Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/5iEeO-3gVzPNIapgxAS0NfIj0EM.roa
File: 5iEeO-3gVzPNIapgxAS0NfIj0EM.roa (raw, json)
Hash identifier: cUw6owCLzAp8nXIBQgdqcEs+tdWHcqr7ktBsLrdUAVU=
Subject key identifier: E6:21:1E:3B:ED:E0:57:33:CD:21:AA:60:C4:04:B4:35:F2:23:D0:43
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194FA626FD7EE0080E444E3D186A5458723
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/5iEeO-3gVzPNIapgxAS0NfIj0EM.roa
Signing time: Wed 12 Feb 2025 13:39:02 +0000
ROA not before: Wed 12 Feb 2025 13:39:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 45.136.0.0/24 maxlen: 32
45.136.1.0/24 maxlen: 32
45.136.2.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
128.0.119.0/24 maxlen: 32
185.117.20.0/22 maxlen: 32
185.117.20.0/24 maxlen: 32
185.117.22.0/24 maxlen: 32
185.117.23.0/24 maxlen: 32
185.144.100.0/24 maxlen: 32
185.144.102.0/24 maxlen: 32
185.211.48.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.211.50.0/24 maxlen: 32
185.227.240.0/24 maxlen: 32
185.227.241.0/24 maxlen: 32
185.227.242.0/24 maxlen: 32
185.227.243.0/24 maxlen: 32
193.201.208.0/24 maxlen: 32
193.201.209.0/24 maxlen: 32
193.201.210.0/24 maxlen: 32
193.201.211.0/24 maxlen: 32
194.36.100.0/24 maxlen: 32
194.36.101.0/24 maxlen: 32
194.36.102.0/24 maxlen: 32
194.36.103.0/24 maxlen: 32
194.124.64.0/24 maxlen: 32
194.124.66.0/24 maxlen: 32
194.124.67.0/24 maxlen: 32
195.85.68.0/24 maxlen: 32
195.85.69.0/24 maxlen: 32
195.85.70.0/24 maxlen: 32
Validation: Failed, certificate revoked on Fri 28 Feb 2025 16:17:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fa:62:6f:d7:ee:00:80:e4:44:e3:d1:86:a5:45:87:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Feb 12 13:39:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6211e3bede05733cd21aa60c404b435f223d043
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b0:61:a2:b2:14:f4:20:7a:d2:b4:32:aa:c2:
9a:fe:d7:0c:4a:16:1e:68:c2:88:15:22:ea:5d:88:
4f:62:ce:ba:79:c6:7d:38:82:3b:05:61:8e:fc:39:
ca:ef:82:29:71:ba:16:64:81:c6:de:86:bb:c7:94:
17:65:07:7d:83:e2:34:c7:a2:f4:a4:02:4e:e3:76:
bd:63:1a:52:60:29:38:e6:e0:d0:4e:47:15:12:ed:
72:4c:14:27:91:b7:47:fb:7e:6b:ba:7c:8d:c1:5b:
f1:e8:87:2f:43:5a:b7:ee:0e:63:33:09:e7:70:cf:
8d:0d:45:41:78:30:d6:79:fc:5b:2f:e4:e9:00:c2:
43:5f:15:68:8a:69:e7:c6:ac:dc:f4:a9:e6:11:07:
9e:97:22:2f:90:1b:be:c6:c2:d9:e7:a5:5c:97:fb:
90:6c:a4:13:ff:33:d4:f2:e5:18:8c:e0:b5:79:8c:
df:ea:88:12:6e:13:2a:ee:3e:81:37:e2:ca:1b:1a:
60:f2:72:6c:80:01:06:8f:f6:00:28:ec:7a:76:a8:
72:28:fe:7f:15:07:12:45:ca:f1:f7:94:b6:0f:d7:
5d:39:9c:a6:ee:4a:d8:11:af:bf:59:06:80:0a:7e:
c4:7b:46:f5:ff:f4:68:ff:af:03:49:a6:bc:5a:04:
a6:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:21:1E:3B:ED:E0:57:33:CD:21:AA:60:C4:04:B4:35:F2:23:D0:43
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/5iEeO-3gVzPNIapgxAS0NfIj0EM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/22
128.0.119.0/24
185.117.20.0/22
185.144.100.0/24
185.144.102.0/24
185.211.48.0-185.211.50.255
185.227.240.0/22
193.201.208.0/22
194.36.100.0/22
194.124.64.0/24
194.124.66.0/23
195.85.68.0-195.85.70.255
Signature Algorithm: sha256WithRSAEncryption
b9:57:ea:e1:1d:e2:5b:0a:5a:f4:b5:89:ec:e1:9c:d1:52:57:
04:25:ab:06:28:eb:17:3c:37:c1:0d:71:50:3c:5b:2b:88:a2:
72:ba:00:f7:f7:d5:e9:a8:34:4f:64:e8:1f:67:36:ed:e9:8e:
90:70:bd:36:65:6b:ff:0d:c3:e1:ed:cb:cc:ed:ab:49:98:cd:
6b:a6:72:37:dc:01:e1:1a:b4:6b:c7:f8:69:7c:46:4c:a5:9c:
45:eb:47:b5:f5:db:5b:9f:04:f0:48:db:1d:5b:d2:2e:d8:b5:
75:59:8b:d9:d6:06:31:19:30:64:fa:97:7e:e1:40:c4:93:00:
3c:38:ec:b1:a7:c9:13:2c:fa:b4:82:6d:ba:1b:bd:46:59:1f:
c4:69:de:ce:c1:57:34:9b:83:61:0e:7c:23:ca:78:ba:47:d1:
3e:8c:23:83:82:f7:30:34:b6:8a:df:3f:3e:ba:8f:98:a2:dc:
d8:dc:30:05:b7:cf:c2:e4:d2:62:ec:1e:04:16:f3:d8:6d:b0:
36:05:d1:a6:af:1e:84:64:4c:21:b7:ea:8e:fa:16:4a:2c:1e:
a9:39:a3:87:ec:d7:7a:ed:27:50:f6:32:a9:7a:80:77:32:53:
3c:f9:61:35:47:73:a9:77:6c:99:e3:dd:82:5c:f3:1c:f2:b6:
b5:f1:92:d6
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZT6Ym/X7gCA5ETj0YalRYcjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMjEyMTMzOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjIxMWUzYmVkZTA1NzMzY2QyMWFhNjBjNDA0YjQzNWYyMjNkMDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrBhorIU9CB60rQyqsKa/tcMShYe
aMKIFSLqXYhPYs66ecZ9OII7BWGO/DnK74IpcboWZIHG3oa7x5QXZQd9g+I0x6L0
pAJO43a9YxpSYCk45uDQTkcVEu1yTBQnkbdH+35runyNwVvx6IcvQ1q37g5jMwnn
cM+NDUVBeDDWefxbL+TpAMJDXxVoimnnxqzc9KnmEQeelyIvkBu+xsLZ56Vcl/uQ
bKQT/zPU8uUYjOC1eYzf6ogSbhMq7j6BN+LKGxpg8nJsgAEGj/YAKOx6dqhyKP5/
FQcSRcrx95S2D9ddOZym7krYEa+/WQaACn7Ee0b1//Ro/68DSaa8WgSmgwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFOYhHjvt4FczzSGqYMQEtDXyI9BDMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvNWlFZU8tM2dWelBOSWFwZ3hBUzBOZklqMEVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQCLYgAAwQA
gAB3AwQCuXUUAwQAuZBkAwQAuZBmMAwDBAS50zADBAC50zIDBAK54/ADBALBydAD
BALCJGQDBADCfEADBAHCfEIwDAMEAsNVRAMEAMNVRjANBgkqhkiG9w0BAQsFAAOC
AQEAuVfq4R3iWwpa9LWJ7OGc0VJXBCWrBijrFzw3wQ1xUDxbK4iicroA9/fV6ag0
T2ToH2c27emOkHC9NmVr/w3D4e3LzO2rSZjNa6ZyN9wB4Rq0a8f4aXxGTKWcRetH
tfXbW58E8EjbHVvSLti1dVmL2dYGMRkwZPqXfuFAxJMAPDjssafJEyz6tIJtuhu9
RlkfxGnezsFXNJuDYQ58I8p4ukfRPowjg4L3MDS2it8/PrqPmKLc2NwwBbfPwuTS
YuweBBbz2G2wNgXRpq8ehGRMIbfqjvoWSiweqTmjh+zXeu0nUPYyqXqAdzJTPPlh
NUdzqXdsmePdglzzHPK2tfGS1g==
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:40:53 2025 by rpki-client