Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/I3ulG-gm1GNSRCs819Papx6bhjY.roa
File: I3ulG-gm1GNSRCs819Papx6bhjY.roa (raw, json)
Hash identifier: 1AP9SBcvcpxrLOSf4GT4m5xakcoUYmQep9/yWsTHZBk=
Subject key identifier: 23:7B:A5:1B:E8:26:D4:63:52:44:2B:3C:D7:D3:DA:A7:1E:9B:86:36
Certificate issuer: /CN=75e05bc21b2a6f1033711ffca6491c6c30ce5a4a
Certificate serial: 018CC801111612EEECAA3FDCE02E0C7A662C
Authority key identifier: 75:E0:5B:C2:1B:2A:6F:10:33:71:1F:FC:A6:49:1C:6C:30:CE:5A:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/deBbwhsqbxAzcR_8pkkcbDDOWko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/I3ulG-gm1GNSRCs819Papx6bhjY.roa
Signing time: Tue 02 Jan 2024 02:29:22 +0000
ROA not before: Tue 02 Jan 2024 02:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12956
IP address blocks: 80.76.8.0/21 maxlen: 24
193.36.134.0/23 maxlen: 24
213.140.32.0/19 maxlen: 24
5.255.144.0/21 maxlen: 24
185.153.168.0/22 maxlen: 24
84.16.0.0/19 maxlen: 24
94.142.96.0/19 maxlen: 24
188.214.148.0/23 maxlen: 24
89.32.176.0/21 maxlen: 21
103.244.236.0/22 maxlen: 24
176.52.248.0/21 maxlen: 24
185.43.180.0/22 maxlen: 24
81.173.104.0/21 maxlen: 24
5.53.0.0/21 maxlen: 24
185.210.28.0/22 maxlen: 24
45.135.52.0/22 maxlen: 24
185.190.8.0/22 maxlen: 24
2001:1498::/32 maxlen: 64
Validation: Failed, certificate revoked on Mon 22 Jan 2024 12:55:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:11:16:12:ee:ec:aa:3f:dc:e0:2e:0c:7a:66:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75e05bc21b2a6f1033711ffca6491c6c30ce5a4a
Validity
Not Before: Jan 2 02:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=237ba51be826d46352442b3cd7d3daa71e9b8636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3e:28:7e:27:ca:16:56:f7:5e:6d:7e:e4:58:
34:a5:ae:f9:af:d0:e8:e4:af:05:18:a2:4e:f3:d2:
63:0b:03:e4:b5:94:fa:78:7d:30:59:a2:86:db:be:
f3:4b:85:86:95:1f:27:57:c9:c9:ff:e1:d4:96:c2:
33:0d:5b:ff:da:24:ba:8c:20:bd:6d:3c:db:a5:88:
7d:e7:5b:82:ce:da:95:31:8e:94:01:bd:d4:08:5e:
9f:29:43:47:d6:46:5b:64:e8:4a:c4:58:1c:3d:a5:
dd:e3:fe:03:7f:45:1f:39:fc:33:82:a2:97:19:08:
2b:8f:5f:21:b1:46:5c:79:96:d8:5a:a5:34:5b:5e:
24:c4:13:63:7e:79:e6:ac:21:d8:22:b7:87:37:f2:
8e:73:01:fa:48:79:53:40:4b:9a:cd:c3:e7:a2:e8:
c3:a4:ec:9b:ec:42:76:41:96:38:c4:c6:84:1a:e9:
fb:83:d8:97:ec:7a:f8:40:13:d4:08:97:81:fc:84:
44:d8:4e:b8:b4:85:79:e0:74:20:8d:a0:11:b8:f3:
11:28:13:95:02:ea:98:b2:9e:bb:17:78:cb:da:40:
92:69:aa:1e:60:49:88:6f:ee:58:ec:23:34:27:f8:
fd:32:74:e7:2e:8b:29:c7:06:28:b6:f9:19:bd:2f:
d2:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:7B:A5:1B:E8:26:D4:63:52:44:2B:3C:D7:D3:DA:A7:1E:9B:86:36
X509v3 Authority Key Identifier:
keyid:75:E0:5B:C2:1B:2A:6F:10:33:71:1F:FC:A6:49:1C:6C:30:CE:5A:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/deBbwhsqbxAzcR_8pkkcbDDOWko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/I3ulG-gm1GNSRCs819Papx6bhjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/2b4934-4ea2-45c1-ae07-d45ab7df2de1/1/deBbwhsqbxAzcR_8pkkcbDDOWko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.53.0.0/21
5.255.144.0/21
45.135.52.0/22
80.76.8.0/21
81.173.104.0/21
84.16.0.0/19
89.32.176.0/21
94.142.96.0/19
103.244.236.0/22
176.52.248.0/21
185.43.180.0/22
185.153.168.0/22
185.190.8.0/22
185.210.28.0/22
188.214.148.0/23
193.36.134.0/23
213.140.32.0/19
IPv6:
2001:1498::/32
Signature Algorithm: sha256WithRSAEncryption
40:4d:20:69:44:6e:11:a6:f5:76:b3:77:4b:91:b1:2c:fd:d9:
e3:06:cc:2a:13:3a:bd:d5:cc:75:a7:76:dc:68:70:fc:6e:5a:
e5:ba:17:93:fc:69:e3:cc:77:d4:b6:8b:4c:e2:2a:5a:94:0f:
a6:c1:30:2e:3e:99:55:c4:6f:4a:7f:e5:ea:33:7c:40:b8:71:
8f:30:a5:2b:70:b3:94:06:25:33:cd:21:b6:ff:2e:b8:07:89:
7d:d2:65:f0:fe:da:1c:41:e4:8d:19:0e:58:e2:c8:57:21:0d:
be:2a:51:06:1a:ce:4b:97:a9:c6:54:14:ae:aa:37:94:1e:9c:
7f:51:62:9f:8a:b6:56:cc:77:ef:2d:a5:fd:6a:3e:b2:4c:ee:
d4:f3:77:6c:92:f1:67:bc:22:44:80:07:e6:70:9b:d2:0a:4e:
1e:fd:be:11:45:d8:c2:4d:e3:e6:36:18:be:a1:80:a4:e4:d0:
3b:2a:15:94:e4:bb:94:0c:d4:6c:89:d4:51:99:ba:c1:73:cc:
44:ac:c7:c1:c2:75:c7:a7:e2:9e:1d:ed:a7:95:03:49:0e:0b:
19:5c:c8:a4:67:ea:40:69:f2:00:47:7a:9e:5a:4c:4f:97:31:
1a:ca:e0:de:eb:61:90:5a:73:e6:53:c1:55:d6:fd:87:3e:3d:
df:98:4a:6d
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYzIAREWEu7sqj/c4C4MemYsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZTA1YmMyMWIyYTZmMTAzMzcxMWZmY2E2NDkxYzZjMzBj
ZTVhNGEwHhcNMjQwMTAyMDIyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzdiYTUxYmU4MjZkNDYzNTI0NDJiM2NkN2QzZGFhNzFlOWI4NjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkj4ofifKFlb3Xm1+5Fg0pa75r9Do
5K8FGKJO89JjCwPktZT6eH0wWaKG277zS4WGlR8nV8nJ/+HUlsIzDVv/2iS6jCC9
bTzbpYh951uCztqVMY6UAb3UCF6fKUNH1kZbZOhKxFgcPaXd4/4Df0UfOfwzgqKX
GQgrj18hsUZceZbYWqU0W14kxBNjfnnmrCHYIreHN/KOcwH6SHlTQEuazcPnoujD
pOyb7EJ2QZY4xMaEGun7g9iX7Hr4QBPUCJeB/IRE2E64tIV54HQgjaARuPMRKBOV
AuqYsp67F3jL2kCSaaoeYEmIb+5Y7CM0J/j9MnTnLospxwYotvkZvS/StwIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFCN7pRvoJtRjUkQrPNfT2qcem4Y2MB8GA1UdIwQY
MBaAFHXgW8IbKm8QM3Ef/KZJHGwwzlpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGVCYndoc3FieEF6Y1JfOHBra2NiRERPV2tvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8yYjQ5MzQtNGVhMi00NWMxLWFlMDct
ZDQ1YWI3ZGYyZGUxLzEvSTN1bEctZ20xR05TUkNzODE5UGFweDZiaGpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8yYjQ5MzQtNGVhMi00NWMxLWFlMDctZDQ1YWI3ZGYyZGUx
LzEvZGVCYndoc3FieEF6Y1JfOHBra2NiRERPV2tvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAwU1AAME
AwX/kAMEAi2HNAMEA1BMCAMEA1GtaAMEBVQQAAMEA1kgsAMEBV6OYAMEAmf07AME
A7A0+AMEArkrtAMEArmZqAMEArm+CAMEArnSHAMEAbzWlAMEAcEkhgMEBdWMIDAN
BAIAAjAHAwUAIAEUmDANBgkqhkiG9w0BAQsFAAOCAQEAQE0gaURuEab1drN3S5Gx
LP3Z4wbMKhM6vdXMdad23Ghw/G5a5boXk/xp48x31LaLTOIqWpQPpsEwLj6ZVcRv
Sn/l6jN8QLhxjzClK3CzlAYlM80htv8uuAeJfdJl8P7aHEHkjRkOWOLIVyENvipR
BhrOS5epxlQUrqo3lB6cf1Fin4q2Vsx37y2l/Wo+skzu1PN3bJLxZ7wiRIAH5nCb
0gpOHv2+EUXYwk3j5jYYvqGApOTQOyoVlOS7lAzUbInUUZm6wXPMRKzHwcJ1x6fi
nh3tp5UDSQ4LGVzIpGfqQGnyAEd6nlpMT5cxGsrg3uthkFpz5lPBVdb9hz4935hK
bQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:57 2024 by rpki-client on console-ams.rpki-client.org