Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/GrV5w1LdMMJm8o0mmZQT0Zrt6YM.roa
File: GrV5w1LdMMJm8o0mmZQT0Zrt6YM.roa (raw, json)
Hash identifier: iwCvVybSaGNr1h0hdVjNAVNtntiNEuyOk2tXBt6uphI=
Subject key identifier: 1A:B5:79:C3:52:DD:30:C2:66:F2:8D:26:99:94:13:D1:9A:ED:E9:83
Certificate issuer: /CN=389b2fa3651383a7fc6a86adba56c7c6207d7568
Certificate serial: 018D4156009463F33F6B088274FB8B3900B8
Authority key identifier: 38:9B:2F:A3:65:13:83:A7:FC:6A:86:AD:BA:56:C7:C6:20:7D:75:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OJsvo2UTg6f8aoatulbHxiB9dWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/GrV5w1LdMMJm8o0mmZQT0Zrt6YM.roa
Signing time: Thu 25 Jan 2024 15:56:11 +0000
ROA not before: Thu 25 Jan 2024 15:56:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58173
IP address blocks: 5.61.72.0/21 maxlen: 21
5.61.72.0/22 maxlen: 22
185.18.48.0/22 maxlen: 22
185.18.48.0/23 maxlen: 23
185.96.192.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Feb 2024 21:17:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:41:56:00:94:63:f3:3f:6b:08:82:74:fb:8b:39:00:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=389b2fa3651383a7fc6a86adba56c7c6207d7568
Validity
Not Before: Jan 25 15:56:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ab579c352dd30c266f28d26999413d19aede983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:18:3e:62:74:82:8b:40:9b:b4:32:95:f4:08:
54:3d:f0:31:6e:48:2c:f6:69:8f:bd:d9:57:f4:58:
ab:64:4b:c8:a4:c4:64:5d:ec:cc:e8:97:51:30:e0:
9a:55:6c:c6:88:4c:bd:9d:cb:a8:b2:ba:d0:55:d3:
23:3a:ac:97:d5:07:ac:5c:54:77:40:9c:70:35:7b:
aa:cb:25:c5:82:13:37:7d:bd:5e:56:41:88:69:9a:
ec:07:ba:50:e5:c5:8a:91:fe:17:a4:87:9b:3b:40:
11:09:a2:06:49:f4:2f:5a:65:3e:36:93:55:4c:c3:
fd:a1:ef:49:29:2b:75:c2:f4:c3:76:2a:4c:cb:8c:
42:eb:0b:5e:1d:65:a6:c1:81:49:58:16:9b:95:43:
88:1a:72:35:06:de:aa:62:49:7c:11:5f:f7:78:5a:
e7:0d:0d:f5:e5:8a:12:e7:7b:25:d7:30:cd:14:d6:
3c:fc:df:ed:6d:1d:c5:93:89:a1:10:5d:d0:20:7e:
f7:c8:4f:26:84:2e:30:7a:40:ac:97:64:ff:14:60:
dc:20:42:7b:27:6f:f1:c5:7b:0f:ca:bb:a5:9e:e1:
41:e6:27:0a:db:f7:44:2b:78:92:0a:a0:cf:a4:d7:
86:0a:bb:e4:d8:ba:3d:3b:53:15:86:c4:2e:8d:2e:
d4:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:B5:79:C3:52:DD:30:C2:66:F2:8D:26:99:94:13:D1:9A:ED:E9:83
X509v3 Authority Key Identifier:
keyid:38:9B:2F:A3:65:13:83:A7:FC:6A:86:AD:BA:56:C7:C6:20:7D:75:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJsvo2UTg6f8aoatulbHxiB9dWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/GrV5w1LdMMJm8o0mmZQT0Zrt6YM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/OJsvo2UTg6f8aoatulbHxiB9dWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.72.0/21
185.18.48.0/22
185.96.192.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:32:98:6f:df:de:d3:9c:27:91:91:e2:38:08:f3:92:08:b2:
61:0c:b6:f8:c8:87:c1:fa:55:d3:3e:9a:e3:8e:e6:09:58:20:
18:67:e6:ca:2e:d7:c0:79:2c:db:47:71:6a:b0:e9:a4:fc:2b:
a0:61:8b:49:ce:ce:17:31:49:d6:26:7d:2b:ca:f9:e6:bc:5d:
fa:6e:0d:1f:20:22:2e:04:8a:1f:6d:c9:b8:6b:48:75:35:3d:
15:ee:b1:9c:65:4d:d5:81:d0:12:25:7d:be:0b:0d:5b:5e:1d:
10:60:c4:16:a9:7a:13:a4:91:41:01:d7:90:a1:f7:e7:86:f4:
7a:3c:ae:40:03:29:b9:40:b8:5a:08:e8:d1:4d:17:29:19:0b:
89:09:ea:c3:a0:c9:f6:f1:32:89:a2:10:3a:69:de:8c:e8:bf:
06:e0:fb:29:84:bb:e6:3c:d2:33:6f:bc:bf:e7:8c:9b:75:03:
a6:9f:2e:57:7e:a0:4e:e4:91:66:0e:1b:75:f1:21:c2:fc:f8:
61:c8:be:30:e2:41:77:13:81:bb:05:b4:6c:58:46:33:ef:60:
40:61:cd:a6:6e:69:95:d2:94:7f:41:ff:b7:98:87:5e:71:c5:
4a:8d:47:be:26:cc:0c:78:a4:d7:51:93:e7:9d:90:38:ca:93:
5a:61:98:22
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1BVgCUY/M/awiCdPuLOQC4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWIyZmEzNjUxMzgzYTdmYzZhODZhZGJhNTZjN2M2MjA3
ZDc1NjgwHhcNMjQwMTI1MTU1NjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWI1NzljMzUyZGQzMGMyNjZmMjhkMjY5OTk0MTNkMTlhZWRlOTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hg+YnSCi0CbtDKV9AhUPfAxbkgs
9mmPvdlX9FirZEvIpMRkXezM6JdRMOCaVWzGiEy9ncuosrrQVdMjOqyX1QesXFR3
QJxwNXuqyyXFghM3fb1eVkGIaZrsB7pQ5cWKkf4XpIebO0ARCaIGSfQvWmU+NpNV
TMP9oe9JKSt1wvTDdipMy4xC6wteHWWmwYFJWBablUOIGnI1Bt6qYkl8EV/3eFrn
DQ315YoS53sl1zDNFNY8/N/tbR3Fk4mhEF3QIH73yE8mhC4wekCsl2T/FGDcIEJ7
J2/xxXsPyrulnuFB5icK2/dEK3iSCqDPpNeGCrvk2Lo9O1MVhsQujS7U1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBq1ecNS3TDCZvKNJpmUE9Ga7emDMB8GA1UdIwQY
MBaAFDibL6NlE4On/GqGrbpWx8YgfXVoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0pzdm8yVVRnNmY4YW9hdHVsYkh4aUI5ZFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8xYWQyNmYtYTMzZS00MDY5LWE4MDIt
MzczYjUyMmE4MjFkLzEvR3JWNXcxTGRNTUptOG8wbW1aUVQwWnJ0NllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8xYWQyNmYtYTMzZS00MDY5LWE4MDItMzczYjUyMmE4MjFk
LzEvT0pzdm8yVVRnNmY4YW9hdHVsYkh4aUI5ZFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBT1IAwQC
uRIwAwQCuWDAMA0GCSqGSIb3DQEBCwUAA4IBAQAPMphv397TnCeRkeI4CPOSCLJh
DLb4yIfB+lXTPprjjuYJWCAYZ+bKLtfAeSzbR3FqsOmk/CugYYtJzs4XMUnWJn0r
yvnmvF36bg0fICIuBIofbcm4a0h1NT0V7rGcZU3VgdASJX2+Cw1bXh0QYMQWqXoT
pJFBAdeQoffnhvR6PK5AAym5QLhaCOjRTRcpGQuJCerDoMn28TKJohA6ad6M6L8G
4PsphLvmPNIzb7y/54ybdQOmny5XfqBO5JFmDht18SHC/PhhyL4w4kF3E4G7BbRs
WEYz72BAYc2mbmmV0pR/Qf+3mIdeccVKjUe+JswMeKTXUZPnnZA4ypNaYZgi
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:47 2025 by rpki-client