Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/jsr2zc0Xl4aZ3Y3pbBYep1N1f0k.roa
File: jsr2zc0Xl4aZ3Y3pbBYep1N1f0k.roa (raw, json)
Hash identifier: xSapQQiKftU2C3c0TwwlEB4pGmieHRkfeJvdkpr+jz8=
Subject key identifier: 8E:CA:F6:CD:CD:17:97:86:99:DD:8D:E9:6C:16:1E:A7:53:75:7F:49
Certificate issuer: /CN=39027738f978feda24a9d87b0cb8bb9aa7af540d
Certificate serial: 019079717AECEB7008EDD42478F7D5C9050A
Authority key identifier: 39:02:77:38:F9:78:FE:DA:24:A9:D8:7B:0C:B8:BB:9A:A7:AF:54:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/jsr2zc0Xl4aZ3Y3pbBYep1N1f0k.roa
Signing time: Wed 03 Jul 2024 16:33:18 +0000
ROA not before: Wed 03 Jul 2024 16:33:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202207
IP address blocks: 5.181.44.0/22 maxlen: 22
5.181.44.0/24 maxlen: 24
5.181.45.0/24 maxlen: 24
5.181.46.0/24 maxlen: 24
5.181.47.0/24 maxlen: 24
185.5.124.0/22 maxlen: 22
185.5.124.0/24 maxlen: 24
185.5.125.0/24 maxlen: 24
185.5.126.0/24 maxlen: 24
185.5.127.0/24 maxlen: 24
2a03:1c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 04 Jul 2024 06:52:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:79:71:7a:ec:eb:70:08:ed:d4:24:78:f7:d5:c9:05:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39027738f978feda24a9d87b0cb8bb9aa7af540d
Validity
Not Before: Jul 3 16:33:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ecaf6cdcd17978699dd8de96c161ea753757f49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:32:63:0b:70:08:12:84:90:da:2d:99:68:9a:
99:d9:aa:e3:61:bc:f4:ff:09:e2:c7:d3:04:49:8b:
cc:1e:b5:29:b3:d1:60:05:ce:f3:37:24:98:fe:06:
3e:4f:8d:40:98:4a:c1:b6:54:5c:cf:d3:58:d6:14:
b5:ff:dd:73:4b:2b:91:6f:f5:55:d4:c6:6b:b8:a1:
9c:46:a8:d9:d8:3e:a3:f0:51:b3:c5:68:54:0d:63:
dc:8e:20:eb:e8:2c:63:a9:47:07:da:ff:8b:6a:c0:
d0:a1:7d:e4:06:3f:de:50:e1:21:03:c2:b7:08:e8:
66:3a:03:cb:00:80:1c:11:32:cd:97:51:c4:9d:00:
a2:31:c9:ce:6e:8f:f6:9a:9c:f5:91:c8:08:0e:d7:
b5:76:77:e1:7e:80:dd:63:11:c6:d5:79:32:3e:2a:
57:93:80:f2:43:a0:92:4d:29:21:72:01:aa:d1:22:
0e:e7:8e:e8:95:6d:1d:82:ae:ef:23:a2:28:a2:ac:
7f:ef:b3:01:69:7c:a5:40:99:14:a9:5a:9f:39:6e:
0d:67:1a:e5:5a:c7:3e:bd:31:16:89:c9:5c:ad:5d:
a0:b8:97:31:0f:8e:d9:61:f5:8f:21:f3:d0:b8:e1:
73:c7:68:fa:4b:26:eb:8a:3d:64:87:94:1b:c2:e1:
f8:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:CA:F6:CD:CD:17:97:86:99:DD:8D:E9:6C:16:1E:A7:53:75:7F:49
X509v3 Authority Key Identifier:
keyid:39:02:77:38:F9:78:FE:DA:24:A9:D8:7B:0C:B8:BB:9A:A7:AF:54:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/jsr2zc0Xl4aZ3Y3pbBYep1N1f0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.44.0/22
185.5.124.0/22
IPv6:
2a03:1c0::/32
Signature Algorithm: sha256WithRSAEncryption
58:d8:4b:ab:68:fc:ef:58:e3:95:c9:68:2d:60:61:09:a4:9d:
78:40:ea:8d:c9:a8:ee:9e:7c:9c:7e:35:cf:d5:14:78:43:6d:
94:6d:17:ee:7f:27:36:14:2b:5a:27:4b:dd:d9:b4:b1:7a:49:
96:7a:41:66:58:28:d8:64:0c:bf:9e:aa:ca:4f:35:83:ed:13:
13:aa:fa:e9:41:ed:01:aa:b4:f1:7c:22:40:c1:f4:96:c6:3c:
8a:69:a0:81:57:eb:5b:c2:52:48:f9:49:a6:7d:a0:25:ee:c0:
df:bc:2f:54:95:04:b2:1a:6c:26:17:1c:2f:bc:9a:18:0c:80:
12:39:f2:f9:be:5e:97:6c:c9:21:e6:c5:d2:75:5c:0f:e9:8c:
46:92:1d:ef:c3:26:54:89:4d:43:0c:bb:bf:36:ea:88:e4:5e:
67:f6:6b:8a:c2:8f:30:bd:16:59:af:09:42:a3:3e:fd:68:9f:
6c:47:9b:7d:bb:89:f7:f5:47:2b:7a:ad:9f:d1:33:f0:ea:88:
2a:34:60:69:d6:4f:78:b0:c0:5f:bf:ce:b4:fc:ba:65:aa:94:
cc:cb:0e:15:da:6b:96:60:9c:fb:0c:f5:3a:65:fb:33:e4:36:
7e:b6:d8:15:65:ff:4f:21:8d:7b:2d:b8:a7:9b:87:42:83:2e:
98:34:93:9d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZB5cXrs63AI7dQkePfVyQUKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDI3NzM4Zjk3OGZlZGEyNGE5ZDg3YjBjYjhiYjlhYTdh
ZjU0MGQwHhcNMjQwNzAzMTYzMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWNhZjZjZGNkMTc5Nzg2OTlkZDhkZTk2YzE2MWVhNzUzNzU3ZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzJjC3AIEoSQ2i2ZaJqZ2arjYbz0
/wnix9MESYvMHrUps9FgBc7zNySY/gY+T41AmErBtlRcz9NY1hS1/91zSyuRb/VV
1MZruKGcRqjZ2D6j8FGzxWhUDWPcjiDr6CxjqUcH2v+LasDQoX3kBj/eUOEhA8K3
COhmOgPLAIAcETLNl1HEnQCiMcnObo/2mpz1kcgIDte1dnfhfoDdYxHG1XkyPipX
k4DyQ6CSTSkhcgGq0SIO547olW0dgq7vI6Iooqx/77MBaXylQJkUqVqfOW4NZxrl
Wsc+vTEWiclcrV2guJcxD47ZYfWPIfPQuOFzx2j6Sybrij1kh5QbwuH4JQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFI7K9s3NF5eGmd2N6WwWHqdTdX9JMB8GA1UdIwQY
MBaAFDkCdzj5eP7aJKnYewy4u5qnr1QNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iOTExN2MtNTFjNS00YWY4LWJiZWYt
ZjVkOGFiN2MxNWYwLzEvanNyMnpjMFhsNGFaM1kzcGJCWWVwMU4xZjBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9iOTExN2MtNTFjNS00YWY4LWJiZWYtZjVkOGFiN2MxNWYw
LzEvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCBbUsAwQC
uQV8MA0EAgACMAcDBQAqAwHAMA0GCSqGSIb3DQEBCwUAA4IBAQBY2EuraPzvWOOV
yWgtYGEJpJ14QOqNyajunnycfjXP1RR4Q22UbRfufyc2FCtaJ0vd2bSxekmWekFm
WCjYZAy/nqrKTzWD7RMTqvrpQe0BqrTxfCJAwfSWxjyKaaCBV+tbwlJI+UmmfaAl
7sDfvC9UlQSyGmwmFxwvvJoYDIASOfL5vl6XbMkh5sXSdVwP6YxGkh3vwyZUiU1D
DLu/NuqI5F5n9muKwo8wvRZZrwlCoz79aJ9sR5t9u4n39Ucreq2f0TPw6ogqNGBp
1k94sMBfv860/LplqpTMyw4V2muWYJz7DPU6Zfsz5DZ+ttgVZf9PIY17Lbinm4dC
gy6YNJOd
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:26 2025 by rpki-client