Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/4v84R3rDbKYvcK-jSskOoZzt_C4.roa
File: 4v84R3rDbKYvcK-jSskOoZzt_C4.roa (raw, json)
Hash identifier: RiAfjW4N8rNuFxgASbSUNuivEIe0VS44piaHKu+N/0w=
Subject key identifier: E2:FF:38:47:7A:C3:6C:A6:2F:70:AF:A3:4A:C9:0E:A1:9C:ED:FC:2E
Certificate issuer: /CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Certificate serial: 0190927895240E1CB9BD0B5635327A6CD1E0
Authority key identifier: 57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/4v84R3rDbKYvcK-jSskOoZzt_C4.roa
Signing time: Mon 08 Jul 2024 13:11:34 +0000
ROA not before: Mon 08 Jul 2024 13:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 5.253.158.0/24 maxlen: 24
62.122.228.0/22 maxlen: 22
62.122.228.0/24 maxlen: 24
62.122.230.0/24 maxlen: 24
62.122.231.0/24 maxlen: 24
185.167.181.0/24 maxlen: 24
185.204.203.0/24 maxlen: 24
185.218.160.0/24 maxlen: 24
185.218.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 10:44:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:92:78:95:24:0e:1c:b9:bd:0b:56:35:32:7a:6c:d1:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Validity
Not Before: Jul 8 13:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2ff38477ac36ca62f70afa34ac90ea19cedfc2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:10:b9:07:ae:4c:0e:20:4f:58:e3:65:3e:56:
75:b6:2e:28:4e:23:f1:47:d7:aa:a7:08:c1:dd:d3:
9d:b5:66:32:5b:79:06:52:12:3b:15:38:c2:f5:e6:
4b:7b:ee:a7:b2:1a:3f:a7:a2:18:33:73:be:8f:f4:
6b:05:84:95:55:f5:ec:a6:c7:3c:e1:9e:9e:e7:31:
29:93:df:17:1c:c0:30:43:ed:72:1a:38:1c:82:9a:
3c:f4:e3:91:d7:62:6a:59:2d:51:79:d5:4c:f1:7e:
ce:5f:1e:2d:cd:a0:5f:bb:f2:c5:db:9f:ed:3b:dc:
22:d8:bc:30:54:22:0c:18:ef:8d:34:a4:2f:f9:11:
4b:0e:30:1c:2a:14:eb:4e:87:4d:fc:1c:78:7f:6a:
10:91:85:e8:9a:67:5a:bc:43:71:a6:78:bc:4a:70:
14:08:a6:14:16:ec:14:a8:0e:f8:22:3f:24:c2:7e:
68:f1:01:c4:f4:fb:22:c1:06:d1:26:83:76:44:9d:
f1:b6:ba:66:82:92:8b:87:48:42:b3:3c:56:d5:2f:
cd:1d:e1:da:dc:25:78:1e:04:44:ba:6c:bf:35:88:
eb:f7:a5:4f:e5:ba:f3:9e:7a:b1:f8:dc:82:4f:a4:
5f:af:86:98:e8:84:ab:a4:a8:b3:d4:32:70:22:8d:
f3:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:FF:38:47:7A:C3:6C:A6:2F:70:AF:A3:4A:C9:0E:A1:9C:ED:FC:2E
X509v3 Authority Key Identifier:
keyid:57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/4v84R3rDbKYvcK-jSskOoZzt_C4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.158.0/24
62.122.228.0/22
185.167.181.0/24
185.204.203.0/24
185.218.160.0/23
Signature Algorithm: sha256WithRSAEncryption
75:e9:22:7b:b2:93:4a:5c:06:11:d6:2a:93:e4:44:c1:ca:a2:
e3:e9:cc:7e:b3:0e:4a:6a:9b:38:32:f0:55:23:5d:92:61:7d:
78:53:b8:fa:bb:61:30:c3:2a:bc:78:56:df:56:03:28:48:59:
23:01:2d:ab:ec:3d:5c:ad:98:c4:03:80:7d:30:93:cf:1e:f7:
ab:26:65:bb:4d:cc:8b:8a:c0:43:19:84:8c:97:fa:b1:7a:13:
c2:87:ec:02:1d:c8:3d:dc:38:69:b1:2d:15:12:f7:48:95:bd:
8a:6d:73:fa:c0:3a:56:ff:a8:82:eb:58:53:69:79:b7:3e:36:
9a:1e:75:02:b6:bb:76:71:b6:3f:a8:14:81:e3:52:f6:da:3e:
32:ed:49:89:e3:cc:42:a5:6d:d0:ed:2d:de:d3:59:1e:7b:58:
0c:7b:7a:96:9b:50:45:9b:f4:24:8f:e3:8e:84:c4:39:29:87:
7e:ba:bc:df:0d:b6:9b:69:72:e1:23:f4:3f:7d:c6:45:2e:5f:
18:b9:48:39:86:76:d6:07:82:d0:12:3f:54:d9:b4:1a:f9:e6:
e0:41:9d:67:75:c5:3c:81:82:45:1a:6e:c1:0e:50:86:28:24:
a7:78:b1:df:5b:f8:6b:2f:11:80:f1:65:b5:9b:19:79:7b:43:
26:74:8f:0f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZCSeJUkDhy5vQtWNTJ6bNHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzAyMWRjZGY0NGI2YWZkZDM4MTA1NDdjNTVhNzliZDFh
OWZhM2IwHhcNMjQwNzA4MTMxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmZmMzg0NzdhYzM2Y2E2MmY3MGFmYTM0YWM5MGVhMTljZWRmYzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRC5B65MDiBPWONlPlZ1ti4oTiPx
R9eqpwjB3dOdtWYyW3kGUhI7FTjC9eZLe+6nsho/p6IYM3O+j/RrBYSVVfXspsc8
4Z6e5zEpk98XHMAwQ+1yGjgcgpo89OOR12JqWS1RedVM8X7OXx4tzaBfu/LF25/t
O9wi2LwwVCIMGO+NNKQv+RFLDjAcKhTrTodN/Bx4f2oQkYXommdavENxpni8SnAU
CKYUFuwUqA74Ij8kwn5o8QHE9PsiwQbRJoN2RJ3xtrpmgpKLh0hCszxW1S/NHeHa
3CV4HgREumy/NYjr96VP5brznnqx+NyCT6Rfr4aY6ISrpKiz1DJwIo3zJwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOL/OEd6w2ymL3Cvo0rJDqGc7fwuMB8GA1UdIwQY
MBaAFFdwIdzfRLav3TgQVHxVp5vRqfo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQt
YzkwN2FlMWMyMTFlLzEvNHY4NFIzckRiS1l2Y0stalNza09vWnp0X0M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQtYzkwN2FlMWMyMTFl
LzEvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABf2eAwQC
PnrkAwQAuae1AwQAuczLAwQBudqgMA0GCSqGSIb3DQEBCwUAA4IBAQB16SJ7spNK
XAYR1iqT5ETByqLj6cx+sw5Kaps4MvBVI12SYX14U7j6u2Ewwyq8eFbfVgMoSFkj
AS2r7D1crZjEA4B9MJPPHverJmW7TcyLisBDGYSMl/qxehPCh+wCHcg93DhpsS0V
EvdIlb2KbXP6wDpW/6iC61hTaXm3PjaaHnUCtrt2cbY/qBSB41L22j4y7UmJ48xC
pW3Q7S3e01kee1gMe3qWm1BFm/Qkj+OOhMQ5KYd+urzfDbabaXLhI/Q/fcZFLl8Y
uUg5hnbWB4LQEj9U2bQa+ebgQZ1ndcU8gYJFGm7BDlCGKCSneLHfW/hrLxGA8WW1
mxl5e0MmdI8P
-----END CERTIFICATE-----
Generated at Wed Sep 4 13:10:43 2024 by rpki-client on console-ams.rpki-client.org