Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/f9ANZ5vA0FzZg-rqu9_bsSqP5oQ.roa
File: f9ANZ5vA0FzZg-rqu9_bsSqP5oQ.roa (raw, json)
Hash identifier: g9BnSr049gYtHRs/+W68Nu8hBCz6gPoLCl3bnrk+xs4=
Subject key identifier: 7F:D0:0D:67:9B:C0:D0:5C:D9:83:EA:EA:BB:DF:DB:B1:2A:8F:E6:84
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0193C012DFB305B80F21C743E286BAC6DBD7
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/f9ANZ5vA0FzZg-rqu9_bsSqP5oQ.roa
Signing time: Fri 13 Dec 2024 12:51:22 +0000
ROA not before: Fri 13 Dec 2024 12:51:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
5.175.138.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.103.163.0/24 maxlen: 24
94.249.138.0/24 maxlen: 24
94.249.148.0/24 maxlen: 24
94.249.153.0/24 maxlen: 24
94.249.212.0/24 maxlen: 24
94.249.237.0/24 maxlen: 24
95.215.32.0/24 maxlen: 24
185.47.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Dec 2024 05:15:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c0:12:df:b3:05:b8:0f:21:c7:43:e2:86:ba:c6:db:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Dec 13 12:51:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7fd00d679bc0d05cd983eaeabbdfdbb12a8fe684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:39:02:a5:14:51:13:25:70:a3:70:d5:c4:49:
83:60:16:28:66:4d:dc:da:bf:ee:15:a3:51:4d:be:
77:04:19:43:4d:12:ac:7e:ed:1b:9d:2d:17:bf:0d:
98:29:f4:3e:df:ce:a4:d1:a3:09:e7:36:e7:b9:52:
0e:fa:39:a0:48:49:aa:91:44:f5:8b:35:d4:c8:f9:
d0:26:61:52:02:c8:ea:fc:51:69:36:4f:fb:ff:1e:
27:e0:58:26:70:56:55:4f:e6:9c:ad:9e:26:c1:14:
95:d6:01:31:87:0c:8a:e6:2c:94:46:d6:7a:5d:77:
db:fd:1f:9a:45:e1:63:89:47:64:70:dd:0e:5d:8f:
c2:36:77:c7:bf:3f:f1:23:22:cb:f5:ca:ca:13:41:
02:fa:06:08:0a:5e:60:1a:c3:62:74:a0:4c:d1:b6:
e1:e4:16:51:8d:5b:cd:3d:30:22:4f:71:59:c1:f0:
5f:5c:39:0c:ed:e1:48:4b:42:b4:89:db:ed:d4:34:
77:3d:32:ca:5f:b6:77:08:9c:49:bb:ca:f0:40:90:
40:b1:7b:5b:e0:27:87:4e:35:cf:c8:27:e8:a2:9c:
82:35:9c:69:fa:4a:df:4f:58:b3:5f:c3:f9:f9:27:
1c:6b:99:a8:4c:79:71:01:e0:5c:1e:28:f2:5e:49:
a6:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:D0:0D:67:9B:C0:D0:5C:D9:83:EA:EA:BB:DF:DB:B1:2A:8F:E6:84
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/f9ANZ5vA0FzZg-rqu9_bsSqP5oQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
5.175.138.0/24
77.90.54.0/24
87.239.131.0/24
94.103.163.0/24
94.249.138.0/24
94.249.148.0/24
94.249.153.0/24
94.249.212.0/24
94.249.237.0/24
95.215.32.0/24
185.47.143.0/24
Signature Algorithm: sha256WithRSAEncryption
e7:0c:70:5c:e0:00:d6:9d:d5:36:a8:48:b5:c6:23:ac:c5:7d:
0d:bd:5d:3f:32:36:5f:dd:9a:31:9c:1e:ae:dc:34:f8:99:6a:
72:e7:7f:55:bb:bf:26:2a:14:84:d7:36:82:4c:e7:d8:d4:be:
84:81:dc:6c:9a:7d:e8:36:80:a2:99:bb:01:89:9e:4d:a5:60:
e3:b9:06:df:fb:48:03:5c:fc:61:38:f7:ca:ac:c4:94:3f:a9:
95:86:bf:49:e9:4a:d7:4d:d6:41:f5:c8:93:5a:1d:41:41:fd:
13:e1:2f:4f:52:30:7a:fe:70:db:c1:f3:de:31:50:17:d4:bd:
70:63:4b:61:1e:1d:a7:36:e1:60:c0:a8:3f:aa:2b:0d:9c:1f:
30:31:65:47:0f:8e:81:e2:ac:80:06:3a:27:8b:98:5b:6b:db:
ce:9c:2c:44:85:0b:8c:ce:ff:71:df:c9:db:37:28:f3:ea:d5:
ae:f5:2b:ae:71:74:ff:9d:ab:c9:e9:c9:bd:b4:7e:c6:d5:75:
0a:95:c1:69:60:c7:c7:73:e0:bf:12:fa:40:a3:8e:35:ce:d9:
5b:a3:d0:23:02:40:da:b1:54:ef:f8:fd:d8:ad:d4:0b:80:40:
5c:37:1e:2c:a8:48:1e:d2:3b:9d:35:af:8a:46:9b:c3:31:96:
3d:69:31:c7
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZPAEt+zBbgPIcdD4oa6xtvXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMjEzMTI1MTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmQwMGQ2NzliYzBkMDVjZDk4M2VhZWFiYmRmZGJiMTJhOGZlNjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTkCpRRREyVwo3DVxEmDYBYoZk3c
2r/uFaNRTb53BBlDTRKsfu0bnS0Xvw2YKfQ+386k0aMJ5zbnuVIO+jmgSEmqkUT1
izXUyPnQJmFSAsjq/FFpNk/7/x4n4FgmcFZVT+acrZ4mwRSV1gExhwyK5iyURtZ6
XXfb/R+aReFjiUdkcN0OXY/CNnfHvz/xIyLL9crKE0EC+gYICl5gGsNidKBM0bbh
5BZRjVvNPTAiT3FZwfBfXDkM7eFIS0K0idvt1DR3PTLKX7Z3CJxJu8rwQJBAsXtb
4CeHTjXPyCfoopyCNZxp+krfT1izX8P5+Scca5moTHlxAeBcHijyXkmm8QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFH/QDWebwNBc2YPq6rvf27Eqj+aEMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvZjlBTlo1dkEwRnpaZy1ycXU5X2JzU3FQNW9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQABVOBAwQA
Ba+KAwQATVo2AwQAV++DAwQAXmejAwQAXvmKAwQAXvmUAwQAXvmZAwQAXvnUAwQA
XvntAwQAX9cgAwQAuS+PMA0GCSqGSIb3DQEBCwUAA4IBAQDnDHBc4ADWndU2qEi1
xiOsxX0NvV0/MjZf3ZoxnB6u3DT4mWpy539Vu78mKhSE1zaCTOfY1L6Egdxsmn3o
NoCimbsBiZ5NpWDjuQbf+0gDXPxhOPfKrMSUP6mVhr9J6UrXTdZB9ciTWh1BQf0T
4S9PUjB6/nDbwfPeMVAX1L1wY0thHh2nNuFgwKg/qisNnB8wMWVHD46B4qyABjon
i5hba9vOnCxEhQuMzv9x38nbNyjz6tWu9SuucXT/navJ6cm9tH7G1XUKlcFpYMfH
c+C/EvpAo441ztlbo9AjAkDasVTv+P3YrdQLgEBcNx4sqEge0judNa+KRpvDMZY9
aTHH
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:23:04 2025 by rpki-client