Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/nRA2hmMVmKroTQLHElThsMB6ZHY.roa
File: nRA2hmMVmKroTQLHElThsMB6ZHY.roa (raw, json)
Hash identifier: jTZ+bH7QL/oO1Sq9e/s88P67812ESE/lLLEPN03lixU=
Subject key identifier: 9D:10:36:86:63:15:98:AA:E8:4D:02:C7:12:54:E1:B0:C0:7A:64:76
Certificate issuer: /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Certificate serial: 018A03D54B4CEC9FDEFA58326E718ABA955E
Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/nRA2hmMVmKroTQLHElThsMB6ZHY.roa
Signing time: Thu 17 Aug 2023 14:10:24 +0000
ROA not before: Thu 17 Aug 2023 14:10:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39130
IP address blocks: 5.102.36.0/24 maxlen: 24
5.102.36.0/23 maxlen: 23
5.102.37.0/24 maxlen: 24
5.102.38.0/24 maxlen: 24
195.5.124.0/24 maxlen: 24
195.5.124.0/23 maxlen: 24
195.222.124.0/24 maxlen: 24
195.222.124.0/22 maxlen: 22
195.222.125.0/24 maxlen: 24
195.222.126.0/24 maxlen: 24
195.222.127.0/24 maxlen: 24
2a10:d80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 30 Aug 2023 17:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:03:d5:4b:4c:ec:9f:de:fa:58:32:6e:71:8a:ba:95:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Validity
Not Before: Aug 17 14:10:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d103686631598aae84d02c71254e1b0c07a6476
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:80:5b:99:b8:26:eb:51:f2:cd:6a:ef:4f:48:
14:b5:1b:c9:62:39:3e:2c:d3:78:73:0d:07:f2:33:
5f:b8:18:0e:2d:5b:76:ea:f8:83:49:7d:4a:ce:e7:
5a:1d:ea:6a:b8:b8:06:6f:45:96:37:b7:92:6f:c7:
62:84:3b:33:0e:34:aa:a7:d1:87:6d:59:72:c3:f8:
40:88:d4:e7:7b:c2:45:76:78:22:6c:a1:10:49:ac:
c6:2c:74:0f:de:99:f1:fa:c4:fd:65:99:38:82:0d:
1e:83:b1:ad:84:a3:93:c6:ed:02:68:22:b2:c3:d3:
78:c4:08:a0:96:3c:b3:5b:bc:71:a4:07:11:02:91:
1c:87:38:3a:68:ce:c6:76:da:7f:24:42:93:51:d7:
a8:47:ea:22:d9:2b:56:5d:99:80:eb:19:50:0a:66:
29:76:99:0f:27:85:1c:78:9d:68:a8:c6:cc:44:b3:
96:a9:b1:d4:24:a4:87:ac:9f:1e:e6:14:78:ad:ee:
98:bd:01:48:bb:b8:48:33:7b:79:d7:78:62:8c:c5:
4a:c2:9e:4f:23:f9:7e:7f:62:0d:79:c1:04:3c:4c:
e9:8a:77:3a:1e:7d:d5:2b:26:27:3a:dc:1f:ee:87:
90:bc:c4:d4:6f:85:f7:66:34:fc:11:6c:87:bf:7b:
73:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:10:36:86:63:15:98:AA:E8:4D:02:C7:12:54:E1:B0:C0:7A:64:76
X509v3 Authority Key Identifier:
keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/nRA2hmMVmKroTQLHElThsMB6ZHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.36.0-5.102.38.255
195.5.124.0/23
195.222.124.0/22
IPv6:
2a10:d80::/29
Signature Algorithm: sha256WithRSAEncryption
3d:3c:c3:0b:7e:ef:06:eb:18:4f:1f:43:a2:0c:fb:22:df:83:
d6:1a:b7:3b:73:e1:49:a8:3f:89:38:75:2d:e3:36:e3:61:3f:
cd:35:bf:3b:25:b4:c0:16:93:e8:15:72:da:c1:3d:ec:26:90:
38:66:f5:a4:2d:09:f2:5e:0e:ee:c9:16:91:09:e2:79:95:a9:
91:06:1a:21:1b:03:bb:ee:39:34:cb:1b:42:c3:ab:74:87:98:
ad:31:20:e2:02:72:86:fc:62:97:0e:9d:07:29:e3:32:ac:08:
c6:3f:53:09:3f:ea:9e:87:4c:ab:69:dd:e3:0e:66:49:f0:c2:
57:45:50:c6:c4:cc:96:e0:6b:e8:a4:64:b2:58:d9:17:6d:69:
d5:5a:26:31:95:4a:90:f5:c1:48:64:f1:35:bf:53:6a:27:97:
33:6e:89:13:f8:56:41:a9:6d:58:04:5f:03:14:75:2f:d7:d4:
61:60:51:d0:3e:3b:8d:19:98:6f:f9:3b:f9:92:ef:21:e5:fa:
7c:d7:7f:0f:a2:5d:6b:3d:23:d7:69:6f:1b:cc:9c:77:f6:30:
be:6e:fc:8d:35:19:ff:e1:1d:68:08:1e:e6:dc:57:91:6d:08:
a7:19:32:dc:df:5b:6d:51:35:08:ac:6c:a7:ee:84:61:06:0e:
73:f1:e3:d3
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYoD1UtM7J/e+lgybnGKupVeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGY3NmM1NGI5ZTY5MzVjMzBhOWI0YzliYTkzMDlhYzQ3
MGVjMDIwHhcNMjMwODE3MTQxMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDEwMzY4NjYzMTU5OGFhZTg0ZDAyYzcxMjU0ZTFiMGMwN2E2NDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2YBbmbgm61HyzWrvT0gUtRvJYjk+
LNN4cw0H8jNfuBgOLVt26viDSX1KzudaHepquLgGb0WWN7eSb8dihDszDjSqp9GH
bVlyw/hAiNTne8JFdngibKEQSazGLHQP3pnx+sT9ZZk4gg0eg7GthKOTxu0CaCKy
w9N4xAigljyzW7xxpAcRApEchzg6aM7Gdtp/JEKTUdeoR+oi2StWXZmA6xlQCmYp
dpkPJ4UceJ1oqMbMRLOWqbHUJKSHrJ8e5hR4re6YvQFIu7hIM3t513hijMVKwp5P
I/l+f2INecEEPEzpinc6Hn3VKyYnOtwf7oeQvMTUb4X3ZjT8EWyHv3tzkwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFJ0QNoZjFZiq6E0CxxJU4bDAemR2MB8GA1UdIwQY
MBaAFIvfdsVLnmk1wwqbTJupMJrEcOwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgt
OGQyMTg2NjUwMjdkLzEvblJBMmhtTVZtS3JvVFFMSEVsVGhzTUI2WkhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgtOGQyMTg2NjUwMjdk
LzEvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBAIFZiQD
BAAFZiYDBAHDBXwDBALD3nwwDQQCAAIwBwMFAyoQDYAwDQYJKoZIhvcNAQELBQAD
ggEBAD08wwt+7wbrGE8fQ6IM+yLfg9Yatztz4UmoP4k4dS3jNuNhP801vzsltMAW
k+gVctrBPewmkDhm9aQtCfJeDu7JFpEJ4nmVqZEGGiEbA7vuOTTLG0LDq3SHmK0x
IOICcob8YpcOnQcp4zKsCMY/Uwk/6p6HTKtp3eMOZknwwldFUMbEzJbga+ikZLJY
2RdtadVaJjGVSpD1wUhk8TW/U2onlzNuiRP4VkGpbVgEXwMUdS/X1GFgUdA+O40Z
mG/5O/mS7yHl+nzXfw+iXWs9I9dpbxvMnHf2ML5u/I01Gf/hHWgIHubcV5FtCKcZ
MtzfW21RNQisbKfuhGEGDnPx49M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:50 2024 by rpki-client on console-fra.rpki-client.org