Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/TPoEQ2hfLjzQCYf6USK6bhPBfm8.roa
File: TPoEQ2hfLjzQCYf6USK6bhPBfm8.roa (raw, json)
Hash identifier: eX7t/+wrFwbZY6o2oiyKTp0zimsWUHuvACVkGzT+DLA=
Subject key identifier: 4C:FA:04:43:68:5F:2E:3C:D0:09:87:FA:51:22:BA:6E:13:C1:7E:6F
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019049E9735DBCE6390FBDB3468217CAB7FE
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/TPoEQ2hfLjzQCYf6USK6bhPBfm8.roa
Signing time: Mon 24 Jun 2024 11:02:34 +0000
ROA not before: Mon 24 Jun 2024 11:02:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59592
IP address blocks: 5.83.157.0/24 maxlen: 24
5.230.206.0/24 maxlen: 32
5.230.220.0/24 maxlen: 32
5.231.87.0/24 maxlen: 32
5.231.200.0/24 maxlen: 32
77.90.20.0/24 maxlen: 24
185.13.158.0/24 maxlen: 32
Validation: Failed, certificate revoked on Mon 24 Jun 2024 13:20:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:49:e9:73:5d:bc:e6:39:0f:bd:b3:46:82:17:ca:b7:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jun 24 11:02:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cfa0443685f2e3cd00987fa5122ba6e13c17e6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:53:0f:f3:0f:d9:43:03:6e:8d:37:24:f4:65:
d7:06:68:88:7d:7c:6d:99:71:e0:90:12:18:fe:64:
6f:02:7b:a2:b0:18:e0:0d:5f:54:ba:4f:8e:fe:bc:
9d:2b:70:d3:43:c2:5f:63:0c:9e:ac:5c:16:39:e8:
67:c0:03:10:58:e8:46:31:ef:89:1d:4a:6e:15:91:
7d:98:04:6d:a6:e8:3c:dc:cb:78:9e:89:35:eb:bb:
f1:c3:c5:5f:ae:cf:e0:7a:39:60:1d:02:2f:33:08:
cc:4d:cd:22:50:03:7a:02:87:83:85:d9:ac:3f:5f:
59:52:65:5a:ac:2a:98:eb:b5:8a:57:9f:4e:fb:ff:
13:f6:1a:4f:f2:9e:ed:09:69:d6:cf:50:6a:1f:a7:
5f:e9:8e:b1:ec:e9:c6:15:67:ae:ce:38:b6:d3:69:
bc:a9:d1:7c:b3:5c:32:c3:11:64:9a:4e:c2:65:52:
ff:ed:da:57:ee:ec:a5:77:19:38:f9:10:92:56:fe:
cd:45:30:b3:b0:ea:ef:b9:90:01:66:84:94:be:c2:
82:b4:78:a2:f3:3f:a7:e0:d2:c8:1e:05:cb:bd:64:
1b:6c:10:cb:42:f0:53:1b:c8:80:11:5b:9b:89:9e:
33:86:67:1b:dc:28:56:c6:dd:e0:b5:fa:a4:82:f2:
09:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:FA:04:43:68:5F:2E:3C:D0:09:87:FA:51:22:BA:6E:13:C1:7E:6F
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/TPoEQ2hfLjzQCYf6USK6bhPBfm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.157.0/24
5.230.206.0/24
5.230.220.0/24
5.231.87.0/24
5.231.200.0/24
77.90.20.0/24
185.13.158.0/24
Signature Algorithm: sha256WithRSAEncryption
e1:ea:da:52:15:f4:0c:78:64:3a:d1:f5:00:c1:ac:c7:1d:09:
2f:8c:92:87:2a:10:cc:d0:b6:f7:8c:51:33:fc:d7:d9:d4:11:
70:52:94:11:c9:c9:32:9a:b1:1b:88:7e:18:cd:18:ba:d8:bb:
a9:37:39:be:9e:ee:d2:37:f6:d8:ca:5f:16:9b:97:3a:6a:5c:
d7:7a:72:b8:42:fd:74:67:fc:4f:9b:fc:80:0a:6c:4d:c5:c7:
63:13:a0:90:c4:8b:3c:98:a0:f5:c5:3c:e9:d0:81:f9:b5:35:
e1:0a:96:b8:57:8f:d6:61:e4:66:48:13:b7:10:ed:91:45:d1:
5c:4a:ba:64:83:e4:47:a9:fa:0b:d1:de:b3:7a:f2:f0:70:08:
ef:ec:da:d3:e6:1e:f9:72:6c:60:01:bc:fb:38:b5:82:2f:85:
ea:c0:2e:8c:36:10:93:48:0f:94:67:43:93:25:a3:88:51:4b:
89:4d:5e:5a:28:f7:f7:05:d5:0f:01:c4:f6:07:0d:a3:72:a0:
f7:bd:ef:1b:b5:9b:a3:29:4d:5c:27:2f:fa:42:9e:d0:11:cc:
19:58:6e:12:b9:ba:fa:7c:fe:22:2f:b1:e6:ad:a2:f7:41:dc:
9d:39:04:16:53:d5:4a:55:ea:e7:63:93:53:ef:b4:e7:00:1c:
7a:a0:63:61
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZBJ6XNdvOY5D72zRoIXyrf+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwNjI0MTEwMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2ZhMDQ0MzY4NWYyZTNjZDAwOTg3ZmE1MTIyYmE2ZTEzYzE3ZTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFMP8w/ZQwNujTck9GXXBmiIfXxt
mXHgkBIY/mRvAnuisBjgDV9Uuk+O/rydK3DTQ8JfYwyerFwWOehnwAMQWOhGMe+J
HUpuFZF9mARtpug83Mt4nok167vxw8Vfrs/gejlgHQIvMwjMTc0iUAN6AoeDhdms
P19ZUmVarCqY67WKV59O+/8T9hpP8p7tCWnWz1BqH6df6Y6x7OnGFWeuzji202m8
qdF8s1wywxFkmk7CZVL/7dpX7uyldxk4+RCSVv7NRTCzsOrvuZABZoSUvsKCtHii
8z+n4NLIHgXLvWQbbBDLQvBTG8iAEVubiZ4zhmcb3ChWxt3gtfqkgvIJtQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEz6BENoXy480AmH+lEium4TwX5vMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvVFBvRVEyaGZManpRQ1lmNlVTSzZiaFBCZm04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABVOdAwQA
BebOAwQABebcAwQABedXAwQABefIAwQATVoUAwQAuQ2eMA0GCSqGSIb3DQEBCwUA
A4IBAQDh6tpSFfQMeGQ60fUAwazHHQkvjJKHKhDM0Lb3jFEz/NfZ1BFwUpQRycky
mrEbiH4YzRi62LupNzm+nu7SN/bYyl8Wm5c6alzXenK4Qv10Z/xPm/yACmxNxcdj
E6CQxIs8mKD1xTzp0IH5tTXhCpa4V4/WYeRmSBO3EO2RRdFcSrpkg+RHqfoL0d6z
evLwcAjv7NrT5h75cmxgAbz7OLWCL4XqwC6MNhCTSA+UZ0OTJaOIUUuJTV5aKPf3
BdUPAcT2Bw2jcqD3ve8btZujKU1cJy/6Qp7QEcwZWG4Subr6fP4iL7HmraL3Qdyd
OQQWU9VKVernY5NT77TnABx6oGNh
-----END CERTIFICATE-----
Generated at Mon Jun 24 17:46:38 2024 by rpki-client on console-fra.rpki-client.org