Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/cOiukT2J9RG3csWws6YnenvC6CA.roa
File: cOiukT2J9RG3csWws6YnenvC6CA.roa (raw, json)
Hash identifier: sm/44vhubBKeHbXJdi4w6xTJUFmMsUqQzJC/zaSzodM=
Subject key identifier: 70:E8:AE:91:3D:89:F5:11:B7:72:C5:B0:B3:A6:27:7A:7B:C2:E8:20
Certificate issuer: /CN=3fffcbec888c1047f221d7cf9396bf1412abaf9b
Certificate serial: 018DDBBBB5DFFEC603786685D163A7F5621A
Authority key identifier: 3F:FF:CB:EC:88:8C:10:47:F2:21:D7:CF:93:96:BF:14:12:AB:AF:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P__L7IiMEEfyIdfPk5a_FBKrr5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/cOiukT2J9RG3csWws6YnenvC6CA.roa
Signing time: Sat 24 Feb 2024 15:28:48 +0000
ROA not before: Sat 24 Feb 2024 15:28:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212602
IP address blocks: 5.133.114.0/24 maxlen: 24
5.180.112.0/24 maxlen: 24
5.180.113.0/24 maxlen: 24
185.194.208.0/22 maxlen: 22
2a10:7040::/29 maxlen: 29
2a10:7040:2::/64 maxlen: 64
2a10:7041::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 27 Feb 2024 14:40:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:db:bb:b5:df:fe:c6:03:78:66:85:d1:63:a7:f5:62:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fffcbec888c1047f221d7cf9396bf1412abaf9b
Validity
Not Before: Feb 24 15:28:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70e8ae913d89f511b772c5b0b3a6277a7bc2e820
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:2d:2b:d0:d1:8c:1a:8c:ff:9d:6b:f7:b1:36:
37:10:36:77:cf:7d:50:00:61:d3:c2:49:f8:e0:37:
09:df:53:3d:01:24:ff:cc:fc:02:c1:ea:50:8d:f0:
f7:79:76:fd:89:ec:72:b2:57:da:46:fc:b1:da:f7:
d6:8c:2c:7c:2f:e1:8a:93:4a:bb:77:69:66:b0:69:
1f:0c:b2:62:5f:59:39:ec:cb:31:07:cb:96:88:9b:
dd:9f:28:11:f6:03:af:26:10:45:38:97:25:fd:76:
5d:8e:da:07:9b:ad:a2:0e:51:6f:81:e7:ce:6a:b5:
d7:7b:1d:47:c5:3e:18:01:59:c9:6c:63:fc:60:43:
e4:a7:42:95:7c:56:a7:6f:02:f0:b8:9b:ef:79:87:
02:7f:32:40:c0:11:33:5a:f8:31:1a:09:19:c0:06:
e0:1c:17:75:9e:78:c1:a8:9e:ab:2a:b1:71:3c:bd:
d6:53:e2:c5:d0:96:5b:3b:e1:a0:9c:e3:c4:da:24:
5e:d1:1f:72:87:46:0b:9d:9f:37:67:b0:03:19:91:
c6:5b:b8:66:b3:be:98:ba:17:72:dc:8d:f6:f6:d1:
08:aa:bc:7a:cb:a3:d9:e6:cc:29:20:a7:45:10:ba:
eb:8b:6a:ed:b1:a6:6d:4a:4f:6d:c2:4b:55:8e:ea:
1d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:E8:AE:91:3D:89:F5:11:B7:72:C5:B0:B3:A6:27:7A:7B:C2:E8:20
X509v3 Authority Key Identifier:
keyid:3F:FF:CB:EC:88:8C:10:47:F2:21:D7:CF:93:96:BF:14:12:AB:AF:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P__L7IiMEEfyIdfPk5a_FBKrr5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/cOiukT2J9RG3csWws6YnenvC6CA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/P__L7IiMEEfyIdfPk5a_FBKrr5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.114.0/24
5.180.112.0/23
185.194.208.0/22
IPv6:
2a10:7040::/29
Signature Algorithm: sha256WithRSAEncryption
21:5e:a4:9c:b3:e6:3e:4d:ff:57:c0:33:a2:02:6c:05:59:c9:
b6:9a:6d:6d:13:7c:db:d2:97:d1:3a:79:38:50:d7:84:b5:20:
75:e4:a1:7f:d9:e3:fd:70:ec:51:46:0f:41:2a:6f:a9:27:0f:
de:ce:63:dc:66:f8:94:6b:53:66:15:bb:2f:db:05:28:e7:86:
26:f6:e3:af:70:eb:db:0d:95:89:61:8e:1e:c9:14:6c:38:ee:
99:9b:b0:d3:9a:df:1d:28:8c:45:85:ad:f1:83:1f:61:a6:66:
2b:ba:b2:09:28:15:23:95:07:c6:b9:67:81:e1:b1:cf:0f:23:
5b:78:6f:07:e7:c2:39:89:f7:cf:e8:ae:88:2c:49:df:e7:3d:
2b:f6:a3:95:fd:42:a9:29:a4:70:55:b6:46:68:8e:c7:5d:aa:
78:d7:93:85:25:65:36:f9:03:71:41:d4:b0:8e:97:14:a4:b9:
38:ef:2f:b9:87:1b:b2:e3:4e:32:fe:f7:93:54:96:b9:45:00:
d9:bc:d9:e6:b4:a1:91:da:84:a5:e3:44:aa:c8:b5:be:f8:03:
c7:b9:11:75:84:0c:6f:ef:63:ad:5b:16:b2:07:ef:8a:84:74:
5e:5b:19:e3:5e:36:55:23:b1:bc:23:56:99:fc:24:2d:e5:94:
75:ab:ab:e4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY3bu7Xf/sYDeGaF0WOn9WIaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZmZjYmVjODg4YzEwNDdmMjIxZDdjZjkzOTZiZjE0MTJh
YmFmOWIwHhcNMjQwMjI0MTUyODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGU4YWU5MTNkODlmNTExYjc3MmM1YjBiM2E2Mjc3YTdiYzJlODIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmS0r0NGMGoz/nWv3sTY3EDZ3z31Q
AGHTwkn44DcJ31M9AST/zPwCwepQjfD3eXb9iexyslfaRvyx2vfWjCx8L+GKk0q7
d2lmsGkfDLJiX1k57MsxB8uWiJvdnygR9gOvJhBFOJcl/XZdjtoHm62iDlFvgefO
arXXex1HxT4YAVnJbGP8YEPkp0KVfFanbwLwuJvveYcCfzJAwBEzWvgxGgkZwAbg
HBd1nnjBqJ6rKrFxPL3WU+LF0JZbO+GgnOPE2iRe0R9yh0YLnZ83Z7ADGZHGW7hm
s76Yuhdy3I329tEIqrx6y6PZ5swpIKdFELrri2rtsaZtSk9twktVjuodGQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHDorpE9ifURt3LFsLOmJ3p7wuggMB8GA1UdIwQY
MBaAFD//y+yIjBBH8iHXz5OWvxQSq6+bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUF9fTDdJaU1FRWZ5SWRmUGs1YV9GQktycjVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9iYmI3YjYtM2VlNS00NmQ5LWIzN2It
NjE2NjdjNzY5MWIyLzEvY09pdWtUMko5UkczY3NXd3M2WW5lbnZDNkNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9iYmI3YjYtM2VlNS00NmQ5LWIzN2ItNjE2NjdjNzY5MWIy
LzEvUF9fTDdJaU1FRWZ5SWRmUGs1YV9GQktycjVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQABYVyAwQB
BbRwAwQCucLQMA0EAgACMAcDBQMqEHBAMA0GCSqGSIb3DQEBCwUAA4IBAQAhXqSc
s+Y+Tf9XwDOiAmwFWcm2mm1tE3zb0pfROnk4UNeEtSB15KF/2eP9cOxRRg9BKm+p
Jw/ezmPcZviUa1NmFbsv2wUo54Ym9uOvcOvbDZWJYY4eyRRsOO6Zm7DTmt8dKIxF
ha3xgx9hpmYrurIJKBUjlQfGuWeB4bHPDyNbeG8H58I5iffP6K6ILEnf5z0r9qOV
/UKpKaRwVbZGaI7HXap415OFJWU2+QNxQdSwjpcUpLk47y+5hxuy404y/veTVJa5
RQDZvNnmtKGR2oSl40SqyLW++APHuRF1hAxv72OtWxayB++KhHReWxnjXjZVI7G8
I1aZ/CQt5ZR1q6vk
-----END CERTIFICATE-----
Generated at Tue Feb 27 18:30:18 2024 by rpki-client on console-fra.rpki-client.org