Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/PgM_Si-rvUEHksobNcgadhrF4U4.roa
File: PgM_Si-rvUEHksobNcgadhrF4U4.roa (raw, json)
Hash identifier: PRt/VEpjgiP2tBrMplYczbRJP04ojjTcOe8WkkeUAF8=
Subject key identifier: 3E:03:3F:4A:2F:AB:BD:41:07:92:CA:1B:35:C8:1A:76:1A:C5:E1:4E
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 019377CDB428EC153C80ECF709AF0A2A1BEA
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/PgM_Si-rvUEHksobNcgadhrF4U4.roa
Signing time: Fri 29 Nov 2024 12:03:09 +0000
ROA not before: Fri 29 Nov 2024 12:03:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 5.144.181.0/24 maxlen: 24
5.144.182.0/24 maxlen: 24
5.178.106.0/24 maxlen: 24
5.178.110.0/24 maxlen: 24
185.5.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:77:cd:b4:28:ec:15:3c:80:ec:f7:09:af:0a:2a:1b:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Nov 29 12:03:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e033f4a2fabbd410792ca1b35c81a761ac5e14e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:d0:82:bc:6b:0e:4b:50:a9:b6:0b:56:bf:b8:
9f:f0:9c:3c:be:ed:21:35:c1:75:01:0f:c7:9f:b7:
f2:aa:82:a6:d3:c9:c7:04:98:aa:85:3b:83:da:ab:
c9:36:a6:98:b1:cd:d7:25:be:8d:75:96:15:2d:6b:
e9:e4:ab:f6:ca:77:47:1d:7f:69:01:13:50:c7:99:
c8:7b:42:fd:c0:cb:a1:e2:d9:fe:0b:b6:bd:25:60:
22:4d:84:e8:e5:ce:9b:12:34:4b:b0:55:71:1c:c5:
2a:7b:30:53:6d:b6:80:94:e2:b2:28:fe:d7:ef:2c:
d1:80:df:be:a2:6a:b9:eb:49:13:b7:b0:cb:50:aa:
2f:15:76:27:69:64:14:82:1d:20:90:21:fb:15:36:
01:c4:5f:dc:d0:7e:8f:ea:0f:0b:59:53:90:c0:11:
16:a0:a9:9f:5e:a8:d7:39:a1:07:ab:65:f0:ef:dc:
73:a5:8c:77:3c:ba:03:a2:ad:e6:3f:a0:bd:43:8f:
f7:6c:df:c2:ea:a4:42:85:73:1e:07:ea:42:b9:52:
5b:a9:db:84:56:9e:b4:f4:c1:75:cc:bc:ad:ee:06:
c2:55:d1:14:72:5d:2f:d9:b6:07:3c:4e:86:0f:4d:
ae:af:0e:a6:84:b0:10:98:3c:3a:66:79:52:ad:1d:
50:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:03:3F:4A:2F:AB:BD:41:07:92:CA:1B:35:C8:1A:76:1A:C5:E1:4E
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/PgM_Si-rvUEHksobNcgadhrF4U4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.181.0-5.144.182.255
5.178.106.0/24
5.178.110.0/24
185.5.39.0/24
Signature Algorithm: sha256WithRSAEncryption
06:ac:64:5b:91:df:21:cd:bb:4c:f1:4a:30:f5:44:91:ad:89:
fe:dc:5d:0a:b4:6b:bc:67:fe:04:8f:dd:b7:4b:e0:e9:d5:4f:
cc:ed:d9:9d:3c:5a:23:56:f2:4e:d5:8b:69:9a:73:11:54:df:
f0:83:14:1c:03:ce:4f:4f:b2:99:88:44:03:e9:9b:71:47:d8:
b5:63:5d:0c:ed:47:bd:27:c9:4b:3a:f2:e3:ac:d1:2b:8d:c0:
25:7f:a8:94:7e:e1:b2:3e:fe:6c:61:63:72:0c:cb:14:0a:65:
e3:a3:50:f9:8f:4a:36:71:1a:ee:1a:9e:c8:21:54:d8:44:d6:
9b:65:5e:18:79:3c:50:3c:09:51:c8:ce:ea:19:45:ba:c8:14:
ff:03:e8:91:30:a0:50:d4:00:67:76:e3:bb:b4:2b:19:87:b6:
5b:12:aa:02:85:8b:e4:b4:af:28:77:80:6e:1c:58:64:47:d4:
a4:46:41:35:b3:0e:0b:85:d2:0a:c8:d0:cf:9f:52:87:93:f5:
2b:bd:f7:26:c8:3a:82:a2:c0:21:eb:9b:d9:4b:2d:5d:2e:70:
30:c0:42:b3:a5:b3:8b:ba:cd:5a:95:d8:d2:70:6a:83:ed:38:
b0:90:b7:31:be:85:31:83:32:46:56:7b:bd:3a:6d:e7:e7:a7:
d3:61:91:38
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZN3zbQo7BU8gOz3Ca8KKhvqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQxMTI5MTIwMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTAzM2Y0YTJmYWJiZDQxMDc5MmNhMWIzNWM4MWE3NjFhYzVlMTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5tCCvGsOS1CptgtWv7if8Jw8vu0h
NcF1AQ/Hn7fyqoKm08nHBJiqhTuD2qvJNqaYsc3XJb6NdZYVLWvp5Kv2yndHHX9p
ARNQx5nIe0L9wMuh4tn+C7a9JWAiTYTo5c6bEjRLsFVxHMUqezBTbbaAlOKyKP7X
7yzRgN++omq560kTt7DLUKovFXYnaWQUgh0gkCH7FTYBxF/c0H6P6g8LWVOQwBEW
oKmfXqjXOaEHq2Xw79xzpYx3PLoDoq3mP6C9Q4/3bN/C6qRChXMeB+pCuVJbqduE
Vp609MF1zLyt7gbCVdEUcl0v2bYHPE6GD02urw6mhLAQmDw6ZnlSrR1QkwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFD4DP0ovq71BB5LKGzXIGnYaxeFOMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvUGdNX1NpLXJ2VUVIa3NvYk5jZ2FkaHJGNFU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAAFkLUD
BAAFkLYDBAAFsmoDBAAFsm4DBAC5BScwDQYJKoZIhvcNAQELBQADggEBAAasZFuR
3yHNu0zxSjD1RJGtif7cXQq0a7xn/gSP3bdL4OnVT8zt2Z08WiNW8k7Vi2macxFU
3/CDFBwDzk9PspmIRAPpm3FH2LVjXQztR70nyUs68uOs0SuNwCV/qJR+4bI+/mxh
Y3IMyxQKZeOjUPmPSjZxGu4ansghVNhE1ptlXhh5PFA8CVHIzuoZRbrIFP8D6JEw
oFDUAGd247u0KxmHtlsSqgKFi+S0ryh3gG4cWGRH1KRGQTWzDguF0grI0M+fUoeT
9Su99ybIOoKiwCHrm9lLLV0ucDDAQrOls4u6zVqV2NJwaoPtOLCQtzG+hTGDMkZW
e706befnp9NhkTg=
-----END CERTIFICATE-----
Generated at Sat Apr 12 11:39:51 2025 by rpki-client