Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/nVsVGFvSqC_8u_eSB7k4D28-QhQ.roa
File: nVsVGFvSqC_8u_eSB7k4D28-QhQ.roa (raw, json)
Hash identifier: 7lbaBE0TlUAvjooVR3USU3rhKyL6ppXJo1rmQ4foXVg=
Subject key identifier: 9D:5B:15:18:5B:D2:A8:2F:FC:BB:F7:92:07:B9:38:0F:6F:3E:42:14
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01930546BA9989C075CF31D74FBB7E0258A5
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/nVsVGFvSqC_8u_eSB7k4D28-QhQ.roa
Signing time: Thu 07 Nov 2024 06:19:01 +0000
ROA not before: Thu 07 Nov 2024 06:19:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207252
IP address blocks: 5.83.152.0/24 maxlen: 24
77.90.12.0/24 maxlen: 24
77.90.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Nov 2024 18:25:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:05:46:ba:99:89:c0:75:cf:31:d7:4f:bb:7e:02:58:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Nov 7 06:19:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d5b15185bd2a82ffcbbf79207b9380f6f3e4214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e9:53:e1:9d:98:7c:05:49:0f:4f:ae:28:e0:
0d:ea:60:7f:c2:42:84:83:8d:cd:06:26:5e:dc:5e:
e6:ca:6c:d0:0b:67:3f:47:f6:d0:0f:d3:5f:5f:55:
7f:2b:73:7c:db:7c:f4:e7:ae:c7:88:26:54:18:44:
80:d7:af:d6:69:47:b8:71:b8:fc:5f:58:7e:16:52:
42:d9:f2:8b:de:4f:3b:be:e5:78:e7:21:16:8f:d6:
01:50:ed:a3:74:de:21:d5:16:58:4f:24:73:e1:68:
16:42:69:20:9a:54:70:bb:be:cd:01:ce:4e:af:63:
5a:09:dd:bc:de:f9:2e:4a:21:45:81:37:e2:ed:40:
da:5e:dd:42:2d:ba:7e:e3:fa:92:a0:23:c7:34:76:
80:d5:68:c0:61:91:12:61:ed:d6:7d:fa:3d:72:61:
75:99:99:cf:4e:a2:0b:8e:76:b7:f7:fa:0d:aa:45:
ea:7d:97:47:3a:db:17:10:56:10:c6:b5:d8:19:c6:
f0:aa:c8:64:80:47:e9:00:b2:01:32:53:f6:17:1d:
a6:a2:09:1c:31:0a:5a:ea:06:16:4c:32:53:7e:bb:
a4:67:6a:73:5c:1b:11:35:63:6a:a7:66:c7:eb:09:
fd:9c:78:7d:0d:24:7d:e4:48:ca:67:24:f5:eb:b4:
71:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:5B:15:18:5B:D2:A8:2F:FC:BB:F7:92:07:B9:38:0F:6F:3E:42:14
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/nVsVGFvSqC_8u_eSB7k4D28-QhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.152.0/24
77.90.12.0/24
77.90.22.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:7a:28:a0:8c:63:37:8e:c8:ec:d5:bd:04:72:ba:da:ee:38:
aa:30:08:03:24:a9:bd:8a:53:34:bd:e4:c6:34:d9:9b:65:1d:
ba:2a:fb:ad:37:e5:dc:05:6b:68:d9:b4:05:75:ad:92:48:09:
e9:25:b8:31:0e:e4:3c:cd:14:ce:96:c9:d5:e3:71:06:87:ea:
1a:3b:1f:2e:fd:b3:a7:11:cb:45:20:76:97:b3:27:a9:5b:e4:
e1:54:e8:96:08:cc:06:42:44:35:96:22:9e:ff:32:19:5a:05:
17:77:3c:68:5b:15:75:9c:ed:45:36:03:8c:2c:dd:2e:46:f5:
a7:27:06:e2:45:10:14:ec:a8:27:65:b2:76:f4:3b:64:67:f1:
e9:7f:42:02:ee:dc:fe:31:61:ab:e5:f8:1a:12:04:0e:83:1e:
30:56:85:08:6c:5b:a7:25:c4:18:63:7d:e0:3c:49:a9:c1:83:
25:c1:62:0a:14:eb:00:8b:63:e5:04:51:c3:85:7b:a8:a1:0a:
3a:a2:88:21:39:b2:91:a8:4c:a8:61:67:ba:38:b5:d2:b2:96:
a9:85:96:91:4f:05:ac:31:e7:1d:66:a3:66:eb:7b:d3:e4:f4:
c6:48:a1:07:6a:fc:42:92:28:eb:fd:b9:51:15:47:d1:58:de:
b8:53:cd:a9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZMFRrqZicB1zzHXT7t+AlilMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMTA3MDYxOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDViMTUxODViZDJhODJmZmNiYmY3OTIwN2I5MzgwZjZmM2U0MjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnulT4Z2YfAVJD0+uKOAN6mB/wkKE
g43NBiZe3F7mymzQC2c/R/bQD9NfX1V/K3N823z0567HiCZUGESA16/WaUe4cbj8
X1h+FlJC2fKL3k87vuV45yEWj9YBUO2jdN4h1RZYTyRz4WgWQmkgmlRwu77NAc5O
r2NaCd283vkuSiFFgTfi7UDaXt1CLbp+4/qSoCPHNHaA1WjAYZESYe3Wffo9cmF1
mZnPTqILjna39/oNqkXqfZdHOtsXEFYQxrXYGcbwqshkgEfpALIBMlP2Fx2mogkc
MQpa6gYWTDJTfrukZ2pzXBsRNWNqp2bH6wn9nHh9DSR95EjKZyT167Rx+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ1bFRhb0qgv/Lv3kge5OA9vPkIUMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvblZzVkdGdlNxQ184dV9lU0I3azREMjgtUWhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABVOYAwQA
TVoMAwQATVoWMA0GCSqGSIb3DQEBCwUAA4IBAQDOeiigjGM3jsjs1b0Ecrra7jiq
MAgDJKm9ilM0veTGNNmbZR26KvutN+XcBWto2bQFda2SSAnpJbgxDuQ8zRTOlsnV
43EGh+oaOx8u/bOnEctFIHaXsyepW+ThVOiWCMwGQkQ1liKe/zIZWgUXdzxoWxV1
nO1FNgOMLN0uRvWnJwbiRRAU7KgnZbJ29DtkZ/Hpf0IC7tz+MWGr5fgaEgQOgx4w
VoUIbFunJcQYY33gPEmpwYMlwWIKFOsAi2PlBFHDhXuooQo6ooghObKRqEyoYWe6
OLXSspaphZaRTwWsMecdZqNm63vT5PTGSKEHavxCkijr/blRFUfRWN64U82p
-----END CERTIFICATE-----
Generated at Tue Nov 12 19:39:14 2024 by rpki-client on console-fra.rpki-client.org