Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/d61b33-abdf-4903-a82c-b5172597f73a/1/DFoIYjtogK5CvngzhaODhWyUQN8.roa
File: DFoIYjtogK5CvngzhaODhWyUQN8.roa (raw, json)
Hash identifier: hrjKY6AJbDaVkzj07nCfY3j3E4RXAIDVYCz5KKkwBxw=
Subject key identifier: 0C:5A:08:62:3B:68:80:AE:42:BE:78:33:85:A3:83:85:6C:94:40:DF
Certificate issuer: /CN=55843a1b20a2dbe3e4ed53e7548d7689678d5a37
Certificate serial: 01856F14B2691959DC399ADE34CB3B13C04E
Authority key identifier: 55:84:3A:1B:20:A2:DB:E3:E4:ED:53:E7:54:8D:76:89:67:8D:5A:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYQ6GyCi2-Pk7VPnVI12iWeNWjc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/d61b33-abdf-4903-a82c-b5172597f73a/1/DFoIYjtogK5CvngzhaODhWyUQN8.roa
Signing time: Sun 01 Jan 2023 20:45:05 +0000
ROA not before: Sun 01 Jan 2023 20:45:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198068
IP address blocks: 46.36.216.0/21 maxlen: 32
5.101.176.0/20 maxlen: 32
5.188.16.0/21 maxlen: 32
5.188.24.0/22 maxlen: 32
5.45.112.0/20 maxlen: 32
5.101.112.0/20 maxlen: 32
181.114.240.0/20 maxlen: 32
159.253.16.0/21 maxlen: 32
185.4.72.0/22 maxlen: 32
45.67.128.0/22 maxlen: 32
2a03:f480::/32 maxlen: 128
2a09:8240::/32 maxlen: 128
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:b2:69:19:59:dc:39:9a:de:34:cb:3b:13:c0:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55843a1b20a2dbe3e4ed53e7548d7689678d5a37
Validity
Not Before: Jan 1 20:45:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c5a08623b6880ae42be783385a383856c9440df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:0c:c7:2f:81:6e:76:94:2b:ee:66:8a:22:dc:
82:86:1e:c3:2d:59:30:24:ea:6b:84:fb:24:05:11:
ef:44:3d:e9:e3:dd:21:e7:c6:35:b7:09:f7:4d:87:
a2:96:33:71:5d:55:26:62:a4:f4:d4:9f:03:de:a6:
80:6e:ee:e7:4c:d9:96:e5:4a:48:55:f5:30:07:06:
52:12:36:9b:fb:8f:5f:0e:40:f3:6a:10:92:44:12:
e1:8f:69:72:e7:22:c4:4d:25:b5:9c:1a:b7:b9:64:
6e:b4:1e:29:93:83:6a:e7:c9:24:77:8a:a2:67:cb:
e9:a4:65:fe:5e:fd:ac:7c:60:84:e9:0a:ae:c0:31:
80:c2:b8:24:90:d6:b3:54:0c:ad:ae:01:73:d0:46:
5f:29:fa:90:c6:9e:a1:5c:34:08:ed:01:b5:fb:b0:
94:04:dd:7d:ab:78:2e:47:7c:d0:df:50:af:ad:2c:
f7:22:71:b6:7b:a8:6b:20:25:4e:b9:f8:50:85:6f:
30:86:c8:4d:6f:cf:de:f5:5e:7a:de:58:28:66:71:
e8:3f:f8:f4:ae:ff:6b:fd:0d:65:a5:37:84:76:49:
80:79:0f:e0:74:6c:57:ab:78:4f:b2:45:92:03:4b:
9a:22:b6:99:31:b7:48:da:b7:e8:03:13:a5:2f:16:
e9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:5A:08:62:3B:68:80:AE:42:BE:78:33:85:A3:83:85:6C:94:40:DF
X509v3 Authority Key Identifier:
keyid:55:84:3A:1B:20:A2:DB:E3:E4:ED:53:E7:54:8D:76:89:67:8D:5A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYQ6GyCi2-Pk7VPnVI12iWeNWjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/d61b33-abdf-4903-a82c-b5172597f73a/1/DFoIYjtogK5CvngzhaODhWyUQN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/d61b33-abdf-4903-a82c-b5172597f73a/1/VYQ6GyCi2-Pk7VPnVI12iWeNWjc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.112.0/20
5.101.112.0/20
5.101.176.0/20
5.188.16.0-5.188.27.255
45.67.128.0/22
46.36.216.0/21
159.253.16.0/21
181.114.240.0/20
185.4.72.0/22
IPv6:
2a03:f480::/32
2a09:8240::/32
Signature Algorithm: sha256WithRSAEncryption
72:72:72:a6:70:94:ad:bc:32:b1:6c:9d:8c:55:26:41:29:93:
84:64:bc:8d:f5:a7:74:ca:84:da:5b:05:72:2c:9b:81:30:1e:
7c:e3:92:44:08:a7:3a:16:a2:4d:f5:f3:6d:8d:35:d5:b4:a5:
e7:51:17:9f:58:af:6d:d4:49:ac:6b:b2:c6:06:50:ad:58:55:
c6:79:00:3c:b2:d2:e6:10:c0:84:f6:d6:c9:e0:e6:4c:14:9e:
65:b9:34:65:9c:5e:25:07:31:9a:b7:1c:e2:e2:5c:27:72:16:
a8:2f:0c:e3:07:5c:27:89:7f:18:ab:27:28:b1:39:27:87:21:
e2:7e:ef:97:a3:90:78:e5:f1:04:6a:2b:22:3d:9b:28:19:cc:
3b:8b:ba:ca:ad:97:a2:50:9a:e1:9b:5b:eb:29:26:1e:4c:dd:
65:b9:96:c2:28:1c:a2:f1:26:9c:03:c1:0b:49:28:e4:f8:b6:
8a:e0:44:0a:f4:e6:1e:7f:0b:ec:cc:ce:d2:9e:70:a0:b0:36:
f3:0a:60:45:9f:8f:16:e4:a5:bf:73:3a:7f:a1:10:2a:bd:07:
93:01:24:4d:30:76:70:59:71:e2:ae:08:80:96:e1:a5:a8:55:
a8:b9:86:a0:25:d6:62:5c:00:e8:5f:17:9e:00:7e:a2:96:2e:
f4:d6:ef:0c
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYVvFLJpGVncOZreNMs7E8BOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODQzYTFiMjBhMmRiZTNlNGVkNTNlNzU0OGQ3Njg5Njc4
ZDVhMzcwHhcNMjMwMTAxMjA0NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzVhMDg2MjNiNjg4MGFlNDJiZTc4MzM4NWEzODM4NTZjOTQ0MGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwzHL4FudpQr7maKItyChh7DLVkw
JOprhPskBRHvRD3p490h58Y1twn3TYeiljNxXVUmYqT01J8D3qaAbu7nTNmW5UpI
VfUwBwZSEjab+49fDkDzahCSRBLhj2ly5yLETSW1nBq3uWRutB4pk4Nq58kkd4qi
Z8vppGX+Xv2sfGCE6QquwDGAwrgkkNazVAytrgFz0EZfKfqQxp6hXDQI7QG1+7CU
BN19q3guR3zQ31CvrSz3InG2e6hrICVOufhQhW8whshNb8/e9V563lgoZnHoP/j0
rv9r/Q1lpTeEdkmAeQ/gdGxXq3hPskWSA0uaIraZMbdI2rfoAxOlLxbpoQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFAxaCGI7aICuQr54M4Wjg4VslEDfMB8GA1UdIwQY
MBaAFFWEOhsgotvj5O1T51SNdolnjVo3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllRNkd5Q2kyLVBrN1ZQblZJMTJpV2VOV2pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9kNjFiMzMtYWJkZi00OTAzLWE4MmMt
YjUxNzI1OTdmNzNhLzEvREZvSVlqdG9nSzVDdm5nemhhT0RoV3lVUU44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9kNjFiMzMtYWJkZi00OTAzLWE4MmMtYjUxNzI1OTdmNzNh
LzEvVllRNkd5Q2kyLVBrN1ZQblZJMTJpV2VOV2pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBEBAIAATA+AwQEBS1wAwQE
BWVwAwQEBWWwMAwDBAQFvBADBAIFvBgDBAItQ4ADBAMuJNgDBAOf/RADBAS1cvAD
BAK5BEgwFAQCAAIwDgMFACoD9IADBQAqCYJAMA0GCSqGSIb3DQEBCwUAA4IBAQBy
cnKmcJStvDKxbJ2MVSZBKZOEZLyN9ad0yoTaWwVyLJuBMB5845JECKc6FqJN9fNt
jTXVtKXnURefWK9t1Emsa7LGBlCtWFXGeQA8stLmEMCE9tbJ4OZMFJ5luTRlnF4l
BzGatxzi4lwnchaoLwzjB1wniX8YqycosTknhyHifu+Xo5B45fEEaisiPZsoGcw7
i7rKrZeiUJrhm1vrKSYeTN1luZbCKByi8SacA8ELSSjk+LaK4EQK9OYefwvszM7S
nnCgsDbzCmBFn48W5KW/czp/oRAqvQeTASRNMHZwWXHirgiAluGlqFWouYagJdZi
XADoXxeeAH6ili701u8M
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:07 2024 by rpki-client on console-fra.rpki-client.org