Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/5GxGegY8E4lAIBfT3YomaIyVTfU.roa
File: 5GxGegY8E4lAIBfT3YomaIyVTfU.roa (raw, json)
Hash identifier: HzCGqkIFp6vWd4rnPTCpPs+urSjmmXw+RsG3CaUyXbI=
Subject key identifier: E4:6C:46:7A:06:3C:13:89:40:20:17:D3:DD:8A:26:68:8C:95:4D:F5
Certificate issuer: /CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Certificate serial: 019416D2C48182714F5678642A105E341EE8
Authority key identifier: 41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/5GxGegY8E4lAIBfT3YomaIyVTfU.roa
Signing time: Mon 30 Dec 2024 09:08:19 +0000
ROA not before: Mon 30 Dec 2024 09:08:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205516
IP address blocks: 5.35.80.0/24 maxlen: 24
5.35.81.0/24 maxlen: 24
83.222.22.0/23 maxlen: 24
89.169.36.0/23 maxlen: 24
90.156.252.0/23 maxlen: 24
91.218.140.0/24 maxlen: 24
91.218.141.0/24 maxlen: 24
178.236.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:16:d2:c4:81:82:71:4f:56:78:64:2a:10:5e:34:1e:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Validity
Not Before: Dec 30 09:08:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e46c467a063c1389402017d3dd8a26688c954df5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:17:37:f5:0e:d1:9b:2d:da:38:18:99:7f:07:
9c:6f:b8:cc:43:c6:37:85:7f:f7:9f:6b:0c:46:9d:
d6:b4:33:d5:73:b6:a1:29:b8:2e:30:47:40:47:82:
b2:11:c2:27:70:85:51:d5:de:96:46:64:40:02:88:
23:d3:db:85:50:71:6e:33:2b:ce:96:db:71:58:fb:
56:9d:03:84:27:2a:f1:26:d3:35:14:d7:27:9b:e6:
65:21:4b:3b:38:74:47:02:a4:db:83:3c:1e:e3:b2:
48:e2:97:e9:c5:fa:6e:6d:bd:c0:dc:c9:2b:02:4e:
63:9a:43:f0:e9:b7:6f:8c:b1:7f:dc:b6:d6:df:25:
ea:2b:ed:da:6d:50:c0:73:c4:3b:25:cb:82:aa:ee:
19:63:d7:81:0d:04:48:bc:f3:6e:09:82:80:9b:40:
b9:81:0f:b7:60:c5:65:07:93:10:5e:b9:77:f2:ab:
cd:c0:cf:c5:0c:1e:aa:58:5c:fb:77:97:92:f2:0a:
44:68:b1:bf:ed:96:d4:d9:ea:70:93:b1:f7:68:04:
81:82:18:4c:9e:c3:c9:3d:07:2c:3e:21:56:81:c1:
94:fd:9a:4c:a8:3a:ec:65:61:f3:8a:79:3e:a6:29:
30:79:1f:57:75:29:89:a5:ab:11:cf:cf:26:64:0d:
df:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:6C:46:7A:06:3C:13:89:40:20:17:D3:DD:8A:26:68:8C:95:4D:F5
X509v3 Authority Key Identifier:
keyid:41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/5GxGegY8E4lAIBfT3YomaIyVTfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.80.0/23
83.222.22.0/23
89.169.36.0/23
90.156.252.0/23
91.218.140.0/23
178.236.17.0/24
Signature Algorithm: sha256WithRSAEncryption
80:51:ae:5c:43:fc:ea:f0:ed:d4:3d:8f:33:8b:0c:c4:3e:40:
17:69:23:7d:3a:97:0b:a7:25:ed:32:e5:6a:e3:68:3f:5f:2a:
5e:7d:fd:f2:f0:27:3e:4f:57:f0:ab:97:55:92:bf:04:68:ac:
66:69:ce:81:5b:25:de:00:f1:9c:5d:da:17:9e:96:5f:95:96:
36:d8:97:7d:44:f0:3b:20:6c:2a:80:af:da:51:8e:92:1d:e3:
7d:0c:01:44:a1:f4:e4:7e:b9:89:60:7d:3d:33:2d:9a:fb:53:
7e:7f:37:3a:da:92:b4:8b:de:c6:36:2b:a3:f5:5f:de:8a:7e:
58:e7:cb:90:53:7e:4f:49:4d:ca:38:59:4e:0d:cf:04:ea:55:
db:90:7d:aa:dc:9d:28:5f:c6:eb:f5:64:ac:d2:6a:34:ab:de:
26:28:28:25:b5:f8:2c:ce:6b:93:34:0b:1f:18:67:03:fc:c3:
49:9e:5d:a2:26:2a:df:63:4e:d1:5a:9c:b7:82:c9:f3:e6:26:
db:cb:27:3c:81:fe:c3:5e:3b:2d:c4:c8:13:c7:e5:c6:43:41:
14:e3:d8:1e:ac:6c:0f:41:5f:08:ac:ad:85:c6:cd:17:bb:5a:
cc:85:63:a1:85:02:df:60:39:84:34:21:3a:3b:cc:b4:df:35:
28:53:12:1c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQW0sSBgnFPVnhkKhBeNB7oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzNlZWI4ZDAyZjVmNjQ3ODhiM2ZkYzc4ZDZiYWI4YTU1
ZmQxNmEwHhcNMjQxMjMwMDkwODE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDZjNDY3YTA2M2MxMzg5NDAyMDE3ZDNkZDhhMjY2ODhjOTU0ZGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhc39Q7Rmy3aOBiZfwecb7jMQ8Y3
hX/3n2sMRp3WtDPVc7ahKbguMEdAR4KyEcIncIVR1d6WRmRAAogj09uFUHFuMyvO
lttxWPtWnQOEJyrxJtM1FNcnm+ZlIUs7OHRHAqTbgzwe47JI4pfpxfpubb3A3Mkr
Ak5jmkPw6bdvjLF/3LbW3yXqK+3abVDAc8Q7JcuCqu4ZY9eBDQRIvPNuCYKAm0C5
gQ+3YMVlB5MQXrl38qvNwM/FDB6qWFz7d5eS8gpEaLG/7ZbU2epwk7H3aASBghhM
nsPJPQcsPiFWgcGU/ZpMqDrsZWHzink+pikweR9XdSmJpasRz88mZA3fAQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFORsRnoGPBOJQCAX092KJmiMlU31MB8GA1UdIwQY
MBaAFEFz7rjQL19keIs/3HjWurilX9FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmIt
ZDgzZWQxNDBkMjhkLzEvNUd4R2VnWThFNGxBSUJmVDNZb21hSXlWVGZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmItZDgzZWQxNDBkMjhk
LzEvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBBSNQAwQB
U94WAwQBWakkAwQBWpz8AwQBW9qMAwQAsuwRMA0GCSqGSIb3DQEBCwUAA4IBAQCA
Ua5cQ/zq8O3UPY8ziwzEPkAXaSN9OpcLpyXtMuVq42g/Xypeff3y8Cc+T1fwq5dV
kr8EaKxmac6BWyXeAPGcXdoXnpZflZY22Jd9RPA7IGwqgK/aUY6SHeN9DAFEofTk
frmJYH09My2a+1N+fzc62pK0i97GNiuj9V/ein5Y58uQU35PSU3KOFlODc8E6lXb
kH2q3J0oX8br9WSs0mo0q94mKCgltfgszmuTNAsfGGcD/MNJnl2iJirfY07RWpy3
gsnz5ibbyyc8gf7DXjstxMgTx+XGQ0EU49gerGwPQV8IrK2Fxs0Xu1rMhWOhhQLf
YDmENCE6O8y03zUoUxIc
-----END CERTIFICATE-----
Generated at Wed Apr 16 19:36:04 2025 by rpki-client