Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/5bw64jGgUd-NdI99rcHOXCtdkZY.roa
File: 5bw64jGgUd-NdI99rcHOXCtdkZY.roa (raw, json)
Hash identifier: GjDOxETz3G9I/pL8kk/Dbci8c5R+9FMRLwpK+xdHiNw=
Subject key identifier: E5:BC:3A:E2:31:A0:51:DF:8D:74:8F:7D:AD:C1:CE:5C:2B:5D:91:96
Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255
Certificate serial: 018A21F1923DEF930E74A9D5E79D3B05B453
Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/5bw64jGgUd-NdI99rcHOXCtdkZY.roa
Signing time: Wed 23 Aug 2023 10:29:54 +0000
ROA not before: Wed 23 Aug 2023 10:29:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42705
IP address blocks: 80.251.0.0/20 maxlen: 20
80.251.10.0/24 maxlen: 24
80.251.11.0/24 maxlen: 24
85.31.64.0/19 maxlen: 24
5.11.16.0/24 maxlen: 24
5.11.17.0/24 maxlen: 24
5.11.16.0/22 maxlen: 22
5.11.18.0/24 maxlen: 24
5.11.24.0/23 maxlen: 23
5.11.24.0/21 maxlen: 21
5.11.21.0/24 maxlen: 24
85.31.75.0/24 maxlen: 24
5.11.22.0/24 maxlen: 24
5.11.24.0/24 maxlen: 24
5.11.26.0/23 maxlen: 23
5.11.25.0/24 maxlen: 24
5.11.26.0/24 maxlen: 24
5.11.27.0/24 maxlen: 24
5.11.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Sep 2023 07:21:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:21:f1:92:3d:ef:93:0e:74:a9:d5:e7:9d:3b:05:b4:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255
Validity
Not Before: Aug 23 10:29:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5bc3ae231a051df8d748f7dadc1ce5c2b5d9196
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:1b:c0:61:71:8b:1e:23:66:57:3b:b5:8e:3a:
ad:41:35:a3:3a:79:1f:7a:38:58:ea:5d:e6:b6:f6:
4c:f1:d8:61:49:c0:9c:34:84:f9:d9:11:03:e7:ec:
e6:e4:d2:8c:c1:25:d5:63:6f:1c:63:7e:86:55:6f:
ef:d7:5a:db:a9:0d:01:18:1e:30:24:4a:de:39:b8:
a7:56:ed:a3:48:7f:32:3b:38:fa:cc:38:0f:59:9e:
74:13:21:26:29:8d:94:c7:2c:62:b3:17:10:f6:bd:
76:2c:b8:94:bd:ca:b3:4f:70:a9:bc:77:d8:e4:84:
50:02:fe:29:01:90:ff:53:2a:d5:a6:28:42:df:82:
fa:8b:d2:ab:30:a3:b0:7b:2e:d4:b2:8f:38:77:ae:
cb:4a:69:ff:c9:80:86:94:00:4d:2a:3b:90:de:30:
36:f7:3c:1f:a2:53:d7:c0:37:f7:5b:8f:9d:a2:cc:
f2:7e:9d:6d:69:32:d0:d0:8e:5a:0b:b7:f1:73:64:
5d:c3:96:d0:b6:4f:64:b6:fc:82:ef:55:8b:0e:31:
e1:07:bb:a5:dd:fb:c1:b2:67:7a:db:1d:9c:32:54:
43:d4:98:90:4b:a5:bb:9a:d3:fa:83:55:a8:3a:e9:
69:44:c7:8c:15:da:a0:8a:45:2c:44:8f:9b:70:4b:
8b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:BC:3A:E2:31:A0:51:DF:8D:74:8F:7D:AD:C1:CE:5C:2B:5D:91:96
X509v3 Authority Key Identifier:
keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/5bw64jGgUd-NdI99rcHOXCtdkZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.16.0/22
5.11.21.0-5.11.22.255
5.11.24.0/21
80.251.0.0/20
85.31.64.0/19
Signature Algorithm: sha256WithRSAEncryption
aa:75:64:b3:58:05:9f:fe:c1:de:dd:5f:13:50:4d:c9:60:32:
d6:62:43:e3:4e:fe:07:ff:e1:62:5a:e2:35:f6:f1:9e:8e:4c:
ca:0d:e6:5c:a8:3a:66:eb:a0:24:f1:e4:ae:8e:e6:4c:3d:36:
01:02:8c:54:4b:fe:86:05:70:5f:b3:bb:e3:2c:1a:66:e2:05:
13:f2:f4:87:89:20:47:3f:10:0f:17:4f:61:70:cc:b7:03:ad:
6f:77:98:ca:08:11:bc:c4:ae:89:ee:04:b7:69:f7:64:21:29:
39:82:0f:2e:fd:49:5a:db:be:ba:52:0e:b7:12:9d:d6:8d:05:
7e:f1:1f:96:c2:dc:8d:ef:03:24:1c:fa:d8:8f:f1:cb:c6:d1:
42:d5:2b:de:f7:7e:14:37:7c:a5:57:6d:85:f7:65:75:db:39:
e5:2f:43:d1:9e:63:62:32:b0:a3:b5:a7:32:26:b9:55:1c:7e:
7f:62:68:28:44:18:f9:f3:1e:a5:e0:10:31:cb:b6:19:89:07:
28:8f:21:16:89:f3:16:cd:0a:32:9b:31:2d:07:71:ac:1c:c3:
9c:57:bf:e2:9e:0b:0d:60:61:59:c4:b5:5e:b5:c6:ec:79:0e:
c1:29:c3:5d:e1:83:f7:2c:04:5c:76:0a:4b:ee:09:56:a2:db:
ce:24:fd:55
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYoh8ZI975MOdKnV5507BbRTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTI5YTRkMjJmYWVmMjMxMzVkNmVmZjg5MTIyNjY2MjNj
NDkyNTUwHhcNMjMwODIzMTAyOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWJjM2FlMjMxYTA1MWRmOGQ3NDhmN2RhZGMxY2U1YzJiNWQ5MTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6hvAYXGLHiNmVzu1jjqtQTWjOnkf
ejhY6l3mtvZM8dhhScCcNIT52RED5+zm5NKMwSXVY28cY36GVW/v11rbqQ0BGB4w
JEreObinVu2jSH8yOzj6zDgPWZ50EyEmKY2UxyxisxcQ9r12LLiUvcqzT3CpvHfY
5IRQAv4pAZD/UyrVpihC34L6i9KrMKOwey7Uso84d67LSmn/yYCGlABNKjuQ3jA2
9zwfolPXwDf3W4+doszyfp1taTLQ0I5aC7fxc2Rdw5bQtk9ktvyC71WLDjHhB7ul
3fvBsmd62x2cMlRD1JiQS6W7mtP6g1WoOulpRMeMFdqgikUsRI+bcEuLqwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFOW8OuIxoFHfjXSPfa3BzlwrXZGWMB8GA1UdIwQY
MBaAFEtSmk0i+u8jE11u/4kSJmYjxJJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTct
MzZhZTc2ZWU5ODNlLzEvNWJ3NjRqR2dVZC1OZEk5OXJjSE9YQ3Rka1pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTctMzZhZTc2ZWU5ODNl
LzEvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCBQsQMAwD
BAAFCxUDBAAFCxYDBAMFCxgDBARQ+wADBAVVH0AwDQYJKoZIhvcNAQELBQADggEB
AKp1ZLNYBZ/+wd7dXxNQTclgMtZiQ+NO/gf/4WJa4jX28Z6OTMoN5lyoOmbroCTx
5K6O5kw9NgECjFRL/oYFcF+zu+MsGmbiBRPy9IeJIEc/EA8XT2FwzLcDrW93mMoI
EbzEronuBLdp92QhKTmCDy79SVrbvrpSDrcSndaNBX7xH5bC3I3vAyQc+tiP8cvG
0ULVK973fhQ3fKVXbYX3ZXXbOeUvQ9GeY2IysKO1pzImuVUcfn9iaChEGPnzHqXg
EDHLthmJByiPIRaJ8xbNCjKbMS0Hcawcw5xXv+KeCw1gYVnEtV61xux5DsEpw13h
g/csBFx2CkvuCVai284k/VU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:02 2024 by rpki-client on console-ams.rpki-client.org