Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/V16AcQ7Z1XDqD7pszFil_7ttfgw.roa
File: V16AcQ7Z1XDqD7pszFil_7ttfgw.roa (raw, json)
Hash identifier: +m/rcjgESm24tTJiU9vHU7xs7m1M2Nd6r/Uz8rky+6E=
Subject key identifier: 57:5E:80:71:0E:D9:D5:70:EA:0F:BA:6C:CC:58:A5:FF:BB:6D:7E:0C
Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255
Certificate serial: 018A83203CF04D7D28611173C29ED70614F8
Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/V16AcQ7Z1XDqD7pszFil_7ttfgw.roa
Signing time: Mon 11 Sep 2023 07:24:02 +0000
ROA not before: Mon 11 Sep 2023 07:24:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42705
IP address blocks: 80.251.0.0/20 maxlen: 20
80.251.10.0/24 maxlen: 24
80.251.11.0/24 maxlen: 24
85.31.64.0/19 maxlen: 24
5.11.16.0/24 maxlen: 24
5.11.17.0/24 maxlen: 24
5.11.16.0/22 maxlen: 22
5.11.18.0/24 maxlen: 24
5.11.24.0/23 maxlen: 23
5.11.24.0/21 maxlen: 21
5.11.21.0/24 maxlen: 24
5.11.22.0/24 maxlen: 24
5.11.24.0/24 maxlen: 24
5.11.26.0/23 maxlen: 23
5.11.25.0/24 maxlen: 24
5.11.26.0/24 maxlen: 24
5.11.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Sep 2023 08:22:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:83:20:3c:f0:4d:7d:28:61:11:73:c2:9e:d7:06:14:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255
Validity
Not Before: Sep 11 07:24:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=575e80710ed9d570ea0fba6ccc58a5ffbb6d7e0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b0:81:e0:56:cc:15:36:9b:2a:f3:71:58:59:
f8:55:81:db:77:fb:6f:14:e6:16:c0:8f:c7:8e:11:
73:fb:52:a7:2b:44:c0:7c:fb:31:95:fd:49:d2:d2:
86:bb:b7:eb:97:00:c2:d1:f8:ae:9d:94:a0:09:ae:
72:cc:de:f8:0c:27:a1:91:e6:aa:5d:67:a9:b2:4b:
f8:2a:f9:9f:36:ce:04:73:b8:43:74:f9:62:4f:d4:
ec:e3:42:3a:03:af:60:70:31:8b:4c:1e:3c:f8:17:
d2:ae:de:14:f3:f0:de:43:61:da:66:a0:fc:39:ad:
1a:1b:49:16:01:c6:f9:d9:15:a7:6a:ce:e6:d4:45:
46:7c:de:68:30:76:67:28:a0:05:d9:53:58:dc:48:
55:7a:35:90:36:68:e5:0d:b2:52:57:91:8b:35:f2:
4a:a7:52:55:11:75:f3:7b:a1:ea:0d:b3:4b:f6:27:
cd:f6:74:9e:df:94:62:0d:ba:d7:c2:ed:0d:37:4d:
73:32:b3:9f:b1:d0:e4:41:19:8f:62:b2:7f:9e:1a:
26:1a:30:cb:c5:55:65:0b:40:87:bf:77:6c:d7:3a:
e2:09:22:0c:8b:d6:79:45:4f:22:e1:06:93:db:d6:
05:b8:9a:55:df:b8:e2:ac:bb:f7:22:0c:2c:ad:f2:
72:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:5E:80:71:0E:D9:D5:70:EA:0F:BA:6C:CC:58:A5:FF:BB:6D:7E:0C
X509v3 Authority Key Identifier:
keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/V16AcQ7Z1XDqD7pszFil_7ttfgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.16.0/22
5.11.21.0-5.11.22.255
5.11.24.0/21
80.251.0.0/20
85.31.64.0/19
Signature Algorithm: sha256WithRSAEncryption
a2:27:b5:b6:a2:e0:a8:6d:46:31:bd:ab:6e:fe:12:8d:9b:cc:
6d:84:1d:a3:03:30:70:16:76:92:6f:74:72:c0:c1:10:f8:fc:
74:63:80:db:78:35:a3:be:ff:1f:c5:90:e3:4f:6a:ec:b8:4c:
55:ad:15:e9:39:92:5f:8c:5e:2d:2f:ec:a6:aa:93:82:34:f8:
0a:68:97:bf:9a:d2:63:79:0f:f9:3d:3e:ae:7e:11:22:d2:de:
37:e7:a5:85:b6:ef:c2:95:d9:19:c9:90:b4:29:5f:16:2d:48:
d9:80:25:1d:9d:35:8e:3a:93:04:5f:ec:0d:3c:80:49:34:4a:
13:d9:a6:e6:fe:56:7d:fb:6b:d2:b7:71:d2:7a:bd:61:f4:bd:
fa:0b:5f:fe:09:0f:2d:9d:26:96:39:69:65:67:28:72:cb:4d:
51:11:72:a9:de:99:6f:da:82:82:18:63:80:fe:04:50:7b:3e:
36:cf:4f:f2:39:e9:84:97:63:51:1f:8f:d3:22:4f:55:ce:0f:
f4:4a:06:34:d9:ac:4d:8c:c2:45:d0:d0:7a:24:c2:e0:76:e2:
de:0f:ae:21:38:60:bb:3b:7e:8e:26:8c:ad:46:2a:45:c7:ba:
cc:73:45:ad:65:d3:13:af:ab:78:44:4f:da:16:27:6a:2c:f9:
98:29:fa:fd
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYqDIDzwTX0oYRFzwp7XBhT4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTI5YTRkMjJmYWVmMjMxMzVkNmVmZjg5MTIyNjY2MjNj
NDkyNTUwHhcNMjMwOTExMDcyNDAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzVlODA3MTBlZDlkNTcwZWEwZmJhNmNjYzU4YTVmZmJiNmQ3ZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrCB4FbMFTabKvNxWFn4VYHbd/tv
FOYWwI/HjhFz+1KnK0TAfPsxlf1J0tKGu7frlwDC0fiunZSgCa5yzN74DCehkeaq
XWepskv4KvmfNs4Ec7hDdPliT9Ts40I6A69gcDGLTB48+BfSrt4U8/DeQ2HaZqD8
Oa0aG0kWAcb52RWnas7m1EVGfN5oMHZnKKAF2VNY3EhVejWQNmjlDbJSV5GLNfJK
p1JVEXXze6HqDbNL9ifN9nSe35RiDbrXwu0NN01zMrOfsdDkQRmPYrJ/nhomGjDL
xVVlC0CHv3ds1zriCSIMi9Z5RU8i4QaT29YFuJpV37jirLv3IgwsrfJyNQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFdegHEO2dVw6g+6bMxYpf+7bX4MMB8GA1UdIwQY
MBaAFEtSmk0i+u8jE11u/4kSJmYjxJJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTct
MzZhZTc2ZWU5ODNlLzEvVjE2QWNRN1oxWERxRDdwc3pGaWxfN3R0Zmd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTctMzZhZTc2ZWU5ODNl
LzEvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCBQsQMAwD
BAAFCxUDBAAFCxYDBAMFCxgDBARQ+wADBAVVH0AwDQYJKoZIhvcNAQELBQADggEB
AKIntbai4KhtRjG9q27+Eo2bzG2EHaMDMHAWdpJvdHLAwRD4/HRjgNt4NaO+/x/F
kONPauy4TFWtFek5kl+MXi0v7Kaqk4I0+Apol7+a0mN5D/k9Pq5+ESLS3jfnpYW2
78KV2RnJkLQpXxYtSNmAJR2dNY46kwRf7A08gEk0ShPZpub+Vn37a9K3cdJ6vWH0
vfoLX/4JDy2dJpY5aWVnKHLLTVERcqnemW/agoIYY4D+BFB7PjbPT/I56YSXY1Ef
j9MiT1XOD/RKBjTZrE2MwkXQ0HokwuB24t4PriE4YLs7fo4mjK1GKkXHusxzRa1l
0xOvq3hET9oWJ2os+Zgp+v0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:02 2024 by rpki-client on console-ams.rpki-client.org