Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/eadc95-daaf-4776-9be8-d2c0be448561/1/1-4MHs9jzgMbZN1MOLRmGck0u0J0.roa
File: 1-4MHs9jzgMbZN1MOLRmGck0u0J0.roa (raw, json)
Hash identifier: IgIKP5MGVVewtsZj7yM9Pd5bnK1M1RJ2NtikEZzgLeg=
Subject key identifier: FB:83:07:B3:D8:F3:80:C6:D9:37:53:0E:2D:19:86:72:4D:2E:D0:9D
Certificate issuer: /CN=e4a9ee74f2d984c88ab3b99ae71d0b7c7baf8150
Certificate serial: 018CC7275CC1ED27DF2C841A6629A7F823AF
Authority key identifier: E4:A9:EE:74:F2:D9:84:C8:8A:B3:B9:9A:E7:1D:0B:7C:7B:AF:81:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KnudPLZhMiKs7ma5x0LfHuvgVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/eadc95-daaf-4776-9be8-d2c0be448561/1/1-4MHs9jzgMbZN1MOLRmGck0u0J0.roa
Signing time: Mon 01 Jan 2024 22:31:34 +0000
ROA not before: Mon 01 Jan 2024 22:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58141
IP address blocks: 5.34.232.0/24 maxlen: 24
5.34.233.0/24 maxlen: 24
5.34.232.0/21 maxlen: 21
5.34.235.0/24 maxlen: 24
5.34.234.0/24 maxlen: 24
5.34.236.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:5c:c1:ed:27:df:2c:84:1a:66:29:a7:f8:23:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a9ee74f2d984c88ab3b99ae71d0b7c7baf8150
Validity
Not Before: Jan 1 22:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb8307b3d8f380c6d937530e2d1986724d2ed09d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:82:42:df:0b:69:1b:ec:6a:e9:93:05:8b:a8:
51:b3:41:e5:b3:24:2b:c3:51:d2:b6:85:22:09:91:
f0:25:6b:8f:94:f5:0d:ab:91:6b:00:ad:55:fa:99:
68:8c:b5:5e:26:cb:68:6d:40:8f:20:49:b3:ee:b1:
91:9d:0c:d6:0e:c9:61:e7:52:0a:3b:64:30:ec:09:
5c:b2:33:dd:0c:82:11:6d:12:05:6c:29:6c:9e:35:
d0:56:a4:f4:a5:00:78:3b:26:44:32:11:a7:8c:b3:
d6:aa:9e:e6:3c:fd:b0:fa:3e:7b:af:be:82:b1:60:
e8:e2:c2:6f:bc:a1:65:f8:24:0b:d6:c0:57:ac:0c:
c6:00:a8:be:2c:ad:78:72:22:bb:8f:70:54:03:a1:
44:cc:65:c1:59:a3:c4:62:28:96:77:b1:6a:15:4d:
9e:1e:e8:3a:ce:19:82:14:6a:fb:62:f2:54:3a:d4:
4b:4c:81:13:f2:53:79:35:bf:38:7a:16:eb:8d:ef:
c8:be:0b:f6:83:47:34:47:d5:1a:da:60:89:29:34:
aa:dc:a6:1b:78:37:d3:17:e2:06:04:03:89:35:4d:
ca:09:a5:51:88:4b:fc:d2:c6:a2:a0:3a:25:76:3e:
ec:b3:41:a7:b5:47:94:23:87:07:ad:9a:29:62:90:
64:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:83:07:B3:D8:F3:80:C6:D9:37:53:0E:2D:19:86:72:4D:2E:D0:9D
X509v3 Authority Key Identifier:
keyid:E4:A9:EE:74:F2:D9:84:C8:8A:B3:B9:9A:E7:1D:0B:7C:7B:AF:81:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KnudPLZhMiKs7ma5x0LfHuvgVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/eadc95-daaf-4776-9be8-d2c0be448561/1/1-4MHs9jzgMbZN1MOLRmGck0u0J0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/eadc95-daaf-4776-9be8-d2c0be448561/1/5KnudPLZhMiKs7ma5x0LfHuvgVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.232.0/21
Signature Algorithm: sha256WithRSAEncryption
75:eb:25:d9:93:a7:59:61:56:f1:fa:b6:1c:c6:7b:ea:1a:5f:
02:0f:ff:35:a1:a5:6b:a6:0f:31:12:54:df:87:97:67:09:e4:
f6:fa:67:33:54:9f:46:82:2b:22:ed:88:ce:f0:e2:02:09:7d:
06:ca:fd:0c:e5:26:aa:46:17:7c:03:15:90:dd:0a:20:7c:62:
61:64:22:2f:9c:2f:aa:47:fa:71:b1:09:d0:fa:e4:ae:7e:d0:
a8:46:e7:b7:35:13:1a:20:1b:94:5a:cb:18:66:4b:06:ba:bf:
c0:10:7f:00:55:81:8e:7b:01:2c:8d:2c:b0:b3:0d:c0:68:1d:
72:d0:ff:65:b6:11:8a:da:a9:d2:4f:af:d1:05:fd:81:aa:ca:
df:86:8d:3b:2b:6a:f3:05:5c:48:14:7e:98:a8:a8:0f:d1:f0:
84:a1:32:54:09:20:c5:99:33:c1:f8:f2:1d:0e:e3:12:fd:0c:
41:95:2d:c9:90:f8:71:95:c5:5c:a2:0d:cd:ad:92:6e:ac:a1:
6c:16:e0:bc:3f:f2:da:9f:58:80:be:30:0d:f8:aa:b1:ce:17:
83:7d:2f:d4:19:51:40:73:f4:7a:91:50:5e:04:27:9e:66:b2:
c7:42:74:04:c7:0e:9b:02:fe:5e:73:56:8e:d2:9c:06:73:2f:
f4:3b:bd:fd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzHJ1zB7SffLIQaZimn+COvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTllZTc0ZjJkOTg0Yzg4YWIzYjk5YWU3MWQwYjdjN2Jh
ZjgxNTAwHhcNMjQwMTAxMjIzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjgzMDdiM2Q4ZjM4MGM2ZDkzNzUzMGUyZDE5ODY3MjRkMmVkMDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4JC3wtpG+xq6ZMFi6hRs0HlsyQr
w1HStoUiCZHwJWuPlPUNq5FrAK1V+plojLVeJstobUCPIEmz7rGRnQzWDslh51IK
O2Qw7AlcsjPdDIIRbRIFbClsnjXQVqT0pQB4OyZEMhGnjLPWqp7mPP2w+j57r76C
sWDo4sJvvKFl+CQL1sBXrAzGAKi+LK14ciK7j3BUA6FEzGXBWaPEYiiWd7FqFU2e
Hug6zhmCFGr7YvJUOtRLTIET8lN5Nb84ehbrje/Ivgv2g0c0R9Ua2mCJKTSq3KYb
eDfTF+IGBAOJNU3KCaVRiEv80saioDoldj7ss0GntUeUI4cHrZopYpBkpwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPuDB7PY84DG2TdTDi0ZhnJNLtCdMB8GA1UdIwQY
MBaAFOSp7nTy2YTIirO5mucdC3x7r4FQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtudWRQTFpoTWlLczdtYTV4MExmSHV2Z1ZBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lYWRjOTUtZGFhZi00Nzc2LTliZTgt
ZDJjMGJlNDQ4NTYxLzEvMS00TUhzOWp6Z01iWk4xTU9MUm1HY2swdTBKMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTgvZWFkYzk1LWRhYWYtNDc3Ni05YmU4LWQyYzBiZTQ0ODU2
MS8xLzVLbnVkUExaaE1pS3M3bWE1eDBMZkh1dmdWQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAwUi6DAN
BgkqhkiG9w0BAQsFAAOCAQEAdesl2ZOnWWFW8fq2HMZ76hpfAg//NaGla6YPMRJU
34eXZwnk9vpnM1SfRoIrIu2IzvDiAgl9Bsr9DOUmqkYXfAMVkN0KIHxiYWQiL5wv
qkf6cbEJ0Prkrn7QqEbntzUTGiAblFrLGGZLBrq/wBB/AFWBjnsBLI0ssLMNwGgd
ctD/ZbYRitqp0k+v0QX9garK34aNOytq8wVcSBR+mKioD9HwhKEyVAkgxZkzwfjy
HQ7jEv0MQZUtyZD4cZXFXKINza2SbqyhbBbgvD/y2p9YgL4wDfiqsc4Xg30v1BlR
QHP0epFQXgQnnmayx0J0BMcOmwL+XnNWjtKcBnMv9Du9/Q==
-----END CERTIFICATE-----
Generated at Fri Apr 18 02:13:12 2025 by rpki-client