Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/8PNUaRE6zczuIHxB9TFTk99VdMY.roa
File: 8PNUaRE6zczuIHxB9TFTk99VdMY.roa (raw, json)
Hash identifier: pOlnXTk68WxobzELiGJSjK/R6wwNhYBR71TLFS8o8Hw=
Subject key identifier: F0:F3:54:69:11:3A:CD:CC:EE:20:7C:41:F5:31:53:93:DF:55:74:C6
Certificate issuer: /CN=05bfdbb6a4b1663369da407db97b021f73284a28
Certificate serial: 018E3434E3D7F0A105B99BC338B27C629B14
Authority key identifier: 05:BF:DB:B6:A4:B1:66:33:69:DA:40:7D:B9:7B:02:1F:73:28:4A:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/8PNUaRE6zczuIHxB9TFTk99VdMY.roa
Signing time: Tue 12 Mar 2024 19:47:45 +0000
ROA not before: Tue 12 Mar 2024 19:47:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42831
IP address blocks: 5.101.136.0/21 maxlen: 21
5.101.144.0/21 maxlen: 21
5.101.168.0/21 maxlen: 21
31.132.0.0/21 maxlen: 21
37.9.56.0/21 maxlen: 21
77.74.192.0/21 maxlen: 21
77.75.120.0/21 maxlen: 21
94.229.64.0/20 maxlen: 20
178.159.0.0/20 maxlen: 20
185.17.24.0/22 maxlen: 22
185.103.96.0/22 maxlen: 22
2a01:a500::/32 maxlen: 32
2a01:a500:1::/48 maxlen: 48
2a01:a500:1228::/48 maxlen: 48
2a01:a500:2566::/48 maxlen: 48
2a01:a507::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 13 Mar 2024 12:43:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:34:34:e3:d7:f0:a1:05:b9:9b:c3:38:b2:7c:62:9b:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05bfdbb6a4b1663369da407db97b021f73284a28
Validity
Not Before: Mar 12 19:47:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0f35469113acdccee207c41f5315393df5574c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:71:5e:f5:3c:31:13:4b:60:68:aa:59:a3:c3:
d1:1d:90:a4:ac:02:5e:ec:e1:cf:4e:70:4a:08:05:
f1:8a:cb:80:fc:a0:5f:2e:76:bc:5f:5c:29:30:85:
f6:34:55:98:4c:bd:7f:c2:10:d3:06:98:be:32:bf:
97:2f:41:24:98:a7:5b:cb:f0:5c:d4:54:b6:e5:e4:
3f:f0:a6:50:8d:15:38:aa:38:4d:f4:cf:01:fa:f8:
5a:7a:d9:77:a1:74:39:1f:a5:c7:ea:72:23:43:a7:
a6:1a:a7:92:65:fe:1c:19:4e:05:96:bf:07:f1:20:
ad:d8:1c:f3:6b:01:77:0d:b2:f9:4b:bf:4a:d1:83:
30:51:4d:5a:15:a8:35:29:cd:23:03:f1:28:b7:ab:
35:14:ac:86:da:b9:8d:62:f5:63:1f:0e:6c:1a:3c:
a1:f8:6a:ea:95:11:0e:67:c1:37:ac:3b:59:e4:6e:
f1:85:cd:20:f7:d5:35:8b:58:3b:c2:7d:79:20:31:
e9:d0:8c:db:69:ca:20:b6:e3:11:85:7a:91:46:02:
f3:d5:c2:db:f0:03:2c:57:9f:38:2e:a3:6f:2e:01:
a6:46:28:21:4a:eb:f1:03:21:31:f8:8f:c0:8c:29:
34:9e:62:a6:2c:df:96:a2:5a:cb:7e:ad:c4:5f:49:
4d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:F3:54:69:11:3A:CD:CC:EE:20:7C:41:F5:31:53:93:DF:55:74:C6
X509v3 Authority Key Identifier:
keyid:05:BF:DB:B6:A4:B1:66:33:69:DA:40:7D:B9:7B:02:1F:73:28:4A:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/8PNUaRE6zczuIHxB9TFTk99VdMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/Bb_btqSxZjNp2kB9uXsCH3MoSig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.136.0-5.101.151.255
5.101.168.0/21
31.132.0.0/21
37.9.56.0/21
77.74.192.0/21
77.75.120.0/21
94.229.64.0/20
178.159.0.0/20
185.17.24.0/22
185.103.96.0/22
IPv6:
2a01:a500::/32
2a01:a507::/32
Signature Algorithm: sha256WithRSAEncryption
63:e8:e5:59:75:96:ff:09:36:d8:b1:0a:5b:28:60:7f:93:57:
5d:ae:90:9c:3c:90:3b:3f:ab:28:b5:4d:f7:10:41:23:fb:2e:
52:9a:bb:4c:e9:c4:86:05:27:11:45:6e:16:c5:5c:78:3b:7f:
a2:d7:54:ad:aa:bd:8d:39:4b:d0:6a:60:59:cd:08:d7:f4:f9:
33:22:67:c9:cf:23:f2:6d:62:f8:64:b3:ef:f6:f6:cc:79:e0:
a1:96:d9:6f:4d:f6:c0:8d:ab:71:61:85:75:88:20:b0:0b:bd:
3c:9b:90:43:89:25:3e:e2:d6:d1:8e:a1:58:2d:46:25:ca:55:
f7:72:79:95:1a:4c:44:02:11:0d:97:ca:5e:2e:d1:a0:dc:02:
b6:26:af:38:97:59:a5:59:1b:5c:1e:4a:c6:02:c1:d9:92:a8:
a7:1e:94:1d:f3:8d:33:c9:54:86:de:91:b4:2d:ea:9a:58:8e:
dc:61:3d:31:d8:3c:16:1e:46:93:bb:8d:57:57:e9:7b:ae:b8:
6e:42:77:dc:74:52:17:67:c7:c3:e7:80:3d:8a:7e:a0:08:54:
55:12:c0:6b:b9:f2:01:7a:8c:bd:23:85:87:b6:32:28:a2:2c:
05:02:cf:ba:ef:65:57:11:54:b0:a3:b5:2f:3f:36:26:62:d5:
d2:1b:38:b2
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAY40NOPX8KEFuZvDOLJ8YpsUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YmZkYmI2YTRiMTY2MzM2OWRhNDA3ZGI5N2IwMjFmNzMy
ODRhMjgwHhcNMjQwMzEyMTk0NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGYzNTQ2OTExM2FjZGNjZWUyMDdjNDFmNTMxNTM5M2RmNTU3NGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23Fe9TwxE0tgaKpZo8PRHZCkrAJe
7OHPTnBKCAXxisuA/KBfLna8X1wpMIX2NFWYTL1/whDTBpi+Mr+XL0EkmKdby/Bc
1FS25eQ/8KZQjRU4qjhN9M8B+vhaetl3oXQ5H6XH6nIjQ6emGqeSZf4cGU4Flr8H
8SCt2BzzawF3DbL5S79K0YMwUU1aFag1Kc0jA/Eot6s1FKyG2rmNYvVjHw5sGjyh
+GrqlREOZ8E3rDtZ5G7xhc0g99U1i1g7wn15IDHp0IzbacogtuMRhXqRRgLz1cLb
8AMsV584LqNvLgGmRighSuvxAyEx+I/AjCk0nmKmLN+WolrLfq3EX0lNgwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFPDzVGkROs3M7iB8QfUxU5PfVXTGMB8GA1UdIwQY
MBaAFAW/27aksWYzadpAfbl7Ah9zKEooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJfYnRxU3haak5wMmtCOXVYc0NIM01vU2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi80NjBjMDAtM2U5NS00Mjc0LWJjOWMt
MDYwZGFjZmViZTBmLzEvOFBOVWFSRTZ6Y3p1SUh4QjlURlRrOTlWZE1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi80NjBjMDAtM2U5NS00Mjc0LWJjOWMtMDYwZGFjZmViZTBm
LzEvQmJfYnRxU3haak5wMmtCOXVYc0NIM01vU2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBKBAIAATBEMAwDBAMFZYgD
BAMFZZADBAMFZagDBAMfhAADBAMlCTgDBANNSsADBANNS3gDBARe5UADBASynwAD
BAK5ERgDBAK5Z2AwFAQCAAIwDgMFACoBpQADBQAqAaUHMA0GCSqGSIb3DQEBCwUA
A4IBAQBj6OVZdZb/CTbYsQpbKGB/k1ddrpCcPJA7P6sotU33EEEj+y5SmrtM6cSG
BScRRW4WxVx4O3+i11Stqr2NOUvQamBZzQjX9PkzImfJzyPybWL4ZLPv9vbMeeCh
ltlvTfbAjatxYYV1iCCwC708m5BDiSU+4tbRjqFYLUYlylX3cnmVGkxEAhENl8pe
LtGg3AK2Jq84l1mlWRtcHkrGAsHZkqinHpQd840zyVSG3pG0LeqaWI7cYT0x2DwW
HkaTu41XV+l7rrhuQnfcdFIXZ8fD54A9in6gCFRVEsBrufIBeoy9I4WHtjIooiwF
As+672VXEVSwo7UvPzYmYtXSGziy
-----END CERTIFICATE-----
Generated at Wed Mar 13 16:50:37 2024 by rpki-client on console-fra.rpki-client.org