Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PAiAmNo6qTzVSpkhNd811x01HQ0.roa
File: PAiAmNo6qTzVSpkhNd811x01HQ0.roa (raw, json)
Hash identifier: NjT88e6Sz/SATWUmLQZ/phqhk8j6c61gPxQCKuqUCBs=
Subject key identifier: 3C:08:80:98:DA:3A:A9:3C:D5:4A:99:21:35:DF:35:D7:1D:35:1D:0D
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01939A62DCD7BBE7B08584315E44898A6394
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PAiAmNo6qTzVSpkhNd811x01HQ0.roa
Signing time: Fri 06 Dec 2024 05:13:10 +0000
ROA not before: Fri 06 Dec 2024 05:13:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
5.175.138.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
77.90.55.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.249.138.0/24 maxlen: 24
94.249.153.0/24 maxlen: 24
94.249.212.0/24 maxlen: 24
94.249.237.0/24 maxlen: 24
185.47.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Dec 2024 05:12:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9a:62:dc:d7:bb:e7:b0:85:84:31:5e:44:89:8a:63:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Dec 6 05:13:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c088098da3aa93cd54a992135df35d71d351d0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:28:99:d8:5a:1c:75:59:7c:f6:10:57:ab:5d:
9c:aa:c3:93:65:d3:e6:e7:b0:ec:60:a4:74:93:6c:
dc:3b:d7:30:96:c6:c4:94:94:bb:47:b0:62:ca:14:
9b:8f:32:80:a8:1a:de:cd:d9:8f:84:82:05:ff:f2:
61:83:46:cb:72:f1:ad:a7:7c:01:c3:4d:af:10:2f:
71:25:45:3f:e3:61:d6:db:f4:86:18:18:0c:f5:87:
36:d7:4f:db:06:bb:e0:ef:05:56:8a:bd:b9:94:42:
1a:cb:fc:c0:d0:63:4a:ec:c1:a6:e7:a9:4f:1a:8f:
42:2f:a8:cf:3d:21:12:ba:07:42:1b:26:a1:d8:f0:
e2:f8:8d:78:dd:81:01:10:29:e2:15:c1:b8:e6:a3:
e6:6b:dd:b5:0a:d0:f4:d2:92:6d:3b:13:da:8e:66:
50:bb:c4:7f:f3:35:35:2d:18:07:dd:66:2b:ac:39:
3b:c8:c4:9b:09:a7:5e:c4:d2:af:1b:70:3c:99:e7:
49:ac:9d:40:56:df:71:69:eb:25:5c:3e:5b:f6:4b:
66:fd:2f:d3:55:f7:3c:92:ea:54:38:e7:30:a0:79:
11:9c:ec:02:f9:53:53:b7:94:29:33:b0:84:36:71:
f3:c3:d2:25:c7:01:2d:b9:11:2a:79:cd:0d:5f:1c:
02:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:08:80:98:DA:3A:A9:3C:D5:4A:99:21:35:DF:35:D7:1D:35:1D:0D
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PAiAmNo6qTzVSpkhNd811x01HQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
5.175.138.0/24
77.90.54.0/23
87.239.131.0/24
94.249.138.0/24
94.249.153.0/24
94.249.212.0/24
94.249.237.0/24
185.47.143.0/24
Signature Algorithm: sha256WithRSAEncryption
20:7c:dd:86:60:66:cd:f3:a6:d0:e7:3c:bf:38:75:ee:98:4e:
75:4f:e1:89:ef:c8:94:a6:e7:11:43:7a:73:15:39:7c:c4:9f:
32:69:c4:28:42:37:f9:34:2c:69:c2:f2:0b:9f:3c:c9:9a:bc:
72:e4:af:76:03:02:50:84:dc:34:a5:97:5b:34:f4:9d:2e:8e:
83:fb:fb:2e:e7:1b:10:71:e4:f4:7e:6e:c2:42:d7:fa:c8:c6:
bd:c1:89:94:6f:f3:c4:51:04:ae:fa:3b:fd:c6:4d:15:8c:dc:
f5:75:79:fe:35:bf:38:77:2e:fa:11:fb:bf:9a:e1:6d:92:43:
9f:f0:0f:b8:d8:d2:d8:54:cb:3e:4b:db:13:bc:70:a7:f2:7b:
f8:0b:14:5c:25:df:af:5b:aa:d6:ed:49:de:b2:67:69:fa:d3:
08:2a:2a:e9:32:49:bc:d3:8f:a9:40:72:44:84:e2:fe:75:7e:
27:60:6b:df:76:f8:c1:f2:5a:5a:50:7a:9a:60:eb:d2:0c:13:
6c:ef:05:d2:7c:93:cc:ce:e3:36:57:bb:24:05:88:c0:4a:34:
ae:b5:86:34:5e:f7:cd:1f:1e:0b:3e:80:3b:f4:40:1b:76:91:
20:c0:de:f0:83:b2:a2:26:ee:19:bb:16:7a:08:f4:bf:f0:e0:
54:6f:27:3b
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZOaYtzXu+ewhYQxXkSJimOUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMjA2MDUxMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzA4ODA5OGRhM2FhOTNjZDU0YTk5MjEzNWRmMzVkNzFkMzUxZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCiZ2FocdVl89hBXq12cqsOTZdPm
57DsYKR0k2zcO9cwlsbElJS7R7BiyhSbjzKAqBrezdmPhIIF//Jhg0bLcvGtp3wB
w02vEC9xJUU/42HW2/SGGBgM9Yc210/bBrvg7wVWir25lEIay/zA0GNK7MGm56lP
Go9CL6jPPSESugdCGyah2PDi+I143YEBECniFcG45qPma921CtD00pJtOxPajmZQ
u8R/8zU1LRgH3WYrrDk7yMSbCadexNKvG3A8medJrJ1AVt9xaeslXD5b9ktm/S/T
Vfc8kupUOOcwoHkRnOwC+VNTt5QpM7CENnHzw9IlxwEtuREqec0NXxwCcQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDwIgJjaOqk81UqZITXfNdcdNR0NMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvUEFpQW1ObzZxVHpWU3BraE5kODExeDAxSFEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQABVOBAwQA
Ba+KAwQBTVo2AwQAV++DAwQAXvmKAwQAXvmZAwQAXvnUAwQAXvntAwQAuS+PMA0G
CSqGSIb3DQEBCwUAA4IBAQAgfN2GYGbN86bQ5zy/OHXumE51T+GJ78iUpucRQ3pz
FTl8xJ8yacQoQjf5NCxpwvILnzzJmrxy5K92AwJQhNw0pZdbNPSdLo6D+/su5xsQ
ceT0fm7CQtf6yMa9wYmUb/PEUQSu+jv9xk0VjNz1dXn+Nb84dy76Efu/muFtkkOf
8A+42NLYVMs+S9sTvHCn8nv4CxRcJd+vW6rW7Unesmdp+tMIKirpMkm804+pQHJE
hOL+dX4nYGvfdvjB8lpaUHqaYOvSDBNs7wXSfJPMzuM2V7skBYjASjSutYY0XvfN
Hx4LPoA79EAbdpEgwN7wg7KiJu4ZuxZ6CPS/8OBUbyc7
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:22:47 2025 by rpki-client