Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/aCoETq2cGRaqL4L86PBKA0D2ZEk.roa
File: aCoETq2cGRaqL4L86PBKA0D2ZEk.roa (raw, json)
Hash identifier: tnMezw9P66e4u5gI0bxmA3d8JYK25w7PaEFEVv/kaFw=
Subject key identifier: 68:2A:04:4E:AD:9C:19:16:AA:2F:82:FC:E8:F0:4A:03:40:F6:64:49
Certificate issuer: /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Certificate serial: 0189553483C742B096C72A0E5CF2BDF62296
Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/aCoETq2cGRaqL4L86PBKA0D2ZEk.roa
Signing time: Fri 14 Jul 2023 16:20:52 +0000
ROA not before: Fri 14 Jul 2023 16:20:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39130
IP address blocks: 5.102.36.0/24 maxlen: 24
5.102.36.0/23 maxlen: 23
5.102.37.0/24 maxlen: 24
5.102.36.0/22 maxlen: 22
5.102.38.0/24 maxlen: 24
195.222.124.0/24 maxlen: 24
195.222.124.0/22 maxlen: 22
195.222.125.0/24 maxlen: 24
195.222.126.0/24 maxlen: 24
195.222.127.0/24 maxlen: 24
195.5.124.0/24 maxlen: 24
195.5.124.0/23 maxlen: 23
2a10:d80::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 20 Jul 2023 20:23:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:55:34:83:c7:42:b0:96:c7:2a:0e:5c:f2:bd:f6:22:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Validity
Not Before: Jul 14 16:20:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=682a044ead9c1916aa2f82fce8f04a0340f66449
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:9f:c6:cd:71:50:c6:60:08:1b:7c:ff:7e:5e:
d3:41:87:ae:bd:9f:c9:e2:a3:79:06:3a:18:f7:7b:
d2:36:64:2b:dd:96:22:8a:b4:bd:00:13:94:92:48:
c7:5d:e7:f2:77:ab:bf:e1:71:1b:86:11:64:55:90:
05:2d:cb:f1:ef:7a:76:f6:72:85:2d:6a:0c:02:10:
5a:0a:8b:41:cb:97:23:00:c6:b8:e8:a6:a5:ac:8b:
5a:df:2c:b8:27:14:63:63:eb:ca:e4:24:9e:8e:24:
22:f1:7d:47:36:ca:1a:ce:b4:6e:5b:f7:4f:4a:94:
c4:f6:74:4e:f2:4b:ad:fe:12:35:c0:d9:e9:b9:3e:
4e:96:e7:4c:41:3c:1f:6f:00:69:0a:ae:0a:b8:64:
f8:73:73:04:25:af:bf:fa:0c:9d:f1:95:e9:dc:d7:
cb:1c:c1:5b:93:b3:9a:fb:54:2d:98:65:27:44:c5:
5c:a2:8a:c1:e4:b0:e7:99:95:47:36:86:7b:00:e4:
65:3a:ba:ea:bd:d7:55:de:10:37:d5:52:70:64:ea:
58:f1:5f:4e:59:03:90:54:38:a1:05:1c:77:80:3b:
77:38:ef:22:2d:9c:e9:d2:ce:d9:ed:fb:8f:8c:5f:
35:14:d8:b1:08:a8:d8:01:59:2d:56:19:39:23:2b:
97:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:2A:04:4E:AD:9C:19:16:AA:2F:82:FC:E8:F0:4A:03:40:F6:64:49
X509v3 Authority Key Identifier:
keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/aCoETq2cGRaqL4L86PBKA0D2ZEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.36.0/22
195.5.124.0/23
195.222.124.0/22
IPv6:
2a10:d80::/29
Signature Algorithm: sha256WithRSAEncryption
73:ca:6c:d3:58:fc:ad:1f:12:98:44:84:52:08:27:91:f2:33:
03:bf:6c:82:23:71:22:c0:37:c3:e4:df:49:fc:6a:03:23:12:
32:10:22:2c:96:69:52:48:08:61:ae:d2:67:c2:da:13:3f:d1:
bf:25:f1:53:06:5f:e1:fc:58:e0:cc:bf:05:34:3e:db:f1:80:
b5:fe:bd:9f:a2:be:b8:3f:ad:a5:aa:f8:80:bd:16:b2:e2:c7:
e7:79:44:c6:0f:35:5f:42:3f:71:5d:c3:b7:44:43:d2:42:b5:
81:5c:86:b7:58:ff:1c:00:b4:8e:4a:5f:5e:39:ed:28:69:4f:
6c:02:4b:af:d0:0f:08:63:27:c8:c5:d9:35:de:a5:26:eb:11:
3a:56:a0:a8:eb:e2:58:7e:95:2a:97:7e:5a:1a:b7:8a:57:75:
f4:72:85:6f:13:c8:d1:e6:de:d6:8c:91:bb:cf:5d:ff:21:33:
3f:e4:ef:e8:72:f8:8e:df:52:de:43:ec:d0:1d:b0:96:a5:51:
0b:fc:61:bc:3f:8b:00:cf:61:28:d5:95:f4:d9:39:bd:95:8e:
3b:c2:70:d9:f7:05:1b:01:66:d7:16:7f:2c:45:55:90:89:14:
a0:41:1f:5e:a5:15:e7:50:31:73:d5:b4:02:9b:71:48:ec:c3:
36:8e:88:e7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYlVNIPHQrCWxyoOXPK99iKWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGY3NmM1NGI5ZTY5MzVjMzBhOWI0YzliYTkzMDlhYzQ3
MGVjMDIwHhcNMjMwNzE0MTYyMDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODJhMDQ0ZWFkOWMxOTE2YWEyZjgyZmNlOGYwNGEwMzQwZjY2NDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZ/GzXFQxmAIG3z/fl7TQYeuvZ/J
4qN5BjoY93vSNmQr3ZYiirS9ABOUkkjHXefyd6u/4XEbhhFkVZAFLcvx73p29nKF
LWoMAhBaCotBy5cjAMa46KalrIta3yy4JxRjY+vK5CSejiQi8X1HNsoazrRuW/dP
SpTE9nRO8kut/hI1wNnpuT5OludMQTwfbwBpCq4KuGT4c3MEJa+/+gyd8ZXp3NfL
HMFbk7Oa+1QtmGUnRMVcoorB5LDnmZVHNoZ7AORlOrrqvddV3hA31VJwZOpY8V9O
WQOQVDihBRx3gDt3OO8iLZzp0s7Z7fuPjF81FNixCKjYAVktVhk5IyuXsQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGgqBE6tnBkWqi+C/OjwSgNA9mRJMB8GA1UdIwQY
MBaAFIvfdsVLnmk1wwqbTJupMJrEcOwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgt
OGQyMTg2NjUwMjdkLzEvYUNvRVRxMmNHUmFxTDRMODZQQktBMEQyWkVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgtOGQyMTg2NjUwMjdk
LzEvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCBWYkAwQB
wwV8AwQCw958MA0EAgACMAcDBQMqEA2AMA0GCSqGSIb3DQEBCwUAA4IBAQBzymzT
WPytHxKYRIRSCCeR8jMDv2yCI3EiwDfD5N9J/GoDIxIyECIslmlSSAhhrtJnwtoT
P9G/JfFTBl/h/FjgzL8FND7b8YC1/r2for64P62lqviAvRay4sfneUTGDzVfQj9x
XcO3REPSQrWBXIa3WP8cALSOSl9eOe0oaU9sAkuv0A8IYyfIxdk13qUm6xE6VqCo
6+JYfpUql35aGreKV3X0coVvE8jR5t7WjJG7z13/ITM/5O/ocviO31LeQ+zQHbCW
pVEL/GG8P4sAz2Eo1ZX02Tm9lY47wnDZ9wUbAWbXFn8sRVWQiRSgQR9epRXnUDFz
1bQCm3FI7MM2jojn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:06 2024 by rpki-client on console-ams.rpki-client.org