Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/sHYwYtLhZg9nEfqDtNX9gII-YnE.roa
File: sHYwYtLhZg9nEfqDtNX9gII-YnE.roa (raw, json)
Hash identifier: 4xxn4IA+Z0Ogkp4lzTteH/ZD0aQIhdw/hLfYWG1SSAo=
Subject key identifier: B0:76:30:62:D2:E1:66:0F:67:11:FA:83:B4:D5:FD:80:82:3E:62:71
Certificate issuer: /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial: 0193B062740DB3114CBA4892CA418FE53C9F
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/sHYwYtLhZg9nEfqDtNX9gII-YnE.roa
Signing time: Tue 10 Dec 2024 11:44:22 +0000
ROA not before: Tue 10 Dec 2024 11:44:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211183
IP address blocks: 5.35.124.0/24 maxlen: 24
5.35.125.0/24 maxlen: 24
5.35.126.0/24 maxlen: 24
5.35.127.0/24 maxlen: 24
5.253.62.0/24 maxlen: 24
37.140.241.0/24 maxlen: 24
45.128.204.0/24 maxlen: 24
79.133.181.0/24 maxlen: 24
79.133.182.0/24 maxlen: 24
79.133.183.0/24 maxlen: 24
89.191.225.0/24 maxlen: 24
91.200.84.0/24 maxlen: 24
94.154.11.0/24 maxlen: 24
185.198.152.0/24 maxlen: 24
185.239.50.0/24 maxlen: 24
185.239.51.0/24 maxlen: 24
185.240.103.0/24 maxlen: 24
185.244.51.0/24 maxlen: 24
185.250.44.0/24 maxlen: 24
185.250.46.0/24 maxlen: 24
185.250.47.0/24 maxlen: 24
193.187.96.0/24 maxlen: 24
217.171.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b0:62:74:0d:b3:11:4c:ba:48:92:ca:41:8f:e5:3c:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
Validity
Not Before: Dec 10 11:44:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0763062d2e1660f6711fa83b4d5fd80823e6271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:0a:ba:d8:c8:29:2c:31:37:36:76:56:36:27:
74:af:4a:32:ef:62:15:5f:44:bf:f7:88:69:ac:86:
13:22:ce:f0:73:51:98:30:0c:6c:aa:a2:48:44:74:
a2:31:18:10:c5:6e:88:43:1b:ca:53:be:ea:1f:5f:
14:6d:f5:62:a8:0a:70:92:f6:ed:70:54:88:9c:1e:
2d:03:c3:fb:ca:ff:14:1c:9f:31:5f:db:75:03:d0:
2c:51:46:d9:5f:1c:e7:fd:aa:af:7d:fa:57:6f:3d:
b9:46:dd:ca:fe:6f:48:0e:39:6a:16:9d:8a:1c:ea:
8c:1e:40:ad:54:e7:d9:39:0a:01:a9:2e:b7:d4:73:
9d:e7:ae:9c:38:38:2c:c4:15:cb:d2:d3:9e:4b:61:
f1:50:b2:94:c0:ad:f8:aa:29:92:ab:d8:d9:c7:57:
8b:85:9c:d0:e5:1f:7f:16:01:8e:fa:3c:bf:e5:75:
e9:d7:0e:8c:88:3a:69:6c:f1:8b:75:8c:3a:77:90:
e4:ad:d1:8a:0d:43:1c:2f:97:eb:9e:90:f9:2f:52:
0f:fa:e8:0c:88:61:56:27:18:ac:11:ff:d0:ab:3d:
f7:86:8d:23:c3:0e:a2:be:30:74:36:82:95:cd:87:
8d:76:07:5e:00:15:c7:a3:2c:0f:80:e7:28:a9:90:
df:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:76:30:62:D2:E1:66:0F:67:11:FA:83:B4:D5:FD:80:82:3E:62:71
X509v3 Authority Key Identifier:
keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/sHYwYtLhZg9nEfqDtNX9gII-YnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.124.0/22
5.253.62.0/24
37.140.241.0/24
45.128.204.0/24
79.133.181.0-79.133.183.255
89.191.225.0/24
91.200.84.0/24
94.154.11.0/24
185.198.152.0/24
185.239.50.0/23
185.240.103.0/24
185.244.51.0/24
185.250.44.0/24
185.250.46.0/23
193.187.96.0/24
217.171.146.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:a4:fe:41:2c:c8:4e:a3:8e:10:c5:39:2f:75:46:b0:42:7c:
7d:87:7c:b4:06:dd:ef:ab:38:f4:02:fa:33:18:2f:7f:f3:ce:
cd:82:d1:36:17:86:7c:5f:cf:02:fb:e3:2d:c1:d7:44:65:69:
e8:e6:a6:24:e7:03:72:ea:12:d1:f8:4e:ee:d3:75:2a:bb:37:
c6:14:fa:74:06:14:f5:26:f2:53:de:eb:ed:19:68:d0:c4:42:
46:a6:07:05:9a:25:39:c6:19:2d:80:65:ad:d7:f3:81:cc:9b:
2e:cf:89:cb:64:99:b6:08:6c:1a:ff:b9:62:a8:a5:42:c1:c4:
5f:1a:29:11:93:a0:9f:81:c7:cb:fc:7e:46:fe:99:1c:ad:7f:
01:5d:ac:a7:27:95:c1:08:34:38:c2:60:ce:1c:59:67:c5:0a:
c2:e6:97:db:bf:9e:39:0c:60:dd:ec:be:0f:1c:62:af:32:02:
06:ad:5d:e6:1a:f6:0d:57:63:72:ce:47:76:48:44:5c:5d:0e:
81:a3:33:91:53:34:3f:26:87:59:4c:dc:46:e2:89:09:cc:5a:
90:e0:49:e8:cb:eb:26:98:82:48:79:de:a4:95:38:07:3c:6e:
39:23:4b:60:c6:9e:5a:31:7a:06:22:cc:19:1f:6d:6f:b7:79:
10:20:d3:f1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZOwYnQNsxFMukiSykGP5TyfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjQxMjEwMTE0NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDc2MzA2MmQyZTE2NjBmNjcxMWZhODNiNGQ1ZmQ4MDgyM2U2MjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Aq62MgpLDE3NnZWNid0r0oy72IV
X0S/94hprIYTIs7wc1GYMAxsqqJIRHSiMRgQxW6IQxvKU77qH18UbfViqApwkvbt
cFSInB4tA8P7yv8UHJ8xX9t1A9AsUUbZXxzn/aqvffpXbz25Rt3K/m9IDjlqFp2K
HOqMHkCtVOfZOQoBqS631HOd566cODgsxBXL0tOeS2HxULKUwK34qimSq9jZx1eL
hZzQ5R9/FgGO+jy/5XXp1w6MiDppbPGLdYw6d5DkrdGKDUMcL5frnpD5L1IP+ugM
iGFWJxisEf/Qqz33ho0jww6ivjB0NoKVzYeNdgdeABXHoywPgOcoqZDfzwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFLB2MGLS4WYPZxH6g7TV/YCCPmJxMB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvc0hZd1l0TGhaZzluRWZxRHROWDlnSUktWW5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAgUjfAME
AAX9PgMEACWM8QMEAC2AzDAMAwQAT4W1AwQDT4WwAwQAWb/hAwQAW8hUAwQAXpoL
AwQAucaYAwQBue8yAwQAufBnAwQAufQzAwQAufosAwQBufouAwQAwbtgAwQA2auS
MA0GCSqGSIb3DQEBCwUAA4IBAQBqpP5BLMhOo44QxTkvdUawQnx9h3y0Bt3vqzj0
AvozGC9/887NgtE2F4Z8X88C++MtwddEZWno5qYk5wNy6hLR+E7u03UquzfGFPp0
BhT1JvJT3uvtGWjQxEJGpgcFmiU5xhktgGWt1/OBzJsuz4nLZJm2CGwa/7liqKVC
wcRfGikRk6CfgcfL/H5G/pkcrX8BXaynJ5XBCDQ4wmDOHFlnxQrC5pfbv545DGDd
7L4PHGKvMgIGrV3mGvYNV2Nyzkd2SERcXQ6BozORUzQ/JodZTNxG4okJzFqQ4Eno
y+smmIJIed6klTgHPG45I0tgxp5aMXoGIswZH21vt3kQINPx
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:49:19 2025 by rpki-client