Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/W1bfd7fMXUWKfshivKOJtX2l1uA.roa
File: W1bfd7fMXUWKfshivKOJtX2l1uA.roa (raw, json)
Hash identifier: GjXoQfcTJKMf3XFFuehrjOpyw8rnIrdowv6fCkAzEFk=
Subject key identifier: 5B:56:DF:77:B7:CC:5D:45:8A:7E:C8:62:BC:A3:89:B5:7D:A5:D6:E0
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019422200D56AE657F6FBC521D1F5A5A34AC
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/W1bfd7fMXUWKfshivKOJtX2l1uA.roa
Signing time: Wed 01 Jan 2025 13:48:33 +0000
ROA not before: Wed 01 Jan 2025 13:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207252
IP address blocks: 5.83.152.0/24 maxlen: 24
5.231.29.0/24 maxlen: 24
77.90.12.0/24 maxlen: 24
77.90.22.0/24 maxlen: 24
77.90.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 12:14:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:0d:56:ae:65:7f:6f:bc:52:1d:1f:5a:5a:34:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jan 1 13:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b56df77b7cc5d458a7ec862bca389b57da5d6e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:45:f6:e3:e0:af:2e:ac:d8:56:e4:58:78:4f:
0f:d0:d9:52:56:3d:24:6e:8d:ab:85:89:34:2c:5e:
4e:9b:a4:ef:af:c2:77:f1:5d:bc:6b:e8:a0:7d:94:
10:5d:c5:59:5e:73:4a:46:38:3d:b6:71:7e:f9:b8:
48:18:3e:23:9a:2d:e6:42:38:e7:a6:e2:9e:b0:97:
47:a2:da:0e:71:ea:c8:34:dd:53:c3:c8:74:4d:fa:
74:80:45:ed:5d:f0:c7:15:52:9d:24:04:5c:41:e8:
a4:dd:6c:ad:81:bd:25:19:8c:ca:3b:79:10:19:1a:
46:45:8e:0f:16:20:39:ed:27:05:f9:2f:52:61:45:
20:1d:8f:e0:6c:95:53:60:f5:af:18:ef:85:a4:72:
35:64:38:c9:ea:f1:3c:e0:7e:5a:9a:2e:7a:cb:97:
c6:09:f5:e3:c8:1a:01:ba:5b:7c:23:97:91:f1:72:
8c:4e:c5:13:f9:bc:f5:cb:f3:03:60:7e:55:ea:0b:
c0:c8:88:51:82:a4:53:42:6c:fb:26:ce:4f:82:c3:
88:76:3a:8c:4f:9b:0d:ef:5a:e5:07:df:fc:21:f2:
a9:1b:1e:98:6c:f8:c3:79:4e:c5:8e:08:0e:e4:2a:
a7:85:71:d1:07:bc:e9:6d:23:bf:01:8e:bb:b7:03:
eb:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:56:DF:77:B7:CC:5D:45:8A:7E:C8:62:BC:A3:89:B5:7D:A5:D6:E0
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/W1bfd7fMXUWKfshivKOJtX2l1uA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.152.0/24
5.231.29.0/24
77.90.12.0/24
77.90.22.0/24
77.90.42.0/24
Signature Algorithm: sha256WithRSAEncryption
43:ca:58:7d:08:57:f7:86:67:e3:1c:6c:cb:5b:ee:63:08:b2:
26:d3:61:91:1b:f5:1d:21:f0:63:e5:fa:60:99:7d:66:40:88:
5d:3d:9a:e6:a1:58:d6:d6:0e:a8:53:8e:c4:f9:0f:0b:af:dc:
6d:9a:ab:dc:ad:05:37:af:9b:12:53:90:95:bf:79:2f:51:1b:
da:d1:3e:c3:bd:3a:a6:36:b4:22:48:ee:89:a4:95:93:13:48:
01:e8:3f:ca:dc:7c:fd:cc:15:e5:9e:28:fd:e8:38:24:f5:34:
4d:6b:bf:10:bd:64:11:41:c7:b1:ec:ab:5c:73:67:1f:e8:35:
f3:91:35:ab:6d:b7:3f:30:5b:37:be:21:06:35:7e:c4:f2:b4:
24:02:df:ab:56:26:84:a7:72:dc:54:0a:1d:ff:4b:8f:b4:4a:
6a:68:ae:40:2b:6b:59:77:66:a2:ad:fd:17:fe:d2:48:e4:43:
6e:09:7c:15:7d:f8:15:d7:77:2c:6d:15:fe:d0:af:75:83:28:
da:5a:3c:11:9a:3e:02:84:32:cb:31:0e:fc:f8:fc:88:7a:88:
a2:2f:8b:aa:be:4c:fe:d4:6d:cc:26:61:ad:b7:c0:f1:6e:24:
b3:74:01:cc:a7:28:2d:08:ea:19:10:d1:7c:bd:10:2a:44:7f:
6b:07:31:24
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQiIA1WrmV/b7xSHR9aWjSsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMTAxMTM0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjU2ZGY3N2I3Y2M1ZDQ1OGE3ZWM4NjJiY2EzODliNTdkYTVkNmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkX24+CvLqzYVuRYeE8P0NlSVj0k
bo2rhYk0LF5Om6Tvr8J38V28a+igfZQQXcVZXnNKRjg9tnF++bhIGD4jmi3mQjjn
puKesJdHotoOcerINN1Tw8h0Tfp0gEXtXfDHFVKdJARcQeik3Wytgb0lGYzKO3kQ
GRpGRY4PFiA57ScF+S9SYUUgHY/gbJVTYPWvGO+FpHI1ZDjJ6vE84H5ami56y5fG
CfXjyBoBult8I5eR8XKMTsUT+bz1y/MDYH5V6gvAyIhRgqRTQmz7Js5PgsOIdjqM
T5sN71rlB9/8IfKpGx6YbPjDeU7FjggO5CqnhXHRB7zpbSO/AY67twPrHQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFtW33e3zF1Fin7IYryjibV9pdbgMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvVzFiZmQ3Zk1YVVdLZnNoaXZLT0p0WDJsMXVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABVOYAwQA
BecdAwQATVoMAwQATVoWAwQATVoqMA0GCSqGSIb3DQEBCwUAA4IBAQBDylh9CFf3
hmfjHGzLW+5jCLIm02GRG/UdIfBj5fpgmX1mQIhdPZrmoVjW1g6oU47E+Q8Lr9xt
mqvcrQU3r5sSU5CVv3kvURva0T7DvTqmNrQiSO6JpJWTE0gB6D/K3Hz9zBXlnij9
6Dgk9TRNa78QvWQRQcex7Ktcc2cf6DXzkTWrbbc/MFs3viEGNX7E8rQkAt+rViaE
p3LcVAod/0uPtEpqaK5AK2tZd2airf0X/tJI5ENuCXwVffgV13csbRX+0K91gyja
WjwRmj4ChDLLMQ78+PyIeoiiL4uqvkz+1G3MJmGtt8DxbiSzdAHMpygtCOoZENF8
vRAqRH9rBzEk
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:15:59 2025 by rpki-client