Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/j4SwGDj0K-YXdHGcNPpGsnqfX5M.roa
File: j4SwGDj0K-YXdHGcNPpGsnqfX5M.roa (raw, json)
Hash identifier: vkbtk1lTxoIeOIDIV10/lx4JGPGZmbYoZ2uvKUunihs=
Subject key identifier: 8F:84:B0:18:38:F4:2B:E6:17:74:71:9C:34:FA:46:B2:7A:9F:5F:93
Certificate issuer: /CN=7b48945b9d716cd47fbde2860d8100fcda987496
Certificate serial: 018CC26CF3978C025F483F61A4E27C226E29
Authority key identifier: 7B:48:94:5B:9D:71:6C:D4:7F:BD:E2:86:0D:81:00:FC:DA:98:74:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e0iUW51xbNR_veKGDYEA_NqYdJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/j4SwGDj0K-YXdHGcNPpGsnqfX5M.roa
Signing time: Mon 01 Jan 2024 00:29:29 +0000
ROA not before: Mon 01 Jan 2024 00:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196763
IP address blocks: 5.22.144.0/24 maxlen: 24
5.22.148.0/22 maxlen: 22
109.234.104.0/21 maxlen: 21
185.33.180.0/22 maxlen: 22
78.109.56.0/21 maxlen: 21
2a00:18e0:7::/48 maxlen: 48
2a00:18e0::/48 maxlen: 48
2a00:18e0:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:f3:97:8c:02:5f:48:3f:61:a4:e2:7c:22:6e:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b48945b9d716cd47fbde2860d8100fcda987496
Validity
Not Before: Jan 1 00:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f84b01838f42be61774719c34fa46b27a9f5f93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:36:ab:dc:05:81:dc:4e:d5:69:62:92:3a:c0:
63:8d:d2:1c:5e:92:3e:64:95:fd:c3:f5:36:48:2d:
92:d4:a3:15:ab:f6:e2:52:70:30:92:32:72:b3:d7:
2c:95:82:68:69:f7:af:b9:68:1a:bd:10:4a:93:22:
56:56:18:4d:ec:b5:ee:76:4b:90:a6:3e:1a:79:4a:
89:0e:f4:44:44:55:64:7f:f8:ce:9b:2e:a1:9e:e3:
7e:16:7d:53:77:9e:53:de:00:28:68:8d:05:12:90:
c5:34:e6:fc:66:ce:75:3f:49:cd:28:29:95:78:c5:
1b:48:cc:a8:6d:4f:8e:6e:95:04:4c:fb:2c:99:86:
21:63:2e:7f:db:53:2e:a1:ef:b6:89:5c:aa:0f:24:
dc:aa:0f:e8:b0:cb:8e:5b:db:63:7d:da:68:1c:5d:
9e:18:49:2d:bb:a1:87:ea:16:c6:1c:af:b3:58:4e:
07:21:91:47:15:f3:09:18:c8:01:ff:8e:77:09:74:
a8:e6:36:b9:dc:10:68:44:c0:b7:60:3e:73:55:0c:
ad:88:13:bf:a9:12:00:46:da:e8:c2:64:3d:dc:8b:
05:8b:73:0d:82:5a:42:81:32:15:35:73:a0:14:a0:
b5:47:d3:fc:68:74:c8:f5:e2:90:96:a3:51:b1:96:
e9:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:84:B0:18:38:F4:2B:E6:17:74:71:9C:34:FA:46:B2:7A:9F:5F:93
X509v3 Authority Key Identifier:
keyid:7B:48:94:5B:9D:71:6C:D4:7F:BD:E2:86:0D:81:00:FC:DA:98:74:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0iUW51xbNR_veKGDYEA_NqYdJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/j4SwGDj0K-YXdHGcNPpGsnqfX5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/e0iUW51xbNR_veKGDYEA_NqYdJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.144.0/24
5.22.148.0/22
78.109.56.0/21
109.234.104.0/21
185.33.180.0/22
IPv6:
2a00:18e0::/48
2a00:18e0:6::/47
Signature Algorithm: sha256WithRSAEncryption
8f:7e:5f:e1:4a:1f:13:2a:09:38:d1:8f:68:5f:17:ec:bf:c7:
80:df:8b:c5:85:49:95:88:24:4a:33:23:9f:f8:85:97:fb:04:
6d:c2:05:fa:4b:99:df:c7:2c:6f:54:b7:42:9b:33:f8:3a:20:
1f:e2:a3:91:19:d0:ae:0f:d4:f6:3d:b7:f5:aa:5b:b7:1d:42:
2d:a1:99:fe:2e:73:2a:c1:fd:59:9a:a8:c2:64:eb:85:da:ec:
24:e0:27:03:7b:5f:86:2d:91:11:17:ef:31:4e:45:18:dd:09:
76:f5:3e:8d:1f:88:f4:b7:c8:fe:2a:18:b8:bc:e5:86:04:11:
6d:09:86:97:1f:93:0f:fb:97:07:bf:3a:52:33:91:0e:55:22:
9b:28:d4:c0:e2:59:23:1c:9d:33:74:b4:2e:1d:1f:e9:58:19:
7d:fd:95:17:e8:13:0b:da:05:a4:b9:a0:3e:a9:de:49:63:e6:
74:bf:53:e7:18:5c:e3:2e:c0:8b:c5:61:ac:ec:b6:3c:e3:e4:
2a:b3:95:d3:fc:45:ec:84:24:14:2d:a0:ae:ef:61:39:55:11:
d3:52:64:4c:10:04:c5:17:f1:d4:1a:4b:44:46:48:45:80:55:
0b:e0:93:dc:0f:c6:b0:e7:ca:7c:5e:29:d7:d8:d9:9b:46:0d:
cd:7d:15:01
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYzCbPOXjAJfSD9hpOJ8Im4pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNDg5NDViOWQ3MTZjZDQ3ZmJkZTI4NjBkODEwMGZjZGE5
ODc0OTYwHhcNMjQwMTAxMDAyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjg0YjAxODM4ZjQyYmU2MTc3NDcxOWMzNGZhNDZiMjdhOWY1ZjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzar3AWB3E7VaWKSOsBjjdIcXpI+
ZJX9w/U2SC2S1KMVq/biUnAwkjJys9cslYJoafevuWgavRBKkyJWVhhN7LXudkuQ
pj4aeUqJDvRERFVkf/jOmy6hnuN+Fn1Td55T3gAoaI0FEpDFNOb8Zs51P0nNKCmV
eMUbSMyobU+ObpUETPssmYYhYy5/21Muoe+2iVyqDyTcqg/osMuOW9tjfdpoHF2e
GEktu6GH6hbGHK+zWE4HIZFHFfMJGMgB/453CXSo5ja53BBoRMC3YD5zVQytiBO/
qRIARtrowmQ93IsFi3MNglpCgTIVNXOgFKC1R9P8aHTI9eKQlqNRsZbptQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFI+EsBg49CvmF3RxnDT6RrJ6n1+TMB8GA1UdIwQY
MBaAFHtIlFudcWzUf73ihg2BAPzamHSWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTBpVVc1MXhiTlJfdmVLR0RZRUFfTnFZZEpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS81YjZiMDYtOWFmNi00MDI2LWI0N2Mt
NGU4NTg5N2YzMDljLzEvajRTd0dEajBLLVlYZEhHY05QcEdzbnFmWDVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS81YjZiMDYtOWFmNi00MDI2LWI0N2MtNGU4NTg5N2YzMDlj
LzEvZTBpVVc1MXhiTlJfdmVLR0RZRUFfTnFZZEpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAkBAIAATAeAwQABRaQAwQC
BRaUAwQDTm04AwQDbepoAwQCuSG0MBgEAgACMBIDBwAqABjgAAADBwEqABjgAAYw
DQYJKoZIhvcNAQELBQADggEBAI9+X+FKHxMqCTjRj2hfF+y/x4Dfi8WFSZWIJEoz
I5/4hZf7BG3CBfpLmd/HLG9Ut0KbM/g6IB/io5EZ0K4P1PY9t/WqW7cdQi2hmf4u
cyrB/VmaqMJk64Xa7CTgJwN7X4YtkREX7zFORRjdCXb1Po0fiPS3yP4qGLi85YYE
EW0Jhpcfkw/7lwe/OlIzkQ5VIpso1MDiWSMcnTN0tC4dH+lYGX39lRfoEwvaBaS5
oD6p3klj5nS/U+cYXOMuwIvFYazstjzj5CqzldP8ReyEJBQtoK7vYTlVEdNSZEwQ
BMUX8dQaS0RGSEWAVQvgk9wPxrDnynxeKdfY2ZtGDc19FQE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:03 2025 by rpki-client