Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/G9KXaKE7pTm-Pk08LgFcMCiX-qc.roa
File: G9KXaKE7pTm-Pk08LgFcMCiX-qc.roa (raw, json)
Hash identifier: UxqzbZ1MAqcUgaKXJwuXq6URqms5RjXL3gl7IxXRaTE=
Subject key identifier: 1B:D2:97:68:A1:3B:A5:39:BE:3E:4D:3C:2E:01:5C:30:28:97:FA:A7
Certificate issuer: /CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Certificate serial: 018EA936556CAC25E31CD3AF96D749725826
Authority key identifier: E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/G9KXaKE7pTm-Pk08LgFcMCiX-qc.roa
Signing time: Thu 04 Apr 2024 13:04:54 +0000
ROA not before: Thu 04 Apr 2024 13:04:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8374
IP address blocks: 5.172.224.0/19 maxlen: 19
31.0.0.0/15 maxlen: 16
31.2.0.0/17 maxlen: 18
37.98.208.0/20 maxlen: 20
37.109.0.0/16 maxlen: 16
37.152.16.0/20 maxlen: 20
37.209.128.0/19 maxlen: 19
37.247.128.0/17 maxlen: 17
37.247.241.0/28 maxlen: 28
37.248.0.0/15 maxlen: 15
46.76.0.0/15 maxlen: 15
78.30.64.0/18 maxlen: 18
84.39.160.0/20 maxlen: 20
87.251.224.0/19 maxlen: 19
92.60.128.0/20 maxlen: 20
93.154.128.0/17 maxlen: 17
151.248.32.0/20 maxlen: 20
185.4.212.0/22 maxlen: 22
188.125.32.0/19 maxlen: 19
193.41.112.0/23 maxlen: 23
212.2.96.0/19 maxlen: 19
2a01:2e0::/28 maxlen: 28
2a01:bb80::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 04 Apr 2024 13:10:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a9:36:55:6c:ac:25:e3:1c:d3:af:96:d7:49:72:58:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Validity
Not Before: Apr 4 13:04:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bd29768a13ba539be3e4d3c2e015c302897faa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:5b:a5:bd:61:d2:8b:bc:f9:e6:8a:a6:d0:80:
78:5a:f0:3c:4d:29:65:58:c8:ee:54:6d:e3:6c:59:
88:7e:4e:4c:e3:bb:c0:8d:50:96:c4:5e:7b:d3:a1:
d1:56:e0:3d:b8:1e:b5:0b:00:83:ff:c4:73:e6:15:
30:f1:7f:1d:f3:9a:eb:ed:d0:50:56:ed:fe:d0:65:
33:9f:c4:45:b2:ef:7c:72:e6:36:8b:64:2b:e2:6e:
3b:16:a5:e3:3f:53:e7:8d:6b:16:24:2b:22:19:61:
1c:00:12:8d:a3:29:37:8b:72:98:5e:80:db:b2:bd:
41:c8:35:17:44:97:2c:d5:27:2b:ad:c1:f5:80:ae:
dc:52:4a:5a:63:ed:50:58:c7:dc:20:31:11:8f:cb:
86:48:73:33:6d:e0:73:7b:71:7f:64:36:9f:d4:85:
e8:b4:5c:7e:53:fa:af:cc:eb:9d:50:14:01:eb:84:
e9:b6:33:f0:f0:e2:0f:87:31:60:01:5d:32:41:31:
06:c6:b6:f5:ca:a8:ca:95:ac:1f:56:eb:f2:50:4b:
8b:54:a6:c3:78:48:bc:41:c9:ab:8b:23:73:36:0b:
d0:58:27:9d:de:36:68:6c:c6:06:9c:7a:f8:4d:fc:
d7:f4:37:d2:81:4c:ff:58:4e:8f:36:ac:6e:8c:c6:
a6:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:D2:97:68:A1:3B:A5:39:BE:3E:4D:3C:2E:01:5C:30:28:97:FA:A7
X509v3 Authority Key Identifier:
keyid:E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/G9KXaKE7pTm-Pk08LgFcMCiX-qc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.224.0/19
31.0.0.0-31.2.127.255
37.98.208.0/20
37.109.0.0/16
37.152.16.0/20
37.209.128.0/19
37.247.128.0-37.249.255.255
46.76.0.0/15
78.30.64.0/18
84.39.160.0/20
87.251.224.0/19
92.60.128.0/20
93.154.128.0/17
151.248.32.0/20
185.4.212.0/22
188.125.32.0/19
193.41.112.0/23
212.2.96.0/19
IPv6:
2a01:2e0::/28
2a01:bb80::/32
Signature Algorithm: sha256WithRSAEncryption
71:77:0c:9d:39:0c:05:27:93:60:f5:b4:9f:e7:db:4f:6e:dc:
0a:40:f7:4c:61:df:81:e3:48:62:9e:24:8a:67:60:71:01:21:
44:88:9b:55:f5:16:c2:d9:36:c7:7f:53:80:94:c0:9c:87:56:
24:dd:04:5d:c6:40:2d:50:66:c9:39:38:5c:e2:eb:05:53:bd:
e3:8d:1c:fd:9d:90:bf:b7:be:21:34:84:66:65:d0:d4:ac:88:
3b:55:f1:f4:a9:f3:f7:96:4b:61:e7:d7:30:28:d8:c3:58:61:
97:a9:99:71:13:48:54:d0:13:1a:90:a1:ba:99:7c:9f:d2:69:
5d:4a:93:ad:a7:70:4b:55:3e:56:92:ad:28:91:20:5b:b7:10:
a8:8b:8f:12:ec:c9:07:fd:f3:6e:a6:b3:e9:12:e0:0f:65:2c:
0b:26:c2:3e:ff:9d:a7:b0:fa:43:dc:a7:32:3a:f7:f1:0e:cc:
bb:48:c6:d6:95:b1:df:1c:63:57:ec:77:7b:cb:31:5f:3c:33:
64:68:39:21:47:58:82:61:1c:14:6a:a3:3b:09:07:0b:83:43:
45:20:ca:5b:cb:f1:ed:e0:bc:00:35:88:7b:69:7d:eb:3f:89:
a4:5e:3b:83:35:94:d9:87:c7:19:f2:d3:4f:a3:ff:bc:53:0a:
5e:3d:11:7b
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAY6pNlVsrCXjHNOvltdJclgmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyOWI5YWMyZWY2MzFiOTJlODJmNTk1ZDczZTQ3OTJjODE2
ZWM2ZTYwHhcNMjQwNDA0MTMwNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmQyOTc2OGExM2JhNTM5YmUzZTRkM2MyZTAxNWMzMDI4OTdmYWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FulvWHSi7z55oqm0IB4WvA8TSll
WMjuVG3jbFmIfk5M47vAjVCWxF5706HRVuA9uB61CwCD/8Rz5hUw8X8d85rr7dBQ
Vu3+0GUzn8RFsu98cuY2i2Qr4m47FqXjP1PnjWsWJCsiGWEcABKNoyk3i3KYXoDb
sr1ByDUXRJcs1ScrrcH1gK7cUkpaY+1QWMfcIDERj8uGSHMzbeBze3F/ZDaf1IXo
tFx+U/qvzOudUBQB64TptjPw8OIPhzFgAV0yQTEGxrb1yqjKlawfVuvyUEuLVKbD
eEi8QcmriyNzNgvQWCed3jZobMYGnHr4TfzX9DfSgUz/WE6PNqxujMamIwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFBvSl2ihO6U5vj5NPC4BXDAol/qnMB8GA1UdIwQY
MBaAFOKbmsLvYxuS6C9ZXXPkeSyBbsbmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYt
OTE2NGUzNTJhODNjLzEvRzlLWGFLRTdwVG0tUGswOExnRmNNQ2lYLXFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYtOTE2NGUzNTJhODNj
LzEvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGoBggrBgEFBQcBBwEB/wSBmDCBlTB9BAIAATB3AwQFBazg
MAoDAgAfAwQHHwIAAwQEJWLQAwMAJW0DBAQlmBADBAUl0YAwCwMEByX3gAMDASX4
AwMBLkwDBAZOHkADBARUJ6ADBAVX++ADBARcPIADBAddmoADBASX+CADBAK5BNQD
BAW8fSADBAHBKXADBAXUAmAwFAQCAAIwDgMFBCoBAuADBQAqAbuAMA0GCSqGSIb3
DQEBCwUAA4IBAQBxdwydOQwFJ5Ng9bSf59tPbtwKQPdMYd+B40hiniSKZ2BxASFE
iJtV9RbC2TbHf1OAlMCch1Yk3QRdxkAtUGbJOThc4usFU73jjRz9nZC/t74hNIRm
ZdDUrIg7VfH0qfP3lkth59cwKNjDWGGXqZlxE0hU0BMakKG6mXyf0mldSpOtp3BL
VT5Wkq0okSBbtxCoi48S7MkH/fNuprPpEuAPZSwLJsI+/52nsPpD3KcyOvfxDsy7
SMbWlbHfHGNX7Hd7yzFfPDNkaDkhR1iCYRwUaqM7CQcLg0NFIMpby/Ht4LwANYh7
aX3rP4mkXjuDNZTZh8cZ8tNPo/+8UwpePRF7
-----END CERTIFICATE-----
Generated at Thu Apr 4 19:57:54 2024 by rpki-client on console.sobornost.net