Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ADq_l1hFybXhHrT5iQTSA0j2GUY.roa
File: ADq_l1hFybXhHrT5iQTSA0j2GUY.roa (raw, json)
Hash identifier: sD9cv3hYnMGR+EreZftBPd1To5UDVbaqL1GyzZJT8Ds=
Subject key identifier: 00:3A:BF:97:58:45:C9:B5:E1:1E:B4:F9:89:04:D2:03:48:F6:19:46
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018DC6C5FBB4E270E0C4EA6E8CFA54765D3B
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ADq_l1hFybXhHrT5iQTSA0j2GUY.roa
Signing time: Tue 20 Feb 2024 13:48:00 +0000
ROA not before: Tue 20 Feb 2024 13:48:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 18978
IP address blocks: 5.180.20.0/22 maxlen: 24
5.180.24.0/22 maxlen: 24
5.180.28.0/22 maxlen: 24
5.180.40.0/22 maxlen: 24
5.180.44.0/22 maxlen: 24
5.180.52.0/22 maxlen: 24
5.180.144.0/22 maxlen: 24
5.253.28.0/22 maxlen: 24
5.253.40.0/22 maxlen: 24
45.66.156.0/22 maxlen: 24
45.66.164.0/22 maxlen: 24
45.128.60.0/22 maxlen: 24
45.136.112.0/22 maxlen: 24
45.136.116.0/22 maxlen: 24
45.136.128.0/22 maxlen: 24
45.136.148.0/22 maxlen: 24
45.149.112.0/22 maxlen: 24
85.208.108.0/22 maxlen: 24
85.208.116.0/22 maxlen: 24
85.209.152.0/22 maxlen: 24
85.209.192.0/22 maxlen: 24
88.218.92.0/22 maxlen: 24
141.98.188.0/22 maxlen: 24
194.36.36.0/22 maxlen: 24
194.55.188.0/23 maxlen: 24
194.59.220.0/23 maxlen: 24
194.59.244.0/23 maxlen: 24
194.76.146.0/23 maxlen: 24
194.124.244.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 11:40:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c6:c5:fb:b4:e2:70:e0:c4:ea:6e:8c:fa:54:76:5d:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Feb 20 13:48:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=003abf975845c9b5e11eb4f98904d20348f61946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7f:72:43:0e:de:07:66:30:08:04:86:12:89:
4b:64:1b:a9:60:62:08:21:fd:8c:d5:54:27:16:bf:
ef:5d:be:62:b0:db:33:0b:61:38:fa:66:e9:81:8a:
87:e1:3e:f3:6a:f7:53:4a:2c:9e:c6:e3:20:ef:48:
67:00:7c:90:67:b0:90:ac:df:73:d0:f4:17:c3:3a:
65:be:71:3e:85:07:1e:79:a2:31:70:15:6d:30:12:
ad:81:62:1d:2a:61:b8:51:c0:b3:ec:69:72:93:c0:
c5:2f:b5:e1:e8:d2:dd:e0:db:17:b5:e1:90:0c:be:
65:d8:5f:54:48:67:69:c8:5a:01:ce:aa:7f:84:57:
59:be:a5:bc:27:58:98:ca:10:b6:45:6b:c7:ed:39:
79:2d:f0:5e:75:a6:4b:1f:5d:96:99:63:89:a3:fa:
a9:a0:db:20:35:af:90:2b:9e:1c:98:17:e2:04:ed:
71:41:cc:e1:5c:1c:d5:ec:0e:36:0b:f7:be:12:22:
f2:a4:ca:0f:9b:05:d3:0c:b1:44:c4:e9:3f:93:95:
97:4b:75:e0:5f:db:7a:25:ad:d8:37:af:29:cc:12:
e6:f2:4c:e0:87:0d:32:da:06:11:ee:f7:89:65:e4:
d8:d5:0e:c7:11:8d:01:40:a4:47:62:cb:30:0a:c5:
f6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:3A:BF:97:58:45:C9:B5:E1:1E:B4:F9:89:04:D2:03:48:F6:19:46
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ADq_l1hFybXhHrT5iQTSA0j2GUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.20.0-5.180.31.255
5.180.40.0/21
5.180.52.0/22
5.180.144.0/22
5.253.28.0/22
5.253.40.0/22
45.66.156.0/22
45.66.164.0/22
45.128.60.0/22
45.136.112.0/21
45.136.128.0/22
45.136.148.0/22
45.149.112.0/22
85.208.108.0/22
85.208.116.0/22
85.209.152.0/22
85.209.192.0/22
88.218.92.0/22
141.98.188.0/22
194.36.36.0/22
194.55.188.0/23
194.59.220.0/23
194.59.244.0/23
194.76.146.0/23
194.124.244.0/23
Signature Algorithm: sha256WithRSAEncryption
49:df:ab:73:95:8f:77:30:d1:f9:4b:b4:00:fd:ed:8e:75:92:
31:f2:5b:31:75:5a:1d:88:aa:6c:80:9e:65:88:06:7c:c9:de:
2c:59:bb:fb:37:37:c6:22:3c:63:4a:24:42:25:ba:78:22:8e:
f0:17:d3:03:c6:85:15:0e:58:44:93:1b:bd:6f:14:d7:56:64:
03:bb:a2:c1:55:7c:0d:ee:3c:ec:3e:ca:23:b3:6b:ef:d7:d6:
70:62:d0:cf:c6:91:6c:06:ad:37:d6:63:c4:96:31:0b:35:e7:
51:fc:77:f8:fb:0b:38:8a:2c:28:8c:94:4c:d9:0c:fd:dc:ae:
ec:2f:ec:cb:7f:46:ae:bb:45:ba:cc:88:84:7b:7c:19:41:eb:
71:42:f7:37:d7:0d:3a:46:30:f2:11:ee:8c:23:c8:5f:9f:bf:
6a:5c:02:3e:2f:6d:97:45:3c:2e:3d:b2:15:1c:97:8b:94:71:
ed:fa:1a:80:07:6a:00:38:8f:df:d5:bb:00:45:e4:66:08:7c:
5b:66:9b:9d:e8:38:32:e8:f8:54:3a:46:77:b9:ab:fc:ad:e8:
14:ad:df:ad:5b:97:13:fa:8c:34:da:ad:61:e0:d5:09:0d:76:
62:bd:73:92:14:54:94:34:cd:e1:8a:0c:b8:05:e0:48:f9:e5:
df:b8:fa:c7
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAY3Gxfu04nDgxOpujPpUdl07MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMjIwMTM0ODAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDNhYmY5NzU4NDVjOWI1ZTExZWI0Zjk4OTA0ZDIwMzQ4ZjYxOTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjH9yQw7eB2YwCASGEolLZBupYGII
If2M1VQnFr/vXb5isNszC2E4+mbpgYqH4T7zavdTSiyexuMg70hnAHyQZ7CQrN9z
0PQXwzplvnE+hQceeaIxcBVtMBKtgWIdKmG4UcCz7Glyk8DFL7Xh6NLd4NsXteGQ
DL5l2F9USGdpyFoBzqp/hFdZvqW8J1iYyhC2RWvH7Tl5LfBedaZLH12WmWOJo/qp
oNsgNa+QK54cmBfiBO1xQczhXBzV7A42C/e+EiLypMoPmwXTDLFExOk/k5WXS3Xg
X9t6Ja3YN68pzBLm8kzghw0y2gYR7veJZeTY1Q7HEY0BQKRHYsswCsX20QIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFAA6v5dYRcm14R60+YkE0gNI9hlGMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvQURxX2wxaEZ5YlhoSHJUNWlRVFNBMGoyR1VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4wDAME
AgW0FAMEBQW0AAMEAwW0KAMEAgW0NAMEAgW0kAMEAgX9HAMEAgX9KAMEAi1CnAME
Ai1CpAMEAi2APAMEAy2IcAMEAi2IgAMEAi2IlAMEAi2VcAMEAlXQbAMEAlXQdAME
AlXRmAMEAlXRwAMEAljaXAMEAo1ivAMEAsIkJAMEAcI3vAMEAcI73AMEAcI79AME
AcJMkgMEAcJ89DANBgkqhkiG9w0BAQsFAAOCAQEASd+rc5WPdzDR+Uu0AP3tjnWS
MfJbMXVaHYiqbICeZYgGfMneLFm7+zc3xiI8Y0okQiW6eCKO8BfTA8aFFQ5YRJMb
vW8U11ZkA7uiwVV8De487D7KI7Nr79fWcGLQz8aRbAatN9ZjxJYxCzXnUfx3+PsL
OIosKIyUTNkM/dyu7C/sy39GrrtFusyIhHt8GUHrcUL3N9cNOkYw8hHujCPIX5+/
alwCPi9tl0U8Lj2yFRyXi5Rx7foagAdqADiP39W7AEXkZgh8W2abneg4Muj4VDpG
d7mr/K3oFK3frVuXE/qMNNqtYeDVCQ12Yr1zkhRUlDTN4YoMuAXgSPnl37j6xw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:48 2025 by rpki-client