Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/S-8SDnxy4lD8jFYxk7gSc4pkdoQ.roa
File: S-8SDnxy4lD8jFYxk7gSc4pkdoQ.roa (raw, json)
Hash identifier: DkygqwpD9fYabkgp6J4dj5Ejr3cA+Uc00fz9s9Pfc2Y=
Subject key identifier: 4B:EF:12:0E:7C:72:E2:50:FC:8C:56:31:93:B8:12:73:8A:64:76:84
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0191F4FB34415C40FB7DA18AFFFEFC44DB23
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/S-8SDnxy4lD8jFYxk7gSc4pkdoQ.roa
Signing time: Sun 15 Sep 2024 09:19:49 +0000
ROA not before: Sun 15 Sep 2024 09:19:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214347
IP address blocks: 5.83.138.0/24 maxlen: 24
5.83.153.0/24 maxlen: 24
5.83.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Sep 2024 13:49:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f4:fb:34:41:5c:40:fb:7d:a1:8a:ff:fe:fc:44:db:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Sep 15 09:19:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bef120e7c72e250fc8c563193b812738a647684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:b4:60:d7:55:80:3e:a0:7b:ec:a5:e6:3d:15:
4e:f1:27:cb:a0:d3:bc:53:0c:26:87:ea:89:2b:1d:
48:35:ac:e6:fb:89:cc:98:14:6e:7a:d2:2e:2c:01:
e8:01:2b:a8:ad:c6:7b:0b:2e:ee:79:24:17:30:b4:
ee:79:06:16:5d:34:f4:f6:c1:83:07:2d:80:25:8e:
3b:c8:38:f5:b6:aa:a1:c5:5f:da:e7:08:e6:98:59:
39:e6:31:01:e0:09:b2:3d:da:8e:86:ba:34:c6:55:
71:64:93:12:99:78:19:12:7d:8e:2d:61:fd:0d:bc:
1e:8c:58:ee:fb:4c:17:4e:53:84:ed:76:04:5c:45:
59:0a:37:13:ba:90:ed:c3:b5:4e:d3:a1:94:f9:19:
e1:21:e2:9a:be:a6:d4:1c:18:55:d0:0a:fc:5d:86:
85:6f:a7:21:32:9f:70:42:30:bf:de:d2:db:ef:79:
38:b6:76:4a:e3:d7:c5:5b:be:4e:a4:4b:e1:15:e3:
e6:6e:9f:a7:ef:11:8e:50:a0:f6:38:17:39:af:e0:
31:cb:24:1a:3b:20:6f:40:c9:8e:d2:56:9b:f1:2d:
b7:8f:16:44:bc:19:c1:f2:c4:05:3d:47:f6:b8:f2:
4a:f4:7a:a2:b1:74:b9:12:d9:0e:ba:1a:8c:80:19:
01:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:EF:12:0E:7C:72:E2:50:FC:8C:56:31:93:B8:12:73:8A:64:76:84
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/S-8SDnxy4lD8jFYxk7gSc4pkdoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.138.0/24
5.83.153.0-5.83.154.255
Signature Algorithm: sha256WithRSAEncryption
b4:5e:68:93:fa:09:72:a4:66:ee:06:f9:c5:91:53:e7:0a:78:
95:aa:3b:6d:a5:c9:df:9f:a5:31:8e:06:01:78:d7:bf:b5:77:
46:9f:27:0e:e8:a7:19:f1:2b:17:ce:92:49:4a:98:a2:e1:5e:
7f:36:3f:fb:cf:3f:18:e8:3d:a9:73:be:a8:90:c6:a6:cf:bc:
18:c8:87:24:50:0b:cb:8f:66:32:7a:3f:7a:ee:54:0d:54:50:
5b:c4:2e:00:1a:3c:31:e4:f7:e1:01:76:77:d6:72:0b:8b:cf:
e0:60:36:62:76:b2:92:05:b6:9a:29:31:8d:83:11:6d:1b:62:
58:01:d4:8e:50:d4:f8:83:bf:7a:54:d6:50:52:74:4a:1a:c1:
18:17:61:4d:c5:15:de:98:14:39:2d:02:60:1d:69:8a:4f:4a:
78:dc:a2:3a:02:cf:b7:c1:08:12:a4:64:49:1b:61:e1:e7:17:
58:a0:09:bc:76:b7:7c:6c:c1:0f:46:e6:48:ce:51:5e:39:a3:
53:83:fe:45:9f:f4:1d:91:66:02:e6:e5:c9:e6:51:fc:69:48:
56:aa:78:47:4b:aa:21:b4:31:e0:a4:b9:19:85:98:8e:98:42:
18:2a:56:a9:14:79:b7:53:0a:2c:f4:a8:68:f0:14:d0:23:99:
61:5b:e3:76
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZH0+zRBXED7faGK//78RNsjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwOTE1MDkxOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmVmMTIwZTdjNzJlMjUwZmM4YzU2MzE5M2I4MTI3MzhhNjQ3Njg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27Rg11WAPqB77KXmPRVO8SfLoNO8
Uwwmh+qJKx1INazm+4nMmBRuetIuLAHoASuorcZ7Cy7ueSQXMLTueQYWXTT09sGD
By2AJY47yDj1tqqhxV/a5wjmmFk55jEB4AmyPdqOhro0xlVxZJMSmXgZEn2OLWH9
DbwejFju+0wXTlOE7XYEXEVZCjcTupDtw7VO06GU+RnhIeKavqbUHBhV0Ar8XYaF
b6chMp9wQjC/3tLb73k4tnZK49fFW75OpEvhFePmbp+n7xGOUKD2OBc5r+AxyyQa
OyBvQMmO0lab8S23jxZEvBnB8sQFPUf2uPJK9HqisXS5EtkOuhqMgBkBrQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEvvEg58cuJQ/IxWMZO4EnOKZHaEMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvUy04U0RueHk0bEQ4akZZeGs3Z1NjNHBrZG9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQABVOKMAwD
BAAFU5kDBAAFU5owDQYJKoZIhvcNAQELBQADggEBALReaJP6CXKkZu4G+cWRU+cK
eJWqO22lyd+fpTGOBgF417+1d0afJw7opxnxKxfOkklKmKLhXn82P/vPPxjoPalz
vqiQxqbPvBjIhyRQC8uPZjJ6P3ruVA1UUFvELgAaPDHk9+EBdnfWcguLz+BgNmJ2
spIFtpopMY2DEW0bYlgB1I5Q1PiDv3pU1lBSdEoawRgXYU3FFd6YFDktAmAdaYpP
SnjcojoCz7fBCBKkZEkbYeHnF1igCbx2t3xswQ9G5kjOUV45o1OD/kWf9B2RZgLm
5cnmUfxpSFaqeEdLqiG0MeCkuRmFmI6YQhgqVqkUebdTCiz0qGjwFNAjmWFb43Y=
-----END CERTIFICATE-----
Generated at Mon Sep 23 18:04:05 2024 by rpki-client on console-ams.rpki-client.org