Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/aFxcJKAj3ktkH9RKfS6QQoopBjI.roa
File: aFxcJKAj3ktkH9RKfS6QQoopBjI.roa (raw, json)
Hash identifier: sjY//DVK1zgSP2hRVapaU+16qLgJCZrKLjNFpLhui/E=
Subject key identifier: 68:5C:5C:24:A0:23:DE:4B:64:1F:D4:4A:7D:2E:90:42:8A:29:06:32
Certificate issuer: /CN=6b20818b186b0b9cb09af5420d1e5ae334fe3974
Certificate serial: 018D63F375EF1C9B4681DEA4390A96A2035D
Authority key identifier: 6B:20:81:8B:18:6B:0B:9C:B0:9A:F5:42:0D:1E:5A:E3:34:FE:39:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayCBixhrC5ywmvVCDR5a4zT-OXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/aFxcJKAj3ktkH9RKfS6QQoopBjI.roa
Signing time: Thu 01 Feb 2024 09:15:16 +0000
ROA not before: Thu 01 Feb 2024 09:15:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57293
IP address blocks: 5.197.0.0/16 maxlen: 21
5.197.0.0/17 maxlen: 17
5.197.116.0/22 maxlen: 22
5.197.128.0/17 maxlen: 17
5.197.128.0/20 maxlen: 20
5.197.128.0/21 maxlen: 21
5.197.136.0/21 maxlen: 21
5.197.144.0/20 maxlen: 20
5.197.160.0/20 maxlen: 20
5.197.176.0/20 maxlen: 20
5.197.176.0/21 maxlen: 21
5.197.184.0/21 maxlen: 21
5.197.192.0/20 maxlen: 20
5.197.192.0/21 maxlen: 21
5.197.200.0/21 maxlen: 21
5.197.208.0/20 maxlen: 20
5.197.208.0/21 maxlen: 21
5.197.216.0/21 maxlen: 21
5.197.224.0/20 maxlen: 20
5.197.224.0/21 maxlen: 21
5.197.232.0/21 maxlen: 21
5.197.240.0/20 maxlen: 20
5.197.240.0/21 maxlen: 21
5.197.248.0/21 maxlen: 21
149.255.144.0/20 maxlen: 20
149.255.144.0/21 maxlen: 21
149.255.152.0/21 maxlen: 21
149.255.152.0/24 maxlen: 24
185.146.112.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 15 Feb 2024 10:36:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:63:f3:75:ef:1c:9b:46:81:de:a4:39:0a:96:a2:03:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b20818b186b0b9cb09af5420d1e5ae334fe3974
Validity
Not Before: Feb 1 09:15:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=685c5c24a023de4b641fd44a7d2e90428a290632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:2f:b2:fb:d5:cd:b0:5f:f0:28:b9:cd:d6:5f:
c1:8e:12:6a:ed:91:a7:f6:3a:69:30:7f:be:e4:70:
45:db:ac:c0:33:1b:19:cd:4a:68:0b:05:ac:3a:ed:
17:b1:39:93:09:71:20:a5:e0:f4:0a:0f:6f:4a:bd:
46:32:61:d7:84:49:12:81:88:06:ed:f2:dd:c3:e4:
4e:c7:7f:d6:02:83:df:9b:ae:25:1a:b5:3d:49:9c:
b3:fa:39:3b:48:80:33:6f:1c:01:8d:8d:d3:b0:fb:
c0:ae:4c:e4:fe:b9:55:95:8c:d6:02:81:21:b8:d6:
2a:54:ec:b2:cf:64:61:7a:b3:92:89:52:f2:9f:4b:
06:fc:64:a6:ca:88:67:2d:56:0a:4a:bc:cb:e1:31:
83:1d:6a:2b:9b:81:b5:b5:48:bc:c6:11:31:65:19:
84:9b:e5:62:08:de:25:00:66:4a:13:83:4d:ea:9d:
17:99:96:4c:8a:4f:80:0d:67:90:e3:8b:13:ff:8c:
00:60:a7:67:37:80:df:5f:f9:15:2c:a9:eb:dd:7b:
b6:e9:3a:02:df:41:a2:51:81:8c:cd:9b:00:1a:33:
30:cc:50:54:7f:f1:d3:d3:c9:65:15:d4:a1:63:ce:
ba:35:1e:88:9f:2a:fa:e2:d2:9e:b6:4b:9a:0e:5d:
37:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:5C:5C:24:A0:23:DE:4B:64:1F:D4:4A:7D:2E:90:42:8A:29:06:32
X509v3 Authority Key Identifier:
keyid:6B:20:81:8B:18:6B:0B:9C:B0:9A:F5:42:0D:1E:5A:E3:34:FE:39:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayCBixhrC5ywmvVCDR5a4zT-OXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/aFxcJKAj3ktkH9RKfS6QQoopBjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/ayCBixhrC5ywmvVCDR5a4zT-OXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.197.0.0/16
149.255.144.0/20
185.146.112.0/22
Signature Algorithm: sha256WithRSAEncryption
85:c7:15:82:e2:f5:c6:2d:74:bd:bf:75:5d:64:f8:78:b5:89:
a0:8a:b8:4c:80:a4:fc:fc:0d:40:35:11:7a:b0:15:b0:e5:c1:
b2:4f:b0:74:53:0b:7e:df:18:1b:f2:0c:79:07:37:41:34:67:
b1:a0:d2:22:47:69:d1:b4:6d:28:14:45:f5:3a:cc:40:93:22:
ea:27:76:1e:92:f1:14:a3:17:f6:da:a1:5f:97:6f:27:e8:c0:
aa:76:9b:9f:34:35:2e:1a:34:c8:ea:81:c8:dd:a4:3e:1b:6b:
91:c1:8e:4a:42:3a:a0:34:0b:2c:73:37:7f:e9:8f:fc:39:6c:
70:a5:7f:f8:b6:25:c0:b7:60:e5:31:bc:85:61:ad:79:c8:96:
d0:f5:1c:90:33:77:f8:ab:74:c6:01:a5:e0:c1:0d:35:7b:f4:
5b:df:d2:da:2e:5b:cf:85:ad:94:74:43:db:57:52:00:cb:ec:
01:93:72:fe:19:01:3d:21:55:e3:24:64:9e:e6:62:0e:ae:47:
70:c4:b2:37:f0:f5:28:0a:76:81:12:83:67:28:bb:f7:bb:18:
e4:06:0b:af:78:31:e9:fb:77:06:d8:c4:34:78:f9:a8:d1:74:
9d:ae:22:be:94:05:5e:56:2e:b9:23:2e:83:f6:42:83:d8:65:
3c:31:72:d9
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAY1j83XvHJtGgd6kOQqWogNdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjA4MThiMTg2YjBiOWNiMDlhZjU0MjBkMWU1YWUzMzRm
ZTM5NzQwHhcNMjQwMjAxMDkxNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODVjNWMyNGEwMjNkZTRiNjQxZmQ0NGE3ZDJlOTA0MjhhMjkwNjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiS+y+9XNsF/wKLnN1l/BjhJq7ZGn
9jppMH++5HBF26zAMxsZzUpoCwWsOu0XsTmTCXEgpeD0Cg9vSr1GMmHXhEkSgYgG
7fLdw+ROx3/WAoPfm64lGrU9SZyz+jk7SIAzbxwBjY3TsPvArkzk/rlVlYzWAoEh
uNYqVOyyz2RherOSiVLyn0sG/GSmyohnLVYKSrzL4TGDHWorm4G1tUi8xhExZRmE
m+ViCN4lAGZKE4NN6p0XmZZMik+ADWeQ44sT/4wAYKdnN4DfX/kVLKnr3Xu26ToC
30GiUYGMzZsAGjMwzFBUf/HT08llFdShY866NR6Inyr64tKetkuaDl03fwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFGhcXCSgI95LZB/USn0ukEKKKQYyMB8GA1UdIwQY
MBaAFGsggYsYawucsJr1Qg0eWuM0/jl0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlDQml4aHJDNXl3bXZWQ0RSNWE0elQtT1hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8wMmY5NWUtNWZlNS00YzlhLTg0ZDct
ZTVjOWMyZThlOWJmLzEvYUZ4Y0pLQWoza3RrSDlSS2ZTNlFRb29wQmpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8wMmY5NWUtNWZlNS00YzlhLTg0ZDctZTVjOWMyZThlOWJm
LzEvYXlDQml4aHJDNXl3bXZWQ0RSNWE0elQtT1hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwMABcUDBASV
/5ADBAK5knAwDQYJKoZIhvcNAQELBQADggEBAIXHFYLi9cYtdL2/dV1k+Hi1iaCK
uEyApPz8DUA1EXqwFbDlwbJPsHRTC37fGBvyDHkHN0E0Z7Gg0iJHadG0bSgURfU6
zECTIuondh6S8RSjF/baoV+XbyfowKp2m580NS4aNMjqgcjdpD4ba5HBjkpCOqA0
CyxzN3/pj/w5bHClf/i2JcC3YOUxvIVhrXnIltD1HJAzd/irdMYBpeDBDTV79Fvf
0touW8+FrZR0Q9tXUgDL7AGTcv4ZAT0hVeMkZJ7mYg6uR3DEsjfw9SgKdoESg2co
u/e7GOQGC694Men7dwbYxDR4+ajRdJ2uIr6UBV5WLrkjLoP2QoPYZTwxctk=
-----END CERTIFICATE-----
Generated at Fri May 9 22:02:06 2025 by rpki-client