Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1qFejBRmRD7kQ5FKcvI9hHee9To.roa
File: 1qFejBRmRD7kQ5FKcvI9hHee9To.roa (raw, json)
Hash identifier: ZLTPD39rYvMVCMr/54ev6jMTI/bvbOlaWsYtB2IeM/4=
Subject key identifier: D6:A1:5E:8C:14:66:44:3E:E4:43:91:4A:72:F2:3D:84:77:9E:F5:3A
Certificate issuer: /CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Certificate serial: 019169A89A85A5ECE5E9F53AD404787CF424
Authority key identifier: D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1qFejBRmRD7kQ5FKcvI9hHee9To.roa
Signing time: Mon 19 Aug 2024 08:02:22 +0000
ROA not before: Mon 19 Aug 2024 08:02:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60256
IP address blocks: 5.145.112.0/23 maxlen: 23
5.145.112.0/24 maxlen: 24
5.145.113.0/24 maxlen: 24
5.145.115.0/24 maxlen: 24
5.145.118.0/24 maxlen: 24
5.145.119.0/24 maxlen: 24
185.24.254.0/24 maxlen: 24
2a04:2f00:2::/48 maxlen: 48
2a04:2f01:1::/48 maxlen: 48
2a04:2f01:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 20 Aug 2024 05:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:69:a8:9a:85:a5:ec:e5:e9:f5:3a:d4:04:78:7c:f4:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Validity
Not Before: Aug 19 08:02:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6a15e8c1466443ee443914a72f23d84779ef53a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:79:dc:36:2d:28:d3:98:c8:9d:96:08:a7:57:
37:f1:a4:25:26:ba:38:ad:90:21:fa:36:c6:42:d0:
25:6a:bb:3e:45:b1:ea:37:98:cf:ee:a0:e7:e3:37:
1c:98:d5:af:27:df:3f:30:5f:0b:23:a6:2a:f2:96:
95:ce:68:af:cb:ef:44:48:64:cb:52:6c:fc:a4:d8:
50:08:8e:51:e5:e8:a1:e0:54:6d:62:ad:30:ac:ee:
4c:a4:40:fe:6d:76:bc:a0:45:ea:c2:12:20:68:97:
f7:27:9e:db:5f:10:0e:87:75:93:3f:91:0e:77:c5:
44:0e:3b:c4:7b:16:13:c5:63:f1:97:41:ff:d8:8a:
90:38:10:7f:ef:7e:72:1c:4e:c3:61:fc:2d:56:f5:
2f:d2:2e:e3:f3:3c:d4:f9:a1:3e:5c:ed:9c:5f:c1:
df:f7:fc:be:e6:f7:52:5b:ce:21:dc:c2:cc:41:24:
dc:97:c4:5d:c3:7f:e7:37:90:8b:d9:52:81:13:2c:
76:87:32:af:36:43:fc:55:2e:27:93:72:f7:8c:65:
39:d7:e3:c8:34:55:79:1d:31:24:24:00:00:d3:7e:
5c:3e:6f:d4:e5:a0:ab:ee:e8:57:9e:f0:dc:f7:1f:
f0:93:ad:7b:cc:e6:6f:8b:46:b4:ca:25:4b:16:64:
a7:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A1:5E:8C:14:66:44:3E:E4:43:91:4A:72:F2:3D:84:77:9E:F5:3A
X509v3 Authority Key Identifier:
keyid:D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1qFejBRmRD7kQ5FKcvI9hHee9To.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1uJpRlKqKYUR7a--GNKxzbx5Jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.112.0/23
5.145.115.0/24
5.145.118.0/23
185.24.254.0/24
IPv6:
2a04:2f00:2::/48
2a04:2f01:1::-2a04:2f01:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
94:e0:88:ab:83:ad:18:c0:06:16:29:3c:fe:cb:63:b4:15:ea:
62:e6:c2:f4:f1:a6:7f:dc:10:25:aa:2d:a0:48:20:00:4e:0e:
16:a2:fd:26:cf:b7:29:ef:d3:a3:f7:de:77:78:03:9b:47:79:
e5:f5:4e:78:d6:42:6d:6b:49:af:7c:f3:e0:1d:5b:7d:eb:3f:
21:c0:47:64:bd:43:15:99:b5:f8:b1:18:c0:91:f3:4c:cf:5d:
88:50:30:42:db:37:0d:a6:98:3d:23:48:95:28:b2:1b:5b:5d:
36:eb:a4:1b:89:43:e9:25:5f:c2:0a:f7:1c:ab:fb:f6:a1:b4:
c5:90:a8:a2:7c:90:a6:eb:71:8e:8c:19:9f:f4:f2:7f:e4:3f:
01:83:e7:6f:27:e6:6c:f2:95:aa:82:4f:dd:0f:07:d7:d5:9e:
02:69:4c:40:fb:5f:f5:01:60:3c:78:ee:ed:30:89:ae:9c:d9:
31:47:2b:96:c3:eb:d5:cc:7c:21:a0:14:ee:dd:e1:a2:ec:f3:
67:da:15:b9:44:61:2e:0f:de:1b:23:d9:c6:b6:67:d2:e0:63:
9d:14:ea:2d:73:01:b7:25:c5:8f:11:62:8a:1b:9a:9f:5f:25:
ff:36:16:3a:ca:9d:95:e8:d2:c9:c7:a6:54:10:07:f5:e7:90:
70:07:72:31
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZFpqJqFpezl6fU61AR4fPQkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTI2OTQ2NTJhYTI5ODUxMWVkYWZiZTE4ZDJiMWNkYmM3
OTI2MzgwHhcNMjQwODE5MDgwMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmExNWU4YzE0NjY0NDNlZTQ0MzkxNGE3MmYyM2Q4NDc3OWVmNTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3ncNi0o05jInZYIp1c38aQlJro4
rZAh+jbGQtAlars+RbHqN5jP7qDn4zccmNWvJ98/MF8LI6Yq8paVzmivy+9ESGTL
Umz8pNhQCI5R5eih4FRtYq0wrO5MpED+bXa8oEXqwhIgaJf3J57bXxAOh3WTP5EO
d8VEDjvEexYTxWPxl0H/2IqQOBB/735yHE7DYfwtVvUv0i7j8zzU+aE+XO2cX8Hf
9/y+5vdSW84h3MLMQSTcl8Rdw3/nN5CL2VKBEyx2hzKvNkP8VS4nk3L3jGU51+PI
NFV5HTEkJAAA035cPm/U5aCr7uhXnvDc9x/wk617zOZvi0a0yiVLFmSnWQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFNahXowUZkQ+5EORSnLyPYR3nvU6MB8GA1UdIwQY
MBaAFNbiaUZSqimFEe2vvhjSsc28eSY4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODkt
YjQyMzY0ODk1MDgzLzEvMXFGZWpCUm1SRDdrUTVGS2N2STloSGVlOVRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODktYjQyMzY0ODk1MDgz
LzEvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAeBAIAATAYAwQBBZFwAwQA
BZFzAwQBBZF2AwQAuRj+MCMEAgACMB0DBwAqBC8AAAIwEgMHACoELwEAAQMHACoE
LwEAAjANBgkqhkiG9w0BAQsFAAOCAQEAlOCIq4OtGMAGFik8/stjtBXqYubC9PGm
f9wQJaotoEggAE4OFqL9Js+3Ke/To/fed3gDm0d55fVOeNZCbWtJr3zz4B1bfes/
IcBHZL1DFZm1+LEYwJHzTM9diFAwQts3DaaYPSNIlSiyG1tdNuukG4lD6SVfwgr3
HKv79qG0xZCoonyQputxjowZn/Tyf+Q/AYPnbyfmbPKVqoJP3Q8H19WeAmlMQPtf
9QFgPHju7TCJrpzZMUcrlsPr1cx8IaAU7t3houzzZ9oVuURhLg/eGyPZxrZn0uBj
nRTqLXMBtyXFjxFiihuan18l/zYWOsqdlejSycemVBAH9eeQcAdyMQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:26 2025 by rpki-client