Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/v9P81wb2Dhpd_1--wFUnUws8d6I.roa
File: v9P81wb2Dhpd_1--wFUnUws8d6I.roa (raw, json)
Hash identifier: ishLQzxjnUqtxGRL5LwFH3mkcPMzO1bOlNy0d2+m7f0=
Subject key identifier: BF:D3:FC:D7:06:F6:0E:1A:5D:FF:5F:BE:C0:55:27:53:0B:3C:77:A2
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 018FF2875A1986F854560EB3A2E7DD842A91
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/v9P81wb2Dhpd_1--wFUnUws8d6I.roa
Signing time: Fri 07 Jun 2024 11:48:27 +0000
ROA not before: Fri 07 Jun 2024 11:48:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59592
IP address blocks: 5.230.206.0/24 maxlen: 32
5.230.220.0/24 maxlen: 32
5.231.87.0/24 maxlen: 32
5.231.200.0/24 maxlen: 32
77.90.20.0/24 maxlen: 24
185.13.158.0/24 maxlen: 32
Validation: Failed, certificate revoked on Mon 24 Jun 2024 11:02:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f2:87:5a:19:86:f8:54:56:0e:b3:a2:e7:dd:84:2a:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jun 7 11:48:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bfd3fcd706f60e1a5dff5fbec05527530b3c77a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:40:43:3c:24:5f:e0:ee:b6:94:56:a3:5d:67:
da:92:68:c7:fe:d8:de:d7:ec:a6:2b:0d:d3:1b:4e:
e6:a2:6d:70:d2:6d:e1:a6:a7:d0:46:b5:5a:bd:22:
0b:45:19:d8:b2:6e:54:8f:23:5f:26:46:58:5f:0e:
f9:0c:26:2a:66:c7:77:0a:4b:7d:81:a0:f2:f7:74:
6d:6e:2f:25:82:c7:b2:0f:8c:8a:02:02:47:f8:90:
55:55:2c:bb:c7:97:e0:44:c7:aa:77:9c:af:5f:94:
b7:6a:50:58:76:7e:d9:e5:73:93:c4:dc:e2:ca:79:
e0:ab:d4:d2:3c:1c:de:e9:fa:85:05:80:06:38:57:
ca:95:1c:ae:95:22:5b:fc:b9:b1:11:4b:b6:8a:38:
91:87:85:64:19:c2:38:c1:c7:f3:70:90:6d:d8:70:
db:1d:fe:c8:63:03:2f:a6:07:6d:61:ce:5c:4d:e5:
87:8e:c0:ec:75:5d:61:d0:f5:9e:0c:fa:d2:b9:a9:
e0:b2:f8:50:dd:ec:ee:7b:61:2f:ca:7c:d7:ed:df:
20:77:fb:3b:bf:22:b3:a2:a0:a2:f0:5a:37:93:b3:
07:87:1a:fe:25:aa:9c:1b:67:01:eb:f7:d2:5a:40:
af:95:f4:03:e0:da:3f:a0:e1:fa:bd:e1:a7:4c:41:
d3:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:D3:FC:D7:06:F6:0E:1A:5D:FF:5F:BE:C0:55:27:53:0B:3C:77:A2
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/v9P81wb2Dhpd_1--wFUnUws8d6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.230.206.0/24
5.230.220.0/24
5.231.87.0/24
5.231.200.0/24
77.90.20.0/24
185.13.158.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:c1:1d:1b:b5:07:f9:87:6b:81:49:c3:52:06:5c:c9:43:be:
d7:96:af:3a:7c:99:e8:ae:26:12:e6:b0:5f:58:75:a1:d6:a5:
e1:f5:2f:cc:da:fd:40:c8:1b:8d:cb:66:50:f1:db:c3:4a:04:
ea:c7:c2:d8:c5:df:b2:a7:1e:04:df:24:44:45:74:3d:f9:7d:
50:f4:58:a1:8e:9a:f7:51:bc:5f:2c:c9:0d:21:d5:1c:98:32:
57:8c:a1:60:1d:9f:e9:73:01:84:79:58:60:79:85:47:47:1a:
44:86:49:be:c9:18:eb:42:92:81:63:e9:27:f4:93:4d:d5:5b:
96:17:44:b4:7d:2b:8d:68:26:97:80:01:70:30:f8:a0:6b:d6:
45:c3:b3:5d:ba:01:bc:fa:8d:40:f0:26:f9:73:01:17:74:e4:
ee:2b:ef:43:69:db:ff:0a:08:f8:17:3c:87:ab:f2:a2:6f:fb:
a5:dd:44:bd:ea:75:66:e1:e3:48:5e:2d:e8:05:35:ed:dd:59:
27:53:71:a7:53:c7:b4:12:cb:a3:d8:88:c1:c8:82:9b:86:be:
16:b3:2e:55:64:ca:26:23:ee:5d:9e:a5:b5:e0:1d:11:89:79:
a4:93:a3:84:a2:fb:da:c8:18:34:87:30:90:7d:94:a4:31:d4:
6c:89:be:19
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY/yh1oZhvhUVg6zoufdhCqRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwNjA3MTE0ODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmQzZmNkNzA2ZjYwZTFhNWRmZjVmYmVjMDU1Mjc1MzBiM2M3N2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUBDPCRf4O62lFajXWfakmjH/tje
1+ymKw3TG07mom1w0m3hpqfQRrVavSILRRnYsm5UjyNfJkZYXw75DCYqZsd3Ckt9
gaDy93Rtbi8lgseyD4yKAgJH+JBVVSy7x5fgRMeqd5yvX5S3alBYdn7Z5XOTxNzi
ynngq9TSPBze6fqFBYAGOFfKlRyulSJb/LmxEUu2ijiRh4VkGcI4wcfzcJBt2HDb
Hf7IYwMvpgdtYc5cTeWHjsDsdV1h0PWeDPrSuangsvhQ3ezue2EvynzX7d8gd/s7
vyKzoqCi8Fo3k7MHhxr+JaqcG2cB6/fSWkCvlfQD4No/oOH6veGnTEHT/wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFL/T/NcG9g4aXf9fvsBVJ1MLPHeiMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvdjlQODF3YjJEaHBkXzEtLXdGVW5Vd3M4ZDZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABebOAwQA
BebcAwQABedXAwQABefIAwQATVoUAwQAuQ2eMA0GCSqGSIb3DQEBCwUAA4IBAQCN
wR0btQf5h2uBScNSBlzJQ77Xlq86fJnoriYS5rBfWHWh1qXh9S/M2v1AyBuNy2ZQ
8dvDSgTqx8LYxd+ypx4E3yRERXQ9+X1Q9Fihjpr3UbxfLMkNIdUcmDJXjKFgHZ/p
cwGEeVhgeYVHRxpEhkm+yRjrQpKBY+kn9JNN1VuWF0S0fSuNaCaXgAFwMPiga9ZF
w7NdugG8+o1A8Cb5cwEXdOTuK+9Dadv/Cgj4FzyHq/Kib/ul3US96nVm4eNIXi3o
BTXt3VknU3GnU8e0Esuj2IjByIKbhr4Wsy5VZMomI+5dnqW14B0RiXmkk6OEovva
yBg0hzCQfZSkMdRsib4Z
-----END CERTIFICATE-----
Generated at Mon Jun 24 16:22:17 2024 by rpki-client on console-ams.rpki-client.org