Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/5KZflC7JR8j62vflaYvCSIfsOFA.roa
File: 5KZflC7JR8j62vflaYvCSIfsOFA.roa (raw, json)
Hash identifier: 4f2/jvg9XNhYHYVFWXn0GEWRpyfdieVVZqdu6/LCF9g=
Subject key identifier: E4:A6:5F:94:2E:C9:47:C8:FA:DA:F7:E5:69:8B:C2:48:87:EC:38:50
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 018CC9BBD55210734B17E7EE99C61EDFCE46
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/5KZflC7JR8j62vflaYvCSIfsOFA.roa
Signing time: Tue 02 Jan 2024 10:32:59 +0000
ROA not before: Tue 02 Jan 2024 10:32:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205285
IP address blocks: 31.46.29.0/24 maxlen: 24
78.92.232.0/23 maxlen: 23
84.2.63.0/24 maxlen: 24
84.1.114.0/24 maxlen: 24
84.1.116.0/24 maxlen: 24
84.1.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:d5:52:10:73:4b:17:e7:ee:99:c6:1e:df:ce:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 2 10:32:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4a65f942ec947c8fadaf7e5698bc24887ec3850
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:cc:ad:14:1a:6f:72:e2:85:3b:62:3f:99:0d:
95:e4:f3:b3:da:98:ce:65:31:34:23:ba:2f:85:6f:
09:d5:23:66:57:b5:fa:2e:95:7f:11:d6:76:d3:db:
3f:28:d1:0d:de:ef:cc:bb:40:07:4b:78:7d:30:40:
33:bd:b6:d5:4a:6f:a9:c3:4c:d8:cc:7c:0e:5f:d7:
98:e7:c5:39:10:06:b4:19:cf:76:f4:77:c6:6f:b3:
1d:d1:00:f7:72:20:0b:65:d0:0d:08:13:66:33:cb:
2d:df:6c:7a:79:ab:0b:e3:8d:b5:d4:2a:4f:9c:c6:
31:da:aa:45:87:e0:b0:82:f0:82:2d:ae:ca:4b:2d:
e3:2c:b3:1e:60:70:f8:73:b3:a6:b5:e3:10:77:28:
7a:61:a6:95:b7:a3:14:7e:10:7f:bf:b9:19:70:10:
8c:f2:42:83:4f:b9:ce:fd:da:57:df:ef:9d:75:4a:
12:af:38:d8:91:8c:1b:83:a8:20:eb:81:a7:83:d9:
b8:36:ab:47:55:f7:f7:97:50:d1:bf:16:30:53:0e:
88:ad:25:61:09:cc:c3:d8:0b:a1:a1:1a:19:27:74:
9a:fa:7d:6c:e3:34:4d:6a:a7:1c:2e:68:ea:d0:44:
8b:19:2d:5e:39:48:48:f6:4d:d6:8d:ee:35:1a:02:
96:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:A6:5F:94:2E:C9:47:C8:FA:DA:F7:E5:69:8B:C2:48:87:EC:38:50
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/5KZflC7JR8j62vflaYvCSIfsOFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.46.29.0/24
78.92.232.0/23
84.1.114.0-84.1.116.255
84.2.63.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:71:e7:d4:d0:2e:68:88:f4:4c:43:e1:01:df:40:41:ad:5f:
a7:be:42:a3:85:8d:93:e4:e8:0f:40:c9:ec:91:3e:a3:03:1f:
6a:ff:6e:e6:3c:eb:ba:3a:de:3a:d0:f0:b1:92:a5:cb:60:18:
60:69:3b:d9:d1:64:92:45:e1:8c:6f:74:49:58:5f:00:cb:7b:
a4:82:4e:1b:8d:5e:c4:f2:ee:fc:26:23:be:6e:0a:42:26:08:
b9:d7:3d:62:bd:6b:34:30:96:53:ad:ec:b3:4b:55:d3:97:65:
5e:bd:23:6d:9b:e2:98:24:c0:22:0c:06:50:84:ed:da:a2:09:
25:e6:57:00:f3:aa:73:a9:23:a6:e9:8f:ed:27:ec:f0:b4:d4:
be:a9:19:14:a9:cb:18:fb:c6:c2:1c:65:1a:31:c8:6f:9c:07:
23:53:ec:07:b4:87:9c:08:36:96:dd:e1:70:dd:c8:a2:af:39:
f2:8c:29:f0:4d:47:d5:d4:03:91:f3:b9:90:47:75:f3:74:dc:
aa:be:9b:41:96:44:0c:b4:8c:b9:a0:c2:4e:ab:df:84:fc:96:
cd:f6:90:41:23:78:c1:32:6e:7e:18:84:67:73:07:52:01:d0:
9b:2e:b1:a1:45:67:81:11:07:90:dd:44:46:91:0a:2e:60:2b:
84:be:67:00
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzJu9VSEHNLF+fumcYe385GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjQwMTAyMTAzMjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGE2NWY5NDJlYzk0N2M4ZmFkYWY3ZTU2OThiYzI0ODg3ZWMzODUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsytFBpvcuKFO2I/mQ2V5POz2pjO
ZTE0I7ovhW8J1SNmV7X6LpV/EdZ209s/KNEN3u/Mu0AHS3h9MEAzvbbVSm+pw0zY
zHwOX9eY58U5EAa0Gc929HfGb7Md0QD3ciALZdANCBNmM8st32x6easL44211CpP
nMYx2qpFh+CwgvCCLa7KSy3jLLMeYHD4c7OmteMQdyh6YaaVt6MUfhB/v7kZcBCM
8kKDT7nO/dpX3++ddUoSrzjYkYwbg6gg64Gng9m4NqtHVff3l1DRvxYwUw6IrSVh
CczD2AuhoRoZJ3Sa+n1s4zRNaqccLmjq0ESLGS1eOUhI9k3Wje41GgKWoQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOSmX5QuyUfI+tr35WmLwkiH7DhQMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvNUtaZmxDN0pSOGo2MnZmbGFZdkNTSWZzT0ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAHy4dAwQB
TlzoMAwDBAFUAXIDBABUAXQDBABUAj8wDQYJKoZIhvcNAQELBQADggEBAD5x59TQ
LmiI9ExD4QHfQEGtX6e+QqOFjZPk6A9AyeyRPqMDH2r/buY867o63jrQ8LGSpctg
GGBpO9nRZJJF4YxvdElYXwDLe6SCThuNXsTy7vwmI75uCkImCLnXPWK9azQwllOt
7LNLVdOXZV69I22b4pgkwCIMBlCE7dqiCSXmVwDzqnOpI6bpj+0n7PC01L6pGRSp
yxj7xsIcZRoxyG+cByNT7Ae0h5wINpbd4XDdyKKvOfKMKfBNR9XUA5HzuZBHdfN0
3Kq+m0GWRAy0jLmgwk6r34T8ls32kEEjeMEybn4YhGdzB1IB0JsusaFFZ4ERB5Dd
REaRCi5gK4S+ZwA=
-----END CERTIFICATE-----
Generated at Tue Apr 15 04:37:06 2025 by rpki-client