Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/2jJsHDprUzLRJuNdjfRH19fWicI.roa
File: 2jJsHDprUzLRJuNdjfRH19fWicI.roa (raw, json)
Hash identifier: GTcJF0ugmPJBYW5Leu+w4wTaP+suyRUy118kEj9/LZ8=
Subject key identifier: DA:32:6C:1C:3A:6B:53:32:D1:26:E3:5D:8D:F4:47:D7:D7:D6:89:C2
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 01918D3F037483E8242D4B8177B5410B134F
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/2jJsHDprUzLRJuNdjfRH19fWicI.roa
Signing time: Mon 26 Aug 2024 05:53:22 +0000
ROA not before: Mon 26 Aug 2024 05:53:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197343
IP address blocks: 5.56.128.0/22 maxlen: 22
5.57.34.0/24 maxlen: 24
5.57.35.0/24 maxlen: 24
5.57.36.0/24 maxlen: 24
37.32.40.0/22 maxlen: 24
37.32.42.0/24 maxlen: 24
185.212.48.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Dec 2024 06:31:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8d:3f:03:74:83:e8:24:2d:4b:81:77:b5:41:0b:13:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Aug 26 05:53:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da326c1c3a6b5332d126e35d8df447d7d7d689c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:bf:ce:00:f7:17:d1:db:bd:60:78:82:f5:77:
97:01:1a:ad:4c:22:c0:e8:44:c1:23:19:dc:cc:e5:
9d:3e:3b:1a:74:ce:4b:9a:4b:44:ad:a7:d6:04:9c:
70:fc:6a:38:ee:cf:36:24:33:48:d8:d1:12:d9:5b:
97:dd:a3:75:7f:bb:eb:b0:18:be:a2:1c:cd:73:aa:
5b:f3:f8:d6:47:bb:13:a7:d1:1e:83:2a:8e:4b:57:
03:0c:7d:9f:80:8b:56:13:70:9d:2c:14:43:c2:d1:
f5:da:b2:06:a4:d7:33:99:c7:32:d2:f6:5d:29:65:
26:d8:27:20:54:98:44:41:87:ec:9f:3c:ce:68:8c:
fb:cb:f3:10:72:b7:11:75:1a:5f:1b:24:de:bb:0d:
1e:be:7c:e7:36:b7:24:d1:3e:d8:b0:8a:aa:09:99:
f8:f5:1b:d2:60:bd:cc:9a:5a:2f:81:40:0c:2d:fe:
86:7a:b7:ac:6c:5c:01:db:93:97:e0:6c:19:94:78:
a8:a4:8e:6a:f4:34:de:36:0d:0b:d0:d1:01:00:41:
0c:67:9b:90:e3:8d:cc:87:0a:33:25:8e:90:03:bc:
b9:d0:80:6e:eb:56:df:b0:a2:e5:87:cc:5b:0b:c6:
16:92:b7:46:f9:c8:6f:e9:af:f9:a5:14:9b:fd:3f:
2f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:32:6C:1C:3A:6B:53:32:D1:26:E3:5D:8D:F4:47:D7:D7:D6:89:C2
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/2jJsHDprUzLRJuNdjfRH19fWicI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.128.0/22
5.57.34.0-5.57.36.255
37.32.40.0/22
185.212.48.0/24
Signature Algorithm: sha256WithRSAEncryption
56:8a:6b:a5:e2:31:71:71:08:b9:06:3d:3d:f0:b9:b0:f9:56:
0a:ec:47:98:c0:80:c8:8c:2f:9f:9e:3f:54:24:a2:9c:4f:3c:
01:38:61:91:8e:94:e3:94:00:6e:b3:72:f3:35:d1:08:2d:04:
8e:64:5d:dc:bb:74:70:c0:e1:d8:4f:a6:4b:39:db:7f:f1:9f:
d2:66:be:50:d6:21:dd:79:13:74:a6:1e:de:a6:c5:ad:b5:de:
fe:36:52:0d:7c:2b:81:f3:6e:3c:64:3f:ff:34:da:2c:69:db:
14:55:74:ca:01:84:09:ce:47:8f:d2:68:fd:00:fe:82:9c:76:
db:86:59:a3:b8:a6:71:96:8a:ef:89:f3:c1:f5:a9:da:83:9f:
0b:4e:b1:c8:76:ad:1b:50:1f:5e:b8:3f:ff:82:13:99:86:f7:
be:a8:12:54:e6:f4:16:e4:77:ab:20:e8:df:8c:0c:00:47:e4:
e4:53:7d:4d:0d:1e:0b:18:75:8a:8a:98:2f:0b:c9:56:67:01:
11:2f:fb:57:62:0e:12:ea:78:d6:d9:19:54:28:af:c8:74:55:
9c:5d:ee:97:34:0e:48:ad:aa:67:18:6d:29:0a:e9:ad:da:25:
51:96:c1:42:94:10:47:c4:7d:e6:1d:b1:c7:ea:6d:31:43:a6:
42:dd:d4:ed
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZGNPwN0g+gkLUuBd7VBCxNPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjQwODI2MDU1MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTMyNmMxYzNhNmI1MzMyZDEyNmUzNWQ4ZGY0NDdkN2Q3ZDY4OWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7/OAPcX0du9YHiC9XeXARqtTCLA
6ETBIxnczOWdPjsadM5LmktErafWBJxw/Go47s82JDNI2NES2VuX3aN1f7vrsBi+
ohzNc6pb8/jWR7sTp9EegyqOS1cDDH2fgItWE3CdLBRDwtH12rIGpNczmccy0vZd
KWUm2CcgVJhEQYfsnzzOaIz7y/MQcrcRdRpfGyTeuw0evnznNrck0T7YsIqqCZn4
9RvSYL3MmlovgUAMLf6GeresbFwB25OX4GwZlHiopI5q9DTeNg0L0NEBAEEMZ5uQ
443MhwozJY6QA7y50IBu61bfsKLlh8xbC8YWkrdG+chv6a/5pRSb/T8vdwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNoybBw6a1My0SbjXY30R9fX1onCMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvMmpKc0hEcHJVekxSSnVOZGpmUkgxOWZXaWNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCBTiAMAwD
BAEFOSIDBAAFOSQDBAIlICgDBAC51DAwDQYJKoZIhvcNAQELBQADggEBAFaKa6Xi
MXFxCLkGPT3wubD5VgrsR5jAgMiML5+eP1QkopxPPAE4YZGOlOOUAG6zcvM10Qgt
BI5kXdy7dHDA4dhPpks523/xn9JmvlDWId15E3SmHt6mxa213v42Ug18K4Hzbjxk
P/802ixp2xRVdMoBhAnOR4/SaP0A/oKcdtuGWaO4pnGWiu+J88H1qdqDnwtOsch2
rRtQH164P/+CE5mG976oElTm9Bbkd6sg6N+MDABH5ORTfU0NHgsYdYqKmC8LyVZn
AREv+1diDhLqeNbZGVQor8h0VZxd7pc0DkitqmcYbSkK6a3aJVGWwUKUEEfEfeYd
scfqbTFDpkLd1O0=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:09:01 2025 by rpki-client