Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/auyShDJnG5W2r_m7bV5dt8WOhEc.roa
File: auyShDJnG5W2r_m7bV5dt8WOhEc.roa (raw, json)
Hash identifier: MXqpF5/yHryT+Pgs9BSx7xEpxY5Rs5yBE4gmAiKc1Sc=
Subject key identifier: 6A:EC:92:84:32:67:1B:95:B6:AF:F9:BB:6D:5E:5D:B7:C5:8E:84:47
Certificate issuer: /CN=5a756994bb292e49ecc6337b7f95d69ee2af61e1
Certificate serial: 018CC2DB59E6D62FDE17CD8752A1E5B41129
Authority key identifier: 5A:75:69:94:BB:29:2E:49:EC:C6:33:7B:7F:95:D6:9E:E2:AF:61:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WnVplLspLknsxjN7f5XWnuKvYeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/auyShDJnG5W2r_m7bV5dt8WOhEc.roa
Signing time: Mon 01 Jan 2024 02:30:04 +0000
ROA not before: Mon 01 Jan 2024 02:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12360
IP address blocks: 217.17.16.0/20 maxlen: 24
192.54.68.0/22 maxlen: 24
192.54.67.0/24 maxlen: 24
93.119.240.0/20 maxlen: 24
82.115.96.0/19 maxlen: 24
212.7.160.0/19 maxlen: 24
185.39.108.0/22 maxlen: 24
79.171.176.0/21 maxlen: 24
178.248.216.0/21 maxlen: 24
5.57.192.0/21 maxlen: 24
77.236.104.0/21 maxlen: 24
185.5.168.0/22 maxlen: 24
2a01:5580::/32 maxlen: 48
2a02:1628::/32 maxlen: 56
Validation: Failed, certificate revoked on Fri 16 Feb 2024 10:53:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:59:e6:d6:2f:de:17:cd:87:52:a1:e5:b4:11:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a756994bb292e49ecc6337b7f95d69ee2af61e1
Validity
Not Before: Jan 1 02:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6aec928432671b95b6aff9bb6d5e5db7c58e8447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b5:19:b8:b1:54:75:6d:a1:f3:f0:43:9b:88:
62:92:c5:c2:15:a4:c7:c2:8b:55:64:43:07:e4:f9:
41:23:4f:61:bc:96:85:e1:92:bb:6c:be:b3:b0:36:
f7:a5:6f:47:c3:6a:5b:a9:2a:d0:49:b3:92:74:9a:
cb:20:37:2c:db:82:9a:81:93:09:06:e2:e5:c7:2b:
c6:98:6a:39:70:6c:e8:19:1e:7a:ba:dd:76:a0:47:
c7:43:b0:7e:5e:63:f7:57:0b:18:5c:2c:aa:54:b4:
be:a5:92:b0:f1:31:a9:a7:21:fb:81:14:cf:71:4d:
e6:ed:26:08:67:19:f6:db:a0:9e:b9:56:70:ec:77:
fc:93:cd:16:e7:93:1b:ae:9b:82:51:a4:4b:03:74:
a9:4e:20:1b:55:eb:c9:b5:cc:ed:79:07:f4:1b:06:
ab:d4:59:c0:0c:f3:0c:40:19:4b:f1:19:b4:82:ae:
96:04:73:12:84:23:6a:dc:9d:f2:43:ea:47:2d:2c:
8a:fc:b3:f5:98:52:a8:56:0a:28:e9:c9:4f:fe:82:
f5:90:bb:42:7f:5e:e8:b5:be:66:1a:d9:34:50:a4:
e0:35:77:6f:81:85:9c:70:1f:d6:f6:e1:93:4f:1d:
c5:a4:f9:ed:0c:f1:4c:f5:67:f1:23:77:65:fd:2a:
36:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:EC:92:84:32:67:1B:95:B6:AF:F9:BB:6D:5E:5D:B7:C5:8E:84:47
X509v3 Authority Key Identifier:
keyid:5A:75:69:94:BB:29:2E:49:EC:C6:33:7B:7F:95:D6:9E:E2:AF:61:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnVplLspLknsxjN7f5XWnuKvYeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/auyShDJnG5W2r_m7bV5dt8WOhEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/WnVplLspLknsxjN7f5XWnuKvYeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.192.0/21
77.236.104.0/21
79.171.176.0/21
82.115.96.0/19
93.119.240.0/20
178.248.216.0/21
185.5.168.0/22
185.39.108.0/22
192.54.67.0-192.54.71.255
212.7.160.0/19
217.17.16.0/20
IPv6:
2a01:5580::/32
2a02:1628::/32
Signature Algorithm: sha256WithRSAEncryption
a9:49:79:f7:30:3f:25:1a:b8:5b:e3:34:89:90:18:54:b9:1f:
01:5b:6e:42:ff:62:c3:22:11:87:43:87:3b:00:58:05:98:70:
54:f1:51:ec:c8:94:e3:a6:79:75:99:6c:ad:30:e8:f9:1a:d7:
c3:69:25:16:64:55:63:85:ce:78:04:f8:c6:89:74:4d:f9:04:
47:e0:74:3e:de:dc:28:3e:c4:46:98:93:c3:e1:8c:49:d4:da:
91:32:3a:30:e9:d2:c1:a4:13:9b:06:5f:96:be:6e:bc:eb:e3:
67:1a:9a:8d:68:be:1a:00:2d:67:bb:4c:f2:29:30:b2:98:08:
11:09:96:1d:c8:18:f6:cc:74:5f:4b:1a:ac:b6:f2:3b:42:31:
9f:37:80:e6:61:b3:6c:36:40:6b:8a:1e:d9:9c:c1:94:a2:e6:
99:92:62:be:27:f4:9d:5d:da:3f:05:10:d0:68:a8:2e:6c:e6:
f8:8b:e9:c3:5c:9d:88:92:46:5e:75:35:fe:0d:b2:93:cc:77:
e0:a8:cb:06:b0:3b:d2:55:a9:a3:4e:ec:16:5f:d0:61:27:18:
b2:88:15:f3:16:e8:b5:2b:81:d8:52:a9:32:5e:a6:c7:a3:f6:
78:d1:b9:fc:06:e9:47:e3:41:41:c9:5b:ba:68:ad:8b:dc:55:
56:f7:40:71
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYzC21nm1i/eF82HUqHltBEpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNzU2OTk0YmIyOTJlNDllY2M2MzM3YjdmOTVkNjllZTJh
ZjYxZTEwHhcNMjQwMTAxMDIzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWVjOTI4NDMyNjcxYjk1YjZhZmY5YmI2ZDVlNWRiN2M1OGU4NDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7UZuLFUdW2h8/BDm4hiksXCFaTH
wotVZEMH5PlBI09hvJaF4ZK7bL6zsDb3pW9Hw2pbqSrQSbOSdJrLIDcs24KagZMJ
BuLlxyvGmGo5cGzoGR56ut12oEfHQ7B+XmP3VwsYXCyqVLS+pZKw8TGppyH7gRTP
cU3m7SYIZxn226CeuVZw7Hf8k80W55MbrpuCUaRLA3SpTiAbVevJtczteQf0Gwar
1FnADPMMQBlL8Rm0gq6WBHMShCNq3J3yQ+pHLSyK/LP1mFKoVgoo6clP/oL1kLtC
f17otb5mGtk0UKTgNXdvgYWccB/W9uGTTx3FpPntDPFM9WfxI3dl/So2RwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFGrskoQyZxuVtq/5u21eXbfFjoRHMB8GA1UdIwQY
MBaAFFp1aZS7KS5J7MYze3+V1p7ir2HhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV25WcGxMc3BMa25zeGpON2Y1WFdudUt2WWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi84M2IwN2YtMWQyMi00YWUwLWEyZGUt
NGUwYWE0MmExNWE4LzEvYXV5U2hESm5HNVcycl9tN2JWNWR0OFdPaEVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi84M2IwN2YtMWQyMi00YWUwLWEyZGUtNGUwYWE0MmExNWE4
LzEvV25WcGxMc3BMa25zeGpON2Y1WFdudUt2WWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBQBAIAATBKAwQDBTnAAwQD
TexoAwQDT6uwAwQFUnNgAwQEXXfwAwQDsvjYAwQCuQWoAwQCuSdsMAwDBADANkMD
BAPANkADBAXUB6ADBATZERAwFAQCAAIwDgMFACoBVYADBQAqAhYoMA0GCSqGSIb3
DQEBCwUAA4IBAQCpSXn3MD8lGrhb4zSJkBhUuR8BW25C/2LDIhGHQ4c7AFgFmHBU
8VHsyJTjpnl1mWytMOj5GtfDaSUWZFVjhc54BPjGiXRN+QRH4HQ+3twoPsRGmJPD
4YxJ1NqRMjow6dLBpBObBl+Wvm686+NnGpqNaL4aAC1nu0zyKTCymAgRCZYdyBj2
zHRfSxqstvI7QjGfN4DmYbNsNkBrih7ZnMGUouaZkmK+J/SdXdo/BRDQaKgubOb4
i+nDXJ2IkkZedTX+DbKTzHfgqMsGsDvSVamjTuwWX9BhJxiyiBXzFui1K4HYUqky
XqbHo/Z40bn8BulH40FByVu6aK2L3FVW90Bx
-----END CERTIFICATE-----
Generated at Fri Feb 16 14:45:41 2024 by rpki-client on console-fra.rpki-client.org