Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/xRytHvgycsGm9gsXOiajoJ1kVQU.roa
File: xRytHvgycsGm9gsXOiajoJ1kVQU.roa (raw, json)
Hash identifier: bogd6gGgnRF24NhLt2jKLLNq5z/OHCnC+DxVPH3ak4c=
Subject key identifier: C5:1C:AD:1E:F8:32:72:C1:A6:F6:0B:17:3A:26:A3:A0:9D:64:55:05
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0192CC2655DF03D4F345A4ADD28986B76642
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/xRytHvgycsGm9gsXOiajoJ1kVQU.roa
Signing time: Sun 27 Oct 2024 04:05:17 +0000
ROA not before: Sun 27 Oct 2024 04:05:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214347
IP address blocks: 5.83.138.0/24 maxlen: 24
5.83.153.0/24 maxlen: 24
5.83.154.0/24 maxlen: 24
77.90.44.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Nov 2024 14:31:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:cc:26:55:df:03:d4:f3:45:a4:ad:d2:89:86:b7:66:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Oct 27 04:05:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c51cad1ef83272c1a6f60b173a26a3a09d645505
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:97:1d:a3:52:e4:aa:8c:45:f5:b5:7e:97:9d:
b1:61:e5:12:be:1d:2e:0b:12:b5:db:cd:75:a0:1a:
cc:09:34:99:cd:4e:d5:fd:84:dc:d8:63:6c:3d:1c:
89:56:b1:f7:db:03:6d:ee:4b:85:e2:e9:b4:55:44:
c2:9d:4d:1d:20:96:b9:fe:35:a1:23:a6:f8:3c:fc:
ab:7c:32:66:3d:21:1d:31:27:c1:69:8c:61:d0:3b:
13:9c:63:e8:cc:c8:95:d7:e7:68:ce:06:f5:dd:30:
bf:13:46:96:4b:fb:55:46:78:25:9c:13:09:42:66:
1c:24:d1:98:4c:73:02:c4:2a:54:a5:aa:d8:8a:1e:
95:f7:6b:e8:3c:93:23:68:58:40:82:ee:19:59:56:
7c:64:40:0b:4b:e9:48:b4:83:9a:d4:1c:a6:1e:3e:
34:4b:98:5a:ed:e7:d7:5a:cd:a3:33:27:50:c0:b3:
92:31:b6:e7:e0:7f:7c:ae:ab:78:5c:b1:ed:b5:66:
72:51:33:ff:3c:c5:b4:66:50:e6:f5:40:dc:1d:23:
d7:e0:05:f8:6c:ad:2a:35:59:4c:54:6e:9b:46:ff:
6c:c4:77:f1:a9:d9:ee:fc:9d:93:46:26:c0:ff:17:
3c:88:0e:59:15:b4:7e:62:bb:4a:eb:ba:28:34:8e:
8c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:1C:AD:1E:F8:32:72:C1:A6:F6:0B:17:3A:26:A3:A0:9D:64:55:05
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/xRytHvgycsGm9gsXOiajoJ1kVQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.138.0/24
5.83.153.0-5.83.154.255
77.90.44.0/24
Signature Algorithm: sha256WithRSAEncryption
53:d7:1d:bf:5e:d5:70:1e:f1:e3:49:08:8b:74:b2:72:69:b6:
e2:6a:6b:c3:eb:d4:41:a9:d1:75:96:16:af:95:90:95:32:cb:
a8:7b:d9:7a:e3:e6:b4:39:69:63:af:0f:25:56:e6:dd:67:2a:
76:15:7b:ce:9a:6e:18:c2:d2:90:f4:d3:c0:dd:fb:48:74:84:
90:fd:bc:f9:9c:ac:3d:b9:e6:c2:da:73:d4:af:05:50:11:30:
f8:f2:47:ff:f7:eb:15:a6:45:66:2e:f2:78:68:73:44:5d:db:
71:fc:93:25:a0:9f:14:a2:b1:17:be:ac:d0:c1:86:7c:1a:87:
ea:26:11:df:99:39:a0:ac:03:a6:d4:f8:e0:0a:35:96:78:40:
42:c4:c6:70:ed:70:4b:ff:29:63:f3:9a:b8:2a:0c:8c:dd:49:
f3:0e:ba:5e:07:e6:e1:19:08:06:5e:1e:d5:16:b6:01:f3:4a:
f2:9f:87:4a:79:e7:c1:6f:ad:0b:86:36:81:30:ad:ed:99:8d:
ad:be:37:83:8c:7a:3f:01:f1:37:5b:b8:c6:15:94:59:9f:fb:
ef:37:f7:33:46:73:32:8d:b8:3f:7f:a1:db:7f:99:45:5f:83:
bc:44:99:fe:64:2d:ed:6a:80:41:44:9e:f7:dd:f1:29:ce:90:
c6:2a:4c:9a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZLMJlXfA9TzRaSt0omGt2ZCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMDI3MDQwNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTFjYWQxZWY4MzI3MmMxYTZmNjBiMTczYTI2YTNhMDlkNjQ1NTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpcdo1LkqoxF9bV+l52xYeUSvh0u
CxK12811oBrMCTSZzU7V/YTc2GNsPRyJVrH32wNt7kuF4um0VUTCnU0dIJa5/jWh
I6b4PPyrfDJmPSEdMSfBaYxh0DsTnGPozMiV1+dozgb13TC/E0aWS/tVRnglnBMJ
QmYcJNGYTHMCxCpUparYih6V92voPJMjaFhAgu4ZWVZ8ZEALS+lItIOa1BymHj40
S5ha7efXWs2jMydQwLOSMbbn4H98rqt4XLHttWZyUTP/PMW0ZlDm9UDcHSPX4AX4
bK0qNVlMVG6bRv9sxHfxqdnu/J2TRibA/xc8iA5ZFbR+YrtK67ooNI6M5QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMUcrR74MnLBpvYLFzomo6CdZFUFMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEveFJ5dEh2Z3ljc0dtOWdzWE9pYWpvSjFrVlFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQABVOKMAwD
BAAFU5kDBAAFU5oDBABNWiwwDQYJKoZIhvcNAQELBQADggEBAFPXHb9e1XAe8eNJ
CIt0snJptuJqa8Pr1EGp0XWWFq+VkJUyy6h72Xrj5rQ5aWOvDyVW5t1nKnYVe86a
bhjC0pD008Dd+0h0hJD9vPmcrD255sLac9SvBVARMPjyR//36xWmRWYu8nhoc0Rd
23H8kyWgnxSisRe+rNDBhnwah+omEd+ZOaCsA6bU+OAKNZZ4QELExnDtcEv/KWPz
mrgqDIzdSfMOul4H5uEZCAZeHtUWtgHzSvKfh0p558FvrQuGNoEwre2Zja2+N4OM
ej8B8TdbuMYVlFmf++839zNGczKNuD9/odt/mUVfg7xEmf5kLe1qgEFEnvfd8SnO
kMYqTJo=
-----END CERTIFICATE-----
Generated at Wed Nov 6 17:42:04 2024 by rpki-client on console-ams.rpki-client.org