Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/brPa8PZNdQcsEUeI9RIGquhtsec.roa
File: brPa8PZNdQcsEUeI9RIGquhtsec.roa (raw, json)
Hash identifier: ftJu4E5Sl1RGhuSPTImjy+IjFKysw2CKASVI7fCiqN0=
Subject key identifier: 6E:B3:DA:F0:F6:4D:75:07:2C:11:47:88:F5:12:06:AA:E8:6D:B1:E7
Certificate issuer: /CN=4283696716dbcc360b9a62ef7d84b4d28f958bdd
Certificate serial: 019218DADA071C05114C61D09FF2864A8D0D
Authority key identifier: 42:83:69:67:16:DB:CC:36:0B:9A:62:EF:7D:84:B4:D2:8F:95:8B:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/brPa8PZNdQcsEUeI9RIGquhtsec.roa
Signing time: Sun 22 Sep 2024 08:30:48 +0000
ROA not before: Sun 22 Sep 2024 08:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29386
IP address blocks: 5.0.160.0/21 maxlen: 21
5.0.168.0/21 maxlen: 21
5.0.176.0/21 maxlen: 21
5.0.184.0/21 maxlen: 21
5.155.128.0/21 maxlen: 21
5.155.136.0/21 maxlen: 21
5.155.144.0/21 maxlen: 21
5.155.152.0/21 maxlen: 21
5.155.160.0/21 maxlen: 21
5.155.168.0/21 maxlen: 21
5.155.176.0/21 maxlen: 21
5.155.184.0/21 maxlen: 21
Validation: Failed, certificate revoked on Sun 22 Sep 2024 21:17:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:18:da:da:07:1c:05:11:4c:61:d0:9f:f2:86:4a:8d:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4283696716dbcc360b9a62ef7d84b4d28f958bdd
Validity
Not Before: Sep 22 08:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6eb3daf0f64d75072c114788f51206aae86db1e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fc:92:ae:f4:48:d8:55:ab:4a:52:d2:b2:65:
cf:42:68:99:d2:9a:84:56:2a:27:3b:e4:37:6f:dd:
fa:b0:b8:5b:74:30:80:68:0d:78:73:5a:75:0b:d7:
39:ac:ee:12:dc:74:28:bd:a5:01:e7:27:8b:1e:b4:
33:32:d8:7f:87:75:42:3d:ab:6f:b3:ae:02:59:8e:
51:e6:e2:86:05:b6:25:be:7f:3b:d3:dd:c7:35:4c:
c1:8f:3e:9b:7c:a2:76:00:11:20:29:2c:bc:7d:95:
4c:49:69:cd:99:e6:a2:54:9e:e5:8f:55:db:b6:01:
b0:b2:0f:14:6f:d9:7f:da:6d:1f:d4:51:5a:42:19:
c8:f5:dc:dc:9f:e7:44:fc:4b:26:33:70:36:29:fc:
9b:4b:a5:44:1d:7f:f6:eb:5e:b8:ac:b3:75:16:84:
e3:ef:d4:4b:cd:84:97:f8:f6:a4:78:df:00:52:c3:
d4:fc:57:9e:ac:a4:de:01:9c:3d:37:ef:bc:0b:c7:
c0:78:f5:b4:5f:c9:9b:5c:d9:58:c0:5c:20:38:ac:
f6:df:fc:84:e7:e7:60:1a:6a:2d:d8:4c:40:1d:c4:
e3:15:1d:f3:83:28:ba:38:47:12:19:ed:06:af:fb:
a2:fb:17:f2:8e:d6:47:ee:ee:6a:d2:c9:04:23:cf:
f8:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:B3:DA:F0:F6:4D:75:07:2C:11:47:88:F5:12:06:AA:E8:6D:B1:E7
X509v3 Authority Key Identifier:
keyid:42:83:69:67:16:DB:CC:36:0B:9A:62:EF:7D:84:B4:D2:8F:95:8B:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/brPa8PZNdQcsEUeI9RIGquhtsec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/QoNpZxbbzDYLmmLvfYS00o-Vi90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.0.160.0/19
5.155.128.0/18
Signature Algorithm: sha256WithRSAEncryption
67:39:68:45:4e:67:4b:fd:81:cb:d2:b9:59:72:81:51:84:55:
62:f3:95:3e:20:3d:ae:fb:3f:a2:d1:3e:4d:21:a5:8f:1e:df:
e7:76:5e:1a:ec:74:73:6b:6d:2b:69:36:34:ab:87:47:64:e7:
66:87:48:46:49:9d:35:bf:c5:64:70:03:db:d1:96:6e:e2:61:
90:01:48:6f:bf:4c:cc:62:01:e9:1f:db:92:e9:df:08:7c:42:
21:60:61:cb:fb:86:f7:6e:6f:5b:44:e6:6c:26:96:ac:63:64:
7e:eb:d2:c8:88:e6:c5:98:01:4b:27:ad:63:4a:6a:a4:67:0e:
77:40:f2:5a:e5:16:48:64:88:55:df:c9:48:8c:8b:11:9b:9b:
31:98:f8:86:24:1f:4d:4b:7c:bf:3b:60:d6:8e:24:22:94:a1:
3d:af:5e:06:79:e7:7a:76:36:48:50:25:9e:e6:91:64:b2:1a:
6c:69:07:46:71:84:48:87:50:c1:93:1f:9e:39:c1:c4:13:de:
57:22:d4:70:16:20:40:42:60:8f:85:28:a7:0c:0f:9a:ae:94:
49:bc:ce:3c:de:b6:61:18:62:68:95:28:2f:a8:0e:30:dc:61:
74:b2:57:53:9e:cb:cc:2b:56:8b:4e:51:b6:23:52:1f:64:ff:
a4:4c:42:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZIY2toHHAURTGHQn/KGSo0NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyODM2OTY3MTZkYmNjMzYwYjlhNjJlZjdkODRiNGQyOGY5
NThiZGQwHhcNMjQwOTIyMDgzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWIzZGFmMGY2NGQ3NTA3MmMxMTQ3ODhmNTEyMDZhYWU4NmRiMWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/ySrvRI2FWrSlLSsmXPQmiZ0pqE
VionO+Q3b936sLhbdDCAaA14c1p1C9c5rO4S3HQovaUB5yeLHrQzMth/h3VCPatv
s64CWY5R5uKGBbYlvn87093HNUzBjz6bfKJ2ABEgKSy8fZVMSWnNmeaiVJ7lj1Xb
tgGwsg8Ub9l/2m0f1FFaQhnI9dzcn+dE/EsmM3A2KfybS6VEHX/26164rLN1FoTj
79RLzYSX+PakeN8AUsPU/FeerKTeAZw9N++8C8fAePW0X8mbXNlYwFwgOKz23/yE
5+dgGmot2ExAHcTjFR3zgyi6OEcSGe0Gr/ui+xfyjtZH7u5q0skEI8/4bQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG6z2vD2TXUHLBFHiPUSBqrobbHnMB8GA1UdIwQY
MBaAFEKDaWcW28w2C5pi732EtNKPlYvdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW9OcFp4YmJ6RFlMbW1MdmZZUzAwby1WaTkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS81NDQyY2UtNDhiYy00MTY0LTkzNTAt
OTI0MGQ5Zjc1YWU2LzEvYnJQYThQWk5kUWNzRVVlSTlSSUdxdWh0c2VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS81NDQyY2UtNDhiYy00MTY0LTkzNTAtOTI0MGQ5Zjc1YWU2
LzEvUW9OcFp4YmJ6RFlMbW1MdmZZUzAwby1WaTkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFBQCgAwQG
BZuAMA0GCSqGSIb3DQEBCwUAA4IBAQBnOWhFTmdL/YHL0rlZcoFRhFVi85U+ID2u
+z+i0T5NIaWPHt/ndl4a7HRza20raTY0q4dHZOdmh0hGSZ01v8VkcAPb0ZZu4mGQ
AUhvv0zMYgHpH9uS6d8IfEIhYGHL+4b3bm9bROZsJpasY2R+69LIiObFmAFLJ61j
SmqkZw53QPJa5RZIZIhV38lIjIsRm5sxmPiGJB9NS3y/O2DWjiQilKE9r14Geed6
djZIUCWe5pFkshpsaQdGcYRIh1DBkx+eOcHEE95XItRwFiBAQmCPhSinDA+arpRJ
vM483rZhGGJolSgvqA4w3GF0sldTnsvMK1aLTlG2I1IfZP+kTELf
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:59 2025 by rpki-client