Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/6M--Xx5FX1Gg4qe1fmNPZ3zTxX0.roa
File: 6M--Xx5FX1Gg4qe1fmNPZ3zTxX0.roa (raw, json)
Hash identifier: 6c39nBWczTALN5JNCJJLDW3Esj/mXs5gIGA9q+jLuV4=
Subject key identifier: E8:CF:BE:5F:1E:45:5F:51:A0:E2:A7:B5:7E:63:4F:67:7C:D3:C5:7D
Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255
Certificate serial: 018C348AB5DBEAAC471FAC256B6D754029FA
Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/6M--Xx5FX1Gg4qe1fmNPZ3zTxX0.roa
Signing time: Mon 04 Dec 2023 11:15:54 +0000
ROA not before: Mon 04 Dec 2023 11:15:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42705
IP address blocks: 80.251.10.0/24 maxlen: 24
80.251.11.0/24 maxlen: 24
5.11.16.0/24 maxlen: 24
5.11.17.0/24 maxlen: 24
5.11.16.0/22 maxlen: 22
5.11.18.0/24 maxlen: 24
5.11.24.0/22 maxlen: 22
5.11.24.0/23 maxlen: 23
5.11.24.0/21 maxlen: 21
5.11.21.0/24 maxlen: 24
5.11.22.0/24 maxlen: 24
5.11.24.0/24 maxlen: 24
5.11.26.0/23 maxlen: 23
5.11.25.0/24 maxlen: 24
5.11.26.0/24 maxlen: 24
5.11.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:8a:b5:db:ea:ac:47:1f:ac:25:6b:6d:75:40:29:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255
Validity
Not Before: Dec 4 11:15:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e8cfbe5f1e455f51a0e2a7b57e634f677cd3c57d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:81:87:39:d1:04:aa:ef:fd:f8:ad:39:53:24:
53:59:1c:4c:d5:de:fa:36:a9:ac:33:1c:4b:a7:1a:
03:0d:c1:41:26:68:e7:f4:10:bf:8b:67:db:91:79:
68:44:dd:d7:88:33:42:17:d4:27:40:21:db:23:96:
db:b3:89:a2:c3:df:36:0b:a4:50:08:ab:1d:ad:5a:
0a:90:7a:2c:35:24:1e:84:37:14:72:c6:a2:ab:f0:
0f:18:78:ab:76:aa:86:2e:86:e9:31:5f:11:b6:f8:
17:67:2e:38:66:0e:4a:23:d9:b2:10:3f:62:2f:e8:
8f:be:8a:b5:11:74:53:b0:b1:ca:80:9e:53:cb:d2:
b8:91:b5:fa:c1:f6:81:16:43:67:66:31:36:f1:19:
06:49:59:73:59:10:0c:21:01:83:8c:9f:2b:6b:f1:
73:e4:f9:c7:f0:26:06:73:bb:37:77:d9:d0:2e:30:
41:6f:66:d6:c9:ba:72:64:40:8e:21:c7:13:7b:65:
0a:82:45:01:2b:bf:08:ce:6f:0b:8d:de:36:a2:29:
d4:75:3c:be:c7:32:2c:43:97:64:17:a1:2e:cf:77:
91:06:78:fc:b1:04:64:58:40:41:58:38:11:a9:29:
16:47:42:3f:96:43:8b:da:f3:82:ea:a6:ca:42:5a:
6d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:CF:BE:5F:1E:45:5F:51:A0:E2:A7:B5:7E:63:4F:67:7C:D3:C5:7D
X509v3 Authority Key Identifier:
keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/6M--Xx5FX1Gg4qe1fmNPZ3zTxX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.16.0/22
5.11.21.0-5.11.22.255
5.11.24.0/21
80.251.10.0/23
Signature Algorithm: sha256WithRSAEncryption
73:55:14:6f:1a:1e:b6:4a:3e:46:34:d7:fd:cb:48:1b:93:00:
96:d0:c9:d9:3e:be:fc:1c:c7:21:a7:6a:d1:6f:1a:11:ab:40:
ea:f7:59:04:38:d2:a1:68:74:07:70:1a:10:85:84:18:87:24:
b6:01:93:be:7d:5a:30:a4:93:16:3a:6c:3c:1c:28:d0:3b:c4:
9b:a8:4f:72:95:b9:91:df:13:b1:d1:d0:b2:1b:07:90:89:d3:
00:da:d1:76:a0:81:43:52:c7:66:0d:cd:15:81:e9:ea:09:8d:
a3:59:6a:93:ba:db:9b:4a:26:91:6c:6d:92:de:bb:9c:95:7b:
f9:52:68:4e:4b:0f:ac:dc:4c:d1:28:43:70:ff:1d:ea:93:43:
17:b4:cd:19:3a:92:aa:49:43:f2:42:db:cc:46:79:3b:55:d8:
7a:c8:e7:24:14:e4:07:e7:3d:c5:da:bd:a7:3b:eb:fd:dd:87:
b3:f0:3f:45:a4:d5:c4:95:12:c9:71:54:6c:2e:2e:b7:9f:8a:
36:83:e8:59:ed:17:0a:bc:f4:77:ec:d1:9d:c9:70:3f:ec:cd:
2c:8e:4f:0b:3d:cf:43:f2:f0:d3:06:80:c0:f3:d2:0b:6b:e3:
b9:b2:c3:cc:08:00:7b:34:ba:93:c1:ec:ce:d6:d4:b0:36:52:
3e:43:61:46
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYw0irXb6qxHH6wla211QCn6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTI5YTRkMjJmYWVmMjMxMzVkNmVmZjg5MTIyNjY2MjNj
NDkyNTUwHhcNMjMxMjA0MTExNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGNmYmU1ZjFlNDU1ZjUxYTBlMmE3YjU3ZTYzNGY2NzdjZDNjNTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YGHOdEEqu/9+K05UyRTWRxM1d76
NqmsMxxLpxoDDcFBJmjn9BC/i2fbkXloRN3XiDNCF9QnQCHbI5bbs4miw982C6RQ
CKsdrVoKkHosNSQehDcUcsaiq/APGHirdqqGLobpMV8RtvgXZy44Zg5KI9myED9i
L+iPvoq1EXRTsLHKgJ5Ty9K4kbX6wfaBFkNnZjE28RkGSVlzWRAMIQGDjJ8ra/Fz
5PnH8CYGc7s3d9nQLjBBb2bWybpyZECOIccTe2UKgkUBK78Izm8Ljd42oinUdTy+
xzIsQ5dkF6Euz3eRBnj8sQRkWEBBWDgRqSkWR0I/lkOL2vOC6qbKQlptGwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOjPvl8eRV9RoOKntX5jT2d808V9MB8GA1UdIwQY
MBaAFEtSmk0i+u8jE11u/4kSJmYjxJJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTct
MzZhZTc2ZWU5ODNlLzEvNk0tLVh4NUZYMUdnNHFlMWZtTlBaM3pUeFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTctMzZhZTc2ZWU5ODNl
LzEvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCBQsQMAwD
BAAFCxUDBAAFCxYDBAMFCxgDBAFQ+wowDQYJKoZIhvcNAQELBQADggEBAHNVFG8a
HrZKPkY01/3LSBuTAJbQydk+vvwcxyGnatFvGhGrQOr3WQQ40qFodAdwGhCFhBiH
JLYBk759WjCkkxY6bDwcKNA7xJuoT3KVuZHfE7HR0LIbB5CJ0wDa0XaggUNSx2YN
zRWB6eoJjaNZapO625tKJpFsbZLeu5yVe/lSaE5LD6zcTNEoQ3D/HeqTQxe0zRk6
kqpJQ/JC28xGeTtV2HrI5yQU5AfnPcXavac76/3dh7PwP0Wk1cSVEslxVGwuLref
ijaD6FntFwq89Hfs0Z3JcD/szSyOTws9z0Py8NMGgMDz0gtr47myw8wIAHs0upPB
7M7W1LA2Uj5DYUY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:02 2024 by rpki-client on console-ams.rpki-client.org