Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/0nKCppXlhlxRaHJlbk4M5EHgKWA.roa
File: 0nKCppXlhlxRaHJlbk4M5EHgKWA.roa (raw, json)
Hash identifier: gBrZGAApef0aQy5Nnftio5dRlwTR1fQh4QXIlagw60Q=
Subject key identifier: D2:72:82:A6:95:E5:86:5C:51:68:72:65:6E:4E:0C:E4:41:E0:29:60
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DE6B3A8B689FB30600C70098B5728192E
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/0nKCppXlhlxRaHJlbk4M5EHgKWA.roa
Signing time: Mon 26 Feb 2024 18:35:50 +0000
ROA not before: Mon 26 Feb 2024 18:35:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 27176
IP address blocks: 5.172.181.0/24 maxlen: 24
193.142.242.0/24 maxlen: 24
193.142.249.0/24 maxlen: 24
193.192.1.0/24 maxlen: 24
193.192.15.0/24 maxlen: 24
213.170.192.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 21 May 2024 12:04:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e6:b3:a8:b6:89:fb:30:60:0c:70:09:8b:57:28:19:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 26 18:35:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d27282a695e5865c516872656e4e0ce441e02960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d6:98:25:fd:11:bc:d5:a3:e4:df:4a:6b:dc:
ce:2d:50:57:82:7c:78:2a:41:fd:8f:03:4b:28:18:
7e:cc:31:8b:d4:18:14:18:4f:1b:d3:81:c1:3d:87:
ac:e0:67:4a:aa:cf:e4:d5:fa:ea:e3:de:d9:69:f3:
e2:b8:be:33:fc:7a:3d:69:3c:d6:de:23:3f:19:f0:
78:4e:cd:e1:76:ca:c7:42:38:e6:e8:4e:2a:ff:b0:
59:d9:39:ae:62:5c:70:b9:65:c0:66:1e:c2:0a:3b:
e3:83:07:ae:98:a6:13:4a:d9:28:c3:81:40:7b:94:
53:19:b7:c8:61:45:47:0b:ce:9f:79:0a:28:b1:83:
34:12:84:3d:73:46:5e:37:cc:aa:5d:b8:39:55:c7:
63:bf:08:bf:33:0d:e9:16:e7:99:52:8f:ac:f9:29:
88:48:3c:02:eb:7d:b8:2e:f3:fd:d0:68:e3:89:bb:
d2:89:07:ef:50:92:5f:20:e7:ba:d4:3c:78:14:ba:
46:ea:b3:2a:4b:47:db:f0:85:1e:59:65:14:d1:92:
bd:e0:e2:54:2e:e9:f9:f5:03:53:8f:38:a0:36:4e:
c4:3c:34:12:62:5e:72:e0:e2:4d:09:75:3e:63:ee:
44:f7:7d:15:fb:cc:cc:d4:87:c6:f5:de:5e:0c:06:
7e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:72:82:A6:95:E5:86:5C:51:68:72:65:6E:4E:0C:E4:41:E0:29:60
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/0nKCppXlhlxRaHJlbk4M5EHgKWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.181.0/24
193.142.242.0/24
193.142.249.0/24
193.192.1.0/24
193.192.15.0/24
213.170.192.0/22
Signature Algorithm: sha256WithRSAEncryption
77:ec:c8:58:9d:f2:f9:93:8d:7e:72:5c:a6:2e:57:ac:26:38:
aa:f4:d6:21:da:6b:0b:48:6c:ce:45:72:71:48:8f:8f:b6:71:
6b:47:af:af:58:04:b3:2a:c9:87:73:2c:99:de:4e:6e:c7:e2:
78:8f:67:3e:d7:83:1f:17:ce:9f:56:a7:41:ec:3d:9b:3e:b7:
68:4f:d0:b5:99:3c:73:b6:ee:bb:0a:99:86:e8:5f:ac:e3:00:
69:b4:c2:ff:93:2e:78:90:c5:1e:95:9a:93:f4:69:ef:d3:25:
4a:d9:cb:cb:76:01:fe:1d:26:a7:9b:57:e1:a6:19:db:98:7e:
8f:9f:68:31:1a:19:2b:f8:00:05:ac:eb:66:6d:00:81:d0:e3:
fa:b7:38:d8:bb:01:a3:51:50:31:82:e5:fd:17:07:2d:4a:4b:
f8:b0:5c:bb:2a:aa:4f:72:91:ce:19:94:28:9d:3a:8a:0e:0e:
97:9f:df:16:73:6f:28:50:0b:04:f5:90:2b:9d:ca:10:f2:11:
a0:63:97:24:86:dd:25:b0:5b:bf:ce:22:a8:6c:67:b5:b2:3f:
19:6d:19:94:b2:8c:9f:12:a7:b7:84:6f:64:8e:45:38:e6:d4:
9d:80:01:91:e7:b4:e1:47:2c:e6:32:f4:8f:2a:3e:23:4e:b6:
dc:11:55:e1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY3ms6i2ifswYAxwCYtXKBkuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjI2MTgzNTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjcyODJhNjk1ZTU4NjVjNTE2ODcyNjU2ZTRlMGNlNDQxZTAyOTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNaYJf0RvNWj5N9Ka9zOLVBXgnx4
KkH9jwNLKBh+zDGL1BgUGE8b04HBPYes4GdKqs/k1frq497ZafPiuL4z/Ho9aTzW
3iM/GfB4Ts3hdsrHQjjm6E4q/7BZ2TmuYlxwuWXAZh7CCjvjgweumKYTStkow4FA
e5RTGbfIYUVHC86feQoosYM0EoQ9c0ZeN8yqXbg5Vcdjvwi/Mw3pFueZUo+s+SmI
SDwC6324LvP90GjjibvSiQfvUJJfIOe61Dx4FLpG6rMqS0fb8IUeWWUU0ZK94OJU
Lun59QNTjzigNk7EPDQSYl5y4OJNCXU+Y+5E930V+8zM1IfG9d5eDAZ+RwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNJygqaV5YZcUWhyZW5ODORB4ClgMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvMG5LQ3BwWGxobHhSYUhKbGJrNE01RUhnS1dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABay1AwQA
wY7yAwQAwY75AwQAwcABAwQAwcAPAwQC1arAMA0GCSqGSIb3DQEBCwUAA4IBAQB3
7MhYnfL5k41+clymLlesJjiq9NYh2msLSGzORXJxSI+PtnFrR6+vWASzKsmHcyyZ
3k5ux+J4j2c+14MfF86fVqdB7D2bPrdoT9C1mTxztu67CpmG6F+s4wBptML/ky54
kMUelZqT9Gnv0yVK2cvLdgH+HSanm1fhphnbmH6Pn2gxGhkr+AAFrOtmbQCB0OP6
tzjYuwGjUVAxguX9FwctSkv4sFy7KqpPcpHOGZQonTqKDg6Xn98Wc28oUAsE9ZAr
ncoQ8hGgY5ckht0lsFu/ziKobGe1sj8ZbRmUsoyfEqe3hG9kjkU45tSdgAGR57Th
RyzmMvSPKj4jTrbcEVXh
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:38 2024 by rpki-client on console-fra.rpki-client.org