Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/F54sQZaWvdQWUhaZrpgUKmARG7Y.roa
File: F54sQZaWvdQWUhaZrpgUKmARG7Y.roa (raw, json)
Hash identifier: vyvtL1QayEyPhUAp0m6hqZHtFvpV/O2E0Qtqh4Yw6no=
Subject key identifier: 17:9E:2C:41:96:96:BD:D4:16:52:16:99:AE:98:14:2A:60:11:1B:B6
Certificate issuer: /CN=a18164d9961a16d2eff773f5027821e9d2bd3740
Certificate serial: 0188F6C9A2D8A681F252D5E8A246C042C1AA
Authority key identifier: A1:81:64:D9:96:1A:16:D2:EF:F7:73:F5:02:78:21:E9:D2:BD:37:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oYFk2ZYaFtLv93P1Angh6dK9N0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/F54sQZaWvdQWUhaZrpgUKmARG7Y.roa
Signing time: Mon 26 Jun 2023 08:19:49 +0000
ROA not before: Mon 26 Jun 2023 08:19:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42652
IP address blocks: 185.7.208.0/22 maxlen: 22
212.43.64.0/19 maxlen: 19
5.100.128.0/20 maxlen: 20
89.21.96.0/19 maxlen: 19
188.210.0.0/18 maxlen: 18
5.45.0.0/21 maxlen: 21
128.0.96.0/21 maxlen: 21
109.75.208.0/20 maxlen: 20
156.67.128.0/20 maxlen: 20
77.244.96.0/20 maxlen: 20
178.76.128.0/18 maxlen: 18
185.18.128.0/22 maxlen: 22
46.165.128.0/18 maxlen: 18
131.117.144.0/20 maxlen: 20
37.157.40.0/21 maxlen: 21
185.74.180.0/22 maxlen: 22
2a01:5c0::/32 maxlen: 32
2a02:6d40::/32 maxlen: 32
2a03:4920::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f6:c9:a2:d8:a6:81:f2:52:d5:e8:a2:46:c0:42:c1:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a18164d9961a16d2eff773f5027821e9d2bd3740
Validity
Not Before: Jun 26 08:19:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=179e2c419696bdd416521699ae98142a60111bb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:fc:0f:94:e7:19:25:97:65:e3:27:a4:de:9a:
47:31:1a:5e:59:53:35:3a:74:cd:17:41:d0:b5:b0:
1a:2b:eb:30:a3:a8:ff:f3:92:ef:62:e3:78:ce:a6:
29:df:12:6b:86:af:20:f4:d5:45:3b:1e:01:b6:f3:
37:d4:a6:58:02:58:32:98:7e:fb:2b:75:bc:c7:e3:
e2:4a:a6:07:11:3d:6f:28:f8:1d:6f:9b:06:4d:6c:
c7:60:ba:c4:43:13:22:a5:f3:6f:fc:1e:eb:03:06:
42:c7:4b:47:6e:c5:17:5e:7d:4d:27:e9:58:55:6f:
92:c2:16:f7:fa:e1:25:55:b0:64:6d:1b:b3:4b:cd:
10:4a:17:ff:ab:5d:6d:92:b7:29:36:64:90:1c:22:
6e:d4:55:67:03:c7:1a:10:8d:77:45:0e:bc:b6:4c:
f5:10:97:a8:52:2a:f2:8d:71:c6:4a:ed:d0:b3:f4:
86:0f:7b:7a:7d:66:19:89:4d:8f:88:b8:1c:f6:bf:
fb:40:28:91:9a:6f:73:74:97:50:54:ae:91:29:bd:
b6:ac:a0:2e:98:00:a5:8a:21:be:02:6c:f5:10:12:
f7:52:d3:2a:0f:21:34:7b:81:7e:ef:e6:0c:17:46:
94:dd:c5:4a:d4:8c:3f:a6:a7:1f:af:5c:3b:30:ed:
20:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:9E:2C:41:96:96:BD:D4:16:52:16:99:AE:98:14:2A:60:11:1B:B6
X509v3 Authority Key Identifier:
keyid:A1:81:64:D9:96:1A:16:D2:EF:F7:73:F5:02:78:21:E9:D2:BD:37:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYFk2ZYaFtLv93P1Angh6dK9N0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/F54sQZaWvdQWUhaZrpgUKmARG7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/oYFk2ZYaFtLv93P1Angh6dK9N0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.0.0/21
5.100.128.0/20
37.157.40.0/21
46.165.128.0/18
77.244.96.0/20
89.21.96.0/19
109.75.208.0/20
128.0.96.0/21
131.117.144.0/20
156.67.128.0/20
178.76.128.0/18
185.7.208.0/22
185.18.128.0/22
185.74.180.0/22
188.210.0.0/18
212.43.64.0/19
IPv6:
2a01:5c0::/32
2a02:6d40::/32
2a03:4920::/32
Signature Algorithm: sha256WithRSAEncryption
28:45:58:50:a8:58:f3:0d:99:c1:7d:a5:ae:5f:68:4f:d7:c9:
79:d9:e9:4d:18:6e:58:76:cf:dd:67:df:bf:c6:26:9a:18:9f:
25:3a:e1:8b:84:b5:8d:12:f1:b8:0c:fc:98:13:4b:18:2c:7b:
d4:32:38:a6:df:00:d1:6d:6a:70:cd:ce:fa:25:e1:14:d8:7d:
db:50:eb:3b:74:fe:c3:5a:e0:00:1c:e3:34:e7:63:a8:9a:07:
4a:21:c8:f5:91:91:ad:1f:12:19:87:5b:47:7f:f9:f6:c7:cb:
d9:79:56:61:2b:b5:0d:0d:26:17:49:0d:9c:5a:6c:fe:d1:50:
46:d5:3f:4e:7c:51:dc:3b:be:05:c6:7b:ed:96:c6:34:94:6d:
98:94:ad:be:b0:f5:4c:2a:6a:b5:54:68:8f:7f:26:60:5b:8d:
28:89:68:53:e6:a8:e1:d3:44:66:58:30:9a:1d:5c:ee:1e:16:
bf:89:e3:b5:a0:dc:43:d9:ce:bb:76:53:57:da:ab:ea:1a:ff:
03:ca:1a:eb:5c:0b:52:87:3b:80:25:47:a5:28:15:5a:94:cf:
8c:b7:25:70:57:57:5b:59:bb:53:46:ad:3b:1a:a1:4e:ae:2d:
5c:7c:00:3c:37:52:86:31:fa:8f:23:30:25:26:5d:d9:76:d0:
5b:94:ec:2a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYj2yaLYpoHyUtXookbAQsGqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODE2NGQ5OTYxYTE2ZDJlZmY3NzNmNTAyNzgyMWU5ZDJi
ZDM3NDAwHhcNMjMwNjI2MDgxOTQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzllMmM0MTk2OTZiZGQ0MTY1MjE2OTlhZTk4MTQyYTYwMTExYmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3PwPlOcZJZdl4yek3ppHMRpeWVM1
OnTNF0HQtbAaK+swo6j/85LvYuN4zqYp3xJrhq8g9NVFOx4BtvM31KZYAlgymH77
K3W8x+PiSqYHET1vKPgdb5sGTWzHYLrEQxMipfNv/B7rAwZCx0tHbsUXXn1NJ+lY
VW+Swhb3+uElVbBkbRuzS80QShf/q11tkrcpNmSQHCJu1FVnA8caEI13RQ68tkz1
EJeoUiryjXHGSu3Qs/SGD3t6fWYZiU2PiLgc9r/7QCiRmm9zdJdQVK6RKb22rKAu
mACliiG+Amz1EBL3UtMqDyE0e4F+7+YMF0aU3cVK1Iw/pqcfr1w7MO0gCQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFBeeLEGWlr3UFlIWma6YFCpgERu2MB8GA1UdIwQY
MBaAFKGBZNmWGhbS7/dz9QJ4IenSvTdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1lGazJaWWFGdEx2OTNQMUFuZ2g2ZEs5TjBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9iOGVkMmQtMzU0NS00NTk5LTk3ZTUt
MTUyMzgwM2ZhZGFmLzEvRjU0c1FaYVd2ZFFXVWhhWnJwZ1VLbUFSRzdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9iOGVkMmQtMzU0NS00NTk5LTk3ZTUtMTUyMzgwM2ZhZGFm
LzEvb1lGazJaWWFGdEx2OTNQMUFuZ2g2ZEs5TjBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTBmBAIAATBgAwQDBS0A
AwQEBWSAAwQDJZ0oAwQGLqWAAwQETfRgAwQFWRVgAwQEbUvQAwQDgABgAwQEg3WQ
AwQEnEOAAwQGskyAAwQCuQfQAwQCuRKAAwQCuUq0AwQGvNIAAwQF1CtAMBsEAgAC
MBUDBQAqAQXAAwUAKgJtQAMFACoDSSAwDQYJKoZIhvcNAQELBQADggEBAChFWFCo
WPMNmcF9pa5faE/XyXnZ6U0Yblh2z91n37/GJpoYnyU64YuEtY0S8bgM/JgTSxgs
e9QyOKbfANFtanDNzvol4RTYfdtQ6zt0/sNa4AAc4zTnY6iaB0ohyPWRka0fEhmH
W0d/+fbHy9l5VmErtQ0NJhdJDZxabP7RUEbVP058Udw7vgXGe+2WxjSUbZiUrb6w
9UwqarVUaI9/JmBbjSiJaFPmqOHTRGZYMJodXO4eFr+J47Wg3EPZzrt2U1faq+oa
/wPKGutcC1KHO4AlR6UoFVqUz4y3JXBXV1tZu1NGrTsaoU6uLVx8ADw3UoYx+o8j
MCUmXdl20FuU7Co=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-fra.rpki-client.org