Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/9cHZBLial0csaP8AEtMEX8w-EZU.roa
File: 9cHZBLial0csaP8AEtMEX8w-EZU.roa (raw, json)
Hash identifier: ObIDQAbE7lkuZQejwde41S1+AqHByf/f1aboi+aV/To=
Subject key identifier: F5:C1:D9:04:B8:9A:97:47:2C:68:FF:00:12:D3:04:5F:CC:3E:11:95
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EE69326A71A24CE62D6CCE324AA2694A2
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/9cHZBLial0csaP8AEtMEX8w-EZU.roa
Signing time: Tue 16 Apr 2024 11:03:07 +0000
ROA not before: Tue 16 Apr 2024 11:03:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42610
IP address blocks: 5.228.0.0/16 maxlen: 16
5.228.80.0/23 maxlen: 23
5.228.82.0/23 maxlen: 23
5.228.112.0/23 maxlen: 23
5.228.114.0/23 maxlen: 23
5.228.116.0/23 maxlen: 23
5.228.118.0/23 maxlen: 23
37.110.0.0/17 maxlen: 17
37.110.128.0/19 maxlen: 19
37.204.0.0/16 maxlen: 16
46.242.0.0/17 maxlen: 17
46.242.8.0/22 maxlen: 22
46.242.12.0/22 maxlen: 22
77.37.128.0/17 maxlen: 17
84.253.64.0/18 maxlen: 18
85.30.192.0/18 maxlen: 18
85.172.171.0/24 maxlen: 24
90.154.64.0/18 maxlen: 18
90.154.70.0/23 maxlen: 23
90.154.72.0/23 maxlen: 23
95.84.128.0/18 maxlen: 18
95.84.192.0/18 maxlen: 18
109.173.0.0/17 maxlen: 17
178.140.0.0/16 maxlen: 16
185.19.20.0/22 maxlen: 22
188.32.0.0/16 maxlen: 16
188.255.0.0/17 maxlen: 17
2a02:2168::/29 maxlen: 29
2a02:2168::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 24 Sep 2024 02:37:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e6:93:26:a7:1a:24:ce:62:d6:cc:e3:24:aa:26:94:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 16 11:03:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5c1d904b89a97472c68ff0012d3045fcc3e1195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0b:99:10:27:06:91:0c:bd:f4:13:26:2a:b0:
2c:6b:a7:89:99:a3:9c:18:90:89:47:26:04:07:79:
10:f3:bf:5a:db:62:3d:7c:6b:83:71:f4:db:e7:5e:
0d:fc:50:9e:5d:54:7f:2e:73:5c:47:0f:24:68:03:
e7:5c:a2:78:6f:91:79:83:71:98:b4:33:cf:a5:5c:
04:fe:b1:a4:9d:f3:60:5d:b3:bc:24:d0:f5:ee:c5:
da:fa:bc:ac:ee:78:50:94:53:71:25:94:98:19:35:
69:e3:0d:11:14:ea:9e:a2:a1:7b:24:cb:13:76:e5:
9f:e4:2d:ba:a6:98:32:93:b2:bf:7d:5a:47:3b:72:
63:eb:8d:95:87:f5:8c:96:57:16:57:f2:97:e4:86:
db:1d:bd:03:18:95:93:89:bb:b3:38:ad:bb:f1:7b:
56:51:ed:91:d7:6e:29:1b:2c:f6:ac:8b:51:51:08:
95:30:60:3d:d1:2d:c3:76:e6:56:1d:8f:5a:fb:bd:
e4:61:93:02:62:d7:a5:cc:0a:cc:bd:ab:12:9e:88:
24:6d:87:5d:56:de:2c:44:a8:12:91:43:20:e7:55:
6c:25:93:b0:e6:7d:91:12:55:87:c0:8b:00:6a:89:
82:7c:2e:fe:6e:93:ab:46:08:85:54:7f:fc:7b:83:
96:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:C1:D9:04:B8:9A:97:47:2C:68:FF:00:12:D3:04:5F:CC:3E:11:95
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/9cHZBLial0csaP8AEtMEX8w-EZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.228.0.0/16
37.110.0.0-37.110.159.255
37.204.0.0/16
46.242.0.0/17
77.37.128.0/17
84.253.64.0/18
85.30.192.0/18
85.172.171.0/24
90.154.64.0/18
95.84.128.0/17
109.173.0.0/17
178.140.0.0/16
185.19.20.0/22
188.32.0.0/16
188.255.0.0/17
IPv6:
2a02:2168::/29
Signature Algorithm: sha256WithRSAEncryption
19:a2:a6:58:15:af:76:6a:d1:3f:66:33:71:d1:1f:b6:a2:67:
d9:5d:2a:3e:1c:98:02:37:ef:24:0b:02:72:fd:e2:44:3b:84:
5a:38:6a:45:68:58:af:9a:a1:96:ac:6b:b1:9d:21:13:e8:fe:
1f:fc:3b:57:bd:a3:40:0c:57:59:6c:89:97:b8:bb:0e:01:b6:
18:d6:10:89:31:e7:3d:67:7d:9c:93:8d:6f:07:c9:70:c5:90:
f4:21:13:76:9e:3c:c8:32:d0:a7:1a:a8:83:42:84:fc:d8:5f:
c8:c4:5e:91:c0:56:bf:50:76:1f:28:d5:5a:cd:89:d7:cd:f1:
cb:cf:7c:ae:bc:f2:14:e7:51:38:f1:a9:6e:54:f2:4c:d4:26:
ae:31:98:5f:8a:1f:c9:aa:52:e0:1c:0d:99:39:32:24:a2:50:
b8:c5:8d:37:6a:de:36:95:2c:04:41:90:dd:aa:cb:5c:83:a7:
45:66:08:4d:31:fa:6a:60:83:65:fe:7e:05:52:ff:6b:70:6f:
f5:2b:e5:df:5d:bb:eb:ab:0d:5f:95:5e:95:82:af:04:4b:ad:
a7:2d:03:64:e9:15:82:e8:54:da:a9:83:92:54:10:dc:1b:f2:
17:6a:3d:b3:16:b5:dc:39:e2:77:fa:c5:d0:0c:0c:d5:62:a4:
22:0f:b1:07
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAY7mkyanGiTOYtbM4ySqJpSiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDE2MTEwMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWMxZDkwNGI4OWE5NzQ3MmM2OGZmMDAxMmQzMDQ1ZmNjM2UxMTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwuZECcGkQy99BMmKrAsa6eJmaOc
GJCJRyYEB3kQ879a22I9fGuDcfTb514N/FCeXVR/LnNcRw8kaAPnXKJ4b5F5g3GY
tDPPpVwE/rGknfNgXbO8JND17sXa+rys7nhQlFNxJZSYGTVp4w0RFOqeoqF7JMsT
duWf5C26ppgyk7K/fVpHO3Jj642Vh/WMllcWV/KX5IbbHb0DGJWTibuzOK278XtW
Ue2R124pGyz2rItRUQiVMGA90S3DduZWHY9a+73kYZMCYtelzArMvasSnogkbYdd
Vt4sRKgSkUMg51VsJZOw5n2RElWHwIsAaomCfC7+bpOrRgiFVH/8e4OWaQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFPXB2QS4mpdHLGj/ABLTBF/MPhGVMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvOWNIWkJMaWFsMGNzYVA4QUV0TUVYOHctRVpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwYwQCAAEwXQMDAAXkMAsD
AwElbgMEBSVugAMDACXMAwQHLvIAAwQHTSWAAwQGVP1AAwQGVR7AAwQAVayrAwQG
WppAAwQHX1SAAwQHba0AAwMAsowDBAK5ExQDAwC8IAMEB7z/ADANBAIAAjAHAwUD
KgIhaDANBgkqhkiG9w0BAQsFAAOCAQEAGaKmWBWvdmrRP2YzcdEftqJn2V0qPhyY
AjfvJAsCcv3iRDuEWjhqRWhYr5qhlqxrsZ0hE+j+H/w7V72jQAxXWWyJl7i7DgG2
GNYQiTHnPWd9nJONbwfJcMWQ9CETdp48yDLQpxqog0KE/NhfyMRekcBWv1B2HyjV
Ws2J183xy898rrzyFOdROPGpblTyTNQmrjGYX4ofyapS4BwNmTkyJKJQuMWNN2re
NpUsBEGQ3arLXIOnRWYITTH6amCDZf5+BVL/a3Bv9Svl312766sNX5VelYKvBEut
py0DZOkVguhU2qmDklQQ3BvyF2o9sxa13Dnid/rF0AwM1WKkIg+xBw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:40:52 2025 by rpki-client