Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/TV5R_eR5PtVuCSLXuqc83NBVobw.roa
File: TV5R_eR5PtVuCSLXuqc83NBVobw.roa (raw, json)
Hash identifier: M9a9tZKGEj1PWekR1xe2dGWNCdYpPVsY3dQB6vDanDc=
Subject key identifier: 4D:5E:51:FD:E4:79:3E:D5:6E:09:22:D7:BA:A7:3C:DC:D0:55:A1:BC
Certificate issuer: /CN=389b2fa3651383a7fc6a86adba56c7c6207d7568
Certificate serial: 018EA92B5891E3739656C5F6C70F9AE4A0D7
Authority key identifier: 38:9B:2F:A3:65:13:83:A7:FC:6A:86:AD:BA:56:C7:C6:20:7D:75:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OJsvo2UTg6f8aoatulbHxiB9dWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/TV5R_eR5PtVuCSLXuqc83NBVobw.roa
Signing time: Thu 04 Apr 2024 12:52:53 +0000
ROA not before: Thu 04 Apr 2024 12:52:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58173
IP address blocks: 5.61.72.0/21 maxlen: 21
5.61.72.0/22 maxlen: 22
5.61.76.0/22 maxlen: 22
134.0.80.0/21 maxlen: 24
185.18.48.0/22 maxlen: 22
185.18.48.0/23 maxlen: 23
185.18.48.0/24 maxlen: 24
185.18.50.0/23 maxlen: 23
185.18.50.0/24 maxlen: 24
185.96.192.0/22 maxlen: 24
185.96.192.0/23 maxlen: 23
185.205.160.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 May 2024 09:39:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a9:2b:58:91:e3:73:96:56:c5:f6:c7:0f:9a:e4:a0:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=389b2fa3651383a7fc6a86adba56c7c6207d7568
Validity
Not Before: Apr 4 12:52:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d5e51fde4793ed56e0922d7baa73cdcd055a1bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ed:ef:72:c0:42:a3:53:ec:3a:53:20:9d:65:
8c:dd:9e:11:a7:15:4d:64:8e:c9:78:59:38:35:79:
19:15:dd:63:b3:79:9e:7a:f0:4e:4b:ca:ad:62:ac:
27:6c:bc:a5:c3:5f:f7:99:68:33:bc:20:9b:e9:fb:
81:28:42:42:f4:83:2c:1c:b5:d2:f5:57:8c:fa:0d:
1f:4a:b9:0a:7a:3b:d2:f2:f8:b6:5c:dc:b0:68:4e:
00:bb:4e:ce:11:f7:5a:cf:6f:ab:32:d3:83:7e:02:
5f:45:b5:58:1a:2b:5a:f2:d4:65:aa:9d:91:99:23:
3d:5f:a3:13:0e:02:2a:17:2a:e0:cf:76:38:60:94:
9c:ae:be:34:d1:c6:f7:86:f6:63:ba:7e:1a:6c:e3:
c1:cc:90:13:59:7e:bb:9d:47:2c:59:1d:d1:b7:cc:
00:54:4a:cb:f1:34:9f:dd:af:54:93:26:ed:98:88:
ac:38:eb:f0:dc:7c:6a:2d:93:62:cc:70:7f:69:24:
17:9e:0b:76:58:30:62:ff:34:36:99:41:ae:2e:bc:
2e:70:b8:96:0d:0b:1c:a3:bc:ae:3b:9d:3a:55:6f:
7a:1e:28:52:e9:6a:c9:16:36:2d:21:43:b4:8a:4e:
65:16:82:23:ef:9f:23:05:2c:84:81:6d:9e:93:52:
6d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:5E:51:FD:E4:79:3E:D5:6E:09:22:D7:BA:A7:3C:DC:D0:55:A1:BC
X509v3 Authority Key Identifier:
keyid:38:9B:2F:A3:65:13:83:A7:FC:6A:86:AD:BA:56:C7:C6:20:7D:75:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJsvo2UTg6f8aoatulbHxiB9dWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/TV5R_eR5PtVuCSLXuqc83NBVobw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/OJsvo2UTg6f8aoatulbHxiB9dWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.72.0/21
134.0.80.0/21
185.18.48.0/22
185.96.192.0/22
185.205.160.0/22
Signature Algorithm: sha256WithRSAEncryption
15:7b:f0:ab:d6:e6:e2:9f:d7:29:77:c5:74:ea:9e:56:87:4f:
a3:64:df:94:ef:a1:44:49:94:f8:28:85:96:db:66:b3:91:6c:
14:ea:72:7f:00:d5:50:5d:db:4d:2b:2a:66:cc:0c:43:b2:75:
d2:ca:c6:a6:2e:0c:93:e9:0b:82:1d:10:b8:be:9b:22:0b:bf:
21:91:68:3e:ef:94:7e:ad:45:82:bc:84:1e:fc:11:26:43:99:
50:13:58:16:41:09:ec:bc:ac:c5:e0:b7:a6:31:c3:87:21:ec:
39:ec:8d:43:b5:c2:4b:67:6d:54:65:41:bf:7c:05:4f:05:ef:
72:e6:24:71:6a:f9:5d:28:68:92:52:b5:ea:a0:53:a0:f1:ab:
bb:da:79:fc:75:06:d8:79:03:29:90:4e:fd:0f:ec:48:74:eb:
cd:26:f0:ea:90:3d:7a:5f:04:6a:61:a9:6e:10:54:c5:c9:57:
d1:bb:4e:67:3d:0d:d1:a2:70:82:c2:90:ad:c9:b9:e1:ad:62:
bf:ca:71:6b:55:87:79:91:f2:56:63:f1:fa:09:e5:65:a7:cd:
6a:33:f5:fb:29:49:de:65:7b:d4:74:6f:8f:f1:c2:4c:2e:3f:
62:03:5e:d9:6d:27:8a:c6:6f:21:3d:bc:ad:4a:28:9a:35:19:
6c:82:a6:d5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY6pK1iR43OWVsX2xw+a5KDXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWIyZmEzNjUxMzgzYTdmYzZhODZhZGJhNTZjN2M2MjA3
ZDc1NjgwHhcNMjQwNDA0MTI1MjUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDVlNTFmZGU0NzkzZWQ1NmUwOTIyZDdiYWE3M2NkY2QwNTVhMWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlu3vcsBCo1PsOlMgnWWM3Z4RpxVN
ZI7JeFk4NXkZFd1js3meevBOS8qtYqwnbLylw1/3mWgzvCCb6fuBKEJC9IMsHLXS
9VeM+g0fSrkKejvS8vi2XNywaE4Au07OEfdaz2+rMtODfgJfRbVYGita8tRlqp2R
mSM9X6MTDgIqFyrgz3Y4YJScrr400cb3hvZjun4abOPBzJATWX67nUcsWR3Rt8wA
VErL8TSf3a9UkybtmIisOOvw3HxqLZNizHB/aSQXngt2WDBi/zQ2mUGuLrwucLiW
DQsco7yuO506VW96HihS6WrJFjYtIUO0ik5lFoIj758jBSyEgW2ek1JtywIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFE1eUf3keT7Vbgki17qnPNzQVaG8MB8GA1UdIwQY
MBaAFDibL6NlE4On/GqGrbpWx8YgfXVoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0pzdm8yVVRnNmY4YW9hdHVsYkh4aUI5ZFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8xYWQyNmYtYTMzZS00MDY5LWE4MDIt
MzczYjUyMmE4MjFkLzEvVFY1Ul9lUjVQdFZ1Q1NMWHVxYzgzTkJWb2J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8xYWQyNmYtYTMzZS00MDY5LWE4MDItMzczYjUyMmE4MjFk
LzEvT0pzdm8yVVRnNmY4YW9hdHVsYkh4aUI5ZFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDBT1IAwQD
hgBQAwQCuRIwAwQCuWDAAwQCuc2gMA0GCSqGSIb3DQEBCwUAA4IBAQAVe/Cr1ubi
n9cpd8V06p5Wh0+jZN+U76FESZT4KIWW22azkWwU6nJ/ANVQXdtNKypmzAxDsnXS
ysamLgyT6QuCHRC4vpsiC78hkWg+75R+rUWCvIQe/BEmQ5lQE1gWQQnsvKzF4Lem
McOHIew57I1DtcJLZ21UZUG/fAVPBe9y5iRxavldKGiSUrXqoFOg8au72nn8dQbY
eQMpkE79D+xIdOvNJvDqkD16XwRqYaluEFTFyVfRu05nPQ3RonCCwpCtybnhrWK/
ynFrVYd5kfJWY/H6CeVlp81qM/X7KUneZXvUdG+P8cJMLj9iA17ZbSeKxm8hPbyt
SiiaNRlsgqbV
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:18:03 2025 by rpki-client