Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/NILlSpW4hWyZw6By-apHjvvQWhU.roa
File: NILlSpW4hWyZw6By-apHjvvQWhU.roa (raw, json)
Hash identifier: 9/4NAUtisxiIKuVHfbXUEIBzfkvDEW6r/AkR4olLtx0=
Subject key identifier: 34:82:E5:4A:95:B8:85:6C:99:C3:A0:72:F9:AA:47:8E:FB:D0:5A:15
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01929AA59A8BA5CE87CBF40EE2D1C8472597
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/NILlSpW4hWyZw6By-apHjvvQWhU.roa
Signing time: Thu 17 Oct 2024 13:23:17 +0000
ROA not before: Thu 17 Oct 2024 13:23:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
5.175.138.0/24 maxlen: 24
5.231.70.0/24 maxlen: 24
77.90.42.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
77.90.55.0/24 maxlen: 24
85.118.162.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.249.138.0/24 maxlen: 24
94.249.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Oct 2024 19:53:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9a:a5:9a:8b:a5:ce:87:cb:f4:0e:e2:d1:c8:47:25:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Oct 17 13:23:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3482e54a95b8856c99c3a072f9aa478efbd05a15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e5:05:2a:83:07:67:97:a2:8f:6e:05:3f:19:
4c:b1:b2:3f:8c:ff:8d:98:58:eb:d9:ca:0e:3d:89:
0f:fc:3b:df:f7:63:65:ac:79:29:3f:73:5c:7a:38:
e0:07:a8:2b:f2:2f:0d:aa:84:8a:42:ee:ca:3b:62:
44:2f:ed:08:c8:bb:60:bd:76:6c:f7:f3:e0:48:66:
eb:58:35:be:4d:62:52:33:cc:b2:c6:d9:33:6c:ff:
1f:62:f4:50:46:86:2a:c8:35:68:fe:68:11:02:c8:
87:b5:96:83:2f:2d:bd:5f:42:5d:90:dc:0f:5b:8f:
8b:ff:11:c6:a1:80:e2:0f:4f:6c:8f:e8:8b:42:32:
8d:3a:0a:8a:fe:43:3b:1a:31:8a:3d:4f:99:ce:b5:
34:e3:bf:c4:46:95:23:e4:25:34:12:3f:d1:73:6e:
51:6b:55:3d:16:aa:25:e8:aa:5c:af:5b:59:a7:e3:
2d:00:53:af:c5:15:12:62:2f:2c:87:2a:b5:e0:43:
b5:6a:7f:75:89:db:44:ad:75:5c:9a:9a:76:88:93:
b5:05:33:0d:a2:3d:b8:83:c3:0b:98:41:ad:d9:bf:
91:44:7b:8e:d0:16:73:90:92:9b:9a:f5:7c:5d:42:
05:0b:46:31:18:7b:e1:5d:41:7b:83:d9:41:95:25:
3a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:82:E5:4A:95:B8:85:6C:99:C3:A0:72:F9:AA:47:8E:FB:D0:5A:15
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/NILlSpW4hWyZw6By-apHjvvQWhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
5.175.138.0/24
5.231.70.0/24
77.90.42.0/24
77.90.54.0/23
85.118.162.0/24
87.239.131.0/24
94.249.138.0/24
94.249.148.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:e1:09:29:d4:9e:d0:8d:c8:ff:1c:6e:73:79:56:71:b0:71:
97:b0:c0:bb:04:99:24:97:9a:69:cb:13:61:26:90:d3:cb:48:
6f:cd:ce:3f:06:58:34:f1:3c:13:a0:3c:f3:8e:23:4a:d4:8e:
1d:e8:fe:d7:a0:fa:6b:51:1a:33:c7:b8:d3:33:27:be:76:9d:
b2:fe:94:3b:95:0c:7b:74:b4:52:d8:4d:5b:f5:bf:f0:3f:19:
0b:1a:0c:b3:19:8a:8d:be:61:ce:96:aa:c5:e7:c0:cc:38:d3:
c3:28:67:8e:69:a4:8b:d0:d7:d6:40:fc:1f:9a:d1:f6:55:c7:
48:9d:6d:24:b2:18:b2:61:23:fa:f4:34:7d:37:19:05:73:03:
50:45:90:d8:9f:00:d5:c0:6c:fc:7a:34:33:48:c5:0d:1b:db:
0c:d6:01:07:15:5f:e3:44:da:f5:52:c8:3f:6f:fa:86:a3:18:
6b:86:b4:a7:71:dd:3b:96:ca:88:9a:06:ca:cd:be:ed:d6:7c:
b8:78:8a:0b:c0:3e:df:56:c9:40:2f:35:76:a7:7d:9f:88:0a:
58:bb:bb:af:83:ca:7d:2d:1f:61:bc:43:3e:6f:5b:d7:86:0b:
2b:f2:65:4f:dd:7a:02:0a:4c:d2:3e:8b:66:86:48:ae:d7:33:
6b:e0:87:a4
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZKapZqLpc6Hy/QO4tHIRyWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMDE3MTMyMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDgyZTU0YTk1Yjg4NTZjOTljM2EwNzJmOWFhNDc4ZWZiZDA1YTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuUFKoMHZ5eij24FPxlMsbI/jP+N
mFjr2coOPYkP/Dvf92NlrHkpP3NcejjgB6gr8i8NqoSKQu7KO2JEL+0IyLtgvXZs
9/PgSGbrWDW+TWJSM8yyxtkzbP8fYvRQRoYqyDVo/mgRAsiHtZaDLy29X0JdkNwP
W4+L/xHGoYDiD09sj+iLQjKNOgqK/kM7GjGKPU+ZzrU047/ERpUj5CU0Ej/Rc25R
a1U9Fqol6Kpcr1tZp+MtAFOvxRUSYi8shyq14EO1an91idtErXVcmpp2iJO1BTMN
oj24g8MLmEGt2b+RRHuO0BZzkJKbmvV8XUIFC0YxGHvhXUF7g9lBlSU66wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDSC5UqVuIVsmcOgcvmqR4770FoVMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvTklMbFNwVzRoV3ladzZCeS1hcEhqdnZRV2hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQABVOBAwQA
Ba+KAwQABedGAwQATVoqAwQBTVo2AwQAVXaiAwQAV++DAwQAXvmKAwQAXvmUMA0G
CSqGSIb3DQEBCwUAA4IBAQCP4Qkp1J7Qjcj/HG5zeVZxsHGXsMC7BJkkl5ppyxNh
JpDTy0hvzc4/Blg08TwToDzzjiNK1I4d6P7XoPprURozx7jTMye+dp2y/pQ7lQx7
dLRS2E1b9b/wPxkLGgyzGYqNvmHOlqrF58DMONPDKGeOaaSL0NfWQPwfmtH2VcdI
nW0kshiyYSP69DR9NxkFcwNQRZDYnwDVwGz8ejQzSMUNG9sM1gEHFV/jRNr1Usg/
b/qGoxhrhrSncd07lsqImgbKzb7t1ny4eIoLwD7fVslALzV2p32fiApYu7uvg8p9
LR9hvEM+b1vXhgsr8mVP3XoCCkzSPotmhkiu1zNr4Iek
-----END CERTIFICATE-----
Generated at Mon Oct 21 22:10:01 2024 by rpki-client on console-fra.rpki-client.org