Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/f02661-b591-4f5e-b369-f74a5f2bcb47/1/2QQ6QwVomJ8T4Cr_O9H2_h0TWSk.roa
File: 2QQ6QwVomJ8T4Cr_O9H2_h0TWSk.roa (raw, json)
Hash identifier: Ro5tpZo6ABPiJEED1TqMUGU2X7pHTLsdhH8PDgl8zak=
Subject key identifier: D9:04:3A:43:05:68:98:9F:13:E0:2A:FF:3B:D1:F6:FE:1D:13:59:29
Certificate issuer: /CN=5e8cb6da358a8d2d270c305f8b61f3c990d5766e
Certificate serial: 01856E5D5CB8676B2453C97D5773D53268C4
Authority key identifier: 5E:8C:B6:DA:35:8A:8D:2D:27:0C:30:5F:8B:61:F3:C9:90:D5:76:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xoy22jWKjS0nDDBfi2HzyZDVdm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/f02661-b591-4f5e-b369-f74a5f2bcb47/1/2QQ6QwVomJ8T4Cr_O9H2_h0TWSk.roa
Signing time: Sun 01 Jan 2023 17:24:50 +0000
ROA not before: Sun 01 Jan 2023 17:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28876
IP address blocks: 81.89.160.0/20 maxlen: 20
37.61.128.0/20 maxlen: 20
5.100.0.0/24 maxlen: 24
5.100.0.0/19 maxlen: 19
5.100.0.0/18 maxlen: 18
217.24.56.0/21 maxlen: 21
5.100.32.0/19 maxlen: 19
5.100.32.0/20 maxlen: 20
185.53.216.0/22 maxlen: 22
176.52.192.0/21 maxlen: 21
176.52.192.0/22 maxlen: 22
217.24.48.0/20 maxlen: 20
217.24.48.0/21 maxlen: 21
2a00:9d80::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:5c:b8:67:6b:24:53:c9:7d:57:73:d5:32:68:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e8cb6da358a8d2d270c305f8b61f3c990d5766e
Validity
Not Before: Jan 1 17:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9043a430568989f13e02aff3bd1f6fe1d135929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:95:d5:36:d3:22:1e:0e:08:04:e0:5c:3c:54:
31:f0:db:0b:c4:38:cc:f8:df:13:05:7a:8a:f3:da:
65:1f:91:ab:e2:bf:31:41:65:32:3d:da:ac:f0:b2:
14:48:e2:03:02:ed:bd:df:ab:a9:c1:f5:54:5b:d6:
bd:3f:65:ec:9f:73:22:a1:02:c5:3d:e2:be:22:29:
9f:77:64:69:2e:6d:e5:63:8b:8d:de:13:a2:ba:e3:
ee:fe:b5:b7:c6:f7:e9:50:85:26:89:b9:cb:16:77:
92:e4:57:0b:a1:c4:9b:78:71:97:a2:63:ec:9b:9a:
94:f1:46:72:06:1d:e7:45:fc:79:21:9c:2f:79:cc:
65:20:a1:80:ec:09:cf:f3:4a:85:1e:36:71:96:8a:
93:3d:ec:4f:da:99:65:61:6a:78:ea:d9:b5:c9:34:
63:14:70:69:9b:2c:36:ec:81:4c:03:b5:46:49:07:
c9:53:bc:ca:df:02:12:9a:6c:c4:fb:db:91:e5:23:
82:4c:a1:a4:32:56:a3:cd:e9:60:94:15:c9:d9:33:
1d:7a:da:fa:9b:89:08:57:17:10:88:2b:b0:92:2f:
d8:cb:8a:f1:c6:83:5a:de:a4:f7:fb:61:ec:ec:98:
e7:60:81:f2:f1:65:0e:9b:6f:04:87:89:97:42:c6:
10:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:04:3A:43:05:68:98:9F:13:E0:2A:FF:3B:D1:F6:FE:1D:13:59:29
X509v3 Authority Key Identifier:
keyid:5E:8C:B6:DA:35:8A:8D:2D:27:0C:30:5F:8B:61:F3:C9:90:D5:76:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xoy22jWKjS0nDDBfi2HzyZDVdm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f02661-b591-4f5e-b369-f74a5f2bcb47/1/2QQ6QwVomJ8T4Cr_O9H2_h0TWSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f02661-b591-4f5e-b369-f74a5f2bcb47/1/Xoy22jWKjS0nDDBfi2HzyZDVdm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.0.0/18
37.61.128.0/20
81.89.160.0/20
176.52.192.0/21
185.53.216.0/22
217.24.48.0/20
IPv6:
2a00:9d80::/32
Signature Algorithm: sha256WithRSAEncryption
6e:6c:df:01:96:1c:49:a5:d3:be:79:f8:8d:d0:4c:e7:22:5f:
84:50:e0:de:c9:dd:5b:ee:b7:55:be:55:ed:0e:01:15:a4:0d:
ed:58:73:9c:0b:76:bf:4d:bf:f7:b8:48:e1:87:7f:13:cf:c7:
92:fb:40:e4:bf:3a:ee:ea:0d:7c:3a:63:cf:df:04:ef:bf:85:
64:6b:1b:c6:8d:f9:52:69:66:9c:e4:b2:d3:c4:f1:c9:60:60:
58:e0:0c:79:c9:d0:61:45:a7:bf:8e:45:36:f2:35:74:74:9f:
3c:81:22:bc:01:4f:2c:7f:4e:4b:a8:a0:09:fd:14:97:7c:ae:
75:91:24:54:8f:25:14:6d:72:22:a7:39:6b:1f:95:1b:24:f6:
f7:f8:83:51:b0:c5:55:66:ad:55:7d:f0:f8:6e:f9:e2:4a:29:
ab:79:fc:bc:16:3f:81:c3:bf:a0:75:72:f5:77:ca:60:3b:38:
ff:03:77:f1:f0:a1:15:f5:38:ad:54:31:3d:74:9e:cd:e4:72:
94:61:eb:4c:b2:a5:f7:47:f8:75:84:07:c7:51:0f:59:92:47:
03:8e:fe:15:28:bb:7f:a7:3e:bf:2d:af:74:96:89:e4:24:ba:
0d:b4:a7:6d:d3:64:d1:b6:9c:b8:7c:d3:3e:55:bc:c1:db:1d:
04:26:e2:66
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVuXVy4Z2skU8l9V3PVMmjEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOGNiNmRhMzU4YThkMmQyNzBjMzA1ZjhiNjFmM2M5OTBk
NTc2NmUwHhcNMjMwMTAxMTcyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTA0M2E0MzA1Njg5ODlmMTNlMDJhZmYzYmQxZjZmZTFkMTM1OTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZXVNtMiHg4IBOBcPFQx8NsLxDjM
+N8TBXqK89plH5Gr4r8xQWUyPdqs8LIUSOIDAu2936upwfVUW9a9P2Xsn3MioQLF
PeK+Iimfd2RpLm3lY4uN3hOiuuPu/rW3xvfpUIUmibnLFneS5FcLocSbeHGXomPs
m5qU8UZyBh3nRfx5IZwvecxlIKGA7AnP80qFHjZxloqTPexP2pllYWp46tm1yTRj
FHBpmyw27IFMA7VGSQfJU7zK3wISmmzE+9uR5SOCTKGkMlajzelglBXJ2TMdetr6
m4kIVxcQiCuwki/Yy4rxxoNa3qT3+2Hs7JjnYIHy8WUOm28Eh4mXQsYQewIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFNkEOkMFaJifE+Aq/zvR9v4dE1kpMB8GA1UdIwQY
MBaAFF6Mtto1io0tJwwwX4th88mQ1XZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG95MjJqV0tqUzBuRERCZmkySHp5WkRWZG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9mMDI2NjEtYjU5MS00ZjVlLWIzNjkt
Zjc0YTVmMmJjYjQ3LzEvMlFRNlF3Vm9tSjhUNENyX085SDJfaDBUV1NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9mMDI2NjEtYjU5MS00ZjVlLWIzNjktZjc0YTVmMmJjYjQ3
LzEvWG95MjJqV0tqUzBuRERCZmkySHp5WkRWZG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQGBWQAAwQE
JT2AAwQEUVmgAwQDsDTAAwQCuTXYAwQE2RgwMA0EAgACMAcDBQAqAJ2AMA0GCSqG
SIb3DQEBCwUAA4IBAQBubN8BlhxJpdO+efiN0EznIl+EUODeyd1b7rdVvlXtDgEV
pA3tWHOcC3a/Tb/3uEjhh38Tz8eS+0Dkvzru6g18OmPP3wTvv4VkaxvGjflSaWac
5LLTxPHJYGBY4Ax5ydBhRae/jkU28jV0dJ88gSK8AU8sf05LqKAJ/RSXfK51kSRU
jyUUbXIipzlrH5UbJPb3+INRsMVVZq1VffD4bvniSimrefy8Fj+Bw7+gdXL1d8pg
Ozj/A3fx8KEV9TitVDE9dJ7N5HKUYetMsqX3R/h1hAfHUQ9ZkkcDjv4VKLt/pz6/
La90lonkJLoNtKdt02TRtpy4fNM+VbzB2x0EJuJm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:56 2024 by rpki-client on console-ams.rpki-client.org