Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/U9f8CwZHRmScmPcDHEjGhN0V0BY.roa
File: U9f8CwZHRmScmPcDHEjGhN0V0BY.roa (raw, json)
Hash identifier: a1FqiqQuJE8yOzBcBxzWcNDruJ2Wn0NKpM93yBmoTyQ=
Subject key identifier: 53:D7:FC:0B:06:47:46:64:9C:98:F7:03:1C:48:C6:84:DD:15:D0:16
Certificate issuer: /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial: 018CC9BB06AC27A3580B62F8A26AADA534AC
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/U9f8CwZHRmScmPcDHEjGhN0V0BY.roa
Signing time: Tue 02 Jan 2024 10:32:06 +0000
ROA not before: Tue 02 Jan 2024 10:32:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36007
IP address blocks: 103.13.211.0/24 maxlen: 24
185.139.228.0/24 maxlen: 24
45.91.171.0/24 maxlen: 24
185.53.209.0/24 maxlen: 24
103.241.66.0/24 maxlen: 24
103.241.67.0/24 maxlen: 24
103.45.245.0/24 maxlen: 24
103.45.246.0/24 maxlen: 24
185.47.172.0/24 maxlen: 24
91.223.169.0/24 maxlen: 24
91.202.170.0/24 maxlen: 24
2a06:c5c0:1700::/48 maxlen: 48
2a06:c5c0:1600::/48 maxlen: 48
2a06:c5c0:1500::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 15 Jan 2024 15:03:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:06:ac:27:a3:58:0b:62:f8:a2:6a:ad:a5:34:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Validity
Not Before: Jan 2 10:32:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53d7fc0b064746649c98f7031c48c684dd15d016
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:fd:58:8e:80:45:a3:6b:03:1b:01:09:59:aa:
99:49:ac:25:1a:99:9e:63:34:c5:cb:5f:f2:fb:9c:
8f:9f:dc:77:99:ab:0c:60:cf:fc:20:0c:4c:f7:ae:
a9:e5:aa:f4:20:37:f4:83:95:86:ed:91:9c:ec:26:
60:cc:98:86:e9:de:b4:10:c6:6a:29:de:0f:05:cc:
74:85:1b:90:ca:8e:ed:38:1d:f6:ef:d7:20:72:5e:
a3:39:4e:17:57:50:81:46:df:0f:74:b6:9e:d0:e6:
27:f8:86:80:15:09:36:df:be:9c:3a:dd:e4:a7:b4:
dd:98:29:03:d4:67:4e:c9:66:3b:3c:d6:19:78:ab:
ec:cd:1d:07:c0:b5:02:52:c7:bd:35:eb:39:cf:a4:
87:fc:9b:d6:76:ac:e4:61:98:e4:20:c4:ff:6c:f0:
5b:f9:0b:af:17:49:10:6d:af:ea:13:8e:f8:2c:74:
17:76:d0:fe:86:ae:7f:a8:8f:30:be:12:c5:c7:a6:
c9:10:c2:96:82:fb:7c:22:c3:6e:1d:ee:f7:5c:a3:
62:69:8b:6d:1a:a5:ab:0a:0d:7b:71:c6:4c:f3:1a:
be:45:e3:76:e0:4e:b0:ca:b1:5e:0d:b5:22:d9:f0:
cc:c5:10:db:b8:11:6b:b6:03:8d:97:76:a5:73:06:
d0:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:D7:FC:0B:06:47:46:64:9C:98:F7:03:1C:48:C6:84:DD:15:D0:16
X509v3 Authority Key Identifier:
keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/U9f8CwZHRmScmPcDHEjGhN0V0BY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.171.0/24
91.202.170.0/24
91.223.169.0/24
103.13.211.0/24
103.45.245.0-103.45.246.255
103.241.66.0/23
185.47.172.0/24
185.53.209.0/24
185.139.228.0/24
IPv6:
2a06:c5c0:1500::/48
2a06:c5c0:1600::/48
2a06:c5c0:1700::/48
Signature Algorithm: sha256WithRSAEncryption
8d:63:36:6c:da:3e:0e:79:34:4a:cb:e2:cb:05:90:4f:b4:8c:
e1:20:29:fe:ac:23:cd:1a:ea:c1:4e:64:76:e5:be:7c:51:21:
80:c3:da:2c:b9:a3:4a:b2:6e:59:02:c9:14:35:60:80:c9:50:
a1:6e:93:e6:da:80:49:3f:d8:b7:75:b8:1a:8d:35:0c:cd:ec:
ad:9b:e8:83:a7:d5:32:f1:27:c4:fb:3a:7b:4b:ee:af:e1:9d:
bd:0f:0b:81:92:09:29:85:2a:e6:c6:5f:87:3b:0c:a8:16:70:
e7:9b:02:1b:b1:fa:fb:ba:04:a6:b4:97:3e:e9:e1:30:de:8c:
49:69:c3:d5:7b:06:c3:88:1d:02:e7:3b:44:41:12:53:da:46:
fe:09:89:ee:08:87:81:bd:88:3e:1b:d2:18:ab:cc:84:69:04:
da:fe:7f:d5:cc:68:ac:98:ad:11:c7:d7:65:d1:fd:65:22:58:
6b:4a:f0:76:b6:ef:15:bf:be:a4:14:40:c4:0a:34:93:a1:03:
cd:d5:0d:8d:f5:d7:a4:7f:92:92:fa:f5:1d:8c:6c:62:98:dc:
f9:30:4f:17:a4:42:9c:3a:aa:1d:25:b4:21:5d:40:94:df:35:
83:3a:c7:4e:87:2b:40:1f:a9:50:59:0f:5a:ca:04:a8:d8:08:
88:85:94:4f
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAYzJuwasJ6NYC2L4omqtpTSsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjQwMTAyMTAzMjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2Q3ZmMwYjA2NDc0NjY0OWM5OGY3MDMxYzQ4YzY4NGRkMTVkMDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiv1YjoBFo2sDGwEJWaqZSawlGpme
YzTFy1/y+5yPn9x3masMYM/8IAxM966p5ar0IDf0g5WG7ZGc7CZgzJiG6d60EMZq
Kd4PBcx0hRuQyo7tOB3279cgcl6jOU4XV1CBRt8PdLae0OYn+IaAFQk2376cOt3k
p7TdmCkD1GdOyWY7PNYZeKvszR0HwLUCUse9Nes5z6SH/JvWdqzkYZjkIMT/bPBb
+QuvF0kQba/qE474LHQXdtD+hq5/qI8wvhLFx6bJEMKWgvt8IsNuHe73XKNiaYtt
GqWrCg17ccZM8xq+ReN24E6wyrFeDbUi2fDMxRDbuBFrtgONl3alcwbQeQIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFFPX/AsGR0ZknJj3AxxIxoTdFdAWMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvVTlmOEN3WkhSbVNjbVBjREhFakdoTjBWMEJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBEBAIAATA+AwQALVurAwQA
W8qqAwQAW9+pAwQAZw3TMAwDBABnLfUDBABnLfYDBAFn8UIDBAC5L6wDBAC5NdED
BAC5i+QwIQQCAAIwGwMHACoGxcAVAAMHACoGxcAWAAMHACoGxcAXADANBgkqhkiG
9w0BAQsFAAOCAQEAjWM2bNo+Dnk0SsviywWQT7SM4SAp/qwjzRrqwU5kduW+fFEh
gMPaLLmjSrJuWQLJFDVggMlQoW6T5tqAST/Yt3W4Go01DM3srZvog6fVMvEnxPs6
e0vur+GdvQ8LgZIJKYUq5sZfhzsMqBZw55sCG7H6+7oEprSXPunhMN6MSWnD1XsG
w4gdAuc7REESU9pG/gmJ7giHgb2IPhvSGKvMhGkE2v5/1cxorJitEcfXZdH9ZSJY
a0rwdrbvFb++pBRAxAo0k6EDzdUNjfXXpH+Skvr1HYxsYpjc+TBPF6RCnDqqHSW0
IV1AlN81gzrHTocrQB+pUFkPWsoEqNgIiIWUTw==
-----END CERTIFICATE-----
Generated at Mon Jan 15 20:07:28 2024 by rpki-client on console-fra.rpki-client.org