Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/i5e0tezSPc4kjKW65pnq07chvfc.roa
File: i5e0tezSPc4kjKW65pnq07chvfc.roa (raw, json)
Hash identifier: D1hi8xULxG95Nbp58E4qWFTErlecdpoOMJ4I6LBo8CQ=
Subject key identifier: 8B:97:B4:B5:EC:D2:3D:CE:24:8C:A5:BA:E6:99:EA:D3:B7:21:BD:F7
Certificate issuer: /CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
Certificate serial: 0192D22FC0A6BAA69A44118D95DEB775720C
Authority key identifier: 5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/i5e0tezSPc4kjKW65pnq07chvfc.roa
Signing time: Mon 28 Oct 2024 08:13:17 +0000
ROA not before: Mon 28 Oct 2024 08:13:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39386
IP address blocks: 37.224.192.0/24 maxlen: 24
84.235.0.0/17 maxlen: 17
84.235.0.0/24 maxlen: 24
84.235.14.0/24 maxlen: 24
84.235.56.0/23 maxlen: 23
84.235.95.0/24 maxlen: 24
84.235.108.0/24 maxlen: 24
84.235.109.0/24 maxlen: 24
84.235.110.0/24 maxlen: 24
84.235.111.0/24 maxlen: 24
84.235.120.0/22 maxlen: 22
178.86.50.0/24 maxlen: 24
193.19.244.0/24 maxlen: 24
212.118.154.0/24 maxlen: 24
2001:16a0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d2:2f:c0:a6:ba:a6:9a:44:11:8d:95:de:b7:75:72:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
Validity
Not Before: Oct 28 08:13:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b97b4b5ecd23dce248ca5bae699ead3b721bdf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:83:69:70:26:03:3b:2d:9d:52:d8:33:81:21:
0f:c5:fd:ad:a7:49:38:f8:7b:1d:d3:1d:95:53:ad:
95:13:7a:22:ae:2f:0a:7d:01:be:5f:37:86:45:d0:
37:d9:a3:67:a0:1a:5b:2b:79:69:b6:de:32:48:0f:
07:91:a9:e1:35:c1:d4:c4:8c:e6:25:36:3c:d9:a1:
b4:20:2d:21:00:5e:4d:f7:45:ae:cf:88:a1:ab:7e:
88:7a:32:81:d0:ce:47:7a:16:ca:30:7a:57:6e:e9:
88:0f:3b:8d:a0:ef:2b:fe:71:81:32:d8:0a:c2:ab:
84:09:f8:e4:2d:c5:bf:c1:f9:7f:0f:15:7a:cb:87:
59:05:b0:01:cb:bb:73:88:94:c0:6d:18:c5:d7:cd:
c1:29:b5:20:cd:35:b4:4a:a2:b3:9b:9e:0e:94:c5:
ee:f3:ae:6e:43:8c:c7:1d:fd:dc:9a:e8:93:e1:e9:
91:47:b3:5b:cd:cc:b0:9f:c1:92:62:48:21:fd:34:
fe:52:c2:80:fa:0d:46:fb:4b:8b:09:b8:e4:9b:45:
39:3f:48:a2:7e:cf:4f:21:1f:3b:75:6b:f5:e5:c8:
46:6a:a9:cc:3f:4d:0c:27:cd:3d:7b:31:46:f8:fc:
d0:2c:18:28:eb:ad:66:8e:9a:53:7c:29:db:27:a6:
cc:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:97:B4:B5:EC:D2:3D:CE:24:8C:A5:BA:E6:99:EA:D3:B7:21:BD:F7
X509v3 Authority Key Identifier:
keyid:5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/i5e0tezSPc4kjKW65pnq07chvfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.224.192.0/24
84.235.0.0/17
178.86.50.0/24
193.19.244.0/24
212.118.154.0/24
IPv6:
2001:16a0::/29
Signature Algorithm: sha256WithRSAEncryption
8d:c8:e4:8a:de:7b:c0:ad:3b:9b:2e:b6:e3:f3:d7:78:c3:09:
94:ee:92:9c:c5:09:18:b3:a7:2b:16:92:ea:6d:21:b0:b0:24:
71:55:9d:c0:79:24:d5:c6:c0:4d:9c:5c:b6:fa:29:a8:3b:03:
7b:1f:24:ef:eb:7d:93:e4:d2:b0:fb:e3:26:66:dd:42:88:3d:
64:b7:89:b5:2e:51:c8:24:69:5a:19:25:82:25:07:74:7f:26:
db:6c:d8:8f:04:d5:34:b5:e3:c5:39:fa:b1:3c:1c:d7:51:b6:
6e:f1:50:27:33:2a:66:52:8b:86:1d:72:94:15:2c:56:ba:e0:
41:b2:1d:f5:0d:16:89:3d:d8:0e:8f:a6:23:8a:1a:4f:3d:46:
11:8a:70:ab:58:06:74:5d:55:a4:e4:11:59:07:9a:07:f7:35:
6c:83:7a:9d:b6:0c:87:70:c0:e6:3d:07:4f:33:ac:15:69:27:
f7:bc:ca:d4:a6:9b:79:75:c8:52:27:0e:cf:9b:ac:43:60:e4:
12:56:c0:8a:81:9c:22:4b:94:7d:59:99:ae:3f:5f:29:a9:47:
9a:65:66:fe:a0:c7:1e:ab:47:1c:f8:74:0f:16:99:5a:29:4c:
00:19:b5:7e:fe:93:e5:b9:df:38:24:26:7d:f5:04:43:68:6f:
59:ee:df:dc
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZLSL8CmuqaaRBGNld63dXIMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMWJmNmEzMTlkYTI0ODk4MTZhZWRiYTFiNGZkMGNjN2Rk
ZjNlMWUwHhcNMjQxMDI4MDgxMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjk3YjRiNWVjZDIzZGNlMjQ4Y2E1YmFlNjk5ZWFkM2I3MjFiZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoNpcCYDOy2dUtgzgSEPxf2tp0k4
+Hsd0x2VU62VE3oiri8KfQG+XzeGRdA32aNnoBpbK3lptt4ySA8HkanhNcHUxIzm
JTY82aG0IC0hAF5N90Wuz4ihq36IejKB0M5HehbKMHpXbumIDzuNoO8r/nGBMtgK
wquECfjkLcW/wfl/DxV6y4dZBbABy7tziJTAbRjF183BKbUgzTW0SqKzm54OlMXu
865uQ4zHHf3cmuiT4emRR7Nbzcywn8GSYkgh/TT+UsKA+g1G+0uLCbjkm0U5P0ii
fs9PIR87dWv15chGaqnMP00MJ809ezFG+PzQLBgo661mjppTfCnbJ6bM2QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIuXtLXs0j3OJIyluuaZ6tO3Ib33MB8GA1UdIwQY
MBaAFF4b9qMZ2iSJgWrtuhtP0Mx93z4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYt
YjU5MDk1N2Q5NDE1LzEvaTVlMHRlelNQYzRraktXNjVwbnEwN2NodmZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYtYjU5MDk1N2Q5NDE1
LzEvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAJeDAAwQH
VOsAAwQAslYyAwQAwRP0AwQA1HaaMA0EAgACMAcDBQMgARagMA0GCSqGSIb3DQEB
CwUAA4IBAQCNyOSK3nvArTubLrbj89d4wwmU7pKcxQkYs6crFpLqbSGwsCRxVZ3A
eSTVxsBNnFy2+imoOwN7HyTv632T5NKw++MmZt1CiD1kt4m1LlHIJGlaGSWCJQd0
fybbbNiPBNU0tePFOfqxPBzXUbZu8VAnMypmUouGHXKUFSxWuuBBsh31DRaJPdgO
j6YjihpPPUYRinCrWAZ0XVWk5BFZB5oH9zVsg3qdtgyHcMDmPQdPM6wVaSf3vMrU
ppt5dchSJw7Pm6xDYOQSVsCKgZwiS5R9WZmuP18pqUeaZWb+oMceq0cc+HQPFpla
KUwAGbV+/pPlud84JCZ99QRDaG9Z7t/c
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:23 2025 by rpki-client