Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/eea21a-c9d3-4c6d-9a52-9b2c6b08a84a/1/2dfgMiMRGunzg4ZBs2dJ39A6oSI.roa
File: 2dfgMiMRGunzg4ZBs2dJ39A6oSI.roa (raw, json)
Hash identifier: Uo1Z4LYYgzmFrD6Sl3R2vuRjHxkhf1WdEPOMuh0Kdb8=
Subject key identifier: D9:D7:E0:32:23:11:1A:E9:F3:83:86:41:B3:67:49:DF:D0:3A:A1:22
Certificate issuer: /CN=40ef5849930cc9dd74211fb37e24118249a1fc40
Certificate serial: 018D6C51CCD0F27D65047522F26B0D51BB16
Authority key identifier: 40:EF:58:49:93:0C:C9:DD:74:21:1F:B3:7E:24:11:82:49:A1:FC:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QO9YSZMMyd10IR-zfiQRgkmh_EA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/eea21a-c9d3-4c6d-9a52-9b2c6b08a84a/1/2dfgMiMRGunzg4ZBs2dJ39A6oSI.roa
Signing time: Sat 03 Feb 2024 00:15:16 +0000
ROA not before: Sat 03 Feb 2024 00:15:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13768
IP address blocks: 5.44.16.0/21 maxlen: 21
5.44.24.0/22 maxlen: 22
5.44.28.0/22 maxlen: 22
46.20.112.0/20 maxlen: 20
62.128.128.0/19 maxlen: 19
62.128.132.0/24 maxlen: 24
62.128.133.0/24 maxlen: 24
62.128.140.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 05 Feb 2024 19:22:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6c:51:cc:d0:f2:7d:65:04:75:22:f2:6b:0d:51:bb:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40ef5849930cc9dd74211fb37e24118249a1fc40
Validity
Not Before: Feb 3 00:15:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9d7e03223111ae9f3838641b36749dfd03aa122
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3e:64:62:7a:00:39:f6:f4:10:8e:c2:32:83:
b5:2c:02:db:db:c9:ce:fd:7e:2d:c5:02:fb:94:9c:
90:c1:42:7e:e2:14:58:12:a9:1e:a6:b2:02:bf:49:
58:5c:e2:3e:6f:a3:9f:4d:d9:1e:b8:6d:13:7f:11:
9a:bf:6f:35:de:de:00:6c:bd:3a:b3:ee:2c:d9:4d:
74:91:4b:38:46:c3:fc:44:c0:71:a4:3c:6f:1d:41:
b3:ee:12:fe:11:10:d9:0b:9f:e4:54:1e:1d:94:18:
ce:97:e8:f3:31:84:55:b6:38:15:d2:57:65:b3:9e:
bb:8d:23:be:60:85:09:fb:10:06:e1:7b:80:f8:f7:
32:d4:1b:11:29:9e:57:4a:37:d8:a6:2d:52:1f:0d:
ba:97:86:0d:cd:2a:92:c9:58:e3:e7:91:46:f1:51:
45:d8:f4:d8:e3:65:da:20:f3:2e:d0:c4:73:fd:f6:
2d:25:2f:70:2a:63:29:5b:31:ad:78:33:18:c0:38:
85:c9:dd:ae:2b:7d:49:c4:f6:94:34:b7:f8:79:6c:
ee:c8:03:89:9b:89:e9:8d:0a:2e:22:8c:0d:5e:b5:
9c:84:61:84:6f:6d:38:1d:9b:40:ce:f8:dd:33:f5:
fc:5a:8a:c5:94:4a:5c:7e:2a:8d:a5:85:b7:93:39:
9c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:D7:E0:32:23:11:1A:E9:F3:83:86:41:B3:67:49:DF:D0:3A:A1:22
X509v3 Authority Key Identifier:
keyid:40:EF:58:49:93:0C:C9:DD:74:21:1F:B3:7E:24:11:82:49:A1:FC:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QO9YSZMMyd10IR-zfiQRgkmh_EA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/eea21a-c9d3-4c6d-9a52-9b2c6b08a84a/1/2dfgMiMRGunzg4ZBs2dJ39A6oSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/eea21a-c9d3-4c6d-9a52-9b2c6b08a84a/1/QO9YSZMMyd10IR-zfiQRgkmh_EA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.16.0/20
46.20.112.0/20
62.128.128.0/19
Signature Algorithm: sha256WithRSAEncryption
9a:58:67:f8:c5:d1:52:6d:c3:42:aa:92:04:fd:2b:d3:fb:60:
30:a1:3b:e7:38:87:93:c0:fc:9d:f8:f5:41:dc:08:bf:ac:69:
21:82:20:05:a2:a6:1d:4d:68:4a:c8:f5:ef:04:e3:02:c0:99:
2d:5c:10:3c:1d:06:97:aa:d7:78:7e:33:53:2a:aa:77:a7:7d:
58:70:48:df:40:ba:24:b3:c5:b4:f1:eb:39:7a:c4:b4:a6:4f:
f6:eb:b7:f9:c7:50:88:51:5e:ee:c6:1a:b1:ef:fe:b6:5e:58:
5e:bd:56:54:55:82:26:cf:8e:55:b1:49:ab:97:af:20:2d:51:
2f:f1:ef:ac:a8:5b:fd:40:30:a0:96:9a:99:7c:2e:65:e4:55:
01:ac:26:4b:43:8a:78:81:8a:47:b2:d7:1a:ee:92:5a:f4:34:
99:14:73:54:79:66:e7:91:85:e1:16:61:31:6c:e6:6d:33:84:
e2:c0:22:b6:a5:e7:71:b1:6f:e0:ff:c3:fd:c0:c5:75:c0:9e:
31:17:18:26:e3:25:80:9d:0d:af:17:5e:7d:2f:01:bc:20:8c:
3e:37:15:58:82:0f:ed:63:41:27:54:45:d1:8b:d9:26:e1:f3:
93:62:cc:56:ed:07:9c:26:f7:27:fe:de:3e:b1:5b:8f:dd:9c:
83:3f:8e:ae
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1sUczQ8n1lBHUi8msNUbsWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZWY1ODQ5OTMwY2M5ZGQ3NDIxMWZiMzdlMjQxMTgyNDlh
MWZjNDAwHhcNMjQwMjAzMDAxNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWQ3ZTAzMjIzMTExYWU5ZjM4Mzg2NDFiMzY3NDlkZmQwM2FhMTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuj5kYnoAOfb0EI7CMoO1LALb28nO
/X4txQL7lJyQwUJ+4hRYEqkeprICv0lYXOI+b6OfTdkeuG0TfxGav2813t4AbL06
s+4s2U10kUs4RsP8RMBxpDxvHUGz7hL+ERDZC5/kVB4dlBjOl+jzMYRVtjgV0ldl
s567jSO+YIUJ+xAG4XuA+Pcy1BsRKZ5XSjfYpi1SHw26l4YNzSqSyVjj55FG8VFF
2PTY42XaIPMu0MRz/fYtJS9wKmMpWzGteDMYwDiFyd2uK31JxPaUNLf4eWzuyAOJ
m4npjQouIowNXrWchGGEb204HZtAzvjdM/X8WorFlEpcfiqNpYW3kzmc8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNnX4DIjERrp84OGQbNnSd/QOqEiMB8GA1UdIwQY
MBaAFEDvWEmTDMnddCEfs34kEYJJofxAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU85WVNaTU15ZDEwSVItemZpUVJna21oX0VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lZWEyMWEtYzlkMy00YzZkLTlhNTIt
OWIyYzZiMDhhODRhLzEvMmRmZ01pTVJHdW56ZzRaQnMyZEozOUE2b1NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lZWEyMWEtYzlkMy00YzZkLTlhNTItOWIyYzZiMDhhODRh
LzEvUU85WVNaTU15ZDEwSVItemZpUVJna21oX0VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEBSwQAwQE
LhRwAwQFPoCAMA0GCSqGSIb3DQEBCwUAA4IBAQCaWGf4xdFSbcNCqpIE/SvT+2Aw
oTvnOIeTwPyd+PVB3Ai/rGkhgiAFoqYdTWhKyPXvBOMCwJktXBA8HQaXqtd4fjNT
Kqp3p31YcEjfQLoks8W08es5esS0pk/267f5x1CIUV7uxhqx7/62XlhevVZUVYIm
z45VsUmrl68gLVEv8e+sqFv9QDCglpqZfC5l5FUBrCZLQ4p4gYpHstca7pJa9DSZ
FHNUeWbnkYXhFmExbOZtM4TiwCK2pedxsW/g/8P9wMV1wJ4xFxgm4yWAnQ2vF159
LwG8IIw+NxVYgg/tY0EnVEXRi9km4fOTYsxW7QecJvcn/t4+sVuP3ZyDP46u
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:57 2024 by rpki-client on console-fra.rpki-client.org