Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/eysTqDAi6_4Q_Jh5kTiHX3aUnPg.roa
File: eysTqDAi6_4Q_Jh5kTiHX3aUnPg.roa (raw, json)
Hash identifier: H9B/Q6XF89k2yCHKM71jpKQ/9QqMEPkQPN3rH30H1xQ=
Subject key identifier: 7B:2B:13:A8:30:22:EB:FE:10:FC:98:79:91:38:87:5F:76:94:9C:F8
Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255
Certificate serial: 0189F94C344AD2BFFE4FB3D2807C2199482C
Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/eysTqDAi6_4Q_Jh5kTiHX3aUnPg.roa
Signing time: Tue 15 Aug 2023 13:04:28 +0000
ROA not before: Tue 15 Aug 2023 13:04:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42705
IP address blocks: 80.251.0.0/20 maxlen: 20
80.251.10.0/24 maxlen: 24
80.251.11.0/24 maxlen: 24
85.31.64.0/19 maxlen: 24
5.11.16.0/24 maxlen: 24
5.11.17.0/24 maxlen: 24
5.11.16.0/22 maxlen: 22
5.11.18.0/24 maxlen: 24
5.11.24.0/23 maxlen: 23
5.11.24.0/21 maxlen: 21
5.11.21.0/24 maxlen: 24
5.11.22.0/24 maxlen: 24
5.11.24.0/24 maxlen: 24
5.11.26.0/23 maxlen: 23
5.11.25.0/24 maxlen: 24
5.11.26.0/24 maxlen: 24
5.11.27.0/24 maxlen: 24
5.11.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Aug 2023 10:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f9:4c:34:4a:d2:bf:fe:4f:b3:d2:80:7c:21:99:48:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255
Validity
Not Before: Aug 15 13:04:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b2b13a83022ebfe10fc98799138875f76949cf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0e:04:84:d1:73:0d:53:56:d8:3d:4d:be:c0:
84:12:f3:77:ef:63:a0:fb:76:65:e7:ab:fa:10:ed:
7f:ae:36:a2:89:97:7a:a9:59:9d:e2:9f:36:ce:a7:
84:64:65:d0:06:58:e1:5e:5f:e8:13:68:40:41:ec:
89:6c:1a:8b:bb:8e:fa:5c:7e:b3:5a:46:6f:6a:35:
5b:1f:74:a3:b0:75:fc:55:1c:1b:fd:0e:90:52:06:
c2:22:56:79:b6:c1:f9:ca:0c:4f:76:a6:cc:36:6d:
32:24:30:23:1b:7b:15:62:f7:19:ec:93:48:51:81:
cc:1a:d5:85:62:9f:83:b1:06:3b:3c:8c:5a:85:55:
77:10:28:36:8d:b2:ca:c6:66:08:92:5b:86:ef:eb:
6c:a9:67:54:75:d6:f9:20:5b:2f:ab:0d:67:69:55:
89:36:8e:b1:16:9a:02:28:d0:c7:82:d0:fb:b3:57:
40:92:13:bc:eb:76:5b:e7:46:4d:15:0d:0b:82:84:
ca:e1:09:66:3a:44:42:bb:05:0d:f1:55:0c:09:b3:
01:0b:a9:43:02:a5:c3:87:a9:d7:d0:1e:d4:ce:63:
01:c6:1a:0b:bb:eb:f0:bc:4b:41:30:51:e1:dd:b4:
cd:bc:c6:e7:46:2b:ba:ff:26:77:d0:9f:d9:5f:f5:
fe:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:2B:13:A8:30:22:EB:FE:10:FC:98:79:91:38:87:5F:76:94:9C:F8
X509v3 Authority Key Identifier:
keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/eysTqDAi6_4Q_Jh5kTiHX3aUnPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.16.0/22
5.11.21.0-5.11.22.255
5.11.24.0/21
80.251.0.0/20
85.31.64.0/19
Signature Algorithm: sha256WithRSAEncryption
01:6f:f1:7f:3c:77:0d:08:df:34:91:da:e2:2a:2a:2e:cf:7f:
da:e9:1d:e7:be:f1:04:5e:98:9b:3d:54:18:6b:38:6c:c0:01:
bc:e5:cb:17:79:b8:9c:e8:79:53:c4:36:b3:03:d3:66:d1:a4:
b4:59:e2:f2:4c:60:41:ef:dd:7a:94:5b:6b:4e:38:dd:b1:d9:
b3:08:92:69:79:50:84:15:4f:ff:81:fe:83:90:db:d4:01:40:
75:a2:86:2d:d7:cf:f2:f4:67:3c:54:45:e3:d8:8e:8d:fc:2a:
91:a4:05:ee:24:5a:9c:a1:75:f8:97:e1:20:13:4d:91:a6:cf:
7b:bb:07:51:e6:7d:f4:57:dd:10:07:d5:98:c6:b5:fe:d2:f8:
f2:7e:dc:80:bb:36:7e:bf:d2:6c:82:70:04:87:5e:18:3d:26:
2b:4d:ca:e6:a5:d3:53:6d:31:07:19:60:a0:38:3c:e0:99:2f:
4c:a9:7b:48:04:14:8d:44:88:37:f1:65:08:4d:4c:0d:63:31:
a1:82:c4:6e:f4:d1:1d:87:2b:37:6b:c3:20:23:72:82:0c:98:
22:25:10:af:bf:32:c2:c0:e7:e8:02:f2:66:08:5b:98:6d:82:
0f:81:15:6d:37:57:99:68:a4:64:e3:93:fb:f6:44:a1:d4:08:
b1:05:9a:46
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYn5TDRK0r/+T7PSgHwhmUgsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTI5YTRkMjJmYWVmMjMxMzVkNmVmZjg5MTIyNjY2MjNj
NDkyNTUwHhcNMjMwODE1MTMwNDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjJiMTNhODMwMjJlYmZlMTBmYzk4Nzk5MTM4ODc1Zjc2OTQ5Y2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQ4EhNFzDVNW2D1NvsCEEvN372Og
+3Zl56v6EO1/rjaiiZd6qVmd4p82zqeEZGXQBljhXl/oE2hAQeyJbBqLu476XH6z
WkZvajVbH3SjsHX8VRwb/Q6QUgbCIlZ5tsH5ygxPdqbMNm0yJDAjG3sVYvcZ7JNI
UYHMGtWFYp+DsQY7PIxahVV3ECg2jbLKxmYIkluG7+tsqWdUddb5IFsvqw1naVWJ
No6xFpoCKNDHgtD7s1dAkhO863Zb50ZNFQ0LgoTK4QlmOkRCuwUN8VUMCbMBC6lD
AqXDh6nX0B7UzmMBxhoLu+vwvEtBMFHh3bTNvMbnRiu6/yZ30J/ZX/X+1QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHsrE6gwIuv+EPyYeZE4h192lJz4MB8GA1UdIwQY
MBaAFEtSmk0i+u8jE11u/4kSJmYjxJJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTct
MzZhZTc2ZWU5ODNlLzEvZXlzVHFEQWk2XzRRX0poNWtUaUhYM2FVblBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTctMzZhZTc2ZWU5ODNl
LzEvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCBQsQMAwD
BAAFCxUDBAAFCxYDBAMFCxgDBARQ+wADBAVVH0AwDQYJKoZIhvcNAQELBQADggEB
AAFv8X88dw0I3zSR2uIqKi7Pf9rpHee+8QRemJs9VBhrOGzAAbzlyxd5uJzoeVPE
NrMD02bRpLRZ4vJMYEHv3XqUW2tOON2x2bMIkml5UIQVT/+B/oOQ29QBQHWihi3X
z/L0ZzxURePYjo38KpGkBe4kWpyhdfiX4SATTZGmz3u7B1HmffRX3RAH1ZjGtf7S
+PJ+3IC7Nn6/0myCcASHXhg9JitNyual01NtMQcZYKA4POCZL0ype0gEFI1EiDfx
ZQhNTA1jMaGCxG700R2HKzdrwyAjcoIMmCIlEK+/MsLA5+gC8mYIW5htgg+BFW03
V5lopGTjk/v2RKHUCLEFmkY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:02 2024 by rpki-client on console-ams.rpki-client.org