Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/5gXMcW1Dh9FiuX7F_xRsA7gzPHs.roa
File: 5gXMcW1Dh9FiuX7F_xRsA7gzPHs.roa (raw, json)
Hash identifier: tmYOC/59SDDMMfB73vJeCLQreHWemhxx3HM8i7+EEIc=
Subject key identifier: E6:05:CC:71:6D:43:87:D1:62:B9:7E:C5:FF:14:6C:03:B8:33:3C:7B
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0194221FFCA3C97E29E619EA7E0070685FF0
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/5gXMcW1Dh9FiuX7F_xRsA7gzPHs.roa
Signing time: Wed 01 Jan 2025 13:48:29 +0000
ROA not before: Wed 01 Jan 2025 13:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34918
IP address blocks: 46.38.139.0/24 maxlen: 24
46.38.148.0/24 maxlen: 24
185.29.222.0/24 maxlen: 24
212.80.11.0/24 maxlen: 24
212.80.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:14:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:fc:a3:c9:7e:29:e6:19:ea:7e:00:70:68:5f:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jan 1 13:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e605cc716d4387d162b97ec5ff146c03b8333c7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:cd:52:68:ab:01:79:1c:bd:a1:a3:07:42:b5:
e4:de:a3:4f:ca:88:ff:db:aa:5c:d8:e3:5e:81:22:
e9:21:35:f5:9a:55:02:78:83:ea:27:2f:e7:ce:bb:
92:ad:50:1c:51:14:ce:b3:e8:cb:04:70:8d:9b:b8:
b0:81:e3:14:a2:5b:ed:21:fe:60:29:1f:f3:9b:2a:
1b:89:60:2f:a9:81:e7:33:f2:d1:6e:e3:4f:f7:fd:
4a:7f:7a:d3:c4:dc:3f:39:ef:e0:26:f9:1e:2b:6b:
43:7b:e0:cb:54:11:a9:82:d0:07:62:5a:5d:9d:b7:
61:95:6c:ca:aa:83:30:f9:e7:b5:98:28:19:27:2f:
4f:d4:5e:1c:9b:cd:a6:2a:62:0f:2e:07:74:05:bf:
d5:b0:f8:0b:8c:3b:33:37:87:a0:51:9a:ac:d1:20:
dd:00:0d:6c:03:03:37:80:c1:c4:45:d8:81:3b:ae:
af:04:aa:44:b6:a0:42:21:85:55:8a:db:81:96:2d:
cf:6c:8d:83:b0:d9:25:88:64:f5:e1:2d:e1:d6:d3:
44:2c:ff:f6:25:e7:af:48:b7:19:4c:c1:b2:44:fc:
f0:79:30:8e:31:f1:d2:ff:52:84:6e:26:5b:b9:e4:
2d:97:46:4e:52:23:dc:fb:da:4a:60:8e:af:9c:10:
9f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:05:CC:71:6D:43:87:D1:62:B9:7E:C5:FF:14:6C:03:B8:33:3C:7B
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/5gXMcW1Dh9FiuX7F_xRsA7gzPHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.139.0/24
46.38.148.0/24
185.29.222.0/24
212.80.11.0/24
212.80.29.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:3e:4d:df:3c:1b:6c:92:d6:72:b0:fd:37:32:b6:5c:32:69:
0e:c6:9d:6e:0f:62:80:bb:10:d6:6d:02:cc:71:c6:da:1e:ba:
a6:33:e1:37:62:e3:73:52:f9:be:ef:5b:31:6a:67:d2:8c:09:
bc:62:f4:ff:c7:96:74:3c:d8:9f:81:3e:39:4f:b0:e4:4d:d5:
fd:88:f6:1c:dc:be:6a:81:a0:49:4a:f8:8f:5b:cf:cc:7d:18:
60:e7:e5:17:3a:f9:28:99:f5:07:2c:74:d2:c8:37:60:9b:a9:
37:e9:71:0d:b8:5e:d3:9e:cb:80:12:61:83:53:51:2c:9a:d2:
1e:13:1f:6e:85:89:cb:6f:76:26:37:bc:55:c3:6f:02:c4:25:
84:70:bd:88:99:84:e3:c0:c0:40:6c:c3:32:f9:13:9a:97:d7:
fa:7d:4b:b3:6f:69:eb:59:89:d1:10:47:fd:43:0a:95:af:52:
25:5c:52:d3:f2:06:8c:0d:fa:76:22:3c:5e:ac:44:e9:37:13:
37:5d:66:00:7e:7e:05:9a:99:2c:ac:99:52:f3:0d:0b:6e:52:
6a:99:9f:52:4e:77:a0:54:03:75:8b:51:ff:9b:a6:6a:e9:fb:
8c:13:ab:7d:12:7d:02:c6:55:f0:50:bb:e2:a6:3b:84:fb:7b:
91:98:2a:11
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQiH/yjyX4p5hnqfgBwaF/wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwMTAxMTM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjA1Y2M3MTZkNDM4N2QxNjJiOTdlYzVmZjE0NmMwM2I4MzMzYzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl81SaKsBeRy9oaMHQrXk3qNPyoj/
26pc2ONegSLpITX1mlUCeIPqJy/nzruSrVAcURTOs+jLBHCNm7iwgeMUolvtIf5g
KR/zmyobiWAvqYHnM/LRbuNP9/1Kf3rTxNw/Oe/gJvkeK2tDe+DLVBGpgtAHYlpd
nbdhlWzKqoMw+ee1mCgZJy9P1F4cm82mKmIPLgd0Bb/VsPgLjDszN4egUZqs0SDd
AA1sAwM3gMHERdiBO66vBKpEtqBCIYVVituBli3PbI2DsNkliGT14S3h1tNELP/2
JeevSLcZTMGyRPzweTCOMfHS/1KEbiZbueQtl0ZOUiPc+9pKYI6vnBCffQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOYFzHFtQ4fRYrl+xf8UbAO4Mzx7MB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvNWdYTWNXMURoOUZpdVg3Rl94UnNBN2d6UEhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALiaLAwQA
LiaUAwQAuR3eAwQA1FALAwQA1FAdMA0GCSqGSIb3DQEBCwUAA4IBAQAuPk3fPBts
ktZysP03MrZcMmkOxp1uD2KAuxDWbQLMccbaHrqmM+E3YuNzUvm+71sxamfSjAm8
YvT/x5Z0PNifgT45T7DkTdX9iPYc3L5qgaBJSviPW8/MfRhg5+UXOvkomfUHLHTS
yDdgm6k36XENuF7TnsuAEmGDU1EsmtIeEx9uhYnLb3YmN7xVw28CxCWEcL2ImYTj
wMBAbMMy+ROal9f6fUuzb2nrWYnREEf9QwqVr1IlXFLT8gaMDfp2IjxerETpNxM3
XWYAfn4FmpksrJlS8w0LblJqmZ9STnegVAN1i1H/m6Zq6fuME6t9En0CxlXwULvi
pjuE+3uRmCoR
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:51:41 2025 by rpki-client