Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/vIBthOHJmsv0JPQao_5GQmB4JEk.roa
File: vIBthOHJmsv0JPQao_5GQmB4JEk.roa (raw, json)
Hash identifier: zVZz3gvzxDH1oH9JBep306gdwUWZ9yh7au+5B3sqP3s=
Subject key identifier: BC:80:6D:84:E1:C9:9A:CB:F4:24:F4:1A:A3:FE:46:42:60:78:24:49
Certificate issuer: /CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Certificate serial: 0191E5D09BDA2AAB7D77A303DD07B521E65D
Authority key identifier: 17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/vIBthOHJmsv0JPQao_5GQmB4JEk.roa
Signing time: Thu 12 Sep 2024 10:38:59 +0000
ROA not before: Thu 12 Sep 2024 10:38:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137409
IP address blocks: 5.180.179.0/24 maxlen: 24
31.217.248.0/24 maxlen: 24
185.137.164.0/24 maxlen: 24
193.35.228.0/24 maxlen: 24
2a11:53c0::/32 maxlen: 48
2a11:53c1::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 22 Oct 2024 14:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e5:d0:9b:da:2a:ab:7d:77:a3:03:dd:07:b5:21:e6:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Validity
Not Before: Sep 12 10:38:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc806d84e1c99acbf424f41aa3fe464260782449
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:63:3e:f4:ac:ff:dc:08:34:5f:43:01:11:df:
d6:e1:12:41:f9:33:e5:ca:3e:1d:85:2c:0d:26:b1:
b0:a5:aa:94:c6:26:52:ac:61:79:e9:ad:93:ed:6b:
9f:63:5b:eb:50:77:8a:eb:bb:51:5c:d4:7e:6b:20:
d1:5f:5e:34:ac:0e:cf:83:b9:36:f9:45:fa:04:a3:
04:96:f2:59:d0:55:6a:5a:ff:cf:92:c2:81:a2:47:
6a:b2:cc:f0:d8:1c:38:48:c6:20:9b:43:a2:3e:c7:
e9:bc:20:76:0d:46:59:9c:51:af:f9:e4:d6:06:94:
b5:28:dc:f0:40:ce:4b:68:13:d6:72:fe:60:ab:f6:
5c:c8:a9:50:53:fb:bb:08:76:f4:78:e1:08:40:ce:
54:74:10:4c:fa:4c:e7:04:dd:2c:d5:87:23:d2:20:
05:eb:50:12:20:3e:4d:e6:18:16:b6:5a:11:c3:c8:
95:76:0d:3e:48:d3:9d:3c:ee:49:8b:7e:4a:69:4d:
ab:e7:75:03:5d:ed:55:dc:af:f4:54:21:56:2a:f8:
dd:58:23:89:21:51:a5:f2:49:bd:50:bf:cf:6d:ee:
6d:b2:8c:da:86:57:ab:47:eb:8e:74:a8:6d:b0:b1:
80:f8:46:32:43:c4:ba:f7:a8:3a:a8:98:32:d2:3f:
81:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:80:6D:84:E1:C9:9A:CB:F4:24:F4:1A:A3:FE:46:42:60:78:24:49
X509v3 Authority Key Identifier:
keyid:17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/vIBthOHJmsv0JPQao_5GQmB4JEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.179.0/24
31.217.248.0/24
185.137.164.0/24
193.35.228.0/24
IPv6:
2a11:53c0::/31
Signature Algorithm: sha256WithRSAEncryption
5d:a3:9c:64:c6:f9:ba:c4:70:13:d5:b5:e3:27:53:0d:0f:fd:
7c:9a:4c:8b:b7:a1:ae:27:54:d5:60:a9:a0:f8:d5:59:58:d0:
eb:5f:2e:7b:c4:7a:56:e6:8f:18:66:6a:06:dd:55:05:cd:fb:
0e:52:bd:4f:fb:c9:ef:4d:51:b3:31:1b:b5:6c:12:e1:f4:de:
1f:d5:15:aa:99:96:d5:26:d6:32:9c:16:0b:9d:78:e5:f9:ba:
7f:25:d9:dc:f1:a2:c9:e2:41:d8:87:94:b5:7f:83:a9:33:7b:
a2:59:d6:9a:7c:91:24:cb:33:86:93:6b:1f:45:99:48:d1:e5:
03:b2:c4:e9:e2:a5:d0:05:79:36:e9:a1:24:b2:f2:72:0b:0c:
fe:9e:cd:b9:18:38:51:82:b2:43:07:d7:04:b5:7d:41:ca:75:
34:b3:8d:ea:bb:48:63:9e:a7:83:42:1d:e1:d2:13:f0:7b:c1:
2f:57:35:1b:7f:1f:b2:c5:f5:3f:af:ee:db:c6:ed:4a:8c:2d:
01:b9:c6:11:e0:50:91:55:7c:9d:2c:47:34:8c:c5:8c:a3:e2:
2e:85:f4:c1:39:78:6b:82:73:df:72:03:f6:d6:a5:82:b2:49:
8a:5b:6a:0a:43:55:72:66:5e:06:c4:c7:1a:53:cf:09:28:e2:
e1:d2:25:5d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZHl0JvaKqt9d6MD3Qe1IeZdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YjUwNDJmYzIwZDliYWIxNjc2ZTA5YWY3ZmYxYmE1YmZh
ZGFlNzUwHhcNMjQwOTEyMTAzODU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzgwNmQ4NGUxYzk5YWNiZjQyNGY0MWFhM2ZlNDY0MjYwNzgyNDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2M+9Kz/3Ag0X0MBEd/W4RJB+TPl
yj4dhSwNJrGwpaqUxiZSrGF56a2T7WufY1vrUHeK67tRXNR+ayDRX140rA7Pg7k2
+UX6BKMElvJZ0FVqWv/PksKBokdqsszw2Bw4SMYgm0OiPsfpvCB2DUZZnFGv+eTW
BpS1KNzwQM5LaBPWcv5gq/ZcyKlQU/u7CHb0eOEIQM5UdBBM+kznBN0s1Ycj0iAF
61ASID5N5hgWtloRw8iVdg0+SNOdPO5Ji35KaU2r53UDXe1V3K/0VCFWKvjdWCOJ
IVGl8km9UL/Pbe5tsozahlerR+uOdKhtsLGA+EYyQ8S696g6qJgy0j+BPwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLyAbYThyZrL9CT0GqP+RkJgeCRJMB8GA1UdIwQY
MBaAFBe1BC/CDZurFnbgmvf/G6W/ra51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQt
YmM2Nzk0ZTk1ZTVhLzEvdklCdGhPSEptc3YwSlBRYW9fNUdRbUI0SkVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQtYmM2Nzk0ZTk1ZTVh
LzEvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQABbSzAwQA
H9n4AwQAuYmkAwQAwSPkMA0EAgACMAcDBQEqEVPAMA0GCSqGSIb3DQEBCwUAA4IB
AQBdo5xkxvm6xHAT1bXjJ1MND/18mkyLt6GuJ1TVYKmg+NVZWNDrXy57xHpW5o8Y
ZmoG3VUFzfsOUr1P+8nvTVGzMRu1bBLh9N4f1RWqmZbVJtYynBYLnXjl+bp/Jdnc
8aLJ4kHYh5S1f4OpM3uiWdaafJEkyzOGk2sfRZlI0eUDssTp4qXQBXk26aEksvJy
Cwz+ns25GDhRgrJDB9cEtX1BynU0s43qu0hjnqeDQh3h0hPwe8EvVzUbfx+yxfU/
r+7bxu1KjC0BucYR4FCRVXydLEc0jMWMo+IuhfTBOXhrgnPfcgP21qWCskmKW2oK
Q1VyZl4GxMcaU88JKOLh0iVd
-----END CERTIFICATE-----
Generated at Tue Oct 22 17:31:00 2024 by rpki-client on console-fra.rpki-client.org