Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/B-b5dEAAMz0icybjTRoYDaJWIlM.roa
File: B-b5dEAAMz0icybjTRoYDaJWIlM.roa (raw, json)
Hash identifier: XtacNGBVd1wAbowL6Nt6vJHQ3jNf92IxjxfHd3ZC9jk=
Subject key identifier: 07:E6:F9:74:40:00:33:3D:22:73:26:E3:4D:1A:18:0D:A2:56:22:53
Certificate issuer: /CN=579ade9feaedc406df5e11bcef0393cd5e9fd0dd
Certificate serial: 018FDCE7291DA7140E30849E51CDC44EEEF2
Authority key identifier: 57:9A:DE:9F:EA:ED:C4:06:DF:5E:11:BC:EF:03:93:CD:5E:9F:D0:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/B-b5dEAAMz0icybjTRoYDaJWIlM.roa
Signing time: Mon 03 Jun 2024 07:01:27 +0000
ROA not before: Mon 03 Jun 2024 07:01:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49121
IP address blocks: 5.57.209.0/24 maxlen: 24
37.221.68.0/24 maxlen: 24
37.221.69.0/24 maxlen: 24
37.221.70.0/24 maxlen: 24
37.221.71.0/24 maxlen: 24
45.87.117.0/24 maxlen: 24
45.87.118.0/24 maxlen: 24
45.87.119.0/24 maxlen: 24
185.186.0.0/24 maxlen: 24
185.232.166.0/24 maxlen: 24
194.61.10.0/23 maxlen: 23
194.147.74.0/23 maxlen: 23
2a09:e200::/48 maxlen: 48
2a09:e200:e200::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 25 Jun 2024 12:27:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:dc:e7:29:1d:a7:14:0e:30:84:9e:51:cd:c4:4e:ee:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=579ade9feaedc406df5e11bcef0393cd5e9fd0dd
Validity
Not Before: Jun 3 07:01:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07e6f9744000333d227326e34d1a180da2562253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d8:f6:07:48:b1:84:5b:b6:41:ee:42:ac:05:
40:27:e5:46:be:bf:2b:48:03:bb:4b:e5:10:e0:28:
29:67:f5:e6:5c:02:5b:70:11:01:32:ae:0c:4a:c2:
69:b8:ec:1f:69:51:8c:24:df:dd:ac:46:1d:55:d8:
db:e3:90:4b:0e:19:62:ab:ed:0f:04:cf:29:76:ca:
42:97:55:9c:0b:b4:6e:c5:6c:6c:a6:6c:29:25:6d:
88:95:66:1a:2d:23:c0:0b:68:59:0f:11:39:c1:de:
43:a7:9e:a2:b2:38:ec:9e:cf:94:e0:f4:1c:f5:bc:
95:f3:de:b3:2d:09:13:9f:bb:8f:63:1a:b6:cc:84:
c4:26:79:99:7f:22:c9:7d:c9:86:3b:b5:57:be:c0:
66:0a:a9:77:46:93:c4:49:04:f8:ff:f8:78:84:05:
c5:51:e5:bd:0d:43:1a:54:ae:09:f3:22:78:9b:4b:
6c:75:2f:3a:4b:bd:31:20:32:64:b9:f9:b6:a7:a5:
a0:f8:43:b8:ff:c1:09:40:06:99:46:6d:18:80:80:
64:4b:78:0b:c1:09:74:49:ee:e3:c7:e1:01:68:71:
a1:6d:a7:5a:f2:2a:40:e1:96:df:3e:d6:3b:1b:62:
a7:ea:98:02:e4:33:ca:1e:98:df:bc:44:03:5e:f4:
78:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:E6:F9:74:40:00:33:3D:22:73:26:E3:4D:1A:18:0D:A2:56:22:53
X509v3 Authority Key Identifier:
keyid:57:9A:DE:9F:EA:ED:C4:06:DF:5E:11:BC:EF:03:93:CD:5E:9F:D0:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/B-b5dEAAMz0icybjTRoYDaJWIlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/V5ren-rtxAbfXhG87wOTzV6f0N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.209.0/24
37.221.68.0/22
45.87.117.0-45.87.119.255
185.186.0.0/24
185.232.166.0/24
194.61.10.0/23
194.147.74.0/23
IPv6:
2a09:e200::/48
2a09:e200:e200::/48
Signature Algorithm: sha256WithRSAEncryption
67:3a:64:04:1d:fa:3a:ff:02:54:bd:dd:4b:58:a3:8e:62:c9:
b4:40:98:37:c5:82:8f:57:80:58:cc:f1:9a:e7:77:39:90:f8:
bf:c1:45:6b:7c:d2:36:fa:d0:2e:b5:c5:e0:9a:91:bb:92:b9:
ff:c3:4f:94:b9:24:2a:70:9e:65:82:8f:26:e5:0e:57:68:46:
68:ae:02:24:3b:fb:93:77:bb:5c:88:9a:66:22:76:a7:2d:1f:
13:74:6a:f9:fe:39:c6:20:a5:8f:4f:a9:eb:60:df:14:51:40:
54:c1:98:d1:0a:41:7a:95:9c:34:0c:6c:7b:ca:c2:32:27:36:
69:01:19:c4:0f:88:fc:75:d2:42:03:6b:18:97:85:74:a0:cc:
91:0d:f6:86:cd:04:eb:f6:60:79:7a:55:41:e6:57:80:40:3c:
0a:fe:d5:99:2b:69:10:09:f6:f3:a8:1e:31:65:2b:06:eb:6b:
c1:3f:81:9c:a3:38:ac:0f:4d:62:71:47:19:17:ff:2c:8b:68:
8d:2d:fc:a5:1f:ce:21:88:a4:3a:22:24:0d:48:6e:db:29:5d:
81:2a:62:0f:fd:dd:60:a7:8b:4d:e0:eb:8e:3b:03:c5:65:de:
1b:e9:2b:a0:c4:89:89:f4:4a:8b:b7:ce:88:04:c7:fd:fd:c8:
52:43:73:e8
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAY/c5ykdpxQOMISeUc3ETu7yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OWFkZTlmZWFlZGM0MDZkZjVlMTFiY2VmMDM5M2NkNWU5
ZmQwZGQwHhcNMjQwNjAzMDcwMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2U2Zjk3NDQwMDAzMzNkMjI3MzI2ZTM0ZDFhMTgwZGEyNTYyMjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdj2B0ixhFu2Qe5CrAVAJ+VGvr8r
SAO7S+UQ4CgpZ/XmXAJbcBEBMq4MSsJpuOwfaVGMJN/drEYdVdjb45BLDhliq+0P
BM8pdspCl1WcC7RuxWxspmwpJW2IlWYaLSPAC2hZDxE5wd5Dp56isjjsns+U4PQc
9byV896zLQkTn7uPYxq2zITEJnmZfyLJfcmGO7VXvsBmCql3RpPESQT4//h4hAXF
UeW9DUMaVK4J8yJ4m0tsdS86S70xIDJkufm2p6Wg+EO4/8EJQAaZRm0YgIBkS3gL
wQl0Se7jx+EBaHGhbada8ipA4ZbfPtY7G2Kn6pgC5DPKHpjfvEQDXvR4tQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFAfm+XRAADM9InMm400aGA2iViJTMB8GA1UdIwQY
MBaAFFea3p/q7cQG314RvO8Dk81en9DdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVyZW4tcnR4QWJmWGhHODd3T1R6VjZmME4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yMjBlZDctOGRjMi00YzAxLTkyYmIt
MjA4ZWYzMmMwMjAyLzEvQi1iNWRFQUFNejBpY3lialRSb1lEYUpXSWxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yMjBlZDctOGRjMi00YzAxLTkyYmItMjA4ZWYzMmMwMjAy
LzEvVjVyZW4tcnR4QWJmWGhHODd3T1R6VjZmME4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA4BAIAATAyAwQABTnRAwQC
Jd1EMAwDBAAtV3UDBAMtV3ADBAC5ugADBAC56KYDBAHCPQoDBAHCk0owGAQCAAIw
EgMHACoJ4gAAAAMHACoJ4gDiADANBgkqhkiG9w0BAQsFAAOCAQEAZzpkBB36Ov8C
VL3dS1ijjmLJtECYN8WCj1eAWMzxmud3OZD4v8FFa3zSNvrQLrXF4JqRu5K5/8NP
lLkkKnCeZYKPJuUOV2hGaK4CJDv7k3e7XIiaZiJ2py0fE3Rq+f45xiClj0+p62Df
FFFAVMGY0QpBepWcNAxse8rCMic2aQEZxA+I/HXSQgNrGJeFdKDMkQ32hs0E6/Zg
eXpVQeZXgEA8Cv7VmStpEAn286geMWUrButrwT+BnKM4rA9NYnFHGRf/LItojS38
pR/OIYikOiIkDUhu2yldgSpiD/3dYKeLTeDrjjsDxWXeG+kroMSJifRKi7fOiATH
/f3IUkNz6A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:54 2025 by rpki-client