Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/OArUCHh-Z9fOwjOTmZOVOLHpwpM.roa
File: OArUCHh-Z9fOwjOTmZOVOLHpwpM.roa (raw, json)
Hash identifier: uf6iTYWPRt7ZE6HjruV6OSpazQpu3F4m/I1T54vMeZM=
Subject key identifier: 38:0A:D4:08:78:7E:67:D7:CE:C2:33:93:99:93:95:38:B1:E9:C2:93
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019367EE982E5197781E36E4449805F72FBD
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/OArUCHh-Z9fOwjOTmZOVOLHpwpM.roa
Signing time: Tue 26 Nov 2024 10:05:09 +0000
ROA not before: Tue 26 Nov 2024 10:05:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59592
IP address blocks: 5.83.157.0/24 maxlen: 24
5.230.206.0/24 maxlen: 32
5.230.220.0/24 maxlen: 32
5.231.87.0/24 maxlen: 32
5.231.200.0/24 maxlen: 32
185.13.158.0/24 maxlen: 32
Validation: Failed, certificate revoked on Tue 26 Nov 2024 10:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:67:ee:98:2e:51:97:78:1e:36:e4:44:98:05:f7:2f:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Nov 26 10:05:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=380ad408787e67d7cec2339399939538b1e9c293
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:64:55:e5:4b:b0:99:d4:87:10:9c:38:f3:15:
54:e7:09:be:db:34:e5:e4:6b:de:c3:19:ba:f0:81:
db:3a:b4:57:b7:86:f2:c6:a7:1a:82:b1:dd:d5:e9:
13:be:69:61:e9:11:ed:9b:07:c5:fc:21:a1:df:1d:
98:10:63:63:65:2e:ab:d9:b6:00:60:10:46:3e:09:
2b:e8:ac:0a:af:73:df:85:80:6b:18:e1:3b:4d:43:
29:7e:ca:80:9e:a9:0f:21:95:a5:95:7e:31:cc:e6:
b7:7f:55:55:72:2a:ca:0d:50:18:1c:ee:58:d5:a7:
61:14:e6:37:d4:a2:a1:63:54:5e:5d:5b:0d:e6:fd:
07:5a:74:ce:4d:85:18:58:3f:f2:46:e9:c6:8f:7d:
56:9b:e1:36:43:c6:4d:d5:c0:56:a8:7c:fb:8e:0d:
eb:cd:af:5e:cf:bf:0c:9c:90:56:0f:fe:53:75:58:
02:2a:b4:b4:dc:6f:0a:77:4a:66:55:61:38:f6:ee:
d4:ce:05:d4:74:5a:47:bc:e9:eb:d4:10:90:cb:ff:
09:e1:1a:d2:2b:e9:05:63:57:2b:28:b2:f9:d1:ec:
46:43:88:f5:eb:c3:b2:75:a8:de:d9:28:18:97:12:
89:30:18:57:ec:5e:24:8b:38:7b:cc:b3:ec:ac:81:
eb:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:0A:D4:08:78:7E:67:D7:CE:C2:33:93:99:93:95:38:B1:E9:C2:93
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/OArUCHh-Z9fOwjOTmZOVOLHpwpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.157.0/24
5.230.206.0/24
5.230.220.0/24
5.231.87.0/24
5.231.200.0/24
185.13.158.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:1e:79:fd:ab:bd:db:c6:09:64:26:59:af:fe:00:78:2f:5b:
be:5c:b5:13:89:5f:d1:66:14:07:6d:c5:a9:72:58:95:05:4d:
94:58:e5:4a:75:c3:7a:fa:a0:37:b0:07:ec:c6:8c:42:e4:2d:
c4:bb:ba:ec:33:d0:2d:ee:b9:83:d6:73:cb:da:6d:ca:6a:4e:
b9:1c:c5:ae:15:70:80:91:3d:b9:ae:61:84:da:2e:8d:18:6d:
9a:b2:c7:05:cb:6d:bc:6d:57:2e:65:5e:41:57:41:f5:12:d9:
3e:64:16:25:fb:7c:cd:11:27:ca:38:45:7e:35:fa:9f:25:f8:
ed:45:20:3d:b8:ed:af:f1:25:99:a4:8a:41:d5:2b:45:fa:96:
98:8a:f3:69:58:a5:ec:54:51:19:51:1b:64:10:3c:9b:6f:0e:
76:f0:b2:73:98:86:75:12:8b:fb:20:60:ee:43:f2:6b:31:e3:
2b:12:61:d1:7f:0b:a9:8d:35:f8:8e:43:df:05:3c:05:23:85:
ca:38:88:44:3a:41:b5:d9:0a:6d:dc:f3:29:15:58:3f:06:5c:
97:ed:5a:31:4f:bb:9e:8f:7f:de:d8:2a:6f:06:11:20:33:ee:
2c:76:43:d4:86:c9:58:ff:de:f1:77:64:ed:be:0a:80:24:57:
bb:5e:31:eb
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZNn7pguUZd4HjbkRJgF9y+9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMTI2MTAwNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODBhZDQwODc4N2U2N2Q3Y2VjMjMzOTM5OTkzOTUzOGIxZTljMjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2RV5UuwmdSHEJw48xVU5wm+2zTl
5Gvewxm68IHbOrRXt4byxqcagrHd1ekTvmlh6RHtmwfF/CGh3x2YEGNjZS6r2bYA
YBBGPgkr6KwKr3PfhYBrGOE7TUMpfsqAnqkPIZWllX4xzOa3f1VVcirKDVAYHO5Y
1adhFOY31KKhY1ReXVsN5v0HWnTOTYUYWD/yRunGj31Wm+E2Q8ZN1cBWqHz7jg3r
za9ez78MnJBWD/5TdVgCKrS03G8Kd0pmVWE49u7UzgXUdFpHvOnr1BCQy/8J4RrS
K+kFY1crKLL50exGQ4j168Oydaje2SgYlxKJMBhX7F4kizh7zLPsrIHrpwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDgK1Ah4fmfXzsIzk5mTlTix6cKTMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvT0FyVUNIaC1aOWZPd2pPVG1aT1ZPTEhwd3BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABVOdAwQA
BebOAwQABebcAwQABedXAwQABefIAwQAuQ2eMA0GCSqGSIb3DQEBCwUAA4IBAQBa
Hnn9q73bxglkJlmv/gB4L1u+XLUTiV/RZhQHbcWpcliVBU2UWOVKdcN6+qA3sAfs
xoxC5C3Eu7rsM9At7rmD1nPL2m3Kak65HMWuFXCAkT25rmGE2i6NGG2asscFy228
bVcuZV5BV0H1Etk+ZBYl+3zNESfKOEV+NfqfJfjtRSA9uO2v8SWZpIpB1StF+paY
ivNpWKXsVFEZURtkEDybbw528LJzmIZ1Eov7IGDuQ/JrMeMrEmHRfwupjTX4jkPf
BTwFI4XKOIhEOkG12Qpt3PMpFVg/BlyX7VoxT7uej3/e2CpvBhEgM+4sdkPUhslY
/97xd2TtvgqAJFe7XjHr
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:18:23 2025 by rpki-client