Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/D46lss58g9ZczhriGa-e4Z1le9c.roa
File: D46lss58g9ZczhriGa-e4Z1le9c.roa (raw, json)
Hash identifier: tHTMs6481fCWfElPW+4ZI3NxyfxRPZCyJqE8gmItFKo=
Subject key identifier: 0F:8E:A5:B2:CE:7C:83:D6:5C:CE:1A:E2:19:AF:9E:E1:9D:65:7B:D7
Certificate issuer: /CN=39027738f978feda24a9d87b0cb8bb9aa7af540d
Certificate serial: 0190822988EC90064D62E64ACC8CD5386D3F
Authority key identifier: 39:02:77:38:F9:78:FE:DA:24:A9:D8:7B:0C:B8:BB:9A:A7:AF:54:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/D46lss58g9ZczhriGa-e4Z1le9c.roa
Signing time: Fri 05 Jul 2024 09:11:18 +0000
ROA not before: Fri 05 Jul 2024 09:11:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202207
IP address blocks: 5.56.160.0/21 maxlen: 21
5.56.164.0/22 maxlen: 22
5.181.44.0/22 maxlen: 22
5.181.44.0/24 maxlen: 24
5.181.45.0/24 maxlen: 24
5.181.46.0/24 maxlen: 24
5.181.47.0/24 maxlen: 24
185.5.124.0/22 maxlen: 22
185.5.124.0/24 maxlen: 24
185.5.125.0/24 maxlen: 24
185.5.126.0/24 maxlen: 24
185.5.127.0/24 maxlen: 24
2a03:1c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 05 Jul 2024 10:07:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:82:29:88:ec:90:06:4d:62:e6:4a:cc:8c:d5:38:6d:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39027738f978feda24a9d87b0cb8bb9aa7af540d
Validity
Not Before: Jul 5 09:11:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f8ea5b2ce7c83d65cce1ae219af9ee19d657bd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7c:68:9c:1b:33:c6:92:f3:8f:f9:0d:89:59:
e9:f8:b3:29:09:86:e9:be:dc:11:c4:29:4b:eb:68:
3c:0d:cf:70:59:d3:9d:e3:34:db:7d:ff:31:ce:c0:
f0:db:61:27:ea:42:3d:90:c0:a1:47:d1:c2:e0:cf:
b4:12:4e:bf:30:6e:c5:c6:b0:4b:b0:ae:76:3e:5a:
a7:48:c9:80:9a:62:1c:88:cb:d7:40:be:26:3c:52:
ec:70:6b:b1:02:ce:67:f9:8d:08:f3:42:ad:dd:e8:
31:9c:f9:1e:44:45:d9:05:21:7c:cb:7d:32:0e:8b:
13:67:af:3f:1c:ec:2c:a7:41:ed:39:bd:5b:eb:96:
6f:ea:e9:0b:7b:d8:27:5e:ee:59:ce:8d:f2:81:ac:
a7:4f:0f:e4:1a:3f:37:2c:2d:0e:af:37:4f:41:1c:
47:a8:59:a4:ef:e1:ea:b1:4a:f6:4a:53:b4:97:71:
68:b1:ab:2a:70:8e:5f:b8:f5:d1:fa:2f:48:fa:7e:
1b:2d:bb:bd:f2:2e:9e:62:19:42:c9:de:10:31:0e:
df:72:a7:30:ca:94:67:3b:60:06:84:3d:6f:71:b2:
59:36:58:78:b8:00:58:c1:f3:31:f4:b7:d4:35:b8:
8a:58:09:09:0e:a8:11:16:c0:f3:00:80:88:bb:2d:
e2:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:8E:A5:B2:CE:7C:83:D6:5C:CE:1A:E2:19:AF:9E:E1:9D:65:7B:D7
X509v3 Authority Key Identifier:
keyid:39:02:77:38:F9:78:FE:DA:24:A9:D8:7B:0C:B8:BB:9A:A7:AF:54:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/D46lss58g9ZczhriGa-e4Z1le9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.160.0/21
5.181.44.0/22
185.5.124.0/22
IPv6:
2a03:1c0::/32
Signature Algorithm: sha256WithRSAEncryption
85:93:ec:70:05:bd:66:5d:9e:7a:4a:fb:95:70:94:a6:83:44:
95:bf:1e:2c:9d:cf:d1:c6:36:d7:af:bd:2c:b2:7b:74:be:67:
51:1f:c9:e3:36:4c:99:0d:4b:f2:ba:62:63:47:4b:34:6b:a8:
31:a5:d3:a4:3e:61:0a:9b:5b:fe:69:6b:b0:53:7c:fb:67:bd:
ab:2a:b7:f3:d4:5a:76:02:ab:9d:d7:29:43:c0:6c:a8:53:ea:
86:d2:a3:a9:73:8b:b6:d1:e2:48:57:90:fa:e1:a0:d3:20:74:
d4:67:40:99:fa:e9:15:26:ba:1f:b1:c4:22:ba:ee:12:6f:ab:
7d:8d:e6:48:15:64:80:d8:f7:6d:52:83:b9:23:4e:04:91:08:
5f:28:02:78:8c:95:e8:11:16:72:83:89:39:3c:36:9f:45:9b:
3c:af:1e:24:75:64:1b:7b:dd:d7:f0:78:4b:68:fc:e1:d7:b1:
35:1c:14:c9:00:cd:00:46:01:f5:22:be:a5:60:28:f8:a8:46:
a9:7e:a9:65:a6:8c:a5:39:1f:10:23:35:0a:00:13:60:4e:9e:
e7:6d:f4:8d:51:51:1e:57:df:76:0a:d4:83:2d:94:81:d7:4a:
31:7b:b0:27:3e:d1:c6:7e:8e:5c:b7:d8:35:63:67:92:75:7f:
e8:4e:c8:d3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZCCKYjskAZNYuZKzIzVOG0/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDI3NzM4Zjk3OGZlZGEyNGE5ZDg3YjBjYjhiYjlhYTdh
ZjU0MGQwHhcNMjQwNzA1MDkxMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjhlYTViMmNlN2M4M2Q2NWNjZTFhZTIxOWFmOWVlMTlkNjU3YmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXxonBszxpLzj/kNiVnp+LMpCYbp
vtwRxClL62g8Dc9wWdOd4zTbff8xzsDw22En6kI9kMChR9HC4M+0Ek6/MG7FxrBL
sK52PlqnSMmAmmIciMvXQL4mPFLscGuxAs5n+Y0I80Kt3egxnPkeREXZBSF8y30y
DosTZ68/HOwsp0HtOb1b65Zv6ukLe9gnXu5Zzo3ygaynTw/kGj83LC0OrzdPQRxH
qFmk7+HqsUr2SlO0l3FosasqcI5fuPXR+i9I+n4bLbu98i6eYhlCyd4QMQ7fcqcw
ypRnO2AGhD1vcbJZNlh4uABYwfMx9LfUNbiKWAkJDqgRFsDzAICIuy3i/QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFA+OpbLOfIPWXM4a4hmvnuGdZXvXMB8GA1UdIwQY
MBaAFDkCdzj5eP7aJKnYewy4u5qnr1QNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iOTExN2MtNTFjNS00YWY4LWJiZWYt
ZjVkOGFiN2MxNWYwLzEvRDQ2bHNzNThnOVpjemhyaUdhLWU0WjFsZTljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9iOTExN2MtNTFjNS00YWY4LWJiZWYtZjVkOGFiN2MxNWYw
LzEvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBTigAwQC
BbUsAwQCuQV8MA0EAgACMAcDBQAqAwHAMA0GCSqGSIb3DQEBCwUAA4IBAQCFk+xw
Bb1mXZ56SvuVcJSmg0SVvx4snc/RxjbXr70ssnt0vmdRH8njNkyZDUvyumJjR0s0
a6gxpdOkPmEKm1v+aWuwU3z7Z72rKrfz1Fp2Aqud1ylDwGyoU+qG0qOpc4u20eJI
V5D64aDTIHTUZ0CZ+ukVJrofscQiuu4Sb6t9jeZIFWSA2PdtUoO5I04EkQhfKAJ4
jJXoERZyg4k5PDafRZs8rx4kdWQbe93X8HhLaPzh17E1HBTJAM0ARgH1Ir6lYCj4
qEapfqllpoylOR8QIzUKABNgTp7nbfSNUVEeV992CtSDLZSB10oxe7AnPtHGfo5c
t9g1Y2eSdX/oTsjT
-----END CERTIFICATE-----
Generated at Fri Jul 5 12:16:53 2024 by rpki-client on console-ams.rpki-client.org