Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a41794-d619-4c74-824d-31d7010a7256/1/5FLgJZmKTTPBP7Qxpq-W8AS-uv8.roa
File: 5FLgJZmKTTPBP7Qxpq-W8AS-uv8.roa (raw, json)
Hash identifier: e226uL0qg1+2XPYAxEkEzMZEQPdI4tcw3XozPmi5eSg=
Subject key identifier: E4:52:E0:25:99:8A:4D:33:C1:3F:B4:31:A6:AF:96:F0:04:BE:BA:FF
Certificate issuer: /CN=acfb02432688674260c6d012a597d70bcd5149c4
Certificate serial: 0194228DC171EE333C4F91903F1041FA665B
Authority key identifier: AC:FB:02:43:26:88:67:42:60:C6:D0:12:A5:97:D7:0B:CD:51:49:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPsCQyaIZ0JgxtASpZfXC81RScQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a41794-d619-4c74-824d-31d7010a7256/1/5FLgJZmKTTPBP7Qxpq-W8AS-uv8.roa
Signing time: Wed 01 Jan 2025 15:48:22 +0000
ROA not before: Wed 01 Jan 2025 15:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48638
IP address blocks: 91.194.86.0/23 maxlen: 24
94.143.184.0/21 maxlen: 24
185.43.152.0/22 maxlen: 24
185.59.168.0/22 maxlen: 24
2a02:4a00::/32 maxlen: 36
Validation: Failed, certificate revoked on Fri 03 Jan 2025 12:49:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:c1:71:ee:33:3c:4f:91:90:3f:10:41:fa:66:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acfb02432688674260c6d012a597d70bcd5149c4
Validity
Not Before: Jan 1 15:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e452e025998a4d33c13fb431a6af96f004bebaff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1f:3a:f7:67:72:96:c6:19:2c:4a:69:df:03:
9a:e9:56:c0:58:71:99:89:bb:d8:3e:c3:fe:9c:cd:
48:6e:c0:79:9b:06:ff:1d:f1:9c:33:05:f7:1a:28:
e9:82:a4:eb:53:3e:7e:dd:f3:28:ff:61:4a:e7:f3:
8d:c4:e9:a2:5e:72:8a:56:d4:f6:34:03:64:3e:46:
18:d0:12:a3:ea:3d:69:13:f7:ae:f6:90:d0:43:95:
07:cf:50:8b:d8:fc:8b:4c:f6:80:2a:6c:3e:bc:00:
58:5e:c2:ac:cb:c4:e1:64:cd:ef:c7:52:50:db:71:
05:6e:69:f6:12:41:f8:cb:84:2d:94:fe:a5:b6:9d:
d2:f7:47:c0:b5:6a:15:82:89:3b:f8:01:a6:cd:b8:
7a:97:99:57:c2:b7:f8:43:20:68:ae:8d:e6:2c:0b:
fd:44:b2:96:db:c6:6f:ba:dc:b5:0a:fd:d7:98:16:
d3:c6:07:84:2d:8c:49:fc:85:7b:ff:4a:23:df:3e:
eb:79:5c:8a:9c:47:39:de:e7:0c:fd:66:31:4c:3c:
38:6f:ea:ed:75:81:d5:0f:45:90:8c:9c:c0:57:2d:
0f:ed:93:30:7c:9e:f2:ae:62:51:b0:a6:94:8c:e0:
49:c1:1f:58:17:1d:29:ef:f0:a0:f3:4b:c3:ce:6f:
c7:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:52:E0:25:99:8A:4D:33:C1:3F:B4:31:A6:AF:96:F0:04:BE:BA:FF
X509v3 Authority Key Identifier:
keyid:AC:FB:02:43:26:88:67:42:60:C6:D0:12:A5:97:D7:0B:CD:51:49:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPsCQyaIZ0JgxtASpZfXC81RScQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a41794-d619-4c74-824d-31d7010a7256/1/5FLgJZmKTTPBP7Qxpq-W8AS-uv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a41794-d619-4c74-824d-31d7010a7256/1/rPsCQyaIZ0JgxtASpZfXC81RScQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.86.0/23
94.143.184.0/21
185.43.152.0/22
185.59.168.0/22
IPv6:
2a02:4a00::/32
Signature Algorithm: sha256WithRSAEncryption
aa:32:8c:f1:a1:84:80:10:29:59:88:2f:56:91:db:20:78:47:
ac:cb:52:ce:78:ed:57:af:81:1e:c7:86:15:78:cf:59:5d:36:
20:0f:2d:84:ff:f8:1b:f1:d1:ec:6d:9f:ba:63:26:ec:ed:42:
e4:92:58:d4:76:66:3c:d4:90:7f:bf:a9:a7:30:0a:67:4a:d8:
36:af:a5:89:01:78:04:68:60:8f:b2:de:8d:78:de:bb:1d:2e:
33:72:09:ad:de:b9:43:5a:a0:c2:67:fb:fd:1e:77:8b:c2:b5:
f7:15:76:a5:8f:52:7e:31:9e:b7:d7:cb:1c:a6:36:14:f7:6a:
89:cd:a4:fb:e5:f7:a7:7d:b6:7f:dd:af:d4:f8:13:11:4c:36:
8d:70:d1:1e:4d:a5:04:06:bc:60:84:a7:8d:41:fa:19:8d:33:
24:fb:fe:aa:3b:1f:e3:bd:b9:fe:f4:35:4f:14:ef:c4:3d:de:
68:08:c5:fa:fb:dc:dd:65:8d:98:d6:85:61:d2:54:2e:9d:d8:
e5:0c:ca:9e:e6:4c:a9:2a:a6:9a:1a:25:37:e4:ef:53:24:99:
3d:ee:22:a4:95:e1:d5:13:fa:7c:69:8b:18:c4:4e:5b:3d:75:
c5:d2:fc:79:46:89:db:15:79:1d:a8:24:17:83:53:d2:86:41:
83:eb:8a:1b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQijcFx7jM8T5GQPxBB+mZbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZmIwMjQzMjY4ODY3NDI2MGM2ZDAxMmE1OTdkNzBiY2Q1
MTQ5YzQwHhcNMjUwMTAxMTU0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDUyZTAyNTk5OGE0ZDMzYzEzZmI0MzFhNmFmOTZmMDA0YmViYWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArx8692dylsYZLEpp3wOa6VbAWHGZ
ibvYPsP+nM1IbsB5mwb/HfGcMwX3GijpgqTrUz5+3fMo/2FK5/ONxOmiXnKKVtT2
NANkPkYY0BKj6j1pE/eu9pDQQ5UHz1CL2PyLTPaAKmw+vABYXsKsy8ThZM3vx1JQ
23EFbmn2EkH4y4QtlP6ltp3S90fAtWoVgok7+AGmzbh6l5lXwrf4QyBoro3mLAv9
RLKW28Zvuty1Cv3XmBbTxgeELYxJ/IV7/0oj3z7reVyKnEc53ucM/WYxTDw4b+rt
dYHVD0WQjJzAVy0P7ZMwfJ7yrmJRsKaUjOBJwR9YFx0p7/Cg80vDzm/HDQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFORS4CWZik0zwT+0MaavlvAEvrr/MB8GA1UdIwQY
MBaAFKz7AkMmiGdCYMbQEqWX1wvNUUnEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclBzQ1F5YUlaMEpneHRBU3BaZlhDODFSU2NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNDE3OTQtZDYxOS00Yzc0LTgyNGQt
MzFkNzAxMGE3MjU2LzEvNUZMZ0pabUtUVFBCUDdReHBxLVc4QVMtdXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNDE3OTQtZDYxOS00Yzc0LTgyNGQtMzFkNzAxMGE3MjU2
LzEvclBzQ1F5YUlaMEpneHRBU3BaZlhDODFSU2NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBW8JWAwQD
Xo+4AwQCuSuYAwQCuTuoMA0EAgACMAcDBQAqAkoAMA0GCSqGSIb3DQEBCwUAA4IB
AQCqMozxoYSAEClZiC9WkdsgeEesy1LOeO1Xr4Eex4YVeM9ZXTYgDy2E//gb8dHs
bZ+6Yybs7ULkkljUdmY81JB/v6mnMApnStg2r6WJAXgEaGCPst6NeN67HS4zcgmt
3rlDWqDCZ/v9HneLwrX3FXalj1J+MZ6318scpjYU92qJzaT75fenfbZ/3a/U+BMR
TDaNcNEeTaUEBrxghKeNQfoZjTMk+/6qOx/jvbn+9DVPFO/EPd5oCMX6+9zdZY2Y
1oVh0lQundjlDMqe5kypKqaaGiU35O9TJJk97iKkleHVE/p8aYsYxE5bPXXF0vx5
RonbFXkdqCQXg1PShkGD64ob
-----END CERTIFICATE-----
Generated at Mon Apr 28 21:08:09 2025 by rpki-client