Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/qFsWYp8bXspJV8yMkIeXKW_ejD0.roa
File: qFsWYp8bXspJV8yMkIeXKW_ejD0.roa (raw, json)
Hash identifier: HvoANkgRqaRQ4cExDGnBOW460+Y/YQ/UDs3/TPvjdcY=
Subject key identifier: A8:5B:16:62:9F:1B:5E:CA:49:57:CC:8C:90:87:97:29:6F:DE:8C:3D
Certificate issuer: /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial: 018CC9BB090FC3106F2DD364D0F12FE00439
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/qFsWYp8bXspJV8yMkIeXKW_ejD0.roa
Signing time: Tue 02 Jan 2024 10:32:07 +0000
ROA not before: Tue 02 Jan 2024 10:32:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210329
IP address blocks: 81.28.4.0/24 maxlen: 24
81.28.5.0/24 maxlen: 24
194.146.24.0/24 maxlen: 24
63.250.58.0/24 maxlen: 24
195.238.123.0/24 maxlen: 24
185.237.98.0/24 maxlen: 24
185.53.211.0/24 maxlen: 24
91.223.236.0/24 maxlen: 24
185.237.99.0/24 maxlen: 24
185.237.12.0/24 maxlen: 24
185.237.13.0/24 maxlen: 24
194.146.25.0/24 maxlen: 24
83.229.68.0/24 maxlen: 24
83.229.69.0/24 maxlen: 24
83.229.75.0/24 maxlen: 24
103.13.209.0/24 maxlen: 24
103.13.208.0/24 maxlen: 24
103.241.64.0/24 maxlen: 24
45.91.170.0/24 maxlen: 24
185.127.17.0/24 maxlen: 24
185.127.16.0/24 maxlen: 24
185.127.18.0/24 maxlen: 24
185.127.19.0/24 maxlen: 24
103.241.65.0/24 maxlen: 24
212.86.104.0/24 maxlen: 24
212.86.105.0/24 maxlen: 24
91.202.170.0/24 maxlen: 24
2a06:c5c0:600::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 10 Apr 2024 08:36:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:09:0f:c3:10:6f:2d:d3:64:d0:f1:2f:e0:04:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Validity
Not Before: Jan 2 10:32:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a85b16629f1b5eca4957cc8c908797296fde8c3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f7:b2:88:fd:a5:32:53:08:4d:27:d1:f4:73:
bc:aa:39:4b:1f:e4:6b:e3:78:15:f6:e6:1a:03:8a:
db:c2:74:b4:e0:c9:10:13:76:67:dc:56:07:2c:d7:
00:31:1e:f1:aa:3c:d5:b7:fa:c8:99:e8:c5:4f:89:
d1:1e:4c:34:43:8b:e8:85:2a:5d:03:ce:f5:d1:a3:
0d:c1:dd:14:2b:fe:10:19:2b:2d:13:97:b3:6a:68:
e6:8f:e6:2e:0b:6d:7b:19:33:fa:63:37:1b:25:04:
6f:5d:80:ff:74:7c:47:aa:5f:56:a1:1a:a6:db:b2:
be:06:39:d4:bf:50:3f:8e:e2:48:39:4f:b1:3b:66:
10:67:3c:74:60:4e:52:d8:7b:ef:11:db:86:53:82:
e2:0b:d4:97:3b:55:af:8d:d8:be:c8:8c:46:65:d3:
f2:d1:4b:a0:e6:d8:5b:5d:25:ae:d4:4e:5c:90:ec:
23:37:62:b6:88:8b:3c:b7:cc:18:1b:7a:b0:b5:4f:
27:7a:7a:d6:a3:d6:fc:71:26:96:89:8f:d8:a0:53:
48:de:5e:c7:54:51:ca:d8:cd:21:cb:9a:5b:d7:79:
c5:9e:e6:70:05:0b:90:bd:e0:f3:bf:7b:92:7f:7c:
33:c6:96:8f:15:12:fb:08:53:8d:fa:73:7b:82:24:
64:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:5B:16:62:9F:1B:5E:CA:49:57:CC:8C:90:87:97:29:6F:DE:8C:3D
X509v3 Authority Key Identifier:
keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/qFsWYp8bXspJV8yMkIeXKW_ejD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.170.0/24
63.250.58.0/24
81.28.4.0/23
83.229.68.0/23
83.229.75.0/24
91.202.170.0/24
91.223.236.0/24
103.13.208.0/23
103.241.64.0/23
185.53.211.0/24
185.127.16.0/22
185.237.12.0/23
185.237.98.0/23
194.146.24.0/23
195.238.123.0/24
212.86.104.0/23
IPv6:
2a06:c5c0:600::/48
Signature Algorithm: sha256WithRSAEncryption
48:0e:8e:99:64:76:c8:0f:2a:ae:a2:30:ea:d8:68:dd:12:d5:
ca:a0:b8:2a:e4:d3:7f:5c:6f:7c:e1:12:33:7e:82:4e:97:61:
05:b9:b5:da:61:65:49:cd:34:02:c6:9a:7b:cb:05:5d:ff:98:
d1:d6:6e:fe:c7:52:c8:46:68:f2:00:cf:50:03:af:25:d4:81:
4e:00:8b:f0:12:65:b3:f6:36:b9:b7:7c:6a:68:2b:4a:aa:2f:
2c:f3:a1:2f:27:14:c1:ab:c6:3c:61:0e:6e:20:45:f0:53:f9:
7e:3c:b3:6d:9b:9c:fc:69:d4:80:f8:04:1a:4c:83:3f:5d:51:
0b:1d:77:f7:00:24:e5:4c:7f:c4:5c:18:a9:1e:0e:cd:38:40:
45:c9:f6:fc:63:6c:b5:6b:12:84:68:cc:02:1f:41:7e:93:38:
5e:3d:9b:59:4b:3f:8c:89:d9:a8:df:33:69:82:a5:d5:85:a7:
01:61:0c:b4:7c:23:dc:79:77:cc:83:42:c4:2b:eb:05:85:82:
d9:2b:e5:32:e1:3d:57:1d:b9:b8:d7:36:fb:1e:7d:fe:f4:c7:
de:04:cb:df:2b:8a:c9:01:42:e5:eb:76:9f:a5:c3:6b:26:a0:
16:d0:5a:46:26:e9:21:8b:c9:46:ca:86:ae:a4:53:61:c6:4a:
9d:ca:db:d1
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAYzJuwkPwxBvLdNk0PEv4AQ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjQwMTAyMTAzMjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODViMTY2MjlmMWI1ZWNhNDk1N2NjOGM5MDg3OTcyOTZmZGU4YzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPeyiP2lMlMITSfR9HO8qjlLH+Rr
43gV9uYaA4rbwnS04MkQE3Zn3FYHLNcAMR7xqjzVt/rImejFT4nRHkw0Q4vohSpd
A8710aMNwd0UK/4QGSstE5ezamjmj+YuC217GTP6YzcbJQRvXYD/dHxHql9WoRqm
27K+BjnUv1A/juJIOU+xO2YQZzx0YE5S2HvvEduGU4LiC9SXO1Wvjdi+yIxGZdPy
0Uug5thbXSWu1E5ckOwjN2K2iIs8t8wYG3qwtU8nenrWo9b8cSaWiY/YoFNI3l7H
VFHK2M0hy5pb13nFnuZwBQuQveDzv3uSf3wzxpaPFRL7CFON+nN7giRkLwIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFKhbFmKfG17KSVfMjJCHlylv3ow9MB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvcUZzV1lwOGJYc3BKVjh5TWtJZVhLV19lakQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwZgQCAAEwYAMEAC1bqgME
AD/6OgMEAVEcBAMEAVPlRAMEAFPlSwMEAFvKqgMEAFvf7AMEAWcN0AMEAWfxQAME
ALk10wMEArl/EAMEAbntDAMEAbntYgMEAcKSGAMEAMPuewMEAdRWaDAPBAIAAjAJ
AwcAKgbFwAYAMA0GCSqGSIb3DQEBCwUAA4IBAQBIDo6ZZHbIDyquojDq2GjdEtXK
oLgq5NN/XG984RIzfoJOl2EFubXaYWVJzTQCxpp7ywVd/5jR1m7+x1LIRmjyAM9Q
A68l1IFOAIvwEmWz9ja5t3xqaCtKqi8s86EvJxTBq8Y8YQ5uIEXwU/l+PLNtm5z8
adSA+AQaTIM/XVELHXf3ACTlTH/EXBipHg7NOEBFyfb8Y2y1axKEaMwCH0F+kzhe
PZtZSz+Midmo3zNpgqXVhacBYQy0fCPceXfMg0LEK+sFhYLZK+Uy4T1XHbm41zb7
Hn3+9MfeBMvfK4rJAULl63afpcNrJqAW0FpGJukhi8lGyoaupFNhxkqdytvR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:36 2024 by rpki-client on console-ams.rpki-client.org