Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/5DXIUaYSBH166fykjmGJDq22Z7s.roa
File: 5DXIUaYSBH166fykjmGJDq22Z7s.roa (raw, json)
Hash identifier: 8FHN5JmJZXqDnTFnQw1Uuk2kCS6FjddEqF7j6aBJbig=
Subject key identifier: E4:35:C8:51:A6:12:04:7D:7A:E9:FC:A4:8E:61:89:0E:AD:B6:67:BB
Certificate issuer: /CN=44a7e5a33d9c5a965d9fbfdeecdc871af0a5d4f8
Certificate serial: 0194978CFBFA8DD6AE1C9EDFF7CDDABCED34
Authority key identifier: 44:A7:E5:A3:3D:9C:5A:96:5D:9F:BF:DE:EC:DC:87:1A:F0:A5:D4:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RKfloz2cWpZdn7_e7NyHGvCl1Pg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/5DXIUaYSBH166fykjmGJDq22Z7s.roa
Signing time: Fri 24 Jan 2025 09:03:06 +0000
ROA not before: Fri 24 Jan 2025 09:03:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5411
IP address blocks: 82.196.160.0/19 maxlen: 19
82.196.160.0/20 maxlen: 20
82.196.176.0/20 maxlen: 20
185.222.176.0/22 maxlen: 22
185.222.176.0/23 maxlen: 23
185.222.178.0/23 maxlen: 23
193.8.32.0/22 maxlen: 22
193.8.32.0/23 maxlen: 23
193.8.34.0/23 maxlen: 23
193.41.168.0/23 maxlen: 23
193.41.168.0/24 maxlen: 24
193.41.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Jan 2025 15:03:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:97:8c:fb:fa:8d:d6:ae:1c:9e:df:f7:cd:da:bc:ed:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44a7e5a33d9c5a965d9fbfdeecdc871af0a5d4f8
Validity
Not Before: Jan 24 09:03:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e435c851a612047d7ae9fca48e61890eadb667bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c1:5d:d3:99:bb:75:b6:e4:62:29:6c:94:bb:
5f:e4:83:a8:e7:5e:9e:85:2c:77:1c:28:55:f9:ad:
00:75:87:ff:08:a9:63:86:91:fc:fe:e3:3d:a3:54:
58:60:34:c5:4a:fc:14:9a:d0:58:43:31:b1:df:a7:
91:5c:56:a2:44:38:0c:8d:c2:21:76:c5:32:f0:63:
58:e6:e5:19:6c:4f:41:63:ea:a8:c6:9b:cc:a7:5c:
91:4c:a2:bc:4b:e4:2c:8e:b0:54:59:02:43:76:e7:
13:f6:d5:bb:8e:19:90:00:aa:b5:7f:68:77:be:1c:
83:30:dc:84:02:d3:de:a0:e3:7b:81:34:10:aa:de:
17:18:6d:6c:e8:60:68:a4:b5:31:ca:3c:37:27:a3:
a6:00:25:18:85:39:a2:67:fc:d6:34:5f:a4:d9:32:
0a:09:35:c1:75:de:5f:68:df:08:9c:8f:69:54:0c:
06:0c:ae:0f:98:82:94:43:43:23:1e:1b:d9:75:55:
64:f8:ed:64:58:72:de:6b:49:b3:d1:dd:a1:42:84:
36:40:08:4e:73:4c:97:ee:0d:65:b9:8d:09:03:36:
b8:a3:5a:57:24:75:a0:0e:eb:ee:d5:3a:92:df:50:
11:f4:bb:be:af:cb:39:88:03:40:b0:56:ee:2c:d0:
6d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:35:C8:51:A6:12:04:7D:7A:E9:FC:A4:8E:61:89:0E:AD:B6:67:BB
X509v3 Authority Key Identifier:
keyid:44:A7:E5:A3:3D:9C:5A:96:5D:9F:BF:DE:EC:DC:87:1A:F0:A5:D4:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RKfloz2cWpZdn7_e7NyHGvCl1Pg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/5DXIUaYSBH166fykjmGJDq22Z7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/RKfloz2cWpZdn7_e7NyHGvCl1Pg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.196.160.0/19
185.222.176.0/22
193.8.32.0/22
193.41.168.0/23
Signature Algorithm: sha256WithRSAEncryption
93:90:92:ce:28:1c:4c:99:96:31:62:e6:a1:e5:64:cb:aa:8c:
2e:58:e0:98:1f:a6:50:b8:94:7b:0e:8d:28:ba:f0:38:37:90:
87:9a:11:dc:d0:ee:8e:52:8a:4d:f3:75:e5:f5:67:ec:3d:9e:
cd:90:fb:64:7b:05:84:f8:22:28:04:b8:b0:05:99:f6:9f:1f:
db:0f:a8:6b:5d:77:bf:7f:2f:fc:f2:11:e7:56:1b:5c:87:27:
5d:f6:89:5b:53:30:ca:25:9e:9b:54:14:eb:47:29:a1:fa:6b:
e4:05:f4:5d:55:2e:7c:97:74:f2:d8:d9:94:b7:2a:c0:0b:20:
db:95:18:f2:8d:38:48:f6:43:7a:63:81:22:1d:2e:31:43:4e:
5f:cf:99:3b:c5:62:8e:c9:26:c3:e0:22:99:3f:cd:c1:77:60:
40:bd:a4:a6:e9:21:83:bd:16:27:08:8d:2a:af:b2:a4:6e:84:
16:7c:b3:c6:2f:cb:04:8d:69:27:03:f8:4d:44:06:dd:50:9b:
84:60:aa:02:0f:9d:db:dc:cf:86:6a:22:ea:ed:a3:de:cd:d6:
e4:29:ef:25:21:34:68:0d:e2:52:1f:88:bf:21:98:3e:90:d3:
18:02:02:12:18:95:25:cf:ff:c1:f0:57:ae:5b:a1:12:0b:41:
fd:0e:f4:48
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZSXjPv6jdauHJ7f983avO00MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YTdlNWEzM2Q5YzVhOTY1ZDlmYmZkZWVjZGM4NzFhZjBh
NWQ0ZjgwHhcNMjUwMTI0MDkwMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDM1Yzg1MWE2MTIwNDdkN2FlOWZjYTQ4ZTYxODkwZWFkYjY2N2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMFd05m7dbbkYilslLtf5IOo516e
hSx3HChV+a0AdYf/CKljhpH8/uM9o1RYYDTFSvwUmtBYQzGx36eRXFaiRDgMjcIh
dsUy8GNY5uUZbE9BY+qoxpvMp1yRTKK8S+QsjrBUWQJDducT9tW7jhmQAKq1f2h3
vhyDMNyEAtPeoON7gTQQqt4XGG1s6GBopLUxyjw3J6OmACUYhTmiZ/zWNF+k2TIK
CTXBdd5faN8InI9pVAwGDK4PmIKUQ0MjHhvZdVVk+O1kWHLea0mz0d2hQoQ2QAhO
c0yX7g1luY0JAza4o1pXJHWgDuvu1TqS31AR9Lu+r8s5iANAsFbuLNBtowIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOQ1yFGmEgR9eun8pI5hiQ6ttme7MB8GA1UdIwQY
MBaAFESn5aM9nFqWXZ+/3uzchxrwpdT4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUktmbG96MmNXcFpkbjdfZTdOeUhHdkNsMVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wZDgwODgtZWE5My00YWJiLTg5OTYt
MjFjZjU2Y2JjZTEyLzEvNURYSVVhWVNCSDE2NmZ5a2ptR0pEcTIyWjdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wZDgwODgtZWE5My00YWJiLTg5OTYtMjFjZjU2Y2JjZTEy
LzEvUktmbG96MmNXcFpkbjdfZTdOeUhHdkNsMVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFUsSgAwQC
ud6wAwQCwQggAwQBwSmoMA0GCSqGSIb3DQEBCwUAA4IBAQCTkJLOKBxMmZYxYuah
5WTLqowuWOCYH6ZQuJR7Do0ouvA4N5CHmhHc0O6OUopN83Xl9WfsPZ7NkPtkewWE
+CIoBLiwBZn2nx/bD6hrXXe/fy/88hHnVhtchydd9olbUzDKJZ6bVBTrRymh+mvk
BfRdVS58l3Ty2NmUtyrACyDblRjyjThI9kN6Y4EiHS4xQ05fz5k7xWKOySbD4CKZ
P83Bd2BAvaSm6SGDvRYnCI0qr7KkboQWfLPGL8sEjWknA/hNRAbdUJuEYKoCD53b
3M+GaiLq7aPezdbkKe8lITRoDeJSH4i/IZg+kNMYAgISGJUlz//B8FeuW6ESC0H9
DvRI
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:37:13 2025 by rpki-client