Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/e-jfHeONVQCeRPpOd08NLfQn2Bc.roa
File: e-jfHeONVQCeRPpOd08NLfQn2Bc.roa (raw, json)
Hash identifier: PK0EKuDfK5kGbWgzM+VnBd9+49R51vZ7iNZWu9YxrdI=
Subject key identifier: 7B:E8:DF:1D:E3:8D:55:00:9E:44:FA:4E:77:4F:0D:2D:F4:27:D8:17
Certificate issuer: /CN=3fffcbec888c1047f221d7cf9396bf1412abaf9b
Certificate serial: 019421B1DF8046C54A27A13425D1CAA026F4
Authority key identifier: 3F:FF:CB:EC:88:8C:10:47:F2:21:D7:CF:93:96:BF:14:12:AB:AF:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P__L7IiMEEfyIdfPk5a_FBKrr5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/e-jfHeONVQCeRPpOd08NLfQn2Bc.roa
Signing time: Wed 01 Jan 2025 11:48:12 +0000
ROA not before: Wed 01 Jan 2025 11:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212602
IP address blocks: 5.133.114.0/24 maxlen: 32
5.180.112.0/24 maxlen: 32
5.180.113.0/24 maxlen: 32
185.194.208.0/22 maxlen: 32
2a10:7040::/29 maxlen: 29
2a10:7040:2::/64 maxlen: 64
2a10:7041::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 03 Jan 2025 14:11:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:df:80:46:c5:4a:27:a1:34:25:d1:ca:a0:26:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fffcbec888c1047f221d7cf9396bf1412abaf9b
Validity
Not Before: Jan 1 11:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7be8df1de38d55009e44fa4e774f0d2df427d817
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:b7:a2:ae:06:5d:26:bd:56:9c:2d:a4:90:6f:
7d:80:cb:73:37:4d:70:ff:4f:73:4a:c1:b3:50:f9:
1c:d4:ab:ac:ae:42:bf:3f:93:54:00:20:b1:93:1b:
7b:72:6a:be:03:01:f3:65:11:fb:e1:80:68:7d:a8:
cb:ae:94:5c:5c:9d:14:c8:13:cf:f4:de:62:43:f9:
a1:dc:7a:d7:51:73:26:e9:6b:26:73:5c:39:a9:12:
5f:4a:45:33:ed:4a:97:11:30:98:2a:77:6f:df:ce:
11:65:e7:eb:58:9b:6e:36:e4:98:e1:e5:18:69:fc:
d0:30:c0:e5:ab:ed:6c:87:19:1a:40:31:a2:73:7c:
30:e3:a1:c1:11:e7:a6:62:cc:37:5c:16:20:43:3b:
a7:e4:cf:42:5e:8e:16:8a:7c:c0:e8:0e:87:33:d3:
b0:a8:69:c7:6b:ef:a4:ac:14:eb:df:18:88:35:60:
7c:7c:ef:bb:96:e0:49:b1:a1:08:ff:d1:4a:e2:df:
62:32:1c:ea:1e:61:e1:36:93:ba:3c:3e:d9:03:19:
f9:48:0e:f3:1d:e9:43:60:16:2f:79:c6:57:f0:b3:
eb:7d:e7:4a:08:63:33:39:dd:0c:93:74:e1:23:79:
c4:04:2b:47:11:27:b6:bf:80:f8:6e:34:56:97:b8:
34:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:E8:DF:1D:E3:8D:55:00:9E:44:FA:4E:77:4F:0D:2D:F4:27:D8:17
X509v3 Authority Key Identifier:
keyid:3F:FF:CB:EC:88:8C:10:47:F2:21:D7:CF:93:96:BF:14:12:AB:AF:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P__L7IiMEEfyIdfPk5a_FBKrr5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/e-jfHeONVQCeRPpOd08NLfQn2Bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/P__L7IiMEEfyIdfPk5a_FBKrr5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.114.0/24
5.180.112.0/23
185.194.208.0/22
IPv6:
2a10:7040::/29
Signature Algorithm: sha256WithRSAEncryption
9e:ea:60:9c:70:fd:82:84:ec:c9:c2:ba:b9:6c:ed:c4:76:c9:
da:08:11:57:fc:52:ef:e2:7d:a8:4d:7e:49:c5:e8:de:65:b4:
56:95:e0:34:c9:30:5f:cd:66:f9:e5:98:30:8d:e5:3a:16:c1:
62:23:8f:f7:c9:ff:dd:e4:46:17:ea:17:a4:8b:3f:b0:e1:46:
ea:44:9d:d3:86:63:d5:2f:ac:f6:5f:ea:8c:0f:5a:ba:2d:06:
20:da:cc:b0:f3:51:0a:ec:e5:55:a8:b8:16:98:3d:66:11:45:
26:7e:c7:6c:43:29:c0:47:83:14:1e:03:8e:3c:7f:b8:3a:32:
ed:b2:cd:b8:34:ee:80:dc:b4:6d:1a:a4:26:ed:a1:35:7c:2c:
aa:54:81:a3:58:45:f9:df:d8:7b:0f:9c:87:83:55:8a:ee:98:
88:5d:e1:22:e9:18:48:90:b9:b8:27:ea:eb:f0:26:37:4b:81:
8c:2e:8d:d1:2f:4c:45:58:ad:0b:ee:8e:97:a9:dc:2d:36:d3:
4d:16:4a:d5:c2:22:9a:2c:0d:de:97:87:ad:d3:c1:ce:af:d1:
6c:46:97:8c:ca:97:7f:94:ce:4b:17:d8:31:50:b4:70:70:bb:
3a:9c:d2:fb:2a:98:2d:bb:11:8f:18:43:cd:9c:07:55:7e:fe:
84:31:e3:57
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQhsd+ARsVKJ6E0JdHKoCb0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZmZjYmVjODg4YzEwNDdmMjIxZDdjZjkzOTZiZjE0MTJh
YmFmOWIwHhcNMjUwMTAxMTE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmU4ZGYxZGUzOGQ1NTAwOWU0NGZhNGU3NzRmMGQyZGY0MjdkODE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4reirgZdJr1WnC2kkG99gMtzN01w
/09zSsGzUPkc1KusrkK/P5NUACCxkxt7cmq+AwHzZRH74YBofajLrpRcXJ0UyBPP
9N5iQ/mh3HrXUXMm6Wsmc1w5qRJfSkUz7UqXETCYKndv384RZefrWJtuNuSY4eUY
afzQMMDlq+1shxkaQDGic3ww46HBEeemYsw3XBYgQzun5M9CXo4WinzA6A6HM9Ow
qGnHa++krBTr3xiINWB8fO+7luBJsaEI/9FK4t9iMhzqHmHhNpO6PD7ZAxn5SA7z
HelDYBYvecZX8LPrfedKCGMzOd0Mk3ThI3nEBCtHESe2v4D4bjRWl7g0XwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHvo3x3jjVUAnkT6TndPDS30J9gXMB8GA1UdIwQY
MBaAFD//y+yIjBBH8iHXz5OWvxQSq6+bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUF9fTDdJaU1FRWZ5SWRmUGs1YV9GQktycjVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9iYmI3YjYtM2VlNS00NmQ5LWIzN2It
NjE2NjdjNzY5MWIyLzEvZS1qZkhlT05WUUNlUlBwT2QwOE5MZlFuMkJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9iYmI3YjYtM2VlNS00NmQ5LWIzN2ItNjE2NjdjNzY5MWIy
LzEvUF9fTDdJaU1FRWZ5SWRmUGs1YV9GQktycjVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQABYVyAwQB
BbRwAwQCucLQMA0EAgACMAcDBQMqEHBAMA0GCSqGSIb3DQEBCwUAA4IBAQCe6mCc
cP2ChOzJwrq5bO3EdsnaCBFX/FLv4n2oTX5JxejeZbRWleA0yTBfzWb55ZgwjeU6
FsFiI4/3yf/d5EYX6hekiz+w4UbqRJ3ThmPVL6z2X+qMD1q6LQYg2syw81EK7OVV
qLgWmD1mEUUmfsdsQynAR4MUHgOOPH+4OjLtss24NO6A3LRtGqQm7aE1fCyqVIGj
WEX539h7D5yHg1WK7piIXeEi6RhIkLm4J+rr8CY3S4GMLo3RL0xFWK0L7o6Xqdwt
NtNNFkrVwiKaLA3el4et08HOr9FsRpeMypd/lM5LF9gxULRwcLs6nNL7KpgtuxGP
GEPNnAdVfv6EMeNX
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:10:45 2025 by rpki-client