Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/3fvB0raA-vLUtNa9Yde_zadv4xY.roa
File: 3fvB0raA-vLUtNa9Yde_zadv4xY.roa (raw, json)
Hash identifier: LM7v6JlpLsY3Q6SKfFFtnNLPMCCA5TnKphtMWkZryzs=
Subject key identifier: DD:FB:C1:D2:B6:80:FA:F2:D4:B4:D6:BD:61:D7:BF:CD:A7:6F:E3:16
Certificate issuer: /CN=e61c07c951488f04cb3b0fd338af84d77e46bf52
Certificate serial: 018CC3B6E55C5304EECABE3A5FA27E419729
Authority key identifier: E6:1C:07:C9:51:48:8F:04:CB:3B:0F:D3:38:AF:84:D7:7E:46:BF:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/3fvB0raA-vLUtNa9Yde_zadv4xY.roa
Signing time: Mon 01 Jan 2024 06:29:52 +0000
ROA not before: Mon 01 Jan 2024 06:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39603
IP address blocks: 94.254.144.0/20 maxlen: 20
5.173.192.0/19 maxlen: 19
94.254.160.0/19 maxlen: 19
5.173.0.0/17 maxlen: 17
5.173.128.0/18 maxlen: 18
46.112.0.0/16 maxlen: 16
109.243.128.0/17 maxlen: 17
89.108.192.0/18 maxlen: 18
89.108.200.0/21 maxlen: 21
94.254.128.0/17 maxlen: 17
46.113.0.0/16 maxlen: 16
94.254.128.0/20 maxlen: 20
89.108.208.0/21 maxlen: 21
94.254.192.0/19 maxlen: 19
109.243.0.0/16 maxlen: 16
94.254.224.0/20 maxlen: 20
31.174.0.0/15 maxlen: 15
164.126.0.0/15 maxlen: 15
2a00:1981::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 19 Aug 2024 06:50:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:e5:5c:53:04:ee:ca:be:3a:5f:a2:7e:41:97:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e61c07c951488f04cb3b0fd338af84d77e46bf52
Validity
Not Before: Jan 1 06:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ddfbc1d2b680faf2d4b4d6bd61d7bfcda76fe316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ef:d9:a0:66:6e:7e:6c:97:bc:d1:d2:8e:91:
a4:e9:be:19:00:f6:ce:02:de:e2:20:3e:88:e8:f6:
bc:b9:52:b2:cf:4b:12:e8:45:3c:e8:56:9b:47:af:
63:0a:4a:93:3b:79:bf:7c:ba:d0:ae:68:4d:b9:65:
10:cb:d5:67:4d:da:66:ce:18:58:77:c1:a2:70:e3:
45:d0:0c:57:39:d0:48:0a:89:9b:20:fe:9f:ec:69:
a3:8b:f2:5f:77:d2:fa:05:1d:f0:d4:a4:d1:05:f3:
26:07:4b:57:d4:61:06:d5:ef:8d:75:de:7c:3d:2c:
a2:5a:aa:71:c3:ef:c5:bc:20:ef:55:af:5a:c3:92:
65:f8:04:94:0f:4b:50:fd:21:de:1e:21:43:51:b9:
e0:db:36:8f:e3:6f:23:87:00:8b:1f:59:b3:08:cf:
d6:dd:4e:db:c5:bf:02:e4:09:36:e6:b0:27:3f:9a:
a0:4e:e2:af:0e:ba:e6:68:65:a0:42:87:7a:e1:60:
7a:32:d1:b9:5f:4e:bb:f9:ff:74:22:bd:69:1d:20:
00:35:4c:4c:66:bf:91:f1:58:d7:9b:13:9a:a4:65:
f6:42:1e:52:97:5c:d0:0c:d8:63:3b:9c:81:d6:3d:
63:a1:43:37:02:f1:e0:90:e1:bc:b9:ba:6a:d2:48:
95:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:FB:C1:D2:B6:80:FA:F2:D4:B4:D6:BD:61:D7:BF:CD:A7:6F:E3:16
X509v3 Authority Key Identifier:
keyid:E6:1C:07:C9:51:48:8F:04:CB:3B:0F:D3:38:AF:84:D7:7E:46:BF:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/3fvB0raA-vLUtNa9Yde_zadv4xY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5hwHyVFIjwTLOw_TOK-E135Gv1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.173.0.0-5.173.223.255
31.174.0.0/15
46.112.0.0/15
89.108.192.0/18
94.254.128.0/17
109.243.0.0/16
164.126.0.0/15
IPv6:
2a00:1981::/32
Signature Algorithm: sha256WithRSAEncryption
2f:41:9f:fd:bb:38:52:ea:78:3f:30:5e:36:aa:03:e8:5a:44:
fa:1a:c4:c7:ea:cf:a1:11:f0:b1:3e:52:02:0e:04:8f:fe:25:
ea:10:8d:66:21:2d:15:bd:52:18:34:a9:45:5f:77:07:7d:6e:
c1:34:5d:7c:27:05:7e:49:46:41:52:e9:63:96:47:50:ce:d8:
a3:56:d5:28:98:57:79:80:f5:0e:f0:ff:d4:91:96:7a:5b:4e:
a9:e5:ee:72:99:31:18:7e:0b:d6:ef:b8:42:94:f7:97:74:dc:
fa:c6:d0:69:8e:42:4c:7c:70:07:6f:67:d5:ff:a3:28:21:09:
93:47:ce:22:0b:cd:20:9e:36:a0:af:35:a3:08:8d:20:e5:71:
c3:63:1e:39:97:ec:8f:a9:cd:03:03:2d:89:c9:68:4d:77:42:
0f:2c:ba:09:7d:40:81:e0:42:46:9a:08:52:6f:ef:ea:f1:6e:
0c:66:d2:e4:d7:fa:9b:2e:3c:6f:7d:14:43:39:8f:67:1c:8f:
88:4c:3c:be:b1:4b:55:64:4e:97:6a:33:88:61:41:68:23:dc:
ed:11:70:86:af:a2:76:5f:ae:72:f1:2a:11:a0:ac:72:ba:3f:
b6:f4:65:eb:da:e2:a6:fb:42:01:9b:fb:dc:e8:a8:7a:16:15:
e1:57:75:bc
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzDtuVcUwTuyr46X6J+QZcpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MWMwN2M5NTE0ODhmMDRjYjNiMGZkMzM4YWY4NGQ3N2U0
NmJmNTIwHhcNMjQwMTAxMDYyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGZiYzFkMmI2ODBmYWYyZDRiNGQ2YmQ2MWQ3YmZjZGE3NmZlMzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmu/ZoGZufmyXvNHSjpGk6b4ZAPbO
At7iID6I6Pa8uVKyz0sS6EU86FabR69jCkqTO3m/fLrQrmhNuWUQy9VnTdpmzhhY
d8GicONF0AxXOdBICombIP6f7Gmji/Jfd9L6BR3w1KTRBfMmB0tX1GEG1e+Ndd58
PSyiWqpxw+/FvCDvVa9aw5Jl+ASUD0tQ/SHeHiFDUbng2zaP428jhwCLH1mzCM/W
3U7bxb8C5Ak25rAnP5qgTuKvDrrmaGWgQod64WB6MtG5X067+f90Ir1pHSAANUxM
Zr+R8VjXmxOapGX2Qh5Sl1zQDNhjO5yB1j1joUM3AvHgkOG8ubpq0kiVWQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFN37wdK2gPry1LTWvWHXv82nb+MWMB8GA1UdIwQY
MBaAFOYcB8lRSI8EyzsP0zivhNd+Rr9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWh3SHlWRklqd1RMT3dfVE9LLUUxMzVHdjFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8yZGJhNWMtOWE5MC00MDUyLWExZWIt
NmE4NDc3Y2I2YzJhLzEvM2Z2QjByYUEtdkxVdE5hOVlkZV96YWR2NHhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8yZGJhNWMtOWE5MC00MDUyLWExZWItNmE4NDc3Y2I2YzJh
LzEvNWh3SHlWRklqd1RMT3dfVE9LLUUxMzVHdjFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAzBAIAATAtMAsDAwAFrQME
BQWtwAMDAR+uAwMBLnADBAZZbMADBAde/oADAwBt8wMDAaR+MA0EAgACMAcDBQAq
ABmBMA0GCSqGSIb3DQEBCwUAA4IBAQAvQZ/9uzhS6ng/MF42qgPoWkT6GsTH6s+h
EfCxPlICDgSP/iXqEI1mIS0VvVIYNKlFX3cHfW7BNF18JwV+SUZBUuljlkdQztij
VtUomFd5gPUO8P/UkZZ6W06p5e5ymTEYfgvW77hClPeXdNz6xtBpjkJMfHAHb2fV
/6MoIQmTR84iC80gnjagrzWjCI0g5XHDYx45l+yPqc0DAy2JyWhNd0IPLLoJfUCB
4EJGmghSb+/q8W4MZtLk1/qbLjxvfRRDOY9nHI+ITDy+sUtVZE6XajOIYUFoI9zt
EXCGr6J2X65y8SoRoKxyuj+29GXr2uKm+0IBm/vc6Kh6FhXhV3W8
-----END CERTIFICATE-----
Generated at Mon Aug 19 09:06:52 2024 by rpki-client on console-fra.rpki-client.org