Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/2HR4WhGtHdWwZCF_qJCR6bpnVOc.roa
File: 2HR4WhGtHdWwZCF_qJCR6bpnVOc.roa (raw, json)
Hash identifier: sCjf2vRdCMQxixqXhZYa+G0HSqNCTsOo7WkqOjLkEMQ=
Subject key identifier: D8:74:78:5A:11:AD:1D:D5:B0:64:21:7F:A8:90:91:E9:BA:67:54:E7
Certificate issuer: /CN=4283696716dbcc360b9a62ef7d84b4d28f958bdd
Certificate serial: 019209E0A00C005C3F14BE7B14869C45CBC5
Authority key identifier: 42:83:69:67:16:DB:CC:36:0B:9A:62:EF:7D:84:B4:D2:8F:95:8B:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/2HR4WhGtHdWwZCF_qJCR6bpnVOc.roa
Signing time: Thu 19 Sep 2024 10:42:48 +0000
ROA not before: Thu 19 Sep 2024 10:42:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29386
IP address blocks: 5.0.160.0/21 maxlen: 21
5.0.168.0/21 maxlen: 21
5.0.176.0/21 maxlen: 21
5.0.184.0/21 maxlen: 21
5.155.128.0/21 maxlen: 21
5.155.136.0/21 maxlen: 21
5.155.144.0/21 maxlen: 21
5.155.152.0/21 maxlen: 21
Validation: Failed, certificate revoked on Sun 22 Sep 2024 08:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:09:e0:a0:0c:00:5c:3f:14:be:7b:14:86:9c:45:cb:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4283696716dbcc360b9a62ef7d84b4d28f958bdd
Validity
Not Before: Sep 19 10:42:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d874785a11ad1dd5b064217fa89091e9ba6754e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:90:b3:b4:46:31:2d:ed:f2:3d:a7:54:08:82:
fd:03:ca:d7:40:48:95:07:91:f7:bc:1e:73:69:3b:
fc:66:f8:bb:8f:c3:4c:91:d4:77:b6:40:64:88:10:
3b:75:e6:5f:14:88:ea:12:bb:31:4d:db:af:af:3a:
2c:8d:e6:b9:a0:5b:ff:a7:54:62:68:6f:08:25:4c:
a6:b7:d9:08:9b:26:0f:cf:de:fa:ee:be:6d:d5:a7:
95:49:1d:b3:98:bb:a0:66:72:d0:94:2b:10:9a:bb:
2a:dc:85:da:8b:1e:1a:75:c8:03:8f:c2:37:1d:ed:
44:98:30:59:d4:c3:2a:15:b9:b3:67:60:ef:e9:81:
3e:c8:6b:84:ef:51:e9:c0:e5:6e:40:60:f0:d3:7d:
77:e7:69:2a:a3:3e:d3:6e:44:0c:77:de:6d:f4:b4:
05:01:3a:91:a2:9f:8f:4b:15:31:16:1d:58:ef:26:
cb:07:9a:f9:dd:3f:eb:9c:9a:dd:1b:5a:83:76:d4:
c9:fb:31:ca:e5:d4:2b:35:d9:74:44:9e:10:76:d0:
4a:c2:d8:31:9a:99:17:15:95:8f:a0:d3:69:e7:e3:
a1:b5:ef:f8:81:49:6a:d7:82:a8:26:71:d5:00:35:
83:52:05:19:d0:1f:8b:d9:46:40:9b:c6:0b:50:26:
ce:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:74:78:5A:11:AD:1D:D5:B0:64:21:7F:A8:90:91:E9:BA:67:54:E7
X509v3 Authority Key Identifier:
keyid:42:83:69:67:16:DB:CC:36:0B:9A:62:EF:7D:84:B4:D2:8F:95:8B:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/2HR4WhGtHdWwZCF_qJCR6bpnVOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/QoNpZxbbzDYLmmLvfYS00o-Vi90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.0.160.0/19
5.155.128.0/19
Signature Algorithm: sha256WithRSAEncryption
82:8d:e6:26:c4:18:34:6c:5c:90:03:8f:13:b5:cb:b2:d1:07:
68:bb:ec:3d:36:24:7b:24:9f:45:35:f4:9b:64:a9:4f:0b:5c:
0e:e6:b5:4d:90:0c:6d:fe:af:ef:01:cb:3e:0a:0c:54:83:ac:
6a:bc:2e:45:cf:ef:ac:22:42:84:4e:97:e6:c2:19:6f:b4:00:
45:06:54:5b:15:a4:09:47:be:9d:a9:0f:81:80:ca:d6:d9:82:
8b:33:2f:53:6d:69:c6:d3:a4:dd:a2:44:a0:3e:32:01:11:cb:
8b:ec:d2:86:27:6a:9b:bb:17:e0:30:29:8c:e4:bc:f8:c8:f7:
02:67:87:d4:c2:2e:f6:f5:81:a5:00:63:49:cc:15:c9:ca:4e:
d3:3c:1a:08:e3:ed:9b:02:20:09:32:24:95:51:50:1b:ea:90:
ba:97:33:0f:41:aa:6d:7b:54:e5:e8:90:ec:f1:80:c4:ba:11:
85:dd:71:ab:62:84:58:9b:57:bc:0c:87:83:9a:01:0e:b5:ff:
87:0c:05:7f:3f:72:a5:e5:e1:ef:0d:39:fa:ad:3d:f7:8f:78:
40:e0:2f:eb:43:3c:7d:06:6b:16:79:44:5f:6f:5a:e4:68:7c:
ab:47:5a:b0:13:ea:a9:65:d8:9a:0c:78:12:32:e0:bf:4f:ed:
55:b7:dc:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZIJ4KAMAFw/FL57FIacRcvFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyODM2OTY3MTZkYmNjMzYwYjlhNjJlZjdkODRiNGQyOGY5
NThiZGQwHhcNMjQwOTE5MTA0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODc0Nzg1YTExYWQxZGQ1YjA2NDIxN2ZhODkwOTFlOWJhNjc1NGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZCztEYxLe3yPadUCIL9A8rXQEiV
B5H3vB5zaTv8Zvi7j8NMkdR3tkBkiBA7deZfFIjqErsxTduvrzosjea5oFv/p1Ri
aG8IJUymt9kImyYPz9767r5t1aeVSR2zmLugZnLQlCsQmrsq3IXaix4adcgDj8I3
He1EmDBZ1MMqFbmzZ2Dv6YE+yGuE71HpwOVuQGDw031352kqoz7TbkQMd95t9LQF
ATqRop+PSxUxFh1Y7ybLB5r53T/rnJrdG1qDdtTJ+zHK5dQrNdl0RJ4QdtBKwtgx
mpkXFZWPoNNp5+Ohte/4gUlq14KoJnHVADWDUgUZ0B+L2UZAm8YLUCbOKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNh0eFoRrR3VsGQhf6iQkem6Z1TnMB8GA1UdIwQY
MBaAFEKDaWcW28w2C5pi732EtNKPlYvdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW9OcFp4YmJ6RFlMbW1MdmZZUzAwby1WaTkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS81NDQyY2UtNDhiYy00MTY0LTkzNTAt
OTI0MGQ5Zjc1YWU2LzEvMkhSNFdoR3RIZFd3WkNGX3FKQ1I2YnBuVk9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS81NDQyY2UtNDhiYy00MTY0LTkzNTAtOTI0MGQ5Zjc1YWU2
LzEvUW9OcFp4YmJ6RFlMbW1MdmZZUzAwby1WaTkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFBQCgAwQF
BZuAMA0GCSqGSIb3DQEBCwUAA4IBAQCCjeYmxBg0bFyQA48Ttcuy0Qdou+w9NiR7
JJ9FNfSbZKlPC1wO5rVNkAxt/q/vAcs+CgxUg6xqvC5Fz++sIkKETpfmwhlvtABF
BlRbFaQJR76dqQ+BgMrW2YKLMy9TbWnG06TdokSgPjIBEcuL7NKGJ2qbuxfgMCmM
5Lz4yPcCZ4fUwi729YGlAGNJzBXJyk7TPBoI4+2bAiAJMiSVUVAb6pC6lzMPQapt
e1Tl6JDs8YDEuhGF3XGrYoRYm1e8DIeDmgEOtf+HDAV/P3Kl5eHvDTn6rT33j3hA
4C/rQzx9BmsWeURfb1rkaHyrR1qwE+qpZdiaDHgSMuC/T+1Vt9xl
-----END CERTIFICATE-----
Generated at Sun Sep 22 09:34:01 2024 by rpki-client on console-fra.rpki-client.org