Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/YDg5oX58m8I4NV4e2oRGD-M0Zuw.roa
File: YDg5oX58m8I4NV4e2oRGD-M0Zuw.roa (raw, json)
Hash identifier: 1wDxauFSKTXpPepQIQi64EriOjt9B7IsFUJj10R0spI=
Subject key identifier: 60:38:39:A1:7E:7C:9B:C2:38:35:5E:1E:DA:84:46:0F:E3:34:66:EC
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019224520A6B23CE980A5F53EE2204BB252B
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/YDg5oX58m8I4NV4e2oRGD-M0Zuw.roa
Signing time: Tue 24 Sep 2024 13:56:49 +0000
ROA not before: Tue 24 Sep 2024 13:56:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
85.118.162.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.249.138.0/24 maxlen: 24
94.249.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 06 Oct 2024 04:08:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:24:52:0a:6b:23:ce:98:0a:5f:53:ee:22:04:bb:25:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Sep 24 13:56:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=603839a17e7c9bc238355e1eda84460fe33466ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:df:fb:a0:ad:30:17:b5:72:d8:c1:40:83:fa:
a2:f7:36:aa:e2:4f:46:0c:b6:23:a4:09:4f:f3:80:
ff:1b:b3:47:84:58:f0:59:45:15:99:06:60:bd:f1:
83:b9:81:b2:24:84:24:b4:d0:b5:b7:23:40:22:7c:
5c:d5:35:33:b8:30:78:12:f7:ed:33:21:2b:cd:24:
a3:1d:97:42:04:c2:55:c8:84:bd:b0:fa:2b:e6:06:
ef:9c:50:ba:10:d6:7e:58:b5:aa:1b:d7:4a:1f:a7:
1f:73:23:1e:1c:3c:09:d2:fc:1d:e2:14:9d:4d:ad:
e6:07:30:f3:5c:70:f5:59:81:66:6d:81:81:5f:20:
70:51:5e:cc:2f:c4:ec:67:a4:4a:ca:43:82:62:5c:
89:06:07:6f:ed:04:ae:ab:fb:66:0d:31:52:54:0b:
e2:e7:2e:5d:65:b1:42:ca:20:bb:0a:83:b9:41:be:
a7:2d:b9:4c:86:e2:01:f2:d0:6b:91:8e:7b:3f:35:
5d:27:45:53:2d:9c:fe:d0:d6:2e:12:58:fc:51:93:
3d:ab:e9:c8:36:d9:1c:80:e7:79:18:7c:8f:c9:b8:
6c:15:08:80:8a:2e:b5:31:45:84:92:76:12:ba:b0:
38:c8:51:0e:12:6e:36:78:77:27:f0:4b:c9:7e:d6:
96:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:38:39:A1:7E:7C:9B:C2:38:35:5E:1E:DA:84:46:0F:E3:34:66:EC
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/YDg5oX58m8I4NV4e2oRGD-M0Zuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
77.90.54.0/24
85.118.162.0/24
87.239.131.0/24
94.249.138.0/24
94.249.148.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:14:c1:67:36:e7:52:63:79:8d:27:06:a9:93:92:9c:33:99:
3f:9e:fb:a6:bf:52:cb:5b:ec:ef:eb:ea:c4:ba:8f:34:ef:94:
f6:ab:85:ec:56:80:22:a7:3f:a3:10:3b:9f:44:64:4d:67:dc:
77:ea:8e:68:3c:f9:6e:ee:d3:8b:14:27:4d:c1:df:20:64:83:
9c:71:79:c0:a9:35:2a:a6:93:41:f3:19:30:a0:7a:e8:66:5d:
ba:44:25:5d:80:60:de:ea:14:40:a6:d7:66:d6:2c:6b:42:66:
c3:05:6b:66:d0:7e:91:1c:b2:26:e9:dd:33:ff:c7:94:c1:0b:
9a:bf:fa:2e:70:c0:0e:1f:9f:6a:37:e3:d2:61:ce:3f:37:f8:
44:dc:50:d9:47:f7:04:3f:b8:02:c7:b6:90:a4:22:c4:67:48:
e8:16:c4:af:c9:d2:1e:3c:7b:5e:10:19:1f:0c:99:11:52:d8:
f9:1e:77:75:8d:05:4a:9b:a9:74:17:75:e1:86:c7:eb:0f:34:
f1:f3:e6:80:fe:3f:1b:cc:aa:49:28:86:64:07:6b:7a:28:f0:
13:22:78:59:b3:0b:10:9f:de:6e:c9:7f:99:14:14:07:2e:ce:
f1:03:f0:2d:22:3f:8c:14:1e:61:2e:74:1f:b7:c0:36:b0:8c:
7f:a2:c9:54
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZIkUgprI86YCl9T7iIEuyUrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwOTI0MTM1NjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDM4MzlhMTdlN2M5YmMyMzgzNTVlMWVkYTg0NDYwZmUzMzQ2NmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApt/7oK0wF7Vy2MFAg/qi9zaq4k9G
DLYjpAlP84D/G7NHhFjwWUUVmQZgvfGDuYGyJIQktNC1tyNAInxc1TUzuDB4Evft
MyErzSSjHZdCBMJVyIS9sPor5gbvnFC6ENZ+WLWqG9dKH6cfcyMeHDwJ0vwd4hSd
Ta3mBzDzXHD1WYFmbYGBXyBwUV7ML8TsZ6RKykOCYlyJBgdv7QSuq/tmDTFSVAvi
5y5dZbFCyiC7CoO5Qb6nLblMhuIB8tBrkY57PzVdJ0VTLZz+0NYuElj8UZM9q+nI
NtkcgOd5GHyPybhsFQiAii61MUWEknYSurA4yFEOEm42eHcn8EvJftaWOQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGA4OaF+fJvCODVeHtqERg/jNGbsMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvWURnNW9YNThtOEk0TlY0ZTJvUkdELU0wWnV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABVOBAwQA
TVo2AwQAVXaiAwQAV++DAwQAXvmKAwQAXvmUMA0GCSqGSIb3DQEBCwUAA4IBAQDS
FMFnNudSY3mNJwapk5KcM5k/nvumv1LLW+zv6+rEuo8075T2q4XsVoAipz+jEDuf
RGRNZ9x36o5oPPlu7tOLFCdNwd8gZIOccXnAqTUqppNB8xkwoHroZl26RCVdgGDe
6hRAptdm1ixrQmbDBWtm0H6RHLIm6d0z/8eUwQuav/oucMAOH59qN+PSYc4/N/hE
3FDZR/cEP7gCx7aQpCLEZ0joFsSvydIePHteEBkfDJkRUtj5Hnd1jQVKm6l0F3Xh
hsfrDzTx8+aA/j8bzKpJKIZkB2t6KPATInhZswsQn95uyX+ZFBQHLs7xA/AtIj+M
FB5hLnQft8A2sIx/oslU
-----END CERTIFICATE-----
Generated at Sun Oct 6 07:31:24 2024 by rpki-client on console-ams.rpki-client.org