Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/7caae5-03af-47f8-b29e-e951a74346f9/1/3ei5xsh17LB0lxTKN2RhYZXrvb0.roa
File: 3ei5xsh17LB0lxTKN2RhYZXrvb0.roa (raw, json)
Hash identifier: iiDnfNbrOUbIqMl39kBuP2siVTUvra4CIhKAZwV1m8c=
Subject key identifier: DD:E8:B9:C6:C8:75:EC:B0:74:97:14:CA:37:64:61:61:95:EB:BD:BD
Certificate issuer: /CN=552423ed905000f69ad93eefc666bb9b1addcb37
Certificate serial: 018CC3B6768D686FEADC498C999C7372C83A
Authority key identifier: 55:24:23:ED:90:50:00:F6:9A:D9:3E:EF:C6:66:BB:9B:1A:DD:CB:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VSQj7ZBQAPaa2T7vxma7mxrdyzc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/7caae5-03af-47f8-b29e-e951a74346f9/1/3ei5xsh17LB0lxTKN2RhYZXrvb0.roa
Signing time: Mon 01 Jan 2024 06:29:24 +0000
ROA not before: Mon 01 Jan 2024 06:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200517
IP address blocks: 51.4.0.0/16 maxlen: 16
51.4.0.0/15 maxlen: 15
51.18.0.0/16 maxlen: 16
51.5.0.0/16 maxlen: 16
51.8.0.0/16 maxlen: 16
2a01:4180::/33 maxlen: 33
Validation: Failed, certificate revoked on Fri 08 Mar 2024 15:54:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:76:8d:68:6f:ea:dc:49:8c:99:9c:73:72:c8:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=552423ed905000f69ad93eefc666bb9b1addcb37
Validity
Not Before: Jan 1 06:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dde8b9c6c875ecb0749714ca3764616195ebbdbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:81:8e:0f:03:c8:79:86:2b:31:a4:5a:6e:0d:
3a:c3:3e:bc:bf:d5:bb:43:c4:e7:fa:7c:42:c8:72:
ff:2a:db:aa:1f:05:90:8f:fc:bd:14:dc:3a:33:a9:
11:11:47:e0:06:65:91:ea:c9:e6:36:98:4d:bc:18:
04:7d:8d:04:de:a5:af:b7:d5:a0:1e:1f:91:32:55:
67:62:9f:25:e3:8f:07:a1:32:b0:61:d6:75:dd:b9:
c7:e8:82:0c:94:5c:7a:26:ab:dd:ba:da:06:4f:70:
ca:7c:98:bb:d8:92:be:80:ee:19:fa:ac:2e:e2:90:
ea:47:7d:91:83:ff:ca:8b:dc:1f:da:b1:5f:2c:f9:
a7:01:2b:e8:c8:9c:65:da:f6:d6:a4:f7:0a:da:b3:
23:49:e1:58:e5:e4:00:2e:15:4b:16:c3:cd:09:0f:
a1:db:95:89:be:c7:18:e4:3b:bb:50:55:50:5f:a4:
6a:d5:2e:f7:fe:a0:05:bc:af:8f:a4:ca:65:f9:41:
63:2c:56:eb:65:74:cb:9c:ad:9c:e8:0f:6a:d6:41:
39:39:bc:df:5a:ad:23:be:08:69:08:a7:0a:af:37:
e7:05:e8:b9:4a:58:d8:2e:1d:a7:5d:de:ae:79:5b:
c2:b6:77:23:29:3b:76:df:bb:b7:ff:2f:6a:17:ab:
51:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:E8:B9:C6:C8:75:EC:B0:74:97:14:CA:37:64:61:61:95:EB:BD:BD
X509v3 Authority Key Identifier:
keyid:55:24:23:ED:90:50:00:F6:9A:D9:3E:EF:C6:66:BB:9B:1A:DD:CB:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VSQj7ZBQAPaa2T7vxma7mxrdyzc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7caae5-03af-47f8-b29e-e951a74346f9/1/3ei5xsh17LB0lxTKN2RhYZXrvb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7caae5-03af-47f8-b29e-e951a74346f9/1/VSQj7ZBQAPaa2T7vxma7mxrdyzc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.4.0.0/15
51.8.0.0/16
51.18.0.0/16
IPv6:
2a01:4180::/33
Signature Algorithm: sha256WithRSAEncryption
67:82:9e:d5:e1:e5:0e:eb:60:92:6f:77:ef:2f:a7:10:37:1d:
73:e5:d5:38:33:be:8c:9c:7a:ce:24:df:96:ac:03:6c:4b:53:
5a:da:2e:90:84:69:44:b7:88:80:41:bc:2c:c0:d6:f6:fb:33:
22:91:0a:9c:44:76:43:8c:bb:d5:d1:eb:4b:e3:1f:b1:09:96:
e0:3e:a7:38:e8:e1:a9:50:fb:78:63:04:dc:ad:ee:a5:20:2b:
f6:c4:67:28:ab:e2:9c:b0:9f:62:68:bc:ca:3d:e3:28:68:be:
78:13:2f:d9:c9:f5:4d:5b:91:52:dd:b4:e3:be:da:2c:a0:df:
e5:91:16:c8:28:b0:ce:3e:7f:b2:2a:6f:64:4c:bc:bb:d8:87:
ba:02:02:07:36:76:dd:28:3a:77:6d:03:23:c1:4b:ee:d6:37:
dd:e6:aa:a7:ad:b0:71:9c:e3:63:70:d8:b6:95:fa:cf:31:ab:
da:13:51:02:4b:f4:b0:ee:3a:f6:32:05:5a:9c:2d:af:a5:16:
b9:f4:5f:f2:0d:01:50:c9:68:e4:99:a8:aa:0f:6b:a5:9b:cc:
c4:13:04:8c:ab:09:f0:c0:07:20:6e:f5:91:a6:5a:06:32:1e:
ce:ae:05:34:90:39:a4:da:e4:c3:a4:41:a1:58:96:02:9f:60:
10:b0:33:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzDtnaNaG/q3EmMmZxzcsg6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MjQyM2VkOTA1MDAwZjY5YWQ5M2VlZmM2NjZiYjliMWFk
ZGNiMzcwHhcNMjQwMTAxMDYyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGU4YjljNmM4NzVlY2IwNzQ5NzE0Y2EzNzY0NjE2MTk1ZWJiZGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4GODwPIeYYrMaRabg06wz68v9W7
Q8Tn+nxCyHL/KtuqHwWQj/y9FNw6M6kREUfgBmWR6snmNphNvBgEfY0E3qWvt9Wg
Hh+RMlVnYp8l448HoTKwYdZ13bnH6IIMlFx6JqvdutoGT3DKfJi72JK+gO4Z+qwu
4pDqR32Rg//Ki9wf2rFfLPmnASvoyJxl2vbWpPcK2rMjSeFY5eQALhVLFsPNCQ+h
25WJvscY5Du7UFVQX6Rq1S73/qAFvK+PpMpl+UFjLFbrZXTLnK2c6A9q1kE5Obzf
Wq0jvghpCKcKrzfnBei5SljYLh2nXd6ueVvCtncjKTt237u3/y9qF6tRewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN3oucbIdeywdJcUyjdkYWGV6729MB8GA1UdIwQY
MBaAFFUkI+2QUAD2mtk+78Zmu5sa3cs3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlNRajdaQlFBUGFhMlQ3dnhtYTdteHJkeXpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS83Y2FhZTUtMDNhZi00N2Y4LWIyOWUt
ZTk1MWE3NDM0NmY5LzEvM2VpNXhzaDE3TEIwbHhUS04yUmhZWlhydmIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS83Y2FhZTUtMDNhZi00N2Y4LWIyOWUtZTk1MWE3NDM0NmY5
LzEvVlNRajdaQlFBUGFhMlQ3dnhtYTdteHJkeXpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAVBAIAATAPAwMBMwQDAwAz
CAMDADMSMA4EAgACMAgDBgcqAUGAADANBgkqhkiG9w0BAQsFAAOCAQEAZ4Ke1eHl
Dutgkm937y+nEDcdc+XVODO+jJx6ziTflqwDbEtTWtoukIRpRLeIgEG8LMDW9vsz
IpEKnER2Q4y71dHrS+MfsQmW4D6nOOjhqVD7eGME3K3upSAr9sRnKKvinLCfYmi8
yj3jKGi+eBMv2cn1TVuRUt20477aLKDf5ZEWyCiwzj5/sipvZEy8u9iHugICBzZ2
3Sg6d20DI8FL7tY33eaqp62wcZzjY3DYtpX6zzGr2hNRAkv0sO469jIFWpwtr6UW
ufRf8g0BUMlo5Jmoqg9rpZvMxBMEjKsJ8MAHIG71kaZaBjIezq4FNJA5pNrkw6RB
oViWAp9gELAzAA==
-----END CERTIFICATE-----
Generated at Fri Mar 8 19:35:31 2024 by rpki-client on console-fra.rpki-client.org