Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/59a43f-881a-48ed-9c3e-82c085a92777/1/5R2ie50MKeip6FSv4NFlYnDt7IA.roa
File: 5R2ie50MKeip6FSv4NFlYnDt7IA.roa (raw, json)
Hash identifier: PiImJ0M0CXZjeCNfrgUoevV0t/D3Fp7gx/Xi6sC/oaU=
Subject key identifier: E5:1D:A2:7B:9D:0C:29:E8:A9:E8:54:AF:E0:D1:65:62:70:ED:EC:80
Certificate issuer: /CN=1a6a1413cc8965ee92416b6059f90b18778c8b38
Certificate serial: 0191F9DD80202FBB33F213F6246269B0210D
Authority key identifier: 1A:6A:14:13:CC:89:65:EE:92:41:6B:60:59:F9:0B:18:77:8C:8B:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GmoUE8yJZe6SQWtgWfkLGHeMizg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/59a43f-881a-48ed-9c3e-82c085a92777/1/5R2ie50MKeip6FSv4NFlYnDt7IA.roa
Signing time: Mon 16 Sep 2024 08:05:28 +0000
ROA not before: Mon 16 Sep 2024 08:05:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5385
IP address blocks: 80.75.224.0/20 maxlen: 20
194.183.128.0/19 maxlen: 19
194.183.128.0/24 maxlen: 24
194.183.129.0/24 maxlen: 24
194.183.130.0/24 maxlen: 24
194.183.131.0/24 maxlen: 24
194.183.132.0/24 maxlen: 24
194.183.133.0/24 maxlen: 24
194.183.134.0/24 maxlen: 24
194.183.135.0/24 maxlen: 24
194.183.136.0/24 maxlen: 24
194.183.137.0/24 maxlen: 24
194.183.138.0/24 maxlen: 24
194.183.140.0/24 maxlen: 24
194.183.143.0/24 maxlen: 24
194.183.146.0/24 maxlen: 24
194.183.147.0/24 maxlen: 24
194.183.148.0/24 maxlen: 24
194.183.151.0/24 maxlen: 24
194.183.152.0/24 maxlen: 24
194.183.153.0/24 maxlen: 24
194.208.0.0/17 maxlen: 17
194.208.1.0/24 maxlen: 24
194.208.7.0/24 maxlen: 24
194.208.10.0/24 maxlen: 24
194.208.11.0/24 maxlen: 24
194.208.12.0/24 maxlen: 24
194.208.13.0/24 maxlen: 24
194.208.15.0/24 maxlen: 24
194.208.17.0/24 maxlen: 24
194.208.18.0/24 maxlen: 24
194.208.23.0/24 maxlen: 24
194.208.25.0/24 maxlen: 24
194.208.40.0/24 maxlen: 24
194.208.41.0/24 maxlen: 24
194.208.42.0/24 maxlen: 24
194.208.43.0/24 maxlen: 24
194.208.45.0/24 maxlen: 24
194.208.46.0/24 maxlen: 24
194.208.49.0/24 maxlen: 24
194.208.51.0/24 maxlen: 24
194.208.52.0/24 maxlen: 24
194.208.56.0/24 maxlen: 24
194.208.60.0/24 maxlen: 24
194.208.61.0/24 maxlen: 24
194.208.62.0/24 maxlen: 24
194.208.63.0/24 maxlen: 24
194.208.64.0/24 maxlen: 24
194.208.68.0/24 maxlen: 24
194.208.72.0/24 maxlen: 24
194.208.74.0/24 maxlen: 24
194.208.76.0/24 maxlen: 24
194.208.77.0/24 maxlen: 24
194.208.78.0/24 maxlen: 24
194.208.79.0/24 maxlen: 24
194.208.80.0/24 maxlen: 24
194.208.81.0/24 maxlen: 24
194.208.82.0/24 maxlen: 24
194.208.83.0/24 maxlen: 24
194.208.89.0/24 maxlen: 24
194.208.92.0/24 maxlen: 24
194.208.93.0/24 maxlen: 24
194.208.94.0/24 maxlen: 24
194.208.96.0/23 maxlen: 23
194.208.102.0/24 maxlen: 24
194.208.104.0/24 maxlen: 24
194.208.105.0/24 maxlen: 24
194.208.107.0/24 maxlen: 24
194.208.108.0/24 maxlen: 24
194.208.116.0/24 maxlen: 24
194.208.117.0/24 maxlen: 24
194.208.120.0/24 maxlen: 24
194.208.121.0/24 maxlen: 24
194.208.127.0/24 maxlen: 24
194.208.160.0/20 maxlen: 20
194.208.184.0/21 maxlen: 21
194.208.186.0/24 maxlen: 24
194.208.187.0/24 maxlen: 24
194.208.192.0/18 maxlen: 18
194.208.207.0/24 maxlen: 24
194.208.243.0/24 maxlen: 24
194.208.245.0/24 maxlen: 24
2001:af8::/32 maxlen: 32
2001:af8:3::/48 maxlen: 48
2001:af8:6106::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 16 Sep 2024 08:07:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f9:dd:80:20:2f:bb:33:f2:13:f6:24:62:69:b0:21:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a6a1413cc8965ee92416b6059f90b18778c8b38
Validity
Not Before: Sep 16 08:05:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e51da27b9d0c29e8a9e854afe0d1656270edec80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:01:27:81:f7:13:42:3c:7e:68:83:30:5e:bf:
68:53:5b:b3:c7:69:10:2a:24:7d:f2:84:cf:79:2f:
3d:8c:2f:46:a2:54:92:98:2e:94:02:72:00:c9:a3:
fc:ef:04:ab:80:58:54:7f:1e:8d:c9:b6:2d:d2:af:
b8:9c:9b:b0:ea:1c:75:f2:6f:9d:25:cc:7d:fd:6f:
ef:48:8e:6d:75:13:ce:bd:bc:66:11:44:9d:76:3d:
f5:e4:ff:f0:2d:4b:fc:7c:53:1b:64:b5:cc:e4:1a:
5b:72:eb:4c:13:40:2f:2b:f6:a2:ac:7c:51:fa:a8:
87:6b:1c:85:57:3e:04:b2:cd:51:fc:43:e9:45:1d:
62:05:68:b8:62:e9:cc:00:7f:6f:3d:25:0f:1a:cb:
40:13:eb:44:f6:94:85:a1:c6:5c:40:10:b7:6c:b0:
fd:fd:ec:08:27:6f:a4:99:9a:5c:11:b4:49:f0:db:
f2:c7:c0:3d:47:de:09:2d:34:12:f4:4e:c2:22:30:
27:79:77:b0:49:7d:1e:c6:76:a9:9e:78:ec:d4:b8:
7f:19:32:ce:a1:59:b7:42:be:2e:2a:51:36:7d:3c:
7f:55:1d:f7:b6:f8:10:84:98:37:ae:fa:99:60:2a:
bd:13:bf:4c:08:50:bc:57:dd:72:4b:1e:30:55:2b:
97:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:1D:A2:7B:9D:0C:29:E8:A9:E8:54:AF:E0:D1:65:62:70:ED:EC:80
X509v3 Authority Key Identifier:
keyid:1A:6A:14:13:CC:89:65:EE:92:41:6B:60:59:F9:0B:18:77:8C:8B:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GmoUE8yJZe6SQWtgWfkLGHeMizg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/59a43f-881a-48ed-9c3e-82c085a92777/1/5R2ie50MKeip6FSv4NFlYnDt7IA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/59a43f-881a-48ed-9c3e-82c085a92777/1/GmoUE8yJZe6SQWtgWfkLGHeMizg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.75.224.0/20
194.183.128.0/19
194.208.0.0/17
194.208.160.0/20
194.208.184.0-194.208.255.255
IPv6:
2001:af8::/32
Signature Algorithm: sha256WithRSAEncryption
35:1a:95:3c:c5:f1:01:d9:08:b4:ac:29:65:70:cb:b3:d8:22:
13:25:81:2e:08:72:22:8b:3a:b9:4a:80:56:dd:03:31:d1:d0:
9e:f4:5a:f8:e1:d3:06:97:f4:fd:40:69:2c:19:65:3f:04:05:
1f:5d:b3:ac:43:ec:83:bd:4d:7e:86:7b:55:bd:f1:da:d0:41:
7b:63:e3:ac:5a:7b:80:66:57:7b:ff:5d:fe:31:3d:55:1d:5a:
24:54:7a:93:39:23:10:39:90:fa:ee:ec:b8:4c:87:0c:5c:c4:
8f:ba:f1:10:49:30:db:6e:81:cb:46:8e:d1:9a:36:a6:4c:e8:
c7:40:dc:01:47:68:aa:ed:4d:44:9c:35:5b:e5:ef:87:17:c0:
d9:bc:c9:4f:17:0d:0d:61:a6:d4:6d:85:d0:b9:40:4e:fd:81:
ee:11:14:df:2c:de:81:78:d5:4d:28:5d:5f:81:af:28:46:09:
e0:27:1c:66:09:95:51:40:e2:ec:5c:80:70:82:81:ed:20:15:
e0:7b:1d:5a:12:ad:27:6a:0f:53:7d:75:76:52:01:07:51:67:
38:55:10:8f:8a:a4:15:b2:5d:b8:d5:98:ab:45:69:40:cb:ae:
28:5e:83:99:ef:61:9c:ab:a0:60:4a:79:7a:bf:82:1d:27:c5:
f7:ea:69:89
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZH53YAgL7sz8hP2JGJpsCENMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNmExNDEzY2M4OTY1ZWU5MjQxNmI2MDU5ZjkwYjE4Nzc4
YzhiMzgwHhcNMjQwOTE2MDgwNTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTFkYTI3YjlkMGMyOWU4YTllODU0YWZlMGQxNjU2MjcwZWRlYzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QEngfcTQjx+aIMwXr9oU1uzx2kQ
KiR98oTPeS89jC9GolSSmC6UAnIAyaP87wSrgFhUfx6NybYt0q+4nJuw6hx18m+d
Jcx9/W/vSI5tdRPOvbxmEUSddj315P/wLUv8fFMbZLXM5BpbcutME0AvK/airHxR
+qiHaxyFVz4Ess1R/EPpRR1iBWi4YunMAH9vPSUPGstAE+tE9pSFocZcQBC3bLD9
/ewIJ2+kmZpcEbRJ8Nvyx8A9R94JLTQS9E7CIjAneXewSX0exnapnnjs1Lh/GTLO
oVm3Qr4uKlE2fTx/VR33tvgQhJg3rvqZYCq9E79MCFC8V91ySx4wVSuXuQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFOUdonudDCnoqehUr+DRZWJw7eyAMB8GA1UdIwQY
MBaAFBpqFBPMiWXukkFrYFn5Cxh3jIs4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR21vVUU4eUpaZTZTUVd0Z1dma0xHSGVNaXpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC81OWE0M2YtODgxYS00OGVkLTljM2Ut
ODJjMDg1YTkyNzc3LzEvNVIyaWU1ME1LZWlwNkZTdjRORmxZbkR0N0lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC81OWE0M2YtODgxYS00OGVkLTljM2UtODJjMDg1YTkyNzc3
LzEvR21vVUU4eUpaZTZTUVd0Z1dma0xHSGVNaXpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDArBAIAATAlAwQEUEvgAwQF
wreAAwQHwtAAAwQEwtCgMAsDBAPC0LgDAwDC0DANBAIAAjAHAwUAIAEK+DANBgkq
hkiG9w0BAQsFAAOCAQEANRqVPMXxAdkItKwpZXDLs9giEyWBLghyIos6uUqAVt0D
MdHQnvRa+OHTBpf0/UBpLBllPwQFH12zrEPsg71NfoZ7Vb3x2tBBe2PjrFp7gGZX
e/9d/jE9VR1aJFR6kzkjEDmQ+u7suEyHDFzEj7rxEEkw226By0aO0Zo2pkzox0Dc
AUdoqu1NRJw1W+XvhxfA2bzJTxcNDWGm1G2F0LlATv2B7hEU3yzegXjVTShdX4Gv
KEYJ4CccZgmVUUDi7FyAcIKB7SAV4HsdWhKtJ2oPU311dlIBB1FnOFUQj4qkFbJd
uNWYq0VpQMuuKF6Dme9hnKugYEp5er+CHSfF9+ppiQ==
-----END CERTIFICATE-----
Generated at Sun Jun 15 13:09:03 2025 by rpki-client