Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/5dOMnMkoH8mHnGa_n-BGcsEIaTc.roa
File: 5dOMnMkoH8mHnGa_n-BGcsEIaTc.roa (raw, json)
Hash identifier: IMjBrCfREsvF5989LAE9hloD663OhOfhRLa/0uEcYMg=
Subject key identifier: E5:D3:8C:9C:C9:28:1F:C9:87:9C:66:BF:9F:E0:46:72:C1:08:69:37
Certificate issuer: /CN=149d1f67a41ca2e405017cbe48bafff1733e3869
Certificate serial: 01857195764DEDE4DFD2212CB87656564611
Authority key identifier: 14:9D:1F:67:A4:1C:A2:E4:05:01:7C:BE:48:BA:FF:F1:73:3E:38:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/5dOMnMkoH8mHnGa_n-BGcsEIaTc.roa
Signing time: Mon 02 Jan 2023 08:24:58 +0000
ROA not before: Mon 02 Jan 2023 08:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207728
IP address blocks: 93.88.74.0/24 maxlen: 24
185.162.11.0/24 maxlen: 24
185.162.9.0/24 maxlen: 24
31.10.5.0/24 maxlen: 24
87.236.177.0/24 maxlen: 24
31.210.170.0/23 maxlen: 24
31.210.173.0/24 maxlen: 24
2a12:9cc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Feb 2023 14:39:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:76:4d:ed:e4:df:d2:21:2c:b8:76:56:56:46:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=149d1f67a41ca2e405017cbe48bafff1733e3869
Validity
Not Before: Jan 2 08:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5d38c9cc9281fc9879c66bf9fe04672c1086937
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:03:59:58:a1:58:97:0a:07:ca:03:79:68:3e:
ab:e7:5d:07:92:6b:a4:47:fa:f4:1e:b9:a4:4a:7a:
81:dd:d5:b2:fb:92:71:f1:66:be:43:d0:f2:fe:ef:
ce:6c:92:26:d7:5b:02:42:ec:84:c5:01:80:ef:8f:
1b:c1:5c:fe:ae:6b:6c:68:aa:e0:94:d4:92:90:de:
ff:69:eb:bc:61:47:8c:91:87:08:25:ef:62:a2:6e:
eb:15:b0:f8:cf:89:e9:ef:5f:0b:24:07:e5:7e:a8:
01:06:50:35:ef:67:de:a9:44:d6:9d:e5:d4:0e:ed:
46:be:7f:26:08:b6:22:a4:97:22:cc:5b:56:85:0a:
93:46:2b:55:14:18:ea:2c:8d:bb:09:b7:02:af:90:
63:fd:57:d2:44:c9:4f:5d:32:65:af:92:3c:00:7c:
d6:b2:65:89:05:1e:3f:03:eb:f8:f0:ba:5e:2b:e2:
cd:65:1a:41:94:c5:d2:21:52:eb:70:a1:9a:48:20:
f5:fa:37:b9:e8:3b:dc:bd:17:d1:5e:40:ae:2b:8d:
4c:86:58:b2:83:25:b7:3a:3a:3d:03:be:05:e0:dc:
38:5c:ca:7b:c2:65:0f:30:ff:a7:63:4c:37:c3:b2:
41:02:57:5d:64:d5:5a:92:3c:24:91:0d:04:48:51:
6f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:D3:8C:9C:C9:28:1F:C9:87:9C:66:BF:9F:E0:46:72:C1:08:69:37
X509v3 Authority Key Identifier:
keyid:14:9D:1F:67:A4:1C:A2:E4:05:01:7C:BE:48:BA:FF:F1:73:3E:38:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/5dOMnMkoH8mHnGa_n-BGcsEIaTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.10.5.0/24
31.210.170.0/23
31.210.173.0/24
87.236.177.0/24
93.88.74.0/24
185.162.9.0/24
185.162.11.0/24
IPv6:
2a12:9cc0::/29
Signature Algorithm: sha256WithRSAEncryption
9a:dc:0d:46:8b:3b:c8:35:71:6a:ec:60:48:46:fc:66:16:72:
c0:40:23:98:71:75:39:5a:06:fd:71:51:7c:4c:69:bf:86:ff:
2e:35:f3:94:b1:60:92:8b:f0:f9:61:4d:2b:75:fe:f6:61:fc:
d9:90:0e:e8:2d:3a:f2:4a:d6:ca:8d:b2:f3:ca:22:41:42:6c:
58:ec:bc:84:cd:3a:2c:a1:e6:b3:64:ee:a4:d0:70:be:f5:48:
46:4b:ac:79:bb:6e:35:40:4c:b1:6d:fd:17:d6:16:c6:b3:d1:
36:21:1e:81:42:df:a9:86:8b:b8:9e:c9:0a:de:b6:60:e0:a7:
09:e2:47:af:d7:7b:6e:71:6d:26:bd:67:79:ed:81:96:5d:a5:
d7:6d:aa:bd:5d:12:d0:6a:89:32:6e:9c:0c:98:8b:a4:c9:31:
17:60:b4:5d:7c:08:bb:89:73:23:7b:5c:f8:23:4b:04:1b:a2:
db:02:da:57:3f:2b:12:7d:3e:92:07:f3:a1:95:09:e6:a2:0f:
3b:c6:4f:fd:ba:f3:48:b2:88:63:c3:94:81:03:99:77:fb:35:
34:b1:5c:b9:0d:99:38:aa:e3:19:88:09:6c:8a:7d:ee:8a:42:
f8:e7:9f:95:c5:30:a9:b2:ea:a7:6e:75:09:ba:fd:9d:ca:c2:
ac:a1:0c:d9
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVxlXZN7eTf0iEsuHZWVkYRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0OWQxZjY3YTQxY2EyZTQwNTAxN2NiZTQ4YmFmZmYxNzMz
ZTM4NjkwHhcNMjMwMTAyMDgyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWQzOGM5Y2M5MjgxZmM5ODc5YzY2YmY5ZmUwNDY3MmMxMDg2OTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlANZWKFYlwoHygN5aD6r510Hkmuk
R/r0HrmkSnqB3dWy+5Jx8Wa+Q9Dy/u/ObJIm11sCQuyExQGA748bwVz+rmtsaKrg
lNSSkN7/aeu8YUeMkYcIJe9iom7rFbD4z4np718LJAflfqgBBlA172feqUTWneXU
Du1Gvn8mCLYipJcizFtWhQqTRitVFBjqLI27CbcCr5Bj/VfSRMlPXTJlr5I8AHzW
smWJBR4/A+v48LpeK+LNZRpBlMXSIVLrcKGaSCD1+je56DvcvRfRXkCuK41Mhliy
gyW3Ojo9A74F4Nw4XMp7wmUPMP+nY0w3w7JBAlddZNVakjwkkQ0ESFFvCwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFOXTjJzJKB/Jh5xmv5/gRnLBCGk3MB8GA1UdIwQY
MBaAFBSdH2ekHKLkBQF8vki6//FzPjhpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkowZlo2UWNvdVFGQVh5LVNMcl84WE0tT0drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iNTA5MGEtZWM1OC00NmRiLTlkZDkt
NTQ4NTY4MmEwNWY1LzEvNWRPTW5Na29IOG1IbkdhX24tQkdjc0VJYVRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iNTA5MGEtZWM1OC00NmRiLTlkZDktNTQ4NTY4MmEwNWY1
LzEvRkowZlo2UWNvdVFGQVh5LVNMcl84WE0tT0drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAHwoFAwQB
H9KqAwQAH9KtAwQAV+yxAwQAXVhKAwQAuaIJAwQAuaILMA0EAgACMAcDBQMqEpzA
MA0GCSqGSIb3DQEBCwUAA4IBAQCa3A1GizvINXFq7GBIRvxmFnLAQCOYcXU5Wgb9
cVF8TGm/hv8uNfOUsWCSi/D5YU0rdf72YfzZkA7oLTryStbKjbLzyiJBQmxY7LyE
zTosoeazZO6k0HC+9UhGS6x5u241QEyxbf0X1hbGs9E2IR6BQt+phou4nskK3rZg
4KcJ4kev13tucW0mvWd57YGWXaXXbaq9XRLQaokybpwMmIukyTEXYLRdfAi7iXMj
e1z4I0sEG6LbAtpXPysSfT6SB/OhlQnmog87xk/9uvNIsohjw5SBA5l3+zU0sVy5
DZk4quMZiAlsin3uikL455+VxTCpsuqnbnUJuv2dysKsoQzZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:57 2024 by rpki-client on console-ams.rpki-client.org