Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/ThlzO_MHzXF3BZLWr9S2X-rdUjg.roa
File: ThlzO_MHzXF3BZLWr9S2X-rdUjg.roa (raw, json)
Hash identifier: MbgaEEE2NVVrSIcFaSEChifcxbnUPpzcJ9UxkTVxizs=
Subject key identifier: 4E:19:73:3B:F3:07:CD:71:77:05:92:D6:AF:D4:B6:5F:EA:DD:52:38
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018E88DD409932AC885AADC9CB8A0A6BA800
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/ThlzO_MHzXF3BZLWr9S2X-rdUjg.roa
Signing time: Fri 29 Mar 2024 06:19:45 +0000
ROA not before: Fri 29 Mar 2024 06:19:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38136
IP address blocks: 5.34.216.0/21 maxlen: 24
5.226.48.0/22 maxlen: 24
45.137.180.0/22 maxlen: 24
178.236.36.0/22 maxlen: 24
185.36.192.0/22 maxlen: 24
185.220.236.0/22 maxlen: 24
185.248.184.0/22 maxlen: 24
188.253.4.0/22 maxlen: 24
188.253.112.0/21 maxlen: 24
188.253.120.0/21 maxlen: 21
212.87.192.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Apr 2024 14:13:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:88:dd:40:99:32:ac:88:5a:ad:c9:cb:8a:0a:6b:a8:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Mar 29 06:19:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e19733bf307cd71770592d6afd4b65feadd5238
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:07:08:f4:6b:c6:b5:83:a0:96:b0:85:e1:c5:
ab:67:f3:09:4b:8a:4d:6b:c8:ad:ec:48:a9:23:5d:
02:14:0e:e0:e7:5f:2b:5a:c6:dc:52:9b:36:0e:66:
a0:20:28:db:34:68:1b:4b:60:47:41:6b:9b:f3:29:
69:10:0b:30:f0:4e:a8:0b:64:cc:0f:24:3f:72:d5:
88:68:9a:2a:3d:9e:1c:63:eb:01:a1:b1:69:fa:10:
4b:d1:d6:7f:69:85:3d:ea:28:99:37:6a:8d:26:63:
6d:5b:80:63:cd:fb:76:9e:f9:69:82:3d:14:25:c3:
0c:f3:90:62:3d:cc:c1:b9:1b:cf:01:89:dd:dc:70:
f5:33:6b:0a:4b:7b:a6:96:b1:58:30:19:c4:85:59:
cc:9c:58:0e:27:fd:7e:e6:8a:e6:73:2d:73:19:a5:
0b:56:ce:87:5a:81:3d:ee:f6:53:5b:95:43:cf:da:
fe:c1:e0:30:a9:27:d3:c6:b9:29:a4:08:7e:41:c7:
69:02:93:a4:fb:56:f1:70:de:a7:b2:5f:1d:f0:3d:
2a:27:45:31:93:93:6a:29:71:68:1a:7c:6c:80:02:
53:86:e4:0c:bc:93:4f:62:55:72:51:b7:56:b3:4d:
7d:41:63:b3:a5:0d:99:c4:4f:8c:79:99:fc:51:c1:
e6:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:19:73:3B:F3:07:CD:71:77:05:92:D6:AF:D4:B6:5F:EA:DD:52:38
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/ThlzO_MHzXF3BZLWr9S2X-rdUjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.216.0/21
5.226.48.0/22
45.137.180.0/22
178.236.36.0/22
185.36.192.0/22
185.220.236.0/22
185.248.184.0/22
188.253.4.0/22
188.253.112.0/20
212.87.192.0/22
Signature Algorithm: sha256WithRSAEncryption
82:7b:1f:1a:ce:87:47:cf:03:cf:cb:0a:bf:3e:f5:4f:8a:88:
1a:d1:35:10:42:c3:bc:fa:e3:5e:37:f3:2d:4a:12:ad:c4:ba:
14:12:fa:88:85:29:75:2f:0a:17:57:dc:5c:3d:4e:13:f4:60:
1e:23:2f:ed:08:f4:9e:15:5d:ba:26:a3:a2:56:ae:35:66:a5:
51:76:76:0d:3f:08:57:3e:53:61:44:a9:2b:72:37:d9:06:ec:
31:b3:66:07:b9:d3:f5:66:ff:2c:7e:c3:67:ac:0e:6e:7f:6d:
e7:f8:aa:cf:45:7c:80:26:03:a3:18:6d:c8:c1:5a:83:bf:24:
56:db:fb:07:1e:ff:a5:fb:ac:cc:13:eb:6b:3a:ba:da:7a:20:
49:88:13:e0:ef:83:b5:3f:73:3f:09:5a:d8:ee:44:91:e6:6f:
5b:b9:e7:1c:bf:43:af:32:4c:51:b0:f5:d1:ff:92:82:c4:f2:
72:99:1c:20:d9:6a:cb:5e:b1:50:fa:84:3f:ae:a1:d0:d4:8e:
2d:74:a0:d0:b2:02:f5:92:13:98:14:c1:ae:80:1a:a2:72:67:
9b:cd:b3:ba:1f:22:dd:97:74:ef:8a:f6:30:b1:b3:36:88:8e:
a4:51:ff:df:ea:0c:bd:d0:6d:d4:93:29:b3:fb:58:7b:d6:d6:
f0:2e:82:8d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY6I3UCZMqyIWq3Jy4oKa6gAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMzI5MDYxOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTE5NzMzYmYzMDdjZDcxNzcwNTkyZDZhZmQ0YjY1ZmVhZGQ1MjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwcI9GvGtYOglrCF4cWrZ/MJS4pN
a8it7EipI10CFA7g518rWsbcUps2DmagICjbNGgbS2BHQWub8ylpEAsw8E6oC2TM
DyQ/ctWIaJoqPZ4cY+sBobFp+hBL0dZ/aYU96iiZN2qNJmNtW4Bjzft2nvlpgj0U
JcMM85BiPczBuRvPAYnd3HD1M2sKS3umlrFYMBnEhVnMnFgOJ/1+5ormcy1zGaUL
Vs6HWoE97vZTW5VDz9r+weAwqSfTxrkppAh+QcdpApOk+1bxcN6nsl8d8D0qJ0Ux
k5NqKXFoGnxsgAJThuQMvJNPYlVyUbdWs019QWOzpQ2ZxE+MeZn8UcHmpwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFE4ZczvzB81xdwWS1q/Utl/q3VI4MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvVGhsek9fTUh6WEYzQlpMV3I5UzJYLXJkVWpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQDBSLYAwQC
BeIwAwQCLYm0AwQCsuwkAwQCuSTAAwQCudzsAwQCufi4AwQCvP0EAwQEvP1wAwQC
1FfAMA0GCSqGSIb3DQEBCwUAA4IBAQCCex8azodHzwPPywq/PvVPioga0TUQQsO8
+uNeN/MtShKtxLoUEvqIhSl1LwoXV9xcPU4T9GAeIy/tCPSeFV26JqOiVq41ZqVR
dnYNPwhXPlNhRKkrcjfZBuwxs2YHudP1Zv8sfsNnrA5uf23n+KrPRXyAJgOjGG3I
wVqDvyRW2/sHHv+l+6zME+trOrraeiBJiBPg74O1P3M/CVrY7kSR5m9bueccv0Ov
MkxRsPXR/5KCxPJymRwg2WrLXrFQ+oQ/rqHQ1I4tdKDQsgL1khOYFMGugBqicmeb
zbO6HyLdl3TvivYwsbM2iI6kUf/f6gy90G3Ukymz+1h71tbwLoKN
-----END CERTIFICATE-----
Generated at Mon Apr 8 17:17:59 2024 by rpki-client on console-fra.rpki-client.org