Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/sRexSk5p7mGm56N3Mu06_WKWDjs.roa
File: sRexSk5p7mGm56N3Mu06_WKWDjs.roa (raw, json)
Hash identifier: CbwSA4gr7rdB6J36VWrl8yswE3ZZlz4SXcATtQAHT+Y=
Subject key identifier: B1:17:B1:4A:4E:69:EE:61:A6:E7:A3:77:32:ED:3A:FD:62:96:0E:3B
Certificate issuer: /CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Certificate serial: 019320CAECBF3532B42F89286AF9435FF04E
Authority key identifier: E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/sRexSk5p7mGm56N3Mu06_WKWDjs.roa
Signing time: Tue 12 Nov 2024 14:33:09 +0000
ROA not before: Tue 12 Nov 2024 14:33:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41937
IP address blocks: 5.134.104.0/21 maxlen: 24
91.185.96.0/19 maxlen: 24
91.204.52.0/22 maxlen: 24
178.237.216.0/22 maxlen: 22
178.237.216.0/23 maxlen: 23
178.237.216.0/24 maxlen: 24
178.237.217.0/24 maxlen: 24
178.237.218.0/23 maxlen: 23
178.237.218.0/24 maxlen: 24
178.237.219.0/24 maxlen: 24
178.237.220.0/22 maxlen: 22
178.237.220.0/23 maxlen: 23
178.237.220.0/24 maxlen: 24
178.237.221.0/24 maxlen: 24
178.237.222.0/23 maxlen: 23
178.237.222.0/24 maxlen: 24
178.237.223.0/24 maxlen: 24
185.112.20.0/22 maxlen: 24
2a00:8720::/32 maxlen: 48
2a00:cf00::/32 maxlen: 48
2a01:b800::/32 maxlen: 48
2a02:61a0::/32 maxlen: 48
2a03:fc40::/32 maxlen: 48
2a04:1dc0::/29 maxlen: 48
2a06:63c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 13 Nov 2024 08:33:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:20:ca:ec:bf:35:32:b4:2f:89:28:6a:f9:43:5f:f0:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Validity
Not Before: Nov 12 14:33:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b117b14a4e69ee61a6e7a37732ed3afd62960e3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b5:fb:17:74:28:d2:9d:b7:97:ef:3e:92:ed:
ec:5d:12:f6:ab:2e:b4:06:16:f5:d9:11:2c:ef:d8:
b8:c6:c5:5d:59:a3:82:00:fe:b5:1a:93:62:0f:13:
7f:9e:72:c1:cd:cb:8e:52:51:5c:51:f7:f7:9a:ee:
9e:84:6f:6a:94:31:22:3a:d5:fb:ca:ea:6d:6e:0c:
6e:33:99:1b:69:71:48:68:f8:3f:5a:4a:98:1f:69:
ba:37:f9:88:fe:91:1a:ee:a5:d3:83:80:12:46:72:
36:ec:df:41:1e:86:bc:81:60:e6:8d:6f:c4:a3:de:
58:4f:c2:a1:7c:4e:cb:ee:9d:f1:e7:8d:52:df:f0:
c9:68:55:fe:e6:d9:19:aa:14:ae:9e:bf:79:20:55:
ab:a6:f3:2b:c7:38:82:86:ac:b9:3b:28:a3:c1:e6:
86:d5:d1:58:ef:2c:14:69:fe:9e:ac:f1:a7:e4:8c:
fe:bc:4b:73:a9:05:92:ec:2d:6a:87:0f:d2:f9:a0:
8a:ed:86:a6:3f:f6:c9:86:6b:cd:09:4f:e8:58:4f:
64:3f:e1:6b:11:7d:fb:3a:08:62:f6:62:09:95:b2:
44:9a:c8:ae:6c:89:72:a5:2a:cd:da:f8:30:03:f5:
c8:82:fd:b4:ec:3d:a3:45:c2:7a:5e:64:b4:40:fb:
34:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:17:B1:4A:4E:69:EE:61:A6:E7:A3:77:32:ED:3A:FD:62:96:0E:3B
X509v3 Authority Key Identifier:
keyid:E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/sRexSk5p7mGm56N3Mu06_WKWDjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.104.0/21
91.185.96.0/19
91.204.52.0/22
178.237.216.0/21
185.112.20.0/22
IPv6:
2a00:8720::/32
2a00:cf00::/32
2a01:b800::/32
2a02:61a0::/32
2a03:fc40::/32
2a04:1dc0::/29
2a06:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
06:db:96:e8:c5:f8:93:50:ab:2f:aa:41:06:aa:39:64:a0:fb:
cf:4b:02:e0:b8:67:c6:38:95:cc:60:b9:53:ee:12:18:18:69:
34:ba:01:a7:9c:55:f2:62:ee:aa:1b:3d:24:0f:2b:0a:46:4d:
4f:d6:7a:39:b1:c2:bb:8f:72:38:f2:20:e7:e7:bd:70:6d:67:
52:e9:2e:87:f3:65:4c:2e:69:17:a8:1c:bc:12:72:5e:59:c8:
ea:3c:e3:27:e2:3f:63:7d:de:1d:d1:f8:0a:f0:8a:98:86:cb:
89:e1:53:f5:b0:3b:c9:61:ef:d1:74:a3:b1:fe:0f:90:d4:93:
2c:e4:a1:9d:42:37:96:96:33:da:0f:f2:87:79:54:2f:48:ba:
f4:8c:e3:68:10:fa:63:ff:90:26:86:25:04:b6:b8:03:77:5d:
21:e9:c7:34:e7:b0:8e:7e:b4:46:32:99:af:f4:da:72:8f:e4:
f3:3c:79:0c:c7:66:07:25:71:af:7e:1a:43:ce:6e:69:32:cb:
e4:57:1b:69:91:16:8b:f2:34:c1:e1:25:7d:fb:de:d1:f4:cb:
7f:9f:d8:27:e7:5d:ee:3c:01:4a:46:cf:f9:5a:81:21:41:49:
98:19:78:03:9b:d1:d2:5f:4d:7e:88:59:b1:ae:ac:ff:ac:92:
0a:13:b4:3f
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZMgyuy/NTK0L4koavlDX/BOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YjEzMjBmYmMyNGQ2ZjQzNjZjYjY0ZmNmNWVkMmQ3YjFi
NmJkZjcwHhcNMjQxMTEyMTQzMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTE3YjE0YTRlNjllZTYxYTZlN2EzNzczMmVkM2FmZDYyOTYwZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbX7F3Qo0p23l+8+ku3sXRL2qy60
Bhb12REs79i4xsVdWaOCAP61GpNiDxN/nnLBzcuOUlFcUff3mu6ehG9qlDEiOtX7
yuptbgxuM5kbaXFIaPg/WkqYH2m6N/mI/pEa7qXTg4ASRnI27N9BHoa8gWDmjW/E
o95YT8KhfE7L7p3x541S3/DJaFX+5tkZqhSunr95IFWrpvMrxziChqy5OyijweaG
1dFY7ywUaf6erPGn5Iz+vEtzqQWS7C1qhw/S+aCK7YamP/bJhmvNCU/oWE9kP+Fr
EX37Oghi9mIJlbJEmsiubIlypSrN2vgwA/XIgv207D2jRcJ6XmS0QPs0iQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFLEXsUpOae5hpuejdzLtOv1ilg47MB8GA1UdIwQY
MBaAFOmxMg+8JNb0Nmy2T89e0textr33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUt
ZDNlMjgwMGJkNjQwLzEvc1JleFNrNXA3bUdtNTZOM011MDZfV0tXRGpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUtZDNlMjgwMGJkNjQw
LzEvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzAkBAIAATAeAwQDBYZoAwQF
W7lgAwQCW8w0AwQDsu3YAwQCuXAUMDcEAgACMDEDBQAqAIcgAwUAKgDPAAMFACoB
uAADBQAqAmGgAwUAKgP8QAMFAyoEHcADBQMqBmPAMA0GCSqGSIb3DQEBCwUAA4IB
AQAG25boxfiTUKsvqkEGqjlkoPvPSwLguGfGOJXMYLlT7hIYGGk0ugGnnFXyYu6q
Gz0kDysKRk1P1no5scK7j3I48iDn571wbWdS6S6H82VMLmkXqBy8EnJeWcjqPOMn
4j9jfd4d0fgK8IqYhsuJ4VP1sDvJYe/RdKOx/g+Q1JMs5KGdQjeWljPaD/KHeVQv
SLr0jONoEPpj/5AmhiUEtrgDd10h6cc057COfrRGMpmv9Npyj+TzPHkMx2YHJXGv
fhpDzm5pMsvkVxtpkRaL8jTB4SV9+97R9Mt/n9gn513uPAFKRs/5WoEhQUmYGXgD
m9HSX01+iFmxrqz/rJIKE7Q/
-----END CERTIFICATE-----
Generated at Wed Nov 13 10:57:09 2024 by rpki-client on console-fra.rpki-client.org