Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/nEx4MLqhuGQl9WK34E9eRxKd5VY.roa
File: nEx4MLqhuGQl9WK34E9eRxKd5VY.roa (raw, json)
Hash identifier: 0fFdrBogO1av+bsKEgypN/gJEomXKPOW5rQ7N9oEsyk=
Subject key identifier: 9C:4C:78:30:BA:A1:B8:64:25:F5:62:B7:E0:4F:5E:47:12:9D:E5:56
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 01919D457E1477F719B97DCE498162A23FEE
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/nEx4MLqhuGQl9WK34E9eRxKd5VY.roa
Signing time: Thu 29 Aug 2024 08:34:22 +0000
ROA not before: Thu 29 Aug 2024 08:34:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8439
IP address blocks: 5.28.16.0/20 maxlen: 20
31.28.32.0/19 maxlen: 19
37.9.144.0/20 maxlen: 20
62.106.96.0/19 maxlen: 19
62.106.96.0/20 maxlen: 20
62.106.112.0/21 maxlen: 21
62.106.120.0/21 maxlen: 21
81.28.160.0/19 maxlen: 19
85.114.160.0/19 maxlen: 19
92.240.128.0/20 maxlen: 20
95.128.160.0/21 maxlen: 21
95.128.160.0/22 maxlen: 22
95.128.164.0/22 maxlen: 22
109.226.64.0/18 maxlen: 18
185.10.180.0/22 maxlen: 22
185.50.8.0/22 maxlen: 22
188.122.224.0/19 maxlen: 19
193.106.240.0/22 maxlen: 22
213.178.32.0/21 maxlen: 21
213.178.40.0/21 maxlen: 21
213.178.48.0/20 maxlen: 20
Validation: Failed, certificate revoked on Thu 29 Aug 2024 12:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9d:45:7e:14:77:f7:19:b9:7d:ce:49:81:62:a2:3f:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Aug 29 08:34:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c4c7830baa1b86425f562b7e04f5e47129de556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:6b:68:4c:be:78:f4:54:fb:97:58:8d:e4:fb:
e5:58:4f:1d:aa:98:c7:05:f2:7f:bf:e2:ea:6f:e7:
92:69:1f:46:50:17:65:a1:2f:0f:7d:bd:88:f5:a1:
29:15:12:20:27:51:1a:e1:88:f6:f4:4a:cb:b1:2f:
6e:e7:ad:c5:93:2d:02:6c:43:9a:95:8f:30:98:75:
cf:95:63:b7:e7:db:d2:90:ff:d6:79:bb:4e:95:c9:
f9:00:0c:e1:2a:fb:33:49:bf:54:0f:49:3a:6e:f5:
da:10:46:e2:67:6c:7b:f7:84:e0:3f:c2:9b:ad:ec:
98:5e:a0:fa:80:2f:44:f9:fa:9f:7e:58:ba:2b:61:
2f:67:cb:25:97:2f:88:fd:23:d4:93:9d:25:4f:fa:
50:ae:71:69:5a:45:d1:e5:1f:07:75:89:9d:45:53:
f6:c1:74:64:d9:f8:31:24:9f:ce:90:99:1b:b3:a5:
23:ca:03:1c:d1:b8:73:6d:a9:fa:61:6a:1e:05:ce:
de:4e:68:74:5c:84:eb:5e:25:14:73:36:09:2a:1a:
eb:aa:f9:7e:bb:83:d0:8c:22:e5:56:46:b8:89:2d:
c2:85:b6:a1:a1:b6:88:02:43:8e:ab:27:95:60:07:
d7:e1:13:52:98:e1:79:8b:57:b9:4a:94:95:d5:b7:
28:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:4C:78:30:BA:A1:B8:64:25:F5:62:B7:E0:4F:5E:47:12:9D:E5:56
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/nEx4MLqhuGQl9WK34E9eRxKd5VY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.28.16.0/20
31.28.32.0/19
37.9.144.0/20
62.106.96.0/19
81.28.160.0/19
85.114.160.0/19
92.240.128.0/20
95.128.160.0/21
109.226.64.0/18
185.10.180.0/22
185.50.8.0/22
188.122.224.0/19
193.106.240.0/22
213.178.32.0/19
Signature Algorithm: sha256WithRSAEncryption
75:38:6d:4f:ef:c3:3c:c9:f9:72:6e:62:ec:bf:56:e3:2a:07:
9e:15:54:f7:57:05:61:2c:2b:73:09:4a:59:97:db:27:b2:2a:
dc:40:20:c4:df:f5:d2:2c:72:ef:84:ca:e3:e1:e5:c9:53:6e:
12:58:a9:f1:40:cf:f1:cd:98:46:c8:e0:4c:cd:ff:f4:3c:bf:
02:68:1f:44:59:c3:c8:33:ca:d8:c8:57:49:93:7f:e5:e6:6e:
10:c4:05:ec:38:75:09:c9:85:92:0f:f9:5b:c4:86:93:85:41:
ff:eb:24:90:70:ad:a0:a3:74:7b:1a:36:55:d4:2f:5c:6e:96:
51:d4:08:ee:5b:d0:86:66:d1:75:43:d0:f2:c6:b4:61:02:4d:
5e:d9:e3:4b:cb:52:90:b4:14:99:04:15:15:c0:b5:be:d1:b0:
21:99:54:29:56:17:f8:bd:4c:db:4b:8b:91:71:2c:eb:7d:45:
3e:bd:25:39:74:cb:25:08:67:12:d2:04:c4:b7:88:ef:58:73:
23:a9:4c:f5:94:f7:fd:70:be:63:94:d7:af:e6:9a:9a:a2:ef:
66:6e:3d:d9:53:ac:a8:77:d7:26:a0:cf:18:4a:e8:9f:30:e2:
1f:9f:70:d5:8f:4c:ae:9c:b1:f3:a4:e4:2d:b0:a8:e0:73:cb:
1c:fe:c2:0d
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZGdRX4Ud/cZuX3OSYFioj/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwODI5MDgzNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzRjNzgzMGJhYTFiODY0MjVmNTYyYjdlMDRmNWU0NzEyOWRlNTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4WtoTL549FT7l1iN5PvlWE8dqpjH
BfJ/v+Lqb+eSaR9GUBdloS8Pfb2I9aEpFRIgJ1Ea4Yj29ErLsS9u563Fky0CbEOa
lY8wmHXPlWO359vSkP/WebtOlcn5AAzhKvszSb9UD0k6bvXaEEbiZ2x794TgP8Kb
reyYXqD6gC9E+fqffli6K2EvZ8slly+I/SPUk50lT/pQrnFpWkXR5R8HdYmdRVP2
wXRk2fgxJJ/OkJkbs6UjygMc0bhzban6YWoeBc7eTmh0XITrXiUUczYJKhrrqvl+
u4PQjCLlVka4iS3ChbahobaIAkOOqyeVYAfX4RNSmOF5i1e5SpSV1bcoswIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFJxMeDC6obhkJfVit+BPXkcSneVWMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvbkV4NE1McWh1R1FsOVdLMzRFOWVSeEtkNVZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQEBRwQAwQF
HxwgAwQEJQmQAwQFPmpgAwQFURygAwQFVXKgAwQEXPCAAwQDX4CgAwQGbeJAAwQC
uQq0AwQCuTIIAwQFvHrgAwQCwWrwAwQF1bIgMA0GCSqGSIb3DQEBCwUAA4IBAQB1
OG1P78M8yflybmLsv1bjKgeeFVT3VwVhLCtzCUpZl9snsircQCDE3/XSLHLvhMrj
4eXJU24SWKnxQM/xzZhGyOBMzf/0PL8CaB9EWcPIM8rYyFdJk3/l5m4QxAXsOHUJ
yYWSD/lbxIaThUH/6ySQcK2go3R7GjZV1C9cbpZR1AjuW9CGZtF1Q9DyxrRhAk1e
2eNLy1KQtBSZBBUVwLW+0bAhmVQpVhf4vUzbS4uRcSzrfUU+vSU5dMslCGcS0gTE
t4jvWHMjqUz1lPf9cL5jlNev5pqaou9mbj3ZU6yod9cmoM8YSuifMOIfn3DVj0yu
nLHzpOQtsKjgc8sc/sIN
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:29:55 2025 by rpki-client