:c9:15:0a:1d:b1:92:46:36:56:ec:6d:86:64:fb:
b0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:1D:EC:03:03:48:6A:15:60:C6:C3:0A:5C:93:25:10:81:A5:01:C5
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/5B3sAwNIahVgxsMKXJMlEIGlAcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.16.86.0/24
212.80.18.0-212.80.24.255
Signature Algorithm: sha256WithRSAEncryption
0f:ca:4e:00:a6:60:13:95:50:aa:0c:29:17:78:a5:1c:a7:ee:
6b:f9:22:3c:57:2b:0f:04:2b:29:a5:7a:e7:8c:54:17:bb:99:
e5:04:45:db:68:93:bb:d0:7b:d0:83:56:bf:98:94:02:f1:af:
3b:c0:57:41:72:7c:21:a1:56:83:69:5c:a7:d6:4e:fb:7d:78:
0b:91:64:98:cb:0d:5d:d3:c6:3a:80:2d:62:73:c1:4f:70:a9:
c7:06:22:34:a8:ca:dd:85:89:53:1a:10:e3:9a:65:0f:8b:83:
f7:7d:e7:3c:90:67:12:2f:b9:39:c4:60:c9:01:a5:c8:8e:e5:
6b:c5:0c:fe:31:fe:ff:1b:e3:80:56:30:14:28:dc:05:25:e0:
fa:a2:c6:25:5c:b4:7f:2c:87:00:05:ca:6e:23:6a:87:1d:0d:
d2:88:4a:3f:c8:c7:a7:2a:f6:27:df:86:7d:f9:26:e1:6e:5f:
68:24:76:da:70:73:bc:c9:43:08:5e:18:bd:08:6d:f2:d6:c7:
92:17:08:6d:03:64:6f:e0:49:06:a3:25:c1:6f:55:b8:d9:f9:
df:66:e0:49:e7:96:af:e5:1f:47:1c:ed:18:ba:f3:38:49:0a:
44:ae:0f:48:a8:23:2e:5b:7e:ab:65:1a:fc:29:55:5b:53:07:
87:af:37:4b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZAgiMy1BRaQXbjYQzSRN2IRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwNjE2MTAxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDFkZWMwMzAzNDg2YTE1NjBjNmMzMGE1YzkzMjUxMDgxYTUwMWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ozo06PlDHF117Ib16fs2rYo4aJ3
tsFD/ugC+TEyWiguEDb4paPHaQwFpsWqZYakclmeU62YJ7BjM3CNNEZUEz8Pk8zJ
Mp0+nzUxrhggeyfTJacQlpSJ1M9IkzXm1fOHAnPh+S2isB6I12wq/W1XOPV86ZD3
VYq2NpTT0S7BIE1l51Ur3BXBmjjCdXAPBNCYmjIZjVc8SuvlPFpNqg1pPOT22Rgf
5LI3IpOpRERrDaGathSU2FtAUd//KbKqb4ce13G7OqzvYQRYRwrO3tivrhkU6gBg
+S41RLCNQ+E9Y78paaTHkw/LNCAeJdJ8Ie5UyRUKHbGSRjZW7G2GZPuwAwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOQd7AMDSGoVYMbDClyTJRCBpQHFMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvNUIzc0F3TklhaFZneHNNS1hKTWxFSUdsQWNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQA1BBWMAwD
BAHUUBIDBADUUBgwDQYJKoZIhvcNAQELBQADggEBAA/KTgCmYBOVUKoMKRd4pRyn
7mv5IjxXKw8EKymleueMVBe7meUERdtok7vQe9CDVr+YlALxrzvAV0FyfCGhVoNp
XKfWTvt9eAuRZJjLDV3TxjqALWJzwU9wqccGIjSoyt2FiVMaEOOaZQ+Lg/d95zyQ
ZxIvuTnEYMkBpciO5WvFDP4x/v8b44BWMBQo3AUl4PqixiVctH8shwAFym4jaocd
DdKISj/Ix6cq9iffhn35JuFuX2gkdtpwc7zJQwheGL0IbfLWx5IXCG0DZG/gSQaj
JcFvVbjZ+d9m4Ennlq/lH0cc7Ri68zhJCkSuD0ioIy5bfqtlGvwpVVtTB4evN0s=
-----END CERTIFICATE-----
Generated at Mon Sep 16 19:54:08 2024 by rpki-client on console-fra.rpki-client.org