Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/5BrYoSfMYCsgvy98XveS-XH0DR4.roa
File: 5BrYoSfMYCsgvy98XveS-XH0DR4.roa (raw, json)
Hash identifier: PT3sxxeeNIh6wdSWuHcl2oMdcCrZiFGECs+BU6aro2w=
Subject key identifier: E4:1A:D8:A1:27:CC:60:2B:20:BF:2F:7C:5E:F7:92:F9:71:F4:0D:1E
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0193D30AD4F11630215499D7839C11A6BF8A
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/5BrYoSfMYCsgvy98XveS-XH0DR4.roa
Signing time: Tue 17 Dec 2024 05:15:22 +0000
ROA not before: Tue 17 Dec 2024 05:15:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
5.175.138.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.103.163.0/24 maxlen: 24
94.249.138.0/24 maxlen: 24
94.249.148.0/24 maxlen: 24
94.249.153.0/24 maxlen: 24
94.249.212.0/24 maxlen: 24
94.249.237.0/24 maxlen: 24
95.215.32.0/24 maxlen: 24
185.47.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Dec 2024 12:36:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d3:0a:d4:f1:16:30:21:54:99:d7:83:9c:11:a6:bf:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Dec 17 05:15:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e41ad8a127cc602b20bf2f7c5ef792f971f40d1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5c:0f:20:d1:84:da:f9:26:ea:4e:96:67:1f:
64:a1:76:5f:30:df:03:9c:5a:37:2d:57:b1:87:05:
aa:66:5b:b2:67:44:72:a6:fa:46:12:90:36:a9:54:
2e:8b:6f:a3:3f:95:a3:e6:90:7e:73:a9:ad:59:1a:
2c:8b:6c:f1:51:f4:46:c8:b1:3d:d2:6b:59:d3:a4:
da:2a:4f:eb:ea:59:54:97:ea:d8:97:ff:a6:50:83:
0d:b2:66:c3:1e:17:e2:13:c1:e0:ac:bb:ba:88:42:
cd:c1:02:f5:11:f7:52:82:01:c2:ce:29:00:7a:8f:
9a:1a:0b:8c:44:e3:40:fa:96:13:87:e9:f4:1a:df:
89:c8:b6:34:9c:37:52:c5:52:a4:80:b2:31:b0:04:
7e:2e:70:3c:21:09:27:c3:de:a1:92:02:39:91:bb:
31:ab:fb:fa:c9:59:fc:52:b6:b4:d1:18:2f:6d:dc:
a7:2b:12:ea:06:5b:52:5a:79:8f:9f:b3:72:23:63:
ee:e1:70:71:9c:a1:4c:64:d5:41:06:b8:64:1c:c5:
1b:75:42:3b:08:65:61:df:42:f2:39:b7:56:53:5d:
65:90:c7:4d:82:74:3e:f3:aa:f6:f4:0e:96:0a:48:
e6:a1:b6:e4:04:0e:75:14:24:bb:1e:d3:2c:69:c1:
8b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:1A:D8:A1:27:CC:60:2B:20:BF:2F:7C:5E:F7:92:F9:71:F4:0D:1E
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/5BrYoSfMYCsgvy98XveS-XH0DR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
5.175.138.0/24
87.239.131.0/24
94.103.163.0/24
94.249.138.0/24
94.249.148.0/24
94.249.153.0/24
94.249.212.0/24
94.249.237.0/24
95.215.32.0/24
185.47.143.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:1f:b3:28:f6:40:14:17:85:6a:23:d0:ea:5f:97:00:a8:48:
b8:1d:2c:2b:64:23:2b:12:50:f9:88:04:45:56:3f:e9:37:7d:
b1:1e:46:7f:03:a9:e7:15:c3:2d:d6:5c:c4:fd:f5:d2:73:08:
99:b9:dc:09:fc:08:d0:8c:fe:b5:a7:42:fd:ec:d0:c0:d7:7d:
b0:f3:71:81:df:e6:77:50:91:4b:43:19:6c:d1:17:de:9e:7d:
ab:f0:c6:ba:b9:71:47:10:a5:ec:8e:d1:e5:a1:c2:ad:cd:4e:
34:60:93:74:4a:40:1d:e2:e5:20:6a:73:dc:a2:16:6e:05:d0:
5f:0c:97:67:5a:34:0c:c0:43:0c:63:c9:40:1c:91:8a:d6:8c:
db:8f:19:c2:54:fa:ab:3b:65:d8:c5:59:fc:45:1b:13:a6:d7:
f2:84:bc:b0:3a:28:66:d8:49:da:12:8b:b0:3c:86:ca:13:9c:
cb:fa:c2:16:11:39:36:cc:3c:22:89:ad:6f:58:55:43:0b:6a:
65:99:a8:88:db:cf:26:59:69:f0:d0:a5:3b:d5:27:1d:bb:ea:
27:18:48:58:e5:0d:1b:27:6e:0c:53:9b:9d:02:93:82:74:f3:
d6:a2:53:59:d7:e0:12:b6:24:47:de:ba:ca:c4:68:b9:68:94:
16:8c:78:22
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZPTCtTxFjAhVJnXg5wRpr+KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMjE3MDUxNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDFhZDhhMTI3Y2M2MDJiMjBiZjJmN2M1ZWY3OTJmOTcxZjQwZDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFwPINGE2vkm6k6WZx9koXZfMN8D
nFo3LVexhwWqZluyZ0RypvpGEpA2qVQui2+jP5Wj5pB+c6mtWRosi2zxUfRGyLE9
0mtZ06TaKk/r6llUl+rYl/+mUIMNsmbDHhfiE8HgrLu6iELNwQL1EfdSggHCzikA
eo+aGguMRONA+pYTh+n0Gt+JyLY0nDdSxVKkgLIxsAR+LnA8IQknw96hkgI5kbsx
q/v6yVn8Ura00RgvbdynKxLqBltSWnmPn7NyI2Pu4XBxnKFMZNVBBrhkHMUbdUI7
CGVh30LyObdWU11lkMdNgnQ+86r29A6WCkjmobbkBA51FCS7HtMsacGL/wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFOQa2KEnzGArIL8vfF73kvlx9A0eMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvNUJyWW9TZk1ZQ3Nndnk5OFh2ZVMtWEgwRFI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQABVOBAwQA
Ba+KAwQAV++DAwQAXmejAwQAXvmKAwQAXvmUAwQAXvmZAwQAXvnUAwQAXvntAwQA
X9cgAwQAuS+PMA0GCSqGSIb3DQEBCwUAA4IBAQCkH7Mo9kAUF4VqI9DqX5cAqEi4
HSwrZCMrElD5iARFVj/pN32xHkZ/A6nnFcMt1lzE/fXScwiZudwJ/AjQjP61p0L9
7NDA132w83GB3+Z3UJFLQxls0Rfenn2r8Ma6uXFHEKXsjtHlocKtzU40YJN0SkAd
4uUganPcohZuBdBfDJdnWjQMwEMMY8lAHJGK1ozbjxnCVPqrO2XYxVn8RRsTptfy
hLywOihm2EnaEouwPIbKE5zL+sIWETk2zDwiia1vWFVDC2plmaiI288mWWnw0KU7
1Scdu+onGEhY5Q0bJ24MU5udApOCdPPWolNZ1+AStiRH3rrKxGi5aJQWjHgi
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:15:48 2025 by rpki-client