Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/tHilzKj-eGfIeREBVvgyAfH3yeo.roa
File: tHilzKj-eGfIeREBVvgyAfH3yeo.roa (raw, json)
Hash identifier: DDTHqUXBjOH2b6s2qjxtBxfY+TyKQnHL6TAVsy3DvjE=
Subject key identifier: B4:78:A5:CC:A8:FE:78:67:C8:79:11:01:56:F8:32:01:F1:F7:C9:EA
Certificate issuer: /CN=1e4a2020b82d0294e90a2d6b2c0f28d1173b6465
Certificate serial: 018CC5DCA3DB38BCF312632FD38DD844FCD3
Authority key identifier: 1E:4A:20:20:B8:2D:02:94:E9:0A:2D:6B:2C:0F:28:D1:17:3B:64:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HkogILgtApTpCi1rLA8o0Rc7ZGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/tHilzKj-eGfIeREBVvgyAfH3yeo.roa
Signing time: Mon 01 Jan 2024 16:30:20 +0000
ROA not before: Mon 01 Jan 2024 16:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44453
IP address blocks: 5.132.137.0/24 maxlen: 32
185.2.156.0/22 maxlen: 22
5.198.144.0/20 maxlen: 20
128.204.128.0/19 maxlen: 24
128.204.135.0/24 maxlen: 24
5.132.162.0/24 maxlen: 32
5.132.161.0/24 maxlen: 32
5.132.163.0/24 maxlen: 24
5.132.162.0/23 maxlen: 23
5.132.189.0/24 maxlen: 24
5.132.190.0/24 maxlen: 32
2a03:3180::/32 maxlen: 32
2a03:3180::/36 maxlen: 36
2a03:3180:4000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:a3:db:38:bc:f3:12:63:2f:d3:8d:d8:44:fc:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e4a2020b82d0294e90a2d6b2c0f28d1173b6465
Validity
Not Before: Jan 1 16:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b478a5cca8fe7867c879110156f83201f1f7c9ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:22:12:00:6a:c2:24:75:37:c0:74:9e:88:1b:
f5:96:4f:91:b6:2f:b3:5e:da:12:06:c8:bd:cf:f2:
3d:cb:4d:ce:a5:49:bd:62:19:fa:b5:28:f8:cb:06:
8e:35:e8:e9:50:59:c5:d2:82:c4:61:5e:9e:60:82:
a5:0f:e1:a0:a4:6a:55:05:ac:15:67:88:97:e0:05:
92:7a:40:aa:8a:20:21:64:aa:65:74:71:3f:a7:ed:
c6:25:b8:5e:9c:0c:62:4f:6c:73:8c:96:2f:77:da:
dc:58:91:18:af:bc:0d:aa:9d:ef:9e:63:6f:6d:c5:
1d:71:6d:9b:40:e4:a2:b2:92:36:0a:e7:2d:45:34:
da:ae:5d:9d:9f:73:9f:45:9f:1c:72:48:30:fa:f4:
1e:89:6e:32:8b:d4:e8:e7:44:a6:2c:6e:cb:f3:3b:
35:8c:7b:cc:51:1e:74:57:da:26:73:37:8f:63:e8:
8b:ab:c8:24:6e:68:c9:13:5f:6e:16:46:5b:20:6b:
a4:74:23:7e:48:54:dc:9b:1f:c4:12:49:24:b4:f7:
e2:ce:8d:0a:04:a3:ed:9c:72:16:30:cf:b5:4e:44:
20:39:8a:a3:91:40:12:bb:24:7a:44:31:0a:f1:9c:
d5:7b:a6:92:92:ce:59:59:65:f1:0f:2a:16:bf:65:
9a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:78:A5:CC:A8:FE:78:67:C8:79:11:01:56:F8:32:01:F1:F7:C9:EA
X509v3 Authority Key Identifier:
keyid:1E:4A:20:20:B8:2D:02:94:E9:0A:2D:6B:2C:0F:28:D1:17:3B:64:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HkogILgtApTpCi1rLA8o0Rc7ZGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/tHilzKj-eGfIeREBVvgyAfH3yeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/HkogILgtApTpCi1rLA8o0Rc7ZGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.132.137.0/24
5.132.161.0-5.132.163.255
5.132.189.0-5.132.190.255
5.198.144.0/20
128.204.128.0/19
185.2.156.0/22
IPv6:
2a03:3180::/32
Signature Algorithm: sha256WithRSAEncryption
6d:5c:6d:5e:91:1f:65:ad:ce:13:1b:6c:8d:90:4f:31:20:2c:
f9:a3:0e:30:1b:5c:28:ba:fe:29:46:8b:bc:c9:34:0a:2b:f7:
90:8d:48:16:96:08:ac:68:75:34:d6:ff:e7:a9:c1:bf:94:5f:
29:fc:2f:84:58:02:a0:09:e6:85:72:40:90:35:2c:ca:4f:cb:
b1:5a:47:86:97:d3:97:36:54:7d:6d:81:a9:69:f5:74:da:e0:
11:c7:a8:e9:2c:a6:cd:64:a0:85:f6:18:1c:47:6b:66:10:34:
21:96:b7:2b:5d:20:3c:27:fc:00:90:79:2f:c5:48:e0:86:9a:
9b:0c:4b:27:64:1c:19:62:cf:c5:86:0f:a7:97:3d:c5:9b:f6:
18:f1:30:52:5e:c2:ef:2e:e6:3e:2f:e1:d9:57:6e:bd:64:3e:
3f:9d:59:24:30:d4:03:13:79:1e:aa:ef:c9:5a:ee:ff:86:dc:
4d:c5:27:a2:76:c5:c5:e2:9b:9f:e8:a6:b0:1a:e5:ea:78:99:
00:61:cc:38:95:19:d6:33:03:73:21:92:45:7d:df:9d:e1:eb:
39:cb:68:d0:6b:31:a6:3f:f3:97:d4:7a:ac:91:fe:3f:22:f3:
ae:66:72:e2:70:91:d3:6e:fa:74:b1:45:8c:ba:6b:b9:23:1e:
57:a9:a4:90
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYzF3KPbOLzzEmMv043YRPzTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNGEyMDIwYjgyZDAyOTRlOTBhMmQ2YjJjMGYyOGQxMTcz
YjY0NjUwHhcNMjQwMTAxMTYzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDc4YTVjY2E4ZmU3ODY3Yzg3OTExMDE1NmY4MzIwMWYxZjdjOWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCISAGrCJHU3wHSeiBv1lk+Rti+z
XtoSBsi9z/I9y03OpUm9Yhn6tSj4ywaONejpUFnF0oLEYV6eYIKlD+GgpGpVBawV
Z4iX4AWSekCqiiAhZKpldHE/p+3GJbhenAxiT2xzjJYvd9rcWJEYr7wNqp3vnmNv
bcUdcW2bQOSispI2CuctRTTarl2dn3OfRZ8cckgw+vQeiW4yi9To50SmLG7L8zs1
jHvMUR50V9omczePY+iLq8gkbmjJE19uFkZbIGukdCN+SFTcmx/EEkkktPfizo0K
BKPtnHIWMM+1TkQgOYqjkUASuyR6RDEK8ZzVe6aSks5ZWWXxDyoWv2WaywIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFLR4pcyo/nhnyHkRAVb4MgHx98nqMB8GA1UdIwQY
MBaAFB5KICC4LQKU6QotaywPKNEXO2RlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGtvZ0lMZ3RBcFRwQ2kxckxBOG8wUmM3WkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy80YzQ4YmItMzY2Yy00MWY1LTliMmQt
NTMwNDQwYzRmYTI5LzEvdEhpbHpLai1lR2ZJZVJFQlZ2Z3lBZkgzeWVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy80YzQ4YmItMzY2Yy00MWY1LTliMmQtNTMwNDQwYzRmYTI5
LzEvSGtvZ0lMZ3RBcFRwQ2kxckxBOG8wUmM3WkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzA6BAIAATA0AwQABYSJMAwD
BAAFhKEDBAIFhKAwDAMEAAWEvQMEAAWEvgMEBAXGkAMEBYDMgAMEArkCnDANBAIA
AjAHAwUAKgMxgDANBgkqhkiG9w0BAQsFAAOCAQEAbVxtXpEfZa3OExtsjZBPMSAs
+aMOMBtcKLr+KUaLvMk0Civ3kI1IFpYIrGh1NNb/56nBv5RfKfwvhFgCoAnmhXJA
kDUsyk/LsVpHhpfTlzZUfW2BqWn1dNrgEceo6SymzWSghfYYHEdrZhA0IZa3K10g
PCf8AJB5L8VI4IaamwxLJ2QcGWLPxYYPp5c9xZv2GPEwUl7C7y7mPi/h2VduvWQ+
P51ZJDDUAxN5HqrvyVru/4bcTcUnonbFxeKbn+imsBrl6niZAGHMOJUZ1jMDcyGS
RX3fneHrOcto0Gsxpj/zl9R6rJH+PyLzrmZy4nCR0276dLFFjLpruSMeV6mkkA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:16:02 2025 by rpki-client