Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/AbgdcWxb4n23ZAjSKM1ktuqApB8.roa
File: AbgdcWxb4n23ZAjSKM1ktuqApB8.roa (raw, json)
Hash identifier: 2zpPkrhNjs+MeTcZyFWdaqmRitSfGCjoUj+Eu2h6CAs=
Subject key identifier: 01:B8:1D:71:6C:5B:E2:7D:B7:64:08:D2:28:CD:64:B6:EA:80:A4:1F
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0192BFF4628641AB6960C8B003B86185F9AB
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/AbgdcWxb4n23ZAjSKM1ktuqApB8.roa
Signing time: Thu 24 Oct 2024 19:15:17 +0000
ROA not before: Thu 24 Oct 2024 19:15:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.175.138.0/24 maxlen: 24
5.231.70.0/24 maxlen: 24
77.90.42.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
77.90.55.0/24 maxlen: 24
85.118.162.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.249.138.0/24 maxlen: 24
94.249.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Oct 2024 01:58:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bf:f4:62:86:41:ab:69:60:c8:b0:03:b8:61:85:f9:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Oct 24 19:15:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01b81d716c5be27db76408d228cd64b6ea80a41f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b0:45:f3:f5:15:6a:9e:3d:ff:af:31:1e:54:
aa:60:9c:cf:82:12:3c:6a:92:c4:78:02:2e:d2:3d:
06:88:78:bf:c2:15:bc:1b:43:9d:eb:39:d9:8a:4c:
05:7e:3f:21:17:da:ed:e9:b3:30:64:bf:f0:1e:85:
13:e8:6c:32:4e:4a:0e:4f:bf:6c:d9:91:35:8d:b6:
4f:8d:75:11:24:fe:95:28:67:c8:46:55:d9:e8:87:
73:5f:22:19:92:d7:6c:51:29:89:29:bc:3b:bd:34:
f6:c2:ba:63:b0:96:c0:f4:ee:6a:89:2d:1f:4e:80:
ae:1a:73:82:a2:15:99:85:24:f4:30:03:67:70:68:
62:ed:1c:78:39:23:96:fb:ef:fa:fd:b8:63:14:c9:
07:8e:b3:0c:a8:65:7b:39:53:8d:58:97:50:69:ba:
77:3f:13:90:c6:dc:08:ee:17:28:12:b5:97:67:0b:
59:40:b8:b6:b0:99:c0:07:8a:ba:d6:e5:39:e9:fa:
01:7c:7d:13:6d:08:3a:f7:9f:ad:1c:29:ce:04:62:
74:49:25:f3:21:93:fa:8a:f0:a4:3b:db:86:4a:0f:
56:e2:fd:98:c5:9e:43:bf:dc:e4:1a:a3:52:78:27:
70:5a:1b:f2:b7:33:15:e6:06:89:cb:70:da:5b:ab:
be:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:B8:1D:71:6C:5B:E2:7D:B7:64:08:D2:28:CD:64:B6:EA:80:A4:1F
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/AbgdcWxb4n23ZAjSKM1ktuqApB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.138.0/24
5.231.70.0/24
77.90.42.0/24
77.90.54.0/23
85.118.162.0/24
87.239.131.0/24
94.249.138.0/24
94.249.148.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:14:b0:ad:16:2c:bf:56:68:3a:d5:cc:41:91:72:b0:da:7d:
e0:6c:e8:04:20:de:1b:49:8b:62:1f:77:91:fc:23:70:1e:d5:
4e:ee:e4:b5:35:78:8a:e3:52:b6:b1:b2:ec:6e:3a:eb:83:75:
77:ab:72:f9:7a:6e:13:1f:bb:69:47:fa:0c:7f:0e:63:9c:b0:
5f:3e:93:f4:1a:20:97:fe:97:69:97:73:ce:90:7a:dc:c5:49:
bf:f3:73:05:97:27:6b:1c:3a:01:ec:24:66:bf:d9:bf:89:29:
1b:11:38:f8:53:bd:8d:9e:53:e4:3d:0b:43:78:83:18:5d:d1:
9f:58:78:27:79:84:9a:79:87:80:3a:83:dc:ac:24:93:70:12:
40:ae:1d:43:21:f2:01:74:35:87:11:ad:d8:13:ca:97:0a:27:
83:28:4d:51:7b:58:15:a8:ea:9e:cd:18:70:18:bc:ea:6c:92:
f7:c8:6e:87:16:d7:41:e2:b9:bd:63:e9:b7:7b:25:50:cb:63:
8f:d9:be:50:18:d1:b6:a5:50:e6:27:fb:f9:a0:71:67:d8:19:
76:cc:7f:4f:13:24:08:7a:2c:65:89:38:54:f3:06:2e:91:f7:
eb:dc:6a:7a:c4:15:0a:f1:90:73:e5:17:16:3e:51:c7:d3:e2:
dc:c0:a5:36
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZK/9GKGQatpYMiwA7hhhfmrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMDI0MTkxNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWI4MWQ3MTZjNWJlMjdkYjc2NDA4ZDIyOGNkNjRiNmVhODBhNDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2bBF8/UVap49/68xHlSqYJzPghI8
apLEeAIu0j0GiHi/whW8G0Od6znZikwFfj8hF9rt6bMwZL/wHoUT6GwyTkoOT79s
2ZE1jbZPjXURJP6VKGfIRlXZ6IdzXyIZktdsUSmJKbw7vTT2wrpjsJbA9O5qiS0f
ToCuGnOCohWZhST0MANncGhi7Rx4OSOW++/6/bhjFMkHjrMMqGV7OVONWJdQabp3
PxOQxtwI7hcoErWXZwtZQLi2sJnAB4q61uU56foBfH0TbQg695+tHCnOBGJ0SSXz
IZP6ivCkO9uGSg9W4v2YxZ5Dv9zkGqNSeCdwWhvytzMV5gaJy3DaW6u+LQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAG4HXFsW+J9t2QI0ijNZLbqgKQfMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvQWJnZGNXeGI0bjIzWkFqU0tNMWt0dXFBcEI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABa+KAwQA
BedGAwQATVoqAwQBTVo2AwQAVXaiAwQAV++DAwQAXvmKAwQAXvmUMA0GCSqGSIb3
DQEBCwUAA4IBAQBqFLCtFiy/Vmg61cxBkXKw2n3gbOgEIN4bSYtiH3eR/CNwHtVO
7uS1NXiK41K2sbLsbjrrg3V3q3L5em4TH7tpR/oMfw5jnLBfPpP0GiCX/pdpl3PO
kHrcxUm/83MFlydrHDoB7CRmv9m/iSkbETj4U72NnlPkPQtDeIMYXdGfWHgneYSa
eYeAOoPcrCSTcBJArh1DIfIBdDWHEa3YE8qXCieDKE1Re1gVqOqezRhwGLzqbJL3
yG6HFtdB4rm9Y+m3eyVQy2OP2b5QGNG2pVDmJ/v5oHFn2Bl2zH9PEyQIeixliThU
8wYukffr3Gp6xBUK8ZBz5RcWPlHH0+LcwKU2
-----END CERTIFICATE-----
Generated at Mon Oct 28 04:24:49 2024 by rpki-client on console-fra.rpki-client.org