Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/tduN27oleBrbwd0SvPfwG9Wuxb8.roa
File: tduN27oleBrbwd0SvPfwG9Wuxb8.roa (raw, json)
Hash identifier: O/ZMiwOH57YyCTSdcFpTJr2kY9D0Gxl2M3iDihkENXo=
Subject key identifier: B5:DB:8D:DB:BA:25:78:1A:DB:C1:DD:12:BC:F7:F0:1B:D5:AE:C5:BF
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 01902FD82BBB8FB4470FA09D5F5112C1896E
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/tduN27oleBrbwd0SvPfwG9Wuxb8.roa
Signing time: Wed 19 Jun 2024 09:33:34 +0000
ROA not before: Wed 19 Jun 2024 09:33:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197343
IP address blocks: 5.56.128.0/22 maxlen: 22
5.57.34.0/24 maxlen: 24
5.57.35.0/24 maxlen: 24
5.57.36.0/24 maxlen: 24
37.32.40.0/22 maxlen: 24
37.32.41.0/24 maxlen: 24
37.32.42.0/24 maxlen: 24
185.212.48.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 05:53:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2f:d8:2b:bb:8f:b4:47:0f:a0:9d:5f:51:12:c1:89:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Jun 19 09:33:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5db8ddbba25781adbc1dd12bcf7f01bd5aec5bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:cc:65:49:a8:cf:62:df:89:ca:d4:84:f1:bc:
a4:35:e9:6f:39:dd:b0:af:60:45:cd:c0:8b:8c:24:
c4:eb:63:60:ca:59:60:9a:3c:9e:77:cb:95:6f:8f:
8f:28:73:58:24:aa:8e:df:f7:71:74:fd:f1:bd:6d:
1b:44:89:8d:6f:27:4a:e2:e7:3f:fa:1d:db:d7:5f:
3f:90:df:3d:76:15:98:85:3f:af:4e:49:46:96:5d:
d5:6e:ae:d9:9f:9b:bb:bf:4a:00:0e:99:31:40:ed:
ff:38:e9:8f:f1:d3:0e:86:f1:08:77:4f:68:1a:14:
6d:59:b1:b1:d2:b1:e0:24:f4:45:39:5f:88:1e:55:
44:e1:40:a5:da:11:0c:21:f6:a9:83:ae:c8:a5:93:
78:56:5b:65:46:49:15:69:d1:08:8a:fb:7f:77:66:
7d:55:d7:fd:07:8d:23:44:7e:ee:b0:4f:05:a9:20:
20:ae:43:a5:2d:fa:bf:2e:63:bc:94:35:a0:12:ef:
13:f9:45:8a:ad:81:c8:99:5d:bb:a7:36:9e:8e:aa:
7e:30:67:af:0e:a1:81:81:f8:df:04:78:0a:e9:15:
ac:b1:b9:82:2b:b1:2f:9c:4c:5e:c3:d5:e8:7c:e3:
c6:94:9c:10:e7:51:76:f9:71:00:5a:9d:0a:16:6e:
e9:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:DB:8D:DB:BA:25:78:1A:DB:C1:DD:12:BC:F7:F0:1B:D5:AE:C5:BF
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/tduN27oleBrbwd0SvPfwG9Wuxb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.128.0/22
5.57.34.0-5.57.36.255
37.32.40.0/22
185.212.48.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:7a:c0:1b:69:68:27:2c:95:d0:5a:65:55:23:22:c3:01:da:
cd:4a:ff:bd:f1:54:d4:45:f4:b2:50:c8:57:fc:de:a5:6a:72:
2b:9b:e0:62:74:67:a6:c6:1c:f6:11:16:da:f3:eb:89:e0:e1:
33:9c:9d:d6:d8:51:bc:c7:a9:8f:5f:99:f9:f1:61:3c:cc:60:
a2:60:95:ac:72:d9:3a:43:ad:db:63:37:1e:ae:c8:3a:c8:84:
63:8b:4f:57:82:3d:ef:fd:bb:33:30:73:63:fa:85:fe:88:d8:
af:b6:11:58:11:4f:69:cb:11:a4:71:5e:c1:43:99:93:ec:3b:
ca:1d:84:8f:6e:c6:cf:e5:54:28:bd:03:0e:53:2d:41:51:7e:
58:69:65:5a:fa:05:a6:cd:0d:6d:86:f3:40:96:61:87:82:6b:
19:35:e5:65:37:e5:cd:b7:a2:d5:7c:da:0b:d0:b1:8d:8d:0e:
1d:46:d7:3a:95:ef:93:1a:2c:34:a6:a4:ad:e7:2e:11:f3:de:
ab:0b:b5:d1:a3:b3:c4:a8:76:63:02:e8:5c:a1:e0:19:62:74:
94:8c:8e:9d:32:42:0d:55:22:6b:ab:37:4a:7b:b5:57:e2:63:
c4:5d:2c:b7:da:ed:76:0a:86:fd:06:b0:9f:7c:40:41:38:9b:
66:51:51:0b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZAv2Cu7j7RHD6CdX1ESwYluMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjQwNjE5MDkzMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWRiOGRkYmJhMjU3ODFhZGJjMWRkMTJiY2Y3ZjAxYmQ1YWVjNWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusxlSajPYt+JytSE8bykNelvOd2w
r2BFzcCLjCTE62Ngyllgmjyed8uVb4+PKHNYJKqO3/dxdP3xvW0bRImNbydK4uc/
+h3b118/kN89dhWYhT+vTklGll3Vbq7Zn5u7v0oADpkxQO3/OOmP8dMOhvEId09o
GhRtWbGx0rHgJPRFOV+IHlVE4UCl2hEMIfapg67IpZN4VltlRkkVadEIivt/d2Z9
Vdf9B40jRH7usE8FqSAgrkOlLfq/LmO8lDWgEu8T+UWKrYHImV27pzaejqp+MGev
DqGBgfjfBHgK6RWssbmCK7EvnExew9XofOPGlJwQ51F2+XEAWp0KFm7pVQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLXbjdu6JXga28HdErz38BvVrsW/MB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvdGR1TjI3b2xlQnJid2QwU3ZQZndHOVd1eGI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCBTiAMAwD
BAEFOSIDBAAFOSQDBAIlICgDBAC51DAwDQYJKoZIhvcNAQELBQADggEBAJp6wBtp
aCcsldBaZVUjIsMB2s1K/73xVNRF9LJQyFf83qVqciub4GJ0Z6bGHPYRFtrz64ng
4TOcndbYUbzHqY9fmfnxYTzMYKJglaxy2TpDrdtjNx6uyDrIhGOLT1eCPe/9uzMw
c2P6hf6I2K+2EVgRT2nLEaRxXsFDmZPsO8odhI9uxs/lVCi9Aw5TLUFRflhpZVr6
BabNDW2G80CWYYeCaxk15WU35c23otV82gvQsY2NDh1G1zqV75MaLDSmpK3nLhHz
3qsLtdGjs8SodmMC6Fyh4BlidJSMjp0yQg1VImurN0p7tVfiY8RdLLfa7XYKhv0G
sJ98QEE4m2ZRUQs=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:19 2025 by rpki-client