Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/pEcYdZg_1hb9SmOxZZSj4ZA6Ey8.roa
File: pEcYdZg_1hb9SmOxZZSj4ZA6Ey8.roa (raw, json)
Hash identifier: d7s93kD0NQIpcwcBEdnl6Iy8mNE08vQwChRyzf1qdmI=
Subject key identifier: A4:47:18:75:98:3F:D6:16:FD:4A:63:B1:65:94:A3:E1:90:3A:13:2F
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EE661B82FE7287D9471A513BF123F0CC7
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/pEcYdZg_1hb9SmOxZZSj4ZA6Ey8.roa
Signing time: Tue 16 Apr 2024 10:09:07 +0000
ROA not before: Tue 16 Apr 2024 10:09:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42610
IP address blocks: 5.228.0.0/16 maxlen: 16
5.228.80.0/23 maxlen: 23
5.228.82.0/23 maxlen: 23
5.228.112.0/23 maxlen: 23
5.228.114.0/23 maxlen: 23
5.228.116.0/23 maxlen: 23
5.228.118.0/23 maxlen: 23
37.110.0.0/17 maxlen: 17
37.110.128.0/19 maxlen: 19
37.204.0.0/16 maxlen: 16
46.242.0.0/17 maxlen: 17
46.242.8.0/22 maxlen: 22
46.242.12.0/22 maxlen: 22
77.37.128.0/17 maxlen: 17
85.172.171.0/24 maxlen: 24
109.173.0.0/17 maxlen: 17
178.140.0.0/16 maxlen: 16
185.19.20.0/22 maxlen: 22
188.32.0.0/16 maxlen: 16
188.255.0.0/17 maxlen: 17
2a02:2168::/29 maxlen: 29
2a02:2168::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 16 Apr 2024 11:03:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e6:61:b8:2f:e7:28:7d:94:71:a5:13:bf:12:3f:0c:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 16 10:09:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4471875983fd616fd4a63b16594a3e1903a132f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:3c:47:50:a7:73:c8:b2:c9:0a:ad:76:71:e2:
9d:5d:7f:99:a6:f2:a3:50:22:f3:43:76:3b:39:e1:
9d:1d:e8:19:8c:34:56:14:6e:28:28:9c:42:42:76:
39:ef:24:14:88:7e:85:93:2c:5b:65:df:a0:69:4d:
24:8e:f6:d1:02:58:f1:50:3d:f2:b6:2e:48:e9:8d:
db:78:2c:ea:7a:d9:c8:7e:52:bf:5d:3d:98:07:42:
be:fd:b3:24:05:1c:aa:82:09:1c:1a:84:4f:83:22:
f0:a8:b8:50:2c:51:60:99:46:68:e8:20:38:0d:f7:
ca:72:3f:56:ac:b1:69:b6:09:05:7c:7a:42:eb:43:
04:b5:a7:7b:3f:8d:07:4f:c2:2c:0b:b9:99:b8:cd:
91:b1:24:b4:f1:65:79:6b:61:f2:cd:20:d9:2e:8c:
14:84:7b:07:6b:d8:e2:f4:a9:fd:e6:3d:98:f4:65:
31:f2:c3:00:34:a4:62:8f:c8:a6:01:e9:cf:8f:47:
b9:90:cd:8b:83:de:b7:a9:c0:4f:cf:f9:2e:4a:31:
54:a1:b7:65:cc:6d:95:1e:62:8a:93:8a:72:1d:13:
5e:98:ff:d2:ea:58:84:62:22:5b:3e:36:0a:af:eb:
9b:e0:39:47:6b:5a:a1:a6:23:ea:d9:dd:84:b7:31:
66:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:47:18:75:98:3F:D6:16:FD:4A:63:B1:65:94:A3:E1:90:3A:13:2F
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/pEcYdZg_1hb9SmOxZZSj4ZA6Ey8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.228.0.0/16
37.110.0.0-37.110.159.255
37.204.0.0/16
46.242.0.0/17
77.37.128.0/17
85.172.171.0/24
109.173.0.0/17
178.140.0.0/16
185.19.20.0/22
188.32.0.0/16
188.255.0.0/17
IPv6:
2a02:2168::/29
Signature Algorithm: sha256WithRSAEncryption
62:14:d7:f9:6a:c8:3e:39:ef:70:74:a0:54:33:2c:70:63:c3:
ae:aa:d9:59:19:4d:22:14:d6:f5:b3:aa:70:bc:fd:9e:a2:d5:
59:d4:b4:66:ee:37:a0:d7:d7:ab:9a:0b:f2:f6:87:44:a7:bb:
db:30:c2:73:bb:e5:91:48:f7:0d:14:ea:f1:37:e9:ac:62:e8:
45:d4:ec:19:6f:5b:35:24:4b:d8:b0:77:49:63:26:67:c2:95:
18:35:4e:2f:8e:b1:6f:70:68:73:e6:dc:48:79:f2:a8:fc:3e:
5a:17:f5:fe:6b:fe:2d:ea:20:69:80:3f:35:85:f6:89:9a:2d:
22:f9:03:42:1a:ee:9f:5c:6e:29:ad:40:ef:2f:90:72:3d:8f:
81:f5:7c:ac:54:07:ae:e4:8a:05:e6:e9:97:45:fe:7d:80:35:
0a:a1:cd:76:d8:39:1b:d9:d1:8d:00:1e:8e:2f:c2:ee:62:aa:
06:16:6f:d1:be:bd:f0:ff:50:7c:02:d2:e9:6d:e6:8e:b9:78:
f9:d0:a6:22:05:b4:b5:94:cc:9e:65:ac:fb:60:c2:22:95:c1:
6a:d6:14:24:c4:99:fe:d6:0b:55:e4:42:8a:b8:2e:4e:18:03:
d1:54:a7:f7:a6:38:61:6c:2f:f7:f4:d0:3e:90:fc:16:92:e2:
93:f2:08:c5
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAY7mYbgv5yh9lHGlE78SPwzHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDE2MTAwOTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDQ3MTg3NTk4M2ZkNjE2ZmQ0YTYzYjE2NTk0YTNlMTkwM2ExMzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjxHUKdzyLLJCq12ceKdXX+ZpvKj
UCLzQ3Y7OeGdHegZjDRWFG4oKJxCQnY57yQUiH6FkyxbZd+gaU0kjvbRAljxUD3y
ti5I6Y3beCzqetnIflK/XT2YB0K+/bMkBRyqggkcGoRPgyLwqLhQLFFgmUZo6CA4
DffKcj9WrLFptgkFfHpC60MEtad7P40HT8IsC7mZuM2RsSS08WV5a2HyzSDZLowU
hHsHa9ji9Kn95j2Y9GUx8sMANKRij8imAenPj0e5kM2Lg963qcBPz/kuSjFUobdl
zG2VHmKKk4pyHRNemP/S6liEYiJbPjYKr+ub4DlHa1qhpiPq2d2EtzFm3QIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFKRHGHWYP9YW/UpjsWWUo+GQOhMvMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvcEVjWWRaZ18xaGI5U21PeFpaU2o0WkE2RXk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBLBAIAATBFAwMABeQwCwMD
ASVuAwQFJW6AAwMAJcwDBAcu8gADBAdNJYADBABVrKsDBAdtrQADAwCyjAMEArkT
FAMDALwgAwQHvP8AMA0EAgACMAcDBQMqAiFoMA0GCSqGSIb3DQEBCwUAA4IBAQBi
FNf5asg+Oe9wdKBUMyxwY8OuqtlZGU0iFNb1s6pwvP2eotVZ1LRm7jeg19ermgvy
9odEp7vbMMJzu+WRSPcNFOrxN+msYuhF1OwZb1s1JEvYsHdJYyZnwpUYNU4vjrFv
cGhz5txIefKo/D5aF/X+a/4t6iBpgD81hfaJmi0i+QNCGu6fXG4prUDvL5ByPY+B
9XysVAeu5IoF5umXRf59gDUKoc122Dkb2dGNAB6OL8LuYqoGFm/Rvr3w/1B8AtLp
beaOuXj50KYiBbS1lMyeZaz7YMIilcFq1hQkxJn+1gtV5EKKuC5OGAPRVKf3pjhh
bC/39NA+kPwWkuKT8gjF
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:29:59 2025 by rpki-client