Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4e87a6-6536-454a-a59e-d5ad996a1ac8/1/EN_0qBw2eaoZzqFVfK4krJTdR8U.roa
File: EN_0qBw2eaoZzqFVfK4krJTdR8U.roa (raw, json)
Hash identifier: uiRz8/NITuSh0WS04/4LAAnG56xWd7hpVJcGQDYfa1I=
Subject key identifier: 10:DF:F4:A8:1C:36:79:AA:19:CE:A1:55:7C:AE:24:AC:94:DD:47:C5
Certificate issuer: /CN=543e20bf5f252b1bdbd21dc99d94cd97ea7f0fe6
Certificate serial: 019344966FE19AA55DBA76DEB2A4CA40B11D
Authority key identifier: 54:3E:20:BF:5F:25:2B:1B:DB:D2:1D:C9:9D:94:CD:97:EA:7F:0F:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VD4gv18lKxvb0h3JnZTNl-p_D-Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4e87a6-6536-454a-a59e-d5ad996a1ac8/1/EN_0qBw2eaoZzqFVfK4krJTdR8U.roa
Signing time: Tue 19 Nov 2024 13:22:09 +0000
ROA not before: Tue 19 Nov 2024 13:22:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43872
IP address blocks: 5.253.252.0/22 maxlen: 22
45.136.108.0/24 maxlen: 24
92.118.111.0/24 maxlen: 24
176.101.169.0/24 maxlen: 24
185.183.20.0/22 maxlen: 22
185.187.61.0/24 maxlen: 24
185.253.176.0/22 maxlen: 22
193.105.189.0/24 maxlen: 24
193.247.94.0/24 maxlen: 24
193.247.101.0/24 maxlen: 24
193.247.103.0/24 maxlen: 24
193.247.165.0/24 maxlen: 24
195.234.28.0/24 maxlen: 24
217.198.183.0/24 maxlen: 24
2a0b:180::/29 maxlen: 29
2a10:c9c0::/29 maxlen: 29
2a10:cac0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:96:6f:e1:9a:a5:5d:ba:76:de:b2:a4:ca:40:b1:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=543e20bf5f252b1bdbd21dc99d94cd97ea7f0fe6
Validity
Not Before: Nov 19 13:22:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=10dff4a81c3679aa19cea1557cae24ac94dd47c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c0:8f:6d:f1:a4:cc:3e:63:0e:ad:f7:76:7d:
62:1a:51:80:14:d4:04:20:1b:b7:76:4f:05:a7:6b:
30:81:fa:3e:bd:ab:ec:bb:ec:65:6b:f4:97:20:32:
aa:cf:28:2f:8b:eb:d5:6c:aa:cf:94:a0:c4:12:fc:
1b:1d:05:35:4d:3c:67:34:3a:bd:46:1a:32:10:26:
a9:01:5c:9a:a8:bc:fe:62:2d:35:ce:53:40:7b:b2:
e8:45:d4:5e:d6:a2:61:23:cc:f0:3c:00:4d:6c:cf:
c3:3f:eb:ab:ce:8f:15:8f:9d:27:26:28:4f:6a:98:
db:61:25:a9:79:06:cb:5f:65:16:d6:eb:f3:e7:a4:
a9:7b:12:ca:5e:af:99:13:b8:c8:79:c3:2a:8f:5a:
80:4d:97:cb:8c:5f:dd:45:b6:da:17:e3:92:9b:82:
1d:39:15:1e:d6:68:2a:22:7f:84:9b:26:13:1c:ad:
90:53:04:ea:9f:0d:4a:f4:27:7d:0e:57:b8:bb:20:
33:34:aa:01:ca:c8:08:2c:ec:cd:42:1e:82:29:f9:
28:21:3f:99:18:cc:6b:22:74:ba:41:c3:56:d6:1c:
0e:3e:dc:e5:1b:e9:97:c9:2c:73:b1:f7:55:b6:5e:
18:ed:48:42:2a:04:1c:a0:9b:f3:76:ff:2b:f2:c3:
10:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:DF:F4:A8:1C:36:79:AA:19:CE:A1:55:7C:AE:24:AC:94:DD:47:C5
X509v3 Authority Key Identifier:
keyid:54:3E:20:BF:5F:25:2B:1B:DB:D2:1D:C9:9D:94:CD:97:EA:7F:0F:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VD4gv18lKxvb0h3JnZTNl-p_D-Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4e87a6-6536-454a-a59e-d5ad996a1ac8/1/EN_0qBw2eaoZzqFVfK4krJTdR8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4e87a6-6536-454a-a59e-d5ad996a1ac8/1/VD4gv18lKxvb0h3JnZTNl-p_D-Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.252.0/22
45.136.108.0/24
92.118.111.0/24
176.101.169.0/24
185.183.20.0/22
185.187.61.0/24
185.253.176.0/22
193.105.189.0/24
193.247.94.0/24
193.247.101.0/24
193.247.103.0/24
193.247.165.0/24
195.234.28.0/24
217.198.183.0/24
IPv6:
2a0b:180::/29
2a10:c9c0::/29
2a10:cac0::/29
Signature Algorithm: sha256WithRSAEncryption
5d:b7:cc:00:5a:55:b6:36:1a:bf:22:9b:fa:f4:59:24:62:53:
17:26:eb:fd:0e:06:7e:bc:c6:e2:a2:b2:03:15:b7:35:dd:b7:
b5:81:c7:4a:c4:5b:41:1e:23:41:09:aa:c7:91:b7:4d:bf:36:
28:12:b0:b2:f3:29:61:dc:c6:74:37:49:da:d1:52:8b:38:34:
a9:3d:43:6f:c8:f3:98:b8:16:0d:8c:62:8b:c4:8c:bd:1c:ab:
6c:5d:7a:be:a1:6b:07:8e:79:90:1d:87:31:58:9e:bc:b5:bd:
79:d2:97:18:97:a4:7b:ff:ad:20:ad:77:7e:49:0d:9e:46:fb:
1f:d1:5c:7e:51:8a:8f:d3:63:20:f6:0d:fb:83:5b:05:87:fb:
2e:71:c7:2f:3e:ed:1c:fc:4d:1d:e3:db:75:90:c9:ef:3d:3f:
7d:bd:2d:14:33:98:3f:3c:e4:95:96:b7:7a:ca:72:a9:61:59:
18:ea:42:4b:49:f5:64:bc:53:eb:1a:66:b3:10:a2:08:0e:b7:
ec:aa:99:8e:09:f0:b9:36:8d:27:b9:7a:18:7f:d1:e2:ef:f6:
13:85:0f:a6:07:ba:4e:1d:b6:eb:b5:6f:8f:cc:db:1c:42:e1:
c1:16:be:69:da:3d:9c:2a:a2:57:6a:1d:42:8c:92:db:83:ec:
47:33:46:d9
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAZNElm/hmqVdunbesqTKQLEdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0M2UyMGJmNWYyNTJiMWJkYmQyMWRjOTlkOTRjZDk3ZWE3
ZjBmZTYwHhcNMjQxMTE5MTMyMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGRmZjRhODFjMzY3OWFhMTljZWExNTU3Y2FlMjRhYzk0ZGQ0N2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycCPbfGkzD5jDq33dn1iGlGAFNQE
IBu3dk8Fp2swgfo+vavsu+xla/SXIDKqzygvi+vVbKrPlKDEEvwbHQU1TTxnNDq9
RhoyECapAVyaqLz+Yi01zlNAe7LoRdRe1qJhI8zwPABNbM/DP+urzo8Vj50nJihP
apjbYSWpeQbLX2UW1uvz56SpexLKXq+ZE7jIecMqj1qATZfLjF/dRbbaF+OSm4Id
ORUe1mgqIn+EmyYTHK2QUwTqnw1K9Cd9Dle4uyAzNKoBysgILOzNQh6CKfkoIT+Z
GMxrInS6QcNW1hwOPtzlG+mXySxzsfdVtl4Y7UhCKgQcoJvzdv8r8sMQAQIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFBDf9KgcNnmqGc6hVXyuJKyU3UfFMB8GA1UdIwQY
MBaAFFQ+IL9fJSsb29IdyZ2UzZfqfw/mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkQ0Z3YxOGxLeHZiMGgzSm5aVE5sLXBfRC1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80ZTg3YTYtNjUzNi00NTRhLWE1OWUt
ZDVhZDk5NmExYWM4LzEvRU5fMHFCdzJlYW9aenFGVmZLNGtySlRkUjhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80ZTg3YTYtNjUzNi00NTRhLWE1OWUtZDVhZDk5NmExYWM4
LzEvVkQ0Z3YxOGxLeHZiMGgzSm5aVE5sLXBfRC1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwWgQCAAEwVAMEAgX9/AME
AC2IbAMEAFx2bwMEALBlqQMEArm3FAMEALm7PQMEArn9sAMEAMFpvQMEAMH3XgME
AMH3ZQMEAMH3ZwMEAMH3pQMEAMPqHAMEANnGtzAbBAIAAjAVAwUDKgsBgAMFAyoQ
ycADBQMqEMrAMA0GCSqGSIb3DQEBCwUAA4IBAQBdt8wAWlW2Nhq/Ipv69FkkYlMX
Juv9DgZ+vMbiorIDFbc13be1gcdKxFtBHiNBCarHkbdNvzYoErCy8ylh3MZ0N0na
0VKLODSpPUNvyPOYuBYNjGKLxIy9HKtsXXq+oWsHjnmQHYcxWJ68tb150pcYl6R7
/60grXd+SQ2eRvsf0Vx+UYqP02Mg9g37g1sFh/succcvPu0c/E0d49t1kMnvPT99
vS0UM5g/POSVlrd6ynKpYVkY6kJLSfVkvFPrGmazEKIIDrfsqpmOCfC5No0nuXoY
f9Hi7/YThQ+mB7pOHbbrtW+PzNscQuHBFr5p2j2cKqJXah1CjJLbg+xHM0bZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:08 2025 by rpki-client