Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/5NA5hHtmwEH7yNYpnCNbMIoeHE0.roa
File: 5NA5hHtmwEH7yNYpnCNbMIoeHE0.roa (raw, json)
Hash identifier: ImaBwFlW0f2Bzd+biisK8cXxBYTPLHDs6K6soweh6lc=
Subject key identifier: E4:D0:39:84:7B:66:C0:41:FB:C8:D6:29:9C:23:5B:30:8A:1E:1C:4D
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 01894F564BEB6E1E4B929E88EEF971AA28D0
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/5NA5hHtmwEH7yNYpnCNbMIoeHE0.roa
Signing time: Thu 13 Jul 2023 13:00:02 +0000
ROA not before: Thu 13 Jul 2023 13:00:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45031
IP address blocks: 91.206.142.0/23 maxlen: 23
185.80.92.0/22 maxlen: 24
91.220.49.0/24 maxlen: 24
128.127.64.0/21 maxlen: 24
195.225.133.0/24 maxlen: 24
178.250.168.0/21 maxlen: 24
93.90.176.0/20 maxlen: 24
195.42.120.0/23 maxlen: 24
37.218.248.0/21 maxlen: 24
84.254.120.0/24 maxlen: 24
188.64.44.0/23 maxlen: 24
188.64.40.0/22 maxlen: 24
193.25.114.0/23 maxlen: 23
192.162.84.0/22 maxlen: 24
195.34.82.0/23 maxlen: 24
5.44.108.0/22 maxlen: 24
91.226.88.0/22 maxlen: 22
195.110.42.0/23 maxlen: 24
89.22.96.0/19 maxlen: 19
81.88.16.0/21 maxlen: 21
194.116.186.0/23 maxlen: 24
81.88.24.0/22 maxlen: 22
89.22.106.0/24 maxlen: 24
5.44.96.0/22 maxlen: 22
2a00:fa40::/32 maxlen: 32
2a02:a60::/32 maxlen: 64
2a00:5300::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4f:56:4b:eb:6e:1e:4b:92:9e:88:ee:f9:71:aa:28:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Jul 13 13:00:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4d039847b66c041fbc8d6299c235b308a1e1c4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8f:11:46:f4:f2:b9:d3:e0:6a:bf:52:e9:27:
f3:47:cb:c0:4e:b3:65:24:8c:50:16:34:dd:d6:38:
42:af:53:1a:cb:f8:89:06:9a:fc:07:c4:55:c2:51:
73:d0:83:a3:2e:80:d4:78:a7:67:e7:5f:94:84:48:
9a:9b:77:eb:b0:4c:f7:24:07:60:78:f3:0e:7b:b5:
9f:12:f7:80:3a:e6:55:ca:e5:14:d3:a2:07:c4:2c:
29:9e:78:c0:dd:44:83:dd:9e:c2:28:63:6d:33:2e:
e3:8c:af:c1:7f:63:89:b5:61:ab:d7:ec:78:08:77:
f4:a9:98:07:bd:c9:f0:56:05:9e:26:90:7a:44:a2:
9f:d3:1b:f1:99:0e:cf:17:2b:c7:f7:ce:d9:67:07:
20:11:4a:17:30:cb:fc:75:a6:f4:05:02:6b:9b:45:
09:64:d0:b8:b6:11:f6:72:4b:df:55:04:e1:ca:6a:
eb:37:05:ef:12:79:51:9f:75:7b:e4:de:82:de:d8:
42:06:ec:43:2c:1d:f7:b1:3c:6e:23:d6:9d:19:55:
7e:a1:15:69:08:e9:d0:72:57:92:ac:5d:28:b2:a2:
08:c2:01:10:d5:45:41:00:81:7e:67:14:b5:ca:0e:
e4:fa:86:f8:17:ea:16:17:b2:7c:ba:c6:d6:e6:df:
bc:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:D0:39:84:7B:66:C0:41:FB:C8:D6:29:9C:23:5B:30:8A:1E:1C:4D
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/5NA5hHtmwEH7yNYpnCNbMIoeHE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.96.0/22
5.44.108.0/22
37.218.248.0/21
81.88.16.0-81.88.27.255
84.254.120.0/24
89.22.96.0/19
91.206.142.0/23
91.220.49.0/24
91.226.88.0/22
93.90.176.0/20
128.127.64.0/21
178.250.168.0/21
185.80.92.0/22
188.64.40.0-188.64.45.255
192.162.84.0/22
193.25.114.0/23
194.116.186.0/23
195.34.82.0/23
195.42.120.0/23
195.110.42.0/23
195.225.133.0/24
IPv6:
2a00:5300::/32
2a00:fa40::/32
2a02:a60::/32
Signature Algorithm: sha256WithRSAEncryption
75:6e:1e:6f:37:63:0b:4a:fd:68:13:1a:15:76:55:b6:08:c1:
2b:ac:fc:fe:06:96:90:9b:b9:db:75:d3:c7:f2:d7:e4:b1:0b:
be:f9:fa:d6:ee:a0:96:d4:d5:23:df:91:50:07:5f:85:d3:cf:
81:31:64:e2:67:49:28:0d:4d:f2:2f:72:80:00:c8:12:4c:36:
1b:7f:9e:aa:94:8a:4c:bc:f4:cb:24:22:fc:01:5b:f5:0f:d5:
8f:e1:66:a7:bf:7f:fe:6f:bc:5a:c1:7d:ac:cd:6e:20:80:72:
61:df:ff:e4:71:76:5b:8f:ba:51:a3:ed:6f:f8:22:fa:7f:b0:
ea:b3:46:6a:b5:fc:bb:38:87:17:6f:aa:b7:f7:56:9e:be:cb:
16:3a:a7:21:73:db:1d:ae:65:73:7d:69:d4:8a:7d:fb:a0:cb:
c4:d5:67:f9:32:aa:db:04:8d:a1:e8:f3:e1:df:8e:cd:ef:15:
59:ba:2d:32:dd:ee:60:2d:20:94:be:ec:7f:53:9d:3f:45:54:
88:e5:99:35:32:55:a7:b7:7c:65:28:68:f9:41:32:08:f0:6d:
a3:14:33:1f:a3:d2:fe:7b:02:6d:b5:50:01:b9:3d:df:cc:42:
d6:9a:25:7b:f0:53:54:0a:f2:f5:1c:03:ac:8a:82:f9:11:96:
94:51:20:b2
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgISAYlPVkvrbh5Lkp6I7vlxqijQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjMwNzEzMTMwMDAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGQwMzk4NDdiNjZjMDQxZmJjOGQ2Mjk5YzIzNWIzMDhhMWUxYzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAno8RRvTyudPgar9S6SfzR8vATrNl
JIxQFjTd1jhCr1May/iJBpr8B8RVwlFz0IOjLoDUeKdn51+UhEiam3frsEz3JAdg
ePMOe7WfEveAOuZVyuUU06IHxCwpnnjA3USD3Z7CKGNtMy7jjK/Bf2OJtWGr1+x4
CHf0qZgHvcnwVgWeJpB6RKKf0xvxmQ7PFyvH987ZZwcgEUoXMMv8dab0BQJrm0UJ
ZNC4thH2ckvfVQThymrrNwXvEnlRn3V75N6C3thCBuxDLB33sTxuI9adGVV+oRVp
COnQcleSrF0osqIIwgEQ1UVBAIF+ZxS1yg7k+ob4F+oWF7J8usbW5t+8gwIDAQAB
o4ICszCCAq8wHQYDVR0OBBYEFOTQOYR7ZsBB+8jWKZwjWzCKHhxNMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvNU5BNWhIdG13RUg3eU5ZcG5DTmJNSW9lSEUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHIBggrBgEFBQcBBwEB/wSBuDCBtTCBlQQCAAEwgY4DBAIF
LGADBAIFLGwDBAMl2vgwDAMEBFFYEAMEAlFYGAMEAFT+eAMEBVkWYAMEAVvOjgME
AFvcMQMEAlviWAMEBF1asAMEA4B/QAMEA7L6qAMEArlQXDAMAwQDvEAoAwQBvEAs
AwQCwKJUAwQBwRlyAwQBwnS6AwQBwyJSAwQBwyp4AwQBw24qAwQAw+GFMBsEAgAC
MBUDBQAqAFMAAwUAKgD6QAMFACoCCmAwDQYJKoZIhvcNAQELBQADggEBAHVuHm83
YwtK/WgTGhV2VbYIwSus/P4GlpCbudt108fy1+SxC775+tbuoJbU1SPfkVAHX4XT
z4ExZOJnSSgNTfIvcoAAyBJMNht/nqqUiky89MskIvwBW/UP1Y/hZqe/f/5vvFrB
fazNbiCAcmHf/+RxdluPulGj7W/4Ivp/sOqzRmq1/Ls4hxdvqrf3Vp6+yxY6pyFz
2x2uZXN9adSKffugy8TVZ/kyqtsEjaHo8+Hfjs3vFVm6LTLd7mAtIJS+7H9TnT9F
VIjlmTUyVae3fGUoaPlBMgjwbaMUMx+j0v57Am21UAG5Pd/MQtaaJXvwU1QK8vUc
A6yKgvkRlpRRILI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:44 2024 by rpki-client on console-fra.rpki-client.org