Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/pG5cD-uejwAMQk4G2mpDBmWzl6I.roa
File: pG5cD-uejwAMQk4G2mpDBmWzl6I.roa (raw, json)
Hash identifier: eT65tnJtwiY1h5vczlOo5irmIuJ4onOv8n5qJ9xrQ9k=
Subject key identifier: A4:6E:5C:0F:EB:9E:8F:00:0C:42:4E:06:DA:6A:43:06:65:B3:97:A2
Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255
Certificate serial: 01894F3C7DCEBA2D29E5B811A14A0DD52DC0
Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/pG5cD-uejwAMQk4G2mpDBmWzl6I.roa
Signing time: Thu 13 Jul 2023 12:31:51 +0000
ROA not before: Thu 13 Jul 2023 12:31:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42705
IP address blocks: 80.251.0.0/20 maxlen: 20
80.251.10.0/24 maxlen: 24
80.251.11.0/24 maxlen: 24
85.31.64.0/19 maxlen: 24
5.11.16.0/24 maxlen: 24
5.11.17.0/24 maxlen: 24
5.11.16.0/22 maxlen: 22
5.11.24.0/24 maxlen: 24
5.11.18.0/24 maxlen: 24
5.11.24.0/23 maxlen: 23
5.11.24.0/21 maxlen: 21
5.11.26.0/23 maxlen: 23
5.11.25.0/24 maxlen: 24
5.11.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Jul 2023 10:40:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4f:3c:7d:ce:ba:2d:29:e5:b8:11:a1:4a:0d:d5:2d:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255
Validity
Not Before: Jul 13 12:31:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a46e5c0feb9e8f000c424e06da6a430665b397a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ce:18:33:ff:5d:81:f7:b0:49:86:64:f7:d9:
85:b9:50:a0:76:ec:b5:f4:25:9f:97:be:ea:9e:bf:
bd:01:e9:e5:15:8a:01:f7:8c:29:df:bb:30:33:95:
2f:1d:43:b6:29:a2:d7:29:bb:14:49:11:ed:da:df:
8f:8d:81:9e:92:7c:5f:eb:22:df:ea:1d:18:c6:43:
60:6e:92:3c:c8:b4:82:58:e7:4d:f1:61:53:db:29:
2c:de:e3:c2:6b:7e:6a:45:fc:a7:3b:a4:09:81:9e:
1e:d3:84:4f:6a:9d:ce:72:f7:45:fb:5c:56:93:ff:
e7:2e:fb:88:1f:8e:8a:e7:37:c5:64:c9:26:ef:cc:
56:d7:10:69:3a:88:a9:ea:b7:5b:c3:df:16:bf:dc:
88:8a:a1:b7:b7:83:ca:80:d6:4d:a6:dd:6d:b0:0f:
72:67:43:c0:60:27:f5:7b:f6:7d:2e:91:44:a0:80:
38:c5:2d:8a:7a:cd:ca:a5:b8:9a:2b:d7:92:a4:66:
30:bd:74:09:6c:38:e7:25:56:95:d7:20:37:4c:cf:
a3:b7:34:51:2f:4a:48:47:46:06:53:52:0e:f8:ba:
ee:d3:39:46:33:38:e5:54:5f:2f:6c:59:7c:6c:22:
a3:e0:94:dd:33:6c:ad:78:b6:bf:1b:3a:d8:03:01:
e5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:6E:5C:0F:EB:9E:8F:00:0C:42:4E:06:DA:6A:43:06:65:B3:97:A2
X509v3 Authority Key Identifier:
keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/pG5cD-uejwAMQk4G2mpDBmWzl6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.16.0/22
5.11.24.0/21
80.251.0.0/20
85.31.64.0/19
Signature Algorithm: sha256WithRSAEncryption
08:79:6d:58:82:a9:8b:55:d1:48:64:0c:31:f1:15:83:29:7f:
90:9e:e6:91:d0:03:78:4f:f2:61:b6:60:e9:85:bf:6a:88:b8:
02:d3:6f:92:2c:74:02:e7:8d:e7:4b:21:3d:53:fe:15:bd:6a:
0b:79:97:5c:8c:54:89:af:99:74:82:dd:84:a4:dc:3d:02:72:
06:6d:0e:22:69:39:c5:b1:b7:1d:ee:bf:a6:58:ce:75:5c:77:
56:6d:55:a6:2c:de:3c:ce:c4:4d:aa:63:c8:1d:bc:34:04:19:
e6:c4:e0:9e:8b:a6:89:04:fb:3a:14:79:c5:bf:29:e3:c6:e5:
5e:70:1e:21:ca:53:cd:93:d1:e9:44:c9:18:90:b6:5b:eb:61:
93:7d:c9:c5:71:63:6e:75:cc:2a:69:63:64:5d:30:02:0b:b9:
bb:74:3f:10:39:e0:bb:8b:51:25:ac:17:c6:31:06:3c:7c:6a:
d0:6e:9c:44:23:d2:c3:06:a2:48:2d:d1:a4:2a:10:c4:17:0b:
8c:68:17:f5:d1:a3:6d:66:b9:c0:e6:1e:01:36:15:24:58:f7:
6b:ea:a6:21:f4:78:02:81:0e:4c:30:5a:3d:c5:fd:b1:97:53:
6e:6a:a5:88:06:88:86:ae:8e:07:18:a4:bb:04:b3:32:28:67:
dc:c6:6a:df
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYlPPH3Oui0p5bgRoUoN1S3AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTI5YTRkMjJmYWVmMjMxMzVkNmVmZjg5MTIyNjY2MjNj
NDkyNTUwHhcNMjMwNzEzMTIzMTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDZlNWMwZmViOWU4ZjAwMGM0MjRlMDZkYTZhNDMwNjY1YjM5N2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAis4YM/9dgfewSYZk99mFuVCgduy1
9CWfl77qnr+9AenlFYoB94wp37swM5UvHUO2KaLXKbsUSRHt2t+PjYGeknxf6yLf
6h0YxkNgbpI8yLSCWOdN8WFT2yks3uPCa35qRfynO6QJgZ4e04RPap3OcvdF+1xW
k//nLvuIH46K5zfFZMkm78xW1xBpOoip6rdbw98Wv9yIiqG3t4PKgNZNpt1tsA9y
Z0PAYCf1e/Z9LpFEoIA4xS2Kes3KpbiaK9eSpGYwvXQJbDjnJVaV1yA3TM+jtzRR
L0pIR0YGU1IO+Lru0zlGMzjlVF8vbFl8bCKj4JTdM2yteLa/GzrYAwHlmwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKRuXA/rno8ADEJOBtpqQwZls5eiMB8GA1UdIwQY
MBaAFEtSmk0i+u8jE11u/4kSJmYjxJJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTct
MzZhZTc2ZWU5ODNlLzEvcEc1Y0QtdWVqd0FNUWs0RzJtcERCbVd6bDZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTctMzZhZTc2ZWU5ODNl
LzEvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBQsQAwQD
BQsYAwQEUPsAAwQFVR9AMA0GCSqGSIb3DQEBCwUAA4IBAQAIeW1YgqmLVdFIZAwx
8RWDKX+QnuaR0AN4T/JhtmDphb9qiLgC02+SLHQC543nSyE9U/4VvWoLeZdcjFSJ
r5l0gt2EpNw9AnIGbQ4iaTnFsbcd7r+mWM51XHdWbVWmLN48zsRNqmPIHbw0BBnm
xOCei6aJBPs6FHnFvynjxuVecB4hylPNk9HpRMkYkLZb62GTfcnFcWNudcwqaWNk
XTACC7m7dD8QOeC7i1ElrBfGMQY8fGrQbpxEI9LDBqJILdGkKhDEFwuMaBf10aNt
ZrnA5h4BNhUkWPdr6qYh9HgCgQ5MMFo9xf2xl1NuaqWIBoiGro4HGKS7BLMyKGfc
xmrf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:02 2024 by rpki-client on console-ams.rpki-client.org