Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/G2YdQXGLLjN4VcrbLTNzMh0BAWg.roa
File: G2YdQXGLLjN4VcrbLTNzMh0BAWg.roa (raw, json)
Hash identifier: 4XpLqhU/mpwfRppceAtOc6HgbiQK7296Wi/9KgXRNpo=
Subject key identifier: 1B:66:1D:41:71:8B:2E:33:78:55:CA:DB:2D:33:73:32:1D:01:01:68
Certificate issuer: /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial: 018EC727B6A735D7410D5C45C2216346D1F5
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/G2YdQXGLLjN4VcrbLTNzMh0BAWg.roa
Signing time: Wed 10 Apr 2024 08:37:32 +0000
ROA not before: Wed 10 Apr 2024 08:37:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36007
IP address blocks: 45.91.171.0/24 maxlen: 24
91.202.170.0/24 maxlen: 24
91.223.169.0/24 maxlen: 24
103.13.211.0/24 maxlen: 24
103.45.245.0/24 maxlen: 24
103.45.246.0/24 maxlen: 24
103.241.66.0/24 maxlen: 24
103.241.67.0/24 maxlen: 24
185.47.172.0/24 maxlen: 24
185.53.209.0/24 maxlen: 24
185.139.228.0/24 maxlen: 24
185.144.156.0/22 maxlen: 22
193.168.172.0/24 maxlen: 24
2a06:c5c0:1500::/48 maxlen: 48
2a06:c5c0:1600::/48 maxlen: 48
2a06:c5c0:1700::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 10 Apr 2024 08:52:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c7:27:b6:a7:35:d7:41:0d:5c:45:c2:21:63:46:d1:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Validity
Not Before: Apr 10 08:37:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b661d41718b2e337855cadb2d3373321d010168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:35:8d:fc:48:67:81:f7:c1:fa:1d:1c:b0:fb:
8e:aa:09:22:ab:91:7f:0e:26:f8:3e:eb:d7:60:a1:
47:c1:ab:e0:36:cb:6d:52:97:82:42:06:e2:52:7b:
ad:ab:ce:ad:92:83:a7:ed:0d:60:07:0f:ce:93:a0:
b7:8d:16:db:1c:b5:0f:68:aa:44:51:bc:83:26:dc:
50:67:5b:4c:2a:24:97:c5:2c:41:fe:73:99:0d:9b:
ab:60:28:0b:43:b6:cd:30:23:dc:37:f2:6d:65:31:
bd:cb:9e:d6:e4:75:40:a3:a7:96:e1:92:9d:51:13:
1d:68:04:61:39:16:d6:09:ae:ef:a6:93:f2:16:3e:
37:51:9d:c5:c4:d8:c1:ff:c2:9d:fa:28:6a:d1:c6:
ba:72:0c:c1:1d:b4:5e:98:ef:14:d1:d4:09:2e:b2:
fb:f7:a2:60:05:b1:99:62:ec:15:2a:89:f7:fb:e2:
c8:b6:80:40:6e:5d:d2:5e:5f:e4:70:0a:98:d1:0c:
3d:c2:6a:39:83:07:c5:27:f1:78:93:81:64:ec:f4:
ee:8f:c4:6d:e4:b8:57:a5:6a:aa:c2:b4:39:65:50:
f4:91:70:6a:01:63:4d:55:ee:ac:0a:3f:81:aa:ae:
6b:f7:5c:39:4e:1c:b2:3b:89:e3:70:3b:4f:65:2a:
5f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:66:1D:41:71:8B:2E:33:78:55:CA:DB:2D:33:73:32:1D:01:01:68
X509v3 Authority Key Identifier:
keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/G2YdQXGLLjN4VcrbLTNzMh0BAWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.171.0/24
91.202.170.0/24
91.223.169.0/24
103.13.211.0/24
103.45.245.0-103.45.246.255
103.241.66.0/23
185.47.172.0/24
185.53.209.0/24
185.139.228.0/24
185.144.156.0/22
193.168.172.0/24
IPv6:
2a06:c5c0:1500::/48
2a06:c5c0:1600::/48
2a06:c5c0:1700::/48
Signature Algorithm: sha256WithRSAEncryption
e5:49:98:13:ba:18:6a:a1:63:1e:d0:c9:39:71:19:d6:44:8d:
ce:e4:ba:94:8d:4a:33:ab:74:fa:db:4a:c7:6a:a4:31:71:c4:
29:7c:43:51:a0:30:fa:f4:b2:20:7b:10:5e:ee:3b:51:de:d4:
56:29:0e:4b:12:c8:56:fe:a9:d5:30:24:bf:23:fb:cb:26:81:
4b:e1:86:6d:40:48:5f:3c:d6:26:e1:f6:f8:7c:92:fa:db:f1:
d9:f6:61:e0:d3:3a:92:6d:e8:18:dd:9b:42:5b:da:46:3b:cb:
6b:8a:1e:fa:b4:8f:a5:3f:e0:3f:ca:9a:34:32:f9:d5:7c:1e:
cc:d8:39:7f:5f:07:1a:bc:5f:36:ab:b2:1a:b8:f3:67:c2:6b:
ff:f4:ff:31:13:66:a1:e2:92:c1:c7:5f:49:4e:4b:85:ca:bc:
1f:27:cb:f5:f1:93:2b:24:30:d2:6e:c6:af:76:3a:d1:9b:8f:
95:e7:b3:37:67:ce:53:70:3a:4c:2d:3d:5b:a7:46:e1:c6:39:
c3:16:28:1b:e0:91:25:39:88:ae:d0:22:e1:fb:8c:14:65:4a:
63:bd:92:8c:0b:cd:3c:4b:8c:f3:59:0f:8e:1e:8d:a8:9a:28:
fa:99:3e:5a:b8:a2:1a:d8:29:50:cb:5d:b6:5c:46:ff:89:3c:
78:73:6e:48
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAY7HJ7anNddBDVxFwiFjRtH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjQwNDEwMDgzNzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjY2MWQ0MTcxOGIyZTMzNzg1NWNhZGIyZDMzNzMzMjFkMDEwMTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTWN/EhngffB+h0csPuOqgkiq5F/
Dib4PuvXYKFHwavgNsttUpeCQgbiUnutq86tkoOn7Q1gBw/Ok6C3jRbbHLUPaKpE
UbyDJtxQZ1tMKiSXxSxB/nOZDZurYCgLQ7bNMCPcN/JtZTG9y57W5HVAo6eW4ZKd
URMdaARhORbWCa7vppPyFj43UZ3FxNjB/8Kd+ihq0ca6cgzBHbRemO8U0dQJLrL7
96JgBbGZYuwVKon3++LItoBAbl3SXl/kcAqY0Qw9wmo5gwfFJ/F4k4Fk7PTuj8Rt
5LhXpWqqwrQ5ZVD0kXBqAWNNVe6sCj+Bqq5r91w5ThyyO4njcDtPZSpfFQIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFBtmHUFxiy4zeFXK2y0zczIdAQFoMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvRzJZZFFYR0xMak40VmNyYkxUTnpNaDBCQVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwUAQCAAEwSgMEAC1bqwME
AFvKqgMEAFvfqQMEAGcN0zAMAwQAZy31AwQAZy32AwQBZ/FCAwQAuS+sAwQAuTXR
AwQAuYvkAwQCuZCcAwQAwaisMCEEAgACMBsDBwAqBsXAFQADBwAqBsXAFgADBwAq
BsXAFwAwDQYJKoZIhvcNAQELBQADggEBAOVJmBO6GGqhYx7QyTlxGdZEjc7kupSN
SjOrdPrbSsdqpDFxxCl8Q1GgMPr0siB7EF7uO1He1FYpDksSyFb+qdUwJL8j+8sm
gUvhhm1ASF881ibh9vh8kvrb8dn2YeDTOpJt6Bjdm0Jb2kY7y2uKHvq0j6U/4D/K
mjQy+dV8HszYOX9fBxq8Xzarshq482fCa//0/zETZqHiksHHX0lOS4XKvB8ny/Xx
kyskMNJuxq92OtGbj5XnszdnzlNwOkwtPVunRuHGOcMWKBvgkSU5iK7QIuH7jBRl
SmO9kowLzTxLjPNZD44ejaiaKPqZPlq4ohrYKVDLXbZcRv+JPHhzbkg=
-----END CERTIFICATE-----
Generated at Wed Apr 10 14:01:34 2024 by rpki-client on console-fra.rpki-client.org