Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/h3qvYK5VXY9j-Vxa08Gb0UvEAMM.roa
File: h3qvYK5VXY9j-Vxa08Gb0UvEAMM.roa (raw, json)
Hash identifier: DxQ/DceG7VHYK8VkoLU/KtLureeftJovD6/l86VXHNA=
Subject key identifier: 87:7A:AF:60:AE:55:5D:8F:63:F9:5C:5A:D3:C1:9B:D1:4B:C4:00:C3
Certificate issuer: /CN=39027738f978feda24a9d87b0cb8bb9aa7af540d
Certificate serial: 0190825CCDCF1E2C9635DB3750F029800485
Authority key identifier: 39:02:77:38:F9:78:FE:DA:24:A9:D8:7B:0C:B8:BB:9A:A7:AF:54:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/h3qvYK5VXY9j-Vxa08Gb0UvEAMM.roa
Signing time: Fri 05 Jul 2024 10:07:18 +0000
ROA not before: Fri 05 Jul 2024 10:07:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202207
IP address blocks: 5.56.160.0/21 maxlen: 21
5.181.44.0/22 maxlen: 22
5.181.44.0/24 maxlen: 24
5.181.45.0/24 maxlen: 24
5.181.46.0/24 maxlen: 24
5.181.47.0/24 maxlen: 24
185.5.124.0/22 maxlen: 22
185.5.124.0/24 maxlen: 24
185.5.125.0/24 maxlen: 24
185.5.126.0/24 maxlen: 24
185.5.127.0/24 maxlen: 24
2a03:1c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 12 Jul 2024 08:25:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:82:5c:cd:cf:1e:2c:96:35:db:37:50:f0:29:80:04:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39027738f978feda24a9d87b0cb8bb9aa7af540d
Validity
Not Before: Jul 5 10:07:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=877aaf60ae555d8f63f95c5ad3c19bd14bc400c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:10:4c:8e:9b:ee:d6:a6:c8:fa:77:b4:ec:6d:
11:db:e2:bb:f3:ea:91:79:97:01:d4:1f:bb:fc:61:
88:fe:39:03:d2:cd:ea:71:07:25:0e:d4:aa:e1:0e:
0e:5b:c4:eb:22:65:b5:41:13:ed:ca:e7:1f:8e:b3:
ee:46:5e:7a:ef:43:47:f7:5c:ee:16:b1:87:30:d5:
eb:8b:2f:60:b8:2a:d8:2f:55:d2:c8:2d:fa:b2:46:
5d:62:4b:fe:ff:26:95:a2:5b:b4:1b:90:ba:0c:40:
f3:9a:ea:b5:1b:f1:03:4e:0e:1a:f3:db:bc:19:00:
03:e8:d3:75:e4:10:e3:9f:1a:c2:e7:54:ee:57:34:
cc:0e:b6:a2:a1:47:92:f3:29:12:55:b8:a2:f8:b8:
83:e1:d5:6f:0b:32:05:54:4f:f3:49:d3:6a:e8:0a:
67:b2:ea:22:f7:a3:3b:90:88:a3:fd:24:57:4b:f0:
ef:8e:2c:2b:71:d8:de:bf:7d:3d:fa:33:23:98:54:
d9:0b:3d:de:43:ff:14:25:43:f4:65:b0:a3:a9:f7:
40:ca:88:d8:66:0b:67:20:a6:fb:50:10:97:1a:af:
33:24:db:79:b1:c5:35:2e:86:7f:4a:31:bf:07:48:
90:a7:a4:ff:80:bf:2b:ee:99:3c:63:fe:db:72:6f:
16:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:7A:AF:60:AE:55:5D:8F:63:F9:5C:5A:D3:C1:9B:D1:4B:C4:00:C3
X509v3 Authority Key Identifier:
keyid:39:02:77:38:F9:78:FE:DA:24:A9:D8:7B:0C:B8:BB:9A:A7:AF:54:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/h3qvYK5VXY9j-Vxa08Gb0UvEAMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.160.0/21
5.181.44.0/22
185.5.124.0/22
IPv6:
2a03:1c0::/32
Signature Algorithm: sha256WithRSAEncryption
42:a9:79:d4:63:b1:87:8c:bb:a5:d7:0e:d2:b4:53:37:f3:60:
d1:57:79:01:1c:25:90:cb:31:fd:51:fc:7a:bf:76:98:7f:9a:
c9:5f:9f:00:18:7e:21:77:cc:a9:52:84:7d:a4:b4:87:af:c9:
59:d8:98:e3:5c:3c:05:e7:4d:1b:cb:6e:83:34:f5:43:28:d2:
eb:18:f1:fd:89:cb:79:29:d8:aa:1f:4b:6e:cd:ba:ea:4a:7e:
e4:c3:7d:7b:fe:d7:c1:5c:b1:7f:2e:8d:dd:7a:c5:98:f6:40:
04:b3:2d:56:f5:92:c0:b7:fc:74:11:56:05:9b:40:f0:30:bb:
64:87:e0:07:cd:53:e7:d6:16:4a:1f:e5:39:40:79:45:3d:af:
b8:3a:8e:37:26:74:3a:5a:bf:be:27:61:b8:ef:19:a7:5a:66:
e5:3f:fa:fe:dd:0e:a0:55:36:d2:8d:fb:51:62:4e:e1:0e:36:
92:53:06:15:b6:0c:52:78:eb:72:05:5d:a5:8c:6c:87:94:85:
74:3d:96:60:70:d6:da:c2:1e:bf:12:e2:a1:0b:84:07:f5:ca:
b5:35:0b:c1:78:63:38:f6:9b:68:6b:8b:c8:79:6a:2f:e6:bf:
3a:7e:00:d4:b7:ab:f6:be:cc:51:43:cc:c4:de:c6:52:0e:0f:
97:f6:bb:89
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZCCXM3PHiyWNds3UPApgASFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDI3NzM4Zjk3OGZlZGEyNGE5ZDg3YjBjYjhiYjlhYTdh
ZjU0MGQwHhcNMjQwNzA1MTAwNzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzdhYWY2MGFlNTU1ZDhmNjNmOTVjNWFkM2MxOWJkMTRiYzQwMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBBMjpvu1qbI+ne07G0R2+K78+qR
eZcB1B+7/GGI/jkD0s3qcQclDtSq4Q4OW8TrImW1QRPtyucfjrPuRl5670NH91zu
FrGHMNXriy9guCrYL1XSyC36skZdYkv+/yaVolu0G5C6DEDzmuq1G/EDTg4a89u8
GQAD6NN15BDjnxrC51TuVzTMDraioUeS8ykSVbii+LiD4dVvCzIFVE/zSdNq6Apn
suoi96M7kIij/SRXS/Dvjiwrcdjev309+jMjmFTZCz3eQ/8UJUP0ZbCjqfdAyojY
ZgtnIKb7UBCXGq8zJNt5scU1LoZ/SjG/B0iQp6T/gL8r7pk8Y/7bcm8W5QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFId6r2CuVV2PY/lcWtPBm9FLxADDMB8GA1UdIwQY
MBaAFDkCdzj5eP7aJKnYewy4u5qnr1QNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iOTExN2MtNTFjNS00YWY4LWJiZWYt
ZjVkOGFiN2MxNWYwLzEvaDNxdllLNVZYWTlqLVZ4YTA4R2IwVXZFQU1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9iOTExN2MtNTFjNS00YWY4LWJiZWYtZjVkOGFiN2MxNWYw
LzEvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBTigAwQC
BbUsAwQCuQV8MA0EAgACMAcDBQAqAwHAMA0GCSqGSIb3DQEBCwUAA4IBAQBCqXnU
Y7GHjLul1w7StFM382DRV3kBHCWQyzH9Ufx6v3aYf5rJX58AGH4hd8ypUoR9pLSH
r8lZ2JjjXDwF500by26DNPVDKNLrGPH9ict5KdiqH0tuzbrqSn7kw317/tfBXLF/
Lo3desWY9kAEsy1W9ZLAt/x0EVYFm0DwMLtkh+AHzVPn1hZKH+U5QHlFPa+4Oo43
JnQ6Wr++J2G47xmnWmblP/r+3Q6gVTbSjftRYk7hDjaSUwYVtgxSeOtyBV2ljGyH
lIV0PZZgcNbawh6/EuKhC4QH9cq1NQvBeGM49ptoa4vIeWov5r86fgDUt6v2vsxR
Q8zE3sZSDg+X9ruJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:29 2025 by rpki-client