Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/ce001b-a4d8-4f0e-831d-35c66d7c5260/1/5HngW_YhPKYIDEy0WBCC86Sh6gs.roa
File: 5HngW_YhPKYIDEy0WBCC86Sh6gs.roa (raw, json)
Hash identifier: rBBlW+Qf3PUARyTWa34HqI8wv5OwH8aSYjQP0A4AGOE=
Subject key identifier: E4:79:E0:5B:F6:21:3C:A6:08:0C:4C:B4:58:10:82:F3:A4:A1:EA:0B
Certificate issuer: /CN=b5f19eb0dd48e1b24924908bb5b6848cc1678546
Certificate serial: 0186333F844ABBA1E8F8EB3D64E3B55654F1
Authority key identifier: B5:F1:9E:B0:DD:48:E1:B2:49:24:90:8B:B5:B6:84:8C:C1:67:85:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tfGesN1I4bJJJJCLtbaEjMFnhUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/ce001b-a4d8-4f0e-831d-35c66d7c5260/1/5HngW_YhPKYIDEy0WBCC86Sh6gs.roa
Signing time: Wed 08 Feb 2023 22:57:25 +0000
ROA not before: Wed 08 Feb 2023 22:57:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34919
IP address blocks: 45.136.240.0/22 maxlen: 24
2a0e:9dc0::/29 maxlen: 48
2a0e:9dc0:2::/48 maxlen: 48
2a0e:9dc0:3::/48 maxlen: 48
2a0e:9dc0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:33:3f:84:4a:bb:a1:e8:f8:eb:3d:64:e3:b5:56:54:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5f19eb0dd48e1b24924908bb5b6848cc1678546
Validity
Not Before: Feb 8 22:57:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e479e05bf6213ca6080c4cb4581082f3a4a1ea0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:1e:af:21:86:b9:a6:12:9a:84:54:0f:af:c0:
9d:a4:a7:1f:d7:85:5d:a1:bf:3e:81:b6:48:18:03:
41:fa:b1:72:16:4e:8f:aa:c7:95:84:55:bc:f4:88:
4b:ea:d4:56:6f:75:19:29:b3:0d:c7:be:af:c0:6e:
8c:1b:28:ee:9f:2c:16:1d:7b:bd:33:7f:d8:85:e5:
69:0c:2c:56:b2:64:99:a5:ed:a5:75:a4:c3:86:6e:
46:ef:18:30:ad:68:53:36:9c:c4:21:b7:18:a1:cf:
a1:ff:24:7c:c8:91:3c:3e:5c:a2:1f:5c:28:dd:62:
70:ea:37:51:10:e8:a9:a9:21:34:41:d3:5d:bd:a0:
a7:6b:69:fd:9d:e0:7c:10:fe:9a:fe:41:2e:70:50:
75:05:5b:50:2e:f1:2a:79:33:a8:77:8f:8e:b8:e7:
41:d4:41:53:cc:0c:66:e1:c8:17:09:18:dc:21:e7:
e8:2b:3a:6b:72:42:01:cc:7c:c5:16:0a:94:75:76:
40:a3:3d:2b:7f:d3:52:38:c6:4e:3d:28:4b:bb:02:
a5:9f:a1:47:b6:4f:d7:45:8f:44:15:4c:5a:ee:96:
87:ff:41:61:25:94:b6:4c:ec:d1:2a:cc:a8:43:ff:
29:56:23:2c:3a:91:ae:57:53:3f:c3:54:1c:5c:fb:
ea:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:79:E0:5B:F6:21:3C:A6:08:0C:4C:B4:58:10:82:F3:A4:A1:EA:0B
X509v3 Authority Key Identifier:
keyid:B5:F1:9E:B0:DD:48:E1:B2:49:24:90:8B:B5:B6:84:8C:C1:67:85:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tfGesN1I4bJJJJCLtbaEjMFnhUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/ce001b-a4d8-4f0e-831d-35c66d7c5260/1/5HngW_YhPKYIDEy0WBCC86Sh6gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/ce001b-a4d8-4f0e-831d-35c66d7c5260/1/tfGesN1I4bJJJJCLtbaEjMFnhUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.240.0/22
IPv6:
2a0e:9dc0::/29
Signature Algorithm: sha256WithRSAEncryption
2c:99:3e:76:ad:1e:4e:bc:b6:5d:16:e8:e1:d0:ff:f5:2b:e8:
04:4c:e2:29:21:8e:fb:f7:c6:2d:9d:c4:0b:d0:c7:8e:7b:aa:
2c:0c:7c:06:51:22:ea:1d:64:e9:7b:1f:65:78:22:57:cc:2e:
89:e7:2f:0c:55:f2:3c:91:1f:6d:9d:7f:d0:6b:79:fb:c4:ff:
f3:16:49:c2:84:24:e5:12:aa:76:df:86:f4:a6:41:fc:bc:4f:
ec:06:63:3a:17:db:f4:b3:e5:6c:93:4a:ee:b4:4b:dc:ff:dc:
c0:83:da:d7:b2:71:33:21:4b:f6:77:41:c9:9b:79:90:79:51:
3e:1f:99:fd:22:a0:7f:e9:2c:67:4a:1f:76:eb:d5:81:28:62:
cf:69:2d:5d:0b:94:02:6b:ff:53:26:b3:27:fb:9c:dc:7f:75:
07:a0:fb:64:07:d5:f7:1f:a5:57:71:e2:eb:15:91:24:0a:f3:
86:c3:f9:3e:74:b8:c0:60:8b:63:00:69:28:47:be:1c:e5:2e:
4e:21:f0:9a:d9:db:e6:f0:17:04:fc:2d:e1:f3:72:31:e9:af:
b6:03:ef:d4:fc:62:1b:d9:d0:2e:52:f8:3f:48:14:13:e4:f6:
23:fa:94:89:0b:89:7d:d1:5f:34:09:33:77:b7:0f:6d:73:4d:
3b:9c:66:90
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYYzP4RKu6Ho+Os9ZOO1VlTxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1ZjE5ZWIwZGQ0OGUxYjI0OTI0OTA4YmI1YjY4NDhjYzE2
Nzg1NDYwHhcNMjMwMjA4MjI1NzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDc5ZTA1YmY2MjEzY2E2MDgwYzRjYjQ1ODEwODJmM2E0YTFlYTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlB6vIYa5phKahFQPr8CdpKcf14Vd
ob8+gbZIGANB+rFyFk6PqseVhFW89IhL6tRWb3UZKbMNx76vwG6MGyjunywWHXu9
M3/YheVpDCxWsmSZpe2ldaTDhm5G7xgwrWhTNpzEIbcYoc+h/yR8yJE8PlyiH1wo
3WJw6jdREOipqSE0QdNdvaCna2n9neB8EP6a/kEucFB1BVtQLvEqeTOod4+OuOdB
1EFTzAxm4cgXCRjcIefoKzprckIBzHzFFgqUdXZAoz0rf9NSOMZOPShLuwKln6FH
tk/XRY9EFUxa7paH/0FhJZS2TOzRKsyoQ/8pViMsOpGuV1M/w1QcXPvqyQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOR54Fv2ITymCAxMtFgQgvOkoeoLMB8GA1UdIwQY
MBaAFLXxnrDdSOGySSSQi7W2hIzBZ4VGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGZHZXNOMUk0YkpKSkpDTHRiYUVqTUZuaFVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jZTAwMWItYTRkOC00ZjBlLTgzMWQt
MzVjNjZkN2M1MjYwLzEvNUhuZ1dfWWhQS1lJREV5MFdCQ0M4NlNoNmdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jZTAwMWItYTRkOC00ZjBlLTgzMWQtMzVjNjZkN2M1MjYw
LzEvdGZHZXNOMUk0YkpKSkpDTHRiYUVqTUZuaFVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYjwMA0E
AgACMAcDBQMqDp3AMA0GCSqGSIb3DQEBCwUAA4IBAQAsmT52rR5OvLZdFujh0P/1
K+gETOIpIY7798YtncQL0MeOe6osDHwGUSLqHWTpex9leCJXzC6J5y8MVfI8kR9t
nX/Qa3n7xP/zFknChCTlEqp234b0pkH8vE/sBmM6F9v0s+Vsk0rutEvc/9zAg9rX
snEzIUv2d0HJm3mQeVE+H5n9IqB/6SxnSh9269WBKGLPaS1dC5QCa/9TJrMn+5zc
f3UHoPtkB9X3H6VXceLrFZEkCvOGw/k+dLjAYItjAGkoR74c5S5OIfCa2dvm8BcE
/C3h83Ix6a+2A+/U/GIb2dAuUvg/SBQT5PYj+pSJC4l90V80CTN3tw9tc007nGaQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:31 2024 by rpki-client on console-fra.rpki-client.org