Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5uN-RCu7B81LIFs3z2tHVey-8HM.roa
File: 5uN-RCu7B81LIFs3z2tHVey-8HM.roa (raw, json)
Hash identifier: 6/nAHgKp8Y0y5IEo8hfexImzWLutn7PPi5GpIhP9JJg=
Subject key identifier: E6:E3:7E:44:2B:BB:07:CD:4B:20:5B:37:CF:6B:47:55:EC:BE:F0:73
Certificate issuer: /CN=e61c07c951488f04cb3b0fd338af84d77e46bf52
Certificate serial: 0185723A40263B81F635204165AE45FEA9B4
Authority key identifier: E6:1C:07:C9:51:48:8F:04:CB:3B:0F:D3:38:AF:84:D7:7E:46:BF:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5uN-RCu7B81LIFs3z2tHVey-8HM.roa
Signing time: Mon 02 Jan 2023 11:24:58 +0000
ROA not before: Mon 02 Jan 2023 11:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201019
IP address blocks: 188.33.128.0/17 maxlen: 17
5.173.224.0/19 maxlen: 19
5.173.224.0/20 maxlen: 20
188.33.64.0/18 maxlen: 18
185.89.184.0/22 maxlen: 22
5.173.240.0/20 maxlen: 20
188.33.0.0/18 maxlen: 18
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:40:26:3b:81:f6:35:20:41:65:ae:45:fe:a9:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e61c07c951488f04cb3b0fd338af84d77e46bf52
Validity
Not Before: Jan 2 11:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6e37e442bbb07cd4b205b37cf6b4755ecbef073
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:60:32:ba:75:df:61:09:b8:a4:27:1b:22:a1:
5a:9b:fa:fb:ce:b3:df:72:10:a0:5d:6f:20:60:03:
2a:59:0b:df:ad:8f:6f:45:49:e9:61:c6:18:ea:0a:
4c:6c:83:43:89:fa:76:24:ff:11:a5:40:27:99:43:
22:35:54:81:a4:25:e8:a0:44:c5:f5:05:27:db:20:
83:fa:cf:cb:bf:60:09:6c:2f:ce:f3:5c:b5:4b:62:
ff:de:2f:22:10:90:38:c0:cb:52:6a:9f:c1:9a:9f:
51:ef:a2:ea:1a:e0:10:05:8d:10:16:67:f6:37:17:
71:86:a1:90:47:54:48:e9:db:c6:9c:5a:8d:7b:62:
2e:84:ce:47:59:5b:0c:a7:78:19:84:b4:b6:0a:31:
27:48:ed:be:6f:8e:ac:ac:77:ec:d6:fa:ea:27:e0:
70:c1:42:54:63:d2:e8:38:9b:ef:ec:34:7a:0c:8e:
e7:83:31:e9:6a:f4:32:aa:1e:1a:fb:74:8c:39:3c:
0c:18:fc:f5:77:83:b3:aa:e6:4e:21:01:30:b8:9f:
58:07:77:5c:6a:14:e3:16:4b:65:5f:bb:79:5e:14:
9b:0f:c0:1c:14:a7:64:82:e0:8f:ed:a1:47:26:b4:
25:3a:95:14:c3:4c:c1:2d:2f:04:f1:c7:f9:68:cb:
b1:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:E3:7E:44:2B:BB:07:CD:4B:20:5B:37:CF:6B:47:55:EC:BE:F0:73
X509v3 Authority Key Identifier:
keyid:E6:1C:07:C9:51:48:8F:04:CB:3B:0F:D3:38:AF:84:D7:7E:46:BF:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5uN-RCu7B81LIFs3z2tHVey-8HM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5hwHyVFIjwTLOw_TOK-E135Gv1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.173.224.0/19
185.89.184.0/22
188.33.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6f:f7:ca:93:54:4c:de:3c:9d:3c:ec:5b:f6:ff:94:96:39:75:
66:4d:22:27:42:17:b5:2f:ac:6a:ae:66:21:ee:09:eb:68:27:
4c:0b:fa:96:6a:a0:dc:eb:f1:de:1a:f1:a3:26:7d:15:29:58:
36:42:66:41:89:fc:09:1f:6b:01:6f:ed:e2:28:ac:06:6c:f3:
9b:28:a2:07:92:19:4f:27:73:5d:7f:62:9d:a0:3d:f1:41:0d:
98:5d:14:83:18:68:71:c5:b5:75:f3:3c:af:c8:9c:6c:15:f5:
22:a1:62:33:90:4e:ff:64:97:7a:cd:00:77:02:f7:4f:8b:72:
14:07:47:65:bc:f4:05:69:d0:0f:25:86:e1:96:ee:8b:6b:0f:
68:00:01:38:43:f6:04:83:59:28:44:67:13:a7:a2:78:ee:05:
24:cb:a3:2e:b2:ca:a5:de:67:51:c3:e9:f1:1f:27:59:d3:b4:
83:36:02:aa:09:27:ac:2e:83:33:78:c4:a2:72:7f:16:45:0f:
93:74:b6:29:ff:33:71:a4:b6:3a:85:b1:89:0d:84:93:77:2f:
46:98:63:4f:aa:cd:b0:a6:32:be:15:3f:e3:cb:77:17:c1:49:
85:fa:83:42:dd:01:bc:97:db:68:c8:70:52:df:dc:c1:ae:c2:
4c:95:42:04
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYVyOkAmO4H2NSBBZa5F/qm0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MWMwN2M5NTE0ODhmMDRjYjNiMGZkMzM4YWY4NGQ3N2U0
NmJmNTIwHhcNMjMwMTAyMTEyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmUzN2U0NDJiYmIwN2NkNGIyMDViMzdjZjZiNDc1NWVjYmVmMDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumAyunXfYQm4pCcbIqFam/r7zrPf
chCgXW8gYAMqWQvfrY9vRUnpYcYY6gpMbINDifp2JP8RpUAnmUMiNVSBpCXooETF
9QUn2yCD+s/Lv2AJbC/O81y1S2L/3i8iEJA4wMtSap/Bmp9R76LqGuAQBY0QFmf2
NxdxhqGQR1RI6dvGnFqNe2IuhM5HWVsMp3gZhLS2CjEnSO2+b46srHfs1vrqJ+Bw
wUJUY9LoOJvv7DR6DI7ngzHpavQyqh4a+3SMOTwMGPz1d4OzquZOIQEwuJ9YB3dc
ahTjFktlX7t5XhSbD8AcFKdkguCP7aFHJrQlOpUUw0zBLS8E8cf5aMuxQwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFObjfkQruwfNSyBbN89rR1XsvvBzMB8GA1UdIwQY
MBaAFOYcB8lRSI8EyzsP0zivhNd+Rr9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWh3SHlWRklqd1RMT3dfVE9LLUUxMzVHdjFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8yZGJhNWMtOWE5MC00MDUyLWExZWIt
NmE4NDc3Y2I2YzJhLzEvNXVOLVJDdTdCODFMSUZzM3oydEhWZXktOEhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8yZGJhNWMtOWE5MC00MDUyLWExZWItNmE4NDc3Y2I2YzJh
LzEvNWh3SHlWRklqd1RMT3dfVE9LLUUxMzVHdjFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwQFBa3gAwQC
uVm4AwMAvCEwDQYJKoZIhvcNAQELBQADggEBAG/3ypNUTN48nTzsW/b/lJY5dWZN
IidCF7UvrGquZiHuCetoJ0wL+pZqoNzr8d4a8aMmfRUpWDZCZkGJ/AkfawFv7eIo
rAZs85soogeSGU8nc11/Yp2gPfFBDZhdFIMYaHHFtXXzPK/InGwV9SKhYjOQTv9k
l3rNAHcC90+LchQHR2W89AVp0A8lhuGW7otrD2gAAThD9gSDWShEZxOnonjuBSTL
oy6yyqXeZ1HD6fEfJ1nTtIM2AqoJJ6wugzN4xKJyfxZFD5N0tin/M3GktjqFsYkN
hJN3L0aYY0+qzbCmMr4VP+PLdxfBSYX6g0LdAbyX22jIcFLf3MGuwkyVQgQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:03 2024 by rpki-client on console-ams.rpki-client.org