Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/D_k-Eko5exEm4uFpF8CZjCGEO4I.roa
File: D_k-Eko5exEm4uFpF8CZjCGEO4I.roa (raw, json)
Hash identifier: Vh9tX+/fX1d0PeeAxShyw1UGSPe07fT/9gekX+Ov8dU=
Subject key identifier: 0F:F9:3E:12:4A:39:7B:11:26:E2:E1:69:17:C0:99:8C:21:84:3B:82
Certificate issuer: /CN=05bfdbb6a4b1663369da407db97b021f73284a28
Certificate serial: 01914CAA11A5C471A81A55BCD727F6B94534
Authority key identifier: 05:BF:DB:B6:A4:B1:66:33:69:DA:40:7D:B9:7B:02:1F:73:28:4A:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/D_k-Eko5exEm4uFpF8CZjCGEO4I.roa
Signing time: Tue 13 Aug 2024 16:54:59 +0000
ROA not before: Tue 13 Aug 2024 16:54:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42831
IP address blocks: 5.101.136.0/21 maxlen: 21
5.101.144.0/21 maxlen: 21
5.101.168.0/21 maxlen: 21
31.132.0.0/21 maxlen: 21
37.9.56.0/21 maxlen: 21
77.74.192.0/21 maxlen: 21
77.75.120.0/21 maxlen: 21
78.110.160.0/21 maxlen: 21
78.110.168.0/23 maxlen: 23
78.110.170.0/24 maxlen: 24
78.110.172.0/22 maxlen: 22
78.157.192.0/21 maxlen: 21
78.157.200.0/22 maxlen: 22
78.157.204.0/24 maxlen: 24
78.157.206.0/23 maxlen: 23
78.157.208.0/20 maxlen: 20
94.229.64.0/20 maxlen: 20
178.159.0.0/20 maxlen: 20
185.17.24.0/24 maxlen: 24
185.17.26.0/24 maxlen: 24
185.17.27.0/24 maxlen: 24
185.103.96.0/22 maxlen: 22
2a01:a500::/32 maxlen: 32
2a01:a500:1::/48 maxlen: 48
2a01:a500:1228::/48 maxlen: 48
2a01:a500:2566::/48 maxlen: 48
2a01:a500:a517::/48 maxlen: 48
2a01:a500:b517::/48 maxlen: 48
2a01:a500:c517::/48 maxlen: 48
2a01:a500:d517::/48 maxlen: 48
2a01:a500:e517::/48 maxlen: 48
2a01:a500:f517::/48 maxlen: 48
2a01:a507::/32 maxlen: 32
2a01:a507:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Sep 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4c:aa:11:a5:c4:71:a8:1a:55:bc:d7:27:f6:b9:45:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05bfdbb6a4b1663369da407db97b021f73284a28
Validity
Not Before: Aug 13 16:54:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ff93e124a397b1126e2e16917c0998c21843b82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7c:a7:08:e2:1e:56:37:85:3f:ed:4a:d7:e6:
a1:4e:b6:1a:eb:0f:57:9a:85:9d:65:b7:49:7e:c5:
8c:ba:55:8b:86:a1:6d:07:dc:50:52:12:17:35:91:
d9:35:83:c2:e6:ee:80:d0:75:33:96:4f:b1:ce:65:
fc:ab:70:ab:60:d2:70:43:03:31:00:25:b4:2b:38:
bb:2f:11:93:57:5b:d5:c4:1f:3f:a7:eb:e6:3f:2a:
72:62:a7:30:31:9e:73:d5:98:ee:55:1d:0f:41:35:
ac:cb:70:e6:3a:5e:02:e9:16:ab:82:26:98:f7:c0:
e3:76:8c:a3:65:13:a1:4f:59:93:41:8c:89:19:18:
9e:a7:68:e9:d1:3b:45:99:43:0b:03:9d:8d:b5:9e:
a7:92:53:01:0f:68:ad:a5:f9:b6:5a:86:7b:2a:01:
e0:55:92:cb:60:79:04:79:3d:93:c3:83:68:ea:61:
e5:0e:5a:5b:cd:3a:42:e1:bd:74:b1:f4:82:71:65:
87:0b:ff:24:96:2b:66:52:a4:f0:88:7d:c5:cc:1a:
59:e0:cb:15:b2:fa:7f:eb:4c:e8:f0:c3:df:13:c7:
a5:6a:0a:14:13:01:38:74:ee:77:cc:5f:09:7a:64:
9b:42:e8:86:ed:b1:c3:48:2e:78:0f:a2:3b:6b:fc:
cd:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:F9:3E:12:4A:39:7B:11:26:E2:E1:69:17:C0:99:8C:21:84:3B:82
X509v3 Authority Key Identifier:
keyid:05:BF:DB:B6:A4:B1:66:33:69:DA:40:7D:B9:7B:02:1F:73:28:4A:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/D_k-Eko5exEm4uFpF8CZjCGEO4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/Bb_btqSxZjNp2kB9uXsCH3MoSig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.136.0-5.101.151.255
5.101.168.0/21
31.132.0.0/21
37.9.56.0/21
77.74.192.0/21
77.75.120.0/21
78.110.160.0-78.110.170.255
78.110.172.0/22
78.157.192.0-78.157.204.255
78.157.206.0-78.157.223.255
94.229.64.0/20
178.159.0.0/20
185.17.24.0/24
185.17.26.0/23
185.103.96.0/22
IPv6:
2a01:a500::/32
2a01:a507::/32
Signature Algorithm: sha256WithRSAEncryption
54:ac:87:f6:90:1b:e8:68:e9:64:b9:e8:d1:62:ed:f4:e5:3f:
b0:2c:eb:10:81:51:0d:92:f7:d6:ec:dc:3c:ce:d6:5a:42:c2:
14:82:f6:38:5a:af:a3:47:58:2e:f5:63:c1:49:d1:13:85:05:
1f:b5:05:ba:ed:1d:a1:ba:86:39:69:61:31:30:6f:98:b7:46:
65:b6:2e:0a:77:8c:33:90:1e:81:43:13:1a:62:47:50:4c:59:
be:d7:9b:1c:07:b6:d3:ca:e7:1e:02:b4:12:f7:42:0d:a3:61:
c5:19:6b:85:9c:69:ea:ac:85:79:06:b8:79:1f:6d:5a:67:e8:
70:e9:2d:c0:a6:99:be:5d:1b:8c:4b:e1:51:75:de:4a:48:a2:
d6:37:d3:3a:c7:cc:76:ca:4c:2d:91:ff:0d:67:25:18:df:5b:
e9:bc:26:da:38:50:56:bc:32:56:75:23:d5:63:f2:49:2d:c7:
b0:5a:55:7b:e3:a1:7e:ec:25:82:35:27:28:f2:1c:57:6a:02:
48:64:cf:de:ad:fa:76:c1:bc:8d:75:44:e2:db:6d:24:77:df:
53:52:8a:c1:0d:0c:63:3b:79:f0:ac:88:62:c1:08:0e:ac:4b:
ee:34:bd:46:c3:68:df:37:5b:aa:ca:ea:39:0c:e2:d4:82:95:
16:99:5f:47
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAZFMqhGlxHGoGlW81yf2uUU0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YmZkYmI2YTRiMTY2MzM2OWRhNDA3ZGI5N2IwMjFmNzMy
ODRhMjgwHhcNMjQwODEzMTY1NDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmY5M2UxMjRhMzk3YjExMjZlMmUxNjkxN2MwOTk4YzIxODQzYjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3ynCOIeVjeFP+1K1+ahTrYa6w9X
moWdZbdJfsWMulWLhqFtB9xQUhIXNZHZNYPC5u6A0HUzlk+xzmX8q3CrYNJwQwMx
ACW0Kzi7LxGTV1vVxB8/p+vmPypyYqcwMZ5z1ZjuVR0PQTWsy3DmOl4C6RargiaY
98DjdoyjZROhT1mTQYyJGRiep2jp0TtFmUMLA52NtZ6nklMBD2itpfm2WoZ7KgHg
VZLLYHkEeT2Tw4No6mHlDlpbzTpC4b10sfSCcWWHC/8klitmUqTwiH3FzBpZ4MsV
svp/60zo8MPfE8elagoUEwE4dO53zF8JemSbQuiG7bHDSC54D6I7a/zN0QIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFA/5PhJKOXsRJuLhaRfAmYwhhDuCMB8GA1UdIwQY
MBaAFAW/27aksWYzadpAfbl7Ah9zKEooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJfYnRxU3haak5wMmtCOXVYc0NIM01vU2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi80NjBjMDAtM2U5NS00Mjc0LWJjOWMt
MDYwZGFjZmViZTBmLzEvRF9rLUVrbzVleEVtNHVGcEY4Q1pqQ0dFTzRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi80NjBjMDAtM2U5NS00Mjc0LWJjOWMtMDYwZGFjZmViZTBm
LzEvQmJfYnRxU3haak5wMmtCOXVYc0NIM01vU2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBgAQCAAEwejAMAwQD
BWWIAwQDBWWQAwQDBWWoAwQDH4QAAwQDJQk4AwQDTUrAAwQDTUt4MAwDBAVObqAD
BABObqoDBAJObqwwDAMEBk6dwAMEAE6dzDAMAwQBTp3OAwQFTp3AAwQEXuVAAwQE
sp8AAwQAuREYAwQBuREaAwQCuWdgMBQEAgACMA4DBQAqAaUAAwUAKgGlBzANBgkq
hkiG9w0BAQsFAAOCAQEAVKyH9pAb6GjpZLno0WLt9OU/sCzrEIFRDZL31uzcPM7W
WkLCFIL2OFqvo0dYLvVjwUnRE4UFH7UFuu0dobqGOWlhMTBvmLdGZbYuCneMM5Ae
gUMTGmJHUExZvtebHAe208rnHgK0EvdCDaNhxRlrhZxp6qyFeQa4eR9tWmfocOkt
wKaZvl0bjEvhUXXeSkii1jfTOsfMdspMLZH/DWclGN9b6bwm2jhQVrwyVnUj1WPy
SS3HsFpVe+OhfuwlgjUnKPIcV2oCSGTP3q36dsG8jXVE4tttJHffU1KKwQ0MYzt5
8KyIYsEIDqxL7jS9RsNo3zdbqsrqOQzi1IKVFplfRw==
-----END CERTIFICATE-----
Generated at Mon Sep 23 18:00:47 2024 by rpki-client on console-fra.rpki-client.org