Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/SddaTjPMKnXI0-IrHhCV6td2iYs.roa
File: SddaTjPMKnXI0-IrHhCV6td2iYs.roa (raw, json)
Hash identifier: 7VZ+Eebwgq2k7T85hx0aFTXa1UleqSfhyeJvDsGSHZw=
Subject key identifier: 49:D7:5A:4E:33:CC:2A:75:C8:D3:E2:2B:1E:10:95:EA:D7:76:89:8B
Certificate issuer: /CN=204a096504cdbb9f2fb7fd0e66406d526fe10b5a
Certificate serial: 018DF028490D9A51E0EE02A193F60697D027
Authority key identifier: 20:4A:09:65:04:CD:BB:9F:2F:B7:FD:0E:66:40:6D:52:6F:E1:0B:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IEoJZQTNu58vt_0OZkBtUm_hC1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/SddaTjPMKnXI0-IrHhCV6td2iYs.roa
Signing time: Wed 28 Feb 2024 14:39:48 +0000
ROA not before: Wed 28 Feb 2024 14:39:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41998
IP address blocks: 5.42.136.0/22 maxlen: 22
5.42.140.0/22 maxlen: 22
31.25.40.0/21 maxlen: 21
37.25.48.0/21 maxlen: 21
46.182.136.0/21 maxlen: 21
62.152.160.0/19 maxlen: 19
83.242.36.0/22 maxlen: 22
83.242.40.0/21 maxlen: 21
83.242.48.0/20 maxlen: 20
91.103.112.0/21 maxlen: 21
93.118.0.0/21 maxlen: 21
93.118.8.0/21 maxlen: 21
93.118.16.0/21 maxlen: 21
93.118.24.0/21 maxlen: 21
94.124.208.0/21 maxlen: 21
94.176.240.0/20 maxlen: 20
145.14.192.0/20 maxlen: 20
153.92.80.0/20 maxlen: 20
171.33.176.0/22 maxlen: 22
171.33.180.0/22 maxlen: 22
185.3.80.0/22 maxlen: 22
185.36.120.0/22 maxlen: 22
185.61.28.0/22 maxlen: 22
185.108.230.0/23 maxlen: 23
188.93.216.0/21 maxlen: 21
188.244.100.0/22 maxlen: 22
193.151.4.0/22 maxlen: 22
194.140.112.0/20 maxlen: 20
212.86.176.0/22 maxlen: 22
212.86.184.0/22 maxlen: 22
213.153.68.0/22 maxlen: 22
213.153.76.0/22 maxlen: 22
213.153.80.0/22 maxlen: 22
213.153.84.0/22 maxlen: 22
213.153.88.0/22 maxlen: 22
213.153.92.0/22 maxlen: 22
217.66.136.0/21 maxlen: 21
217.78.160.0/20 maxlen: 20
2a00:79c0::/32 maxlen: 32
2a02:17b0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 07 Aug 2024 07:46:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f0:28:49:0d:9a:51:e0:ee:02:a1:93:f6:06:97:d0:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=204a096504cdbb9f2fb7fd0e66406d526fe10b5a
Validity
Not Before: Feb 28 14:39:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49d75a4e33cc2a75c8d3e22b1e1095ead776898b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c4:fb:d3:a7:c4:22:64:20:99:98:d2:84:99:
fc:dc:d3:97:48:06:6f:0b:2c:1b:d0:0c:61:10:43:
48:53:7e:2d:c4:3d:95:fd:6b:a0:70:b2:1b:18:1a:
65:79:5f:c5:38:84:c6:3b:a9:49:30:7a:8d:74:76:
bb:ef:ae:bf:e5:23:09:6e:cf:45:c2:af:1f:a9:75:
ff:e9:1b:10:a7:8f:9b:7f:61:3a:75:47:ca:3b:d0:
0b:cb:d3:32:a7:3a:2c:90:a7:5d:96:5a:a9:5c:f6:
fb:73:54:3a:36:35:24:25:fc:fd:42:a7:7c:c1:9d:
4e:03:2a:e1:72:16:23:df:9b:50:2d:4f:ae:22:7b:
c6:59:5c:e0:12:59:ea:a1:7c:ad:83:4e:a2:59:86:
67:30:4b:01:6d:c3:e3:92:36:e2:91:5d:ef:cb:a2:
bb:4a:31:4e:82:10:6a:82:13:df:88:33:ca:37:44:
c6:65:83:b2:05:cd:3e:34:c7:25:74:37:8d:8d:a2:
d1:44:a1:47:17:d1:95:8e:93:92:ba:6b:34:1d:20:
6b:6c:75:f8:d5:5f:3b:bd:58:0a:fd:1b:ee:41:59:
16:a8:e8:6c:2e:fa:aa:c9:10:d9:79:1a:0c:2e:84:
cb:e8:68:bf:54:33:80:a1:be:9c:9d:3d:49:34:7b:
32:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:D7:5A:4E:33:CC:2A:75:C8:D3:E2:2B:1E:10:95:EA:D7:76:89:8B
X509v3 Authority Key Identifier:
keyid:20:4A:09:65:04:CD:BB:9F:2F:B7:FD:0E:66:40:6D:52:6F:E1:0B:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IEoJZQTNu58vt_0OZkBtUm_hC1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/SddaTjPMKnXI0-IrHhCV6td2iYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/IEoJZQTNu58vt_0OZkBtUm_hC1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.136.0/21
31.25.40.0/21
37.25.48.0/21
46.182.136.0/21
62.152.160.0/19
83.242.36.0-83.242.63.255
91.103.112.0/21
93.118.0.0/19
94.124.208.0/21
94.176.240.0/20
145.14.192.0/20
153.92.80.0/20
171.33.176.0/21
185.3.80.0/22
185.36.120.0/22
185.61.28.0/22
185.108.230.0/23
188.93.216.0/21
188.244.100.0/22
193.151.4.0/22
194.140.112.0/20
212.86.176.0/22
212.86.184.0/22
213.153.68.0/22
213.153.76.0-213.153.95.255
217.66.136.0/21
217.78.160.0/20
IPv6:
2a00:79c0::/32
2a02:17b0::/32
Signature Algorithm: sha256WithRSAEncryption
2e:0b:73:41:75:36:8c:55:5d:9e:d7:79:88:fc:e6:a2:ab:91:
6d:7f:33:bb:a2:98:78:87:7c:da:ab:9d:24:49:9c:2a:84:95:
ec:db:2e:0f:90:80:3e:d7:58:88:a9:70:75:1f:c0:4c:51:b5:
50:a7:d4:78:d4:4f:8e:a2:56:3f:44:3a:25:53:92:c7:d3:c1:
9f:c2:47:31:be:90:9e:69:bb:25:30:17:f6:97:36:51:c6:38:
ed:d4:7e:0c:95:12:04:65:3d:b8:73:87:27:b5:98:c1:5b:13:
4c:b3:de:14:7f:14:4f:6a:f6:06:0a:ab:89:47:67:15:b3:16:
e9:05:b0:1b:48:3a:7e:99:fb:91:22:bf:88:dd:14:0d:3e:c2:
9c:5a:03:46:f0:6d:ac:0f:03:08:f7:75:53:d3:fb:4c:a7:36:
09:9b:82:42:e8:43:39:d0:7b:e9:5f:4e:95:cf:21:1d:7b:4a:
df:43:a1:41:14:5a:61:70:13:b6:3d:6f:f9:2b:2a:4f:e8:e3:
0e:37:9a:1d:07:c8:82:28:39:8b:d4:f7:ae:3f:e8:df:54:0d:
6a:0e:66:a8:a3:39:09:dd:aa:89:72:7a:ea:82:d4:91:4f:79:
79:b0:72:ec:5f:91:8c:49:0d:cd:0b:4a:1a:de:bb:31:8e:a4:
97:3d:d8:c0
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAY3wKEkNmlHg7gKhk/YGl9AnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNGEwOTY1MDRjZGJiOWYyZmI3ZmQwZTY2NDA2ZDUyNmZl
MTBiNWEwHhcNMjQwMjI4MTQzOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWQ3NWE0ZTMzY2MyYTc1YzhkM2UyMmIxZTEwOTVlYWQ3NzY4OThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MT706fEImQgmZjShJn83NOXSAZv
Cywb0AxhEENIU34txD2V/WugcLIbGBpleV/FOITGO6lJMHqNdHa7766/5SMJbs9F
wq8fqXX/6RsQp4+bf2E6dUfKO9ALy9MypzoskKddllqpXPb7c1Q6NjUkJfz9Qqd8
wZ1OAyrhchYj35tQLU+uInvGWVzgElnqoXytg06iWYZnMEsBbcPjkjbikV3vy6K7
SjFOghBqghPfiDPKN0TGZYOyBc0+NMcldDeNjaLRRKFHF9GVjpOSums0HSBrbHX4
1V87vVgK/RvuQVkWqOhsLvqqyRDZeRoMLoTL6Gi/VDOAob6cnT1JNHsygwIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFEnXWk4zzCp1yNPiKx4QlerXdomLMB8GA1UdIwQY
MBaAFCBKCWUEzbufL7f9DmZAbVJv4QtaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUVvSlpRVE51NTh2dF8wT1prQnRVbV9oQzFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lMjUxZGMtOGIyYi00ZjNkLWI2MzYt
MTU0MjI0Nzg4MDBiLzEvU2RkYVRqUE1LblhJMC1JckhoQ1Y2dGQyaVlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lMjUxZGMtOGIyYi00ZjNkLWI2MzYtMTU0MjI0Nzg4MDBi
LzEvSUVvSlpRVE51NTh2dF8wT1prQnRVbV9oQzFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBuQQCAAEwgbIDBAMF
KogDBAMfGSgDBAMlGTADBAMutogDBAU+mKAwDAMEAlPyJAMEBlPyAAMEA1tncAME
BV12AAMEA1580AMEBF6w8AMEBJEOwAMEBJlcUAMEA6shsAMEArkDUAMEArkkeAME
Ark9HAMEAbls5gMEA7xd2AMEArz0ZAMEAsGXBAMEBMKMcAMEAtRWsAMEAtRWuAME
AtWZRDAMAwQC1ZlMAwQF1ZlAAwQD2UKIAwQE2U6gMBQEAgACMA4DBQAqAHnAAwUA
KgIXsDANBgkqhkiG9w0BAQsFAAOCAQEALgtzQXU2jFVdntd5iPzmoquRbX8zu6KY
eId82qudJEmcKoSV7NsuD5CAPtdYiKlwdR/ATFG1UKfUeNRPjqJWP0Q6JVOSx9PB
n8JHMb6Qnmm7JTAX9pc2UcY47dR+DJUSBGU9uHOHJ7WYwVsTTLPeFH8UT2r2Bgqr
iUdnFbMW6QWwG0g6fpn7kSK/iN0UDT7CnFoDRvBtrA8DCPd1U9P7TKc2CZuCQuhD
OdB76V9Olc8hHXtK30OhQRRaYXATtj1v+SsqT+jjDjeaHQfIgig5i9T3rj/o31QN
ag5mqKM5Cd2qiXJ66oLUkU95ebBy7F+RjEkNzQtKGt67MY6klz3YwA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:04 2025 by rpki-client