Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/40Bbsc20xvFKEImghzcxVZBoA2A.roa
File: 40Bbsc20xvFKEImghzcxVZBoA2A.roa (raw, json)
Hash identifier: IyssBgm5tKpOIF+2cS+SMc1XTH0kUapfbG29QaCxlAw=
Subject key identifier: E3:40:5B:B1:CD:B4:C6:F1:4A:10:89:A0:87:37:31:55:90:68:03:60
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019493BFC7A6FEE6C3E220A9DDFDDCC212B5
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/40Bbsc20xvFKEImghzcxVZBoA2A.roa
Signing time: Thu 23 Jan 2025 15:20:06 +0000
ROA not before: Thu 23 Jan 2025 15:20:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58212
IP address blocks: 5.83.150.0/24 maxlen: 24
5.175.140.0/24 maxlen: 24
77.90.7.0/24 maxlen: 24
77.90.39.0/24 maxlen: 24
77.90.41.0/24 maxlen: 24
77.90.52.0/24 maxlen: 24
77.90.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Jan 2025 23:32:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:93:bf:c7:a6:fe:e6:c3:e2:20:a9:dd:fd:dc:c2:12:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jan 23 15:20:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3405bb1cdb4c6f14a1089a08737315590680360
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:4d:e9:9a:40:9c:79:77:9f:c4:85:e3:45:b3:
73:e6:8b:96:9c:d6:45:7c:e4:6a:78:01:b1:0b:37:
a2:d8:ec:fb:10:2b:97:53:18:f3:1e:b4:5d:99:43:
d3:f8:c3:00:c6:62:7a:f2:54:0d:7c:59:70:da:53:
41:09:10:cb:cb:f0:8f:a6:a6:61:cc:de:7d:78:01:
02:a9:d6:be:d9:23:bc:de:8b:ee:90:7f:49:6f:2b:
1c:c7:cf:86:96:d8:2b:41:06:59:38:7f:c5:44:e0:
77:ee:e1:8c:34:c0:e3:17:d4:d2:41:38:76:a7:9c:
09:b1:cf:e7:a5:e7:65:9a:a6:3d:d0:ad:2c:7e:b1:
b9:59:f3:a8:57:59:e0:ca:77:63:50:e5:ca:7f:ef:
c9:7e:6b:84:21:81:48:2c:b5:b3:89:b9:c8:fe:db:
14:9e:e8:c4:a3:ba:15:da:0a:e3:c5:e7:d6:7a:fa:
2f:4b:6b:a9:59:e8:43:7b:07:b4:d3:2a:91:b0:b1:
48:4d:98:f0:80:c2:96:a3:97:65:b1:23:c4:bc:cd:
60:ad:89:6c:2a:fa:ef:3a:bf:04:8b:71:43:76:e6:
da:cd:d7:27:eb:d8:a0:5f:59:8c:3d:f8:5c:a0:22:
ef:fa:94:df:a8:01:0c:b8:79:7e:1c:c3:29:64:3c:
33:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:40:5B:B1:CD:B4:C6:F1:4A:10:89:A0:87:37:31:55:90:68:03:60
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/40Bbsc20xvFKEImghzcxVZBoA2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.150.0/24
5.175.140.0/24
77.90.7.0/24
77.90.39.0/24
77.90.41.0/24
77.90.52.0/24
77.90.58.0/24
Signature Algorithm: sha256WithRSAEncryption
76:f4:be:8a:d8:32:db:8b:19:0e:ee:3e:44:f9:71:cd:1a:ec:
eb:2d:2b:bf:69:81:21:23:0b:db:f2:a1:36:fd:c1:5a:d4:0f:
a9:fc:8a:97:e7:c6:42:da:7b:9b:47:fd:b4:99:7b:d1:98:4c:
d8:75:f0:dc:8f:35:96:52:c1:de:04:16:80:98:d9:92:69:11:
5c:9c:97:38:cb:6a:11:d5:09:af:d0:f3:2b:8b:05:69:8f:13:
65:fe:b0:a1:c6:9d:81:85:02:0b:c2:94:01:34:23:3c:e1:8b:
45:9c:ea:a3:b2:88:6d:ad:89:10:0c:55:96:20:b6:9f:a6:92:
ad:64:21:f2:cb:4c:8a:aa:75:d4:d3:e8:5a:e1:1d:35:44:03:
04:00:0d:ed:7c:86:8c:8f:53:f5:e3:a9:76:8d:0b:3c:b5:a2:
10:4c:37:5c:b4:96:41:52:03:11:cb:e4:21:e0:1a:1f:cf:e2:
18:c4:6d:87:1c:38:c4:85:33:50:24:54:60:b7:f6:8d:80:d0:
a6:52:e7:12:36:9f:12:9a:cd:57:56:bb:bc:1e:32:b4:4b:12:
91:07:ff:e4:d0:6e:dd:02:24:3e:33:e4:56:58:f1:a3:d1:54:
87:74:be:ff:e2:dd:75:93:74:e8:6f:b5:96:a2:b8:14:c0:90:
aa:a1:ae:a0
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZSTv8em/ubD4iCp3f3cwhK1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMTIzMTUyMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzQwNWJiMWNkYjRjNmYxNGExMDg5YTA4NzM3MzE1NTkwNjgwMzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnU3pmkCceXefxIXjRbNz5ouWnNZF
fORqeAGxCzei2Oz7ECuXUxjzHrRdmUPT+MMAxmJ68lQNfFlw2lNBCRDLy/CPpqZh
zN59eAECqda+2SO83ovukH9Jbyscx8+GltgrQQZZOH/FROB37uGMNMDjF9TSQTh2
p5wJsc/npedlmqY90K0sfrG5WfOoV1ngyndjUOXKf+/JfmuEIYFILLWzibnI/tsU
nujEo7oV2grjxefWevovS2upWehDewe00yqRsLFITZjwgMKWo5dlsSPEvM1grYls
KvrvOr8Ei3FDdubazdcn69igX1mMPfhcoCLv+pTfqAEMuHl+HMMpZDwzFQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFONAW7HNtMbxShCJoIc3MVWQaANgMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvNDBCYnNjMjB4dkZLRUltZ2h6Y3hWWkJvQTJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABVOWAwQA
Ba+MAwQATVoHAwQATVonAwQATVopAwQATVo0AwQATVo6MA0GCSqGSIb3DQEBCwUA
A4IBAQB29L6K2DLbixkO7j5E+XHNGuzrLSu/aYEhIwvb8qE2/cFa1A+p/IqX58ZC
2nubR/20mXvRmEzYdfDcjzWWUsHeBBaAmNmSaRFcnJc4y2oR1Qmv0PMriwVpjxNl
/rChxp2BhQILwpQBNCM84YtFnOqjsohtrYkQDFWWILafppKtZCHyy0yKqnXU0+ha
4R01RAMEAA3tfIaMj1P146l2jQs8taIQTDdctJZBUgMRy+Qh4Bofz+IYxG2HHDjE
hTNQJFRgt/aNgNCmUucSNp8Sms1XVru8HjK0SxKRB//k0G7dAiQ+M+RWWPGj0VSH
dL7/4t11k3Tob7WWorgUwJCqoa6g
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:20:33 2025 by rpki-client