Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/xdmHEHDaiFqWVcppOpudGJWx80w.roa
File: xdmHEHDaiFqWVcppOpudGJWx80w.roa (raw, json)
Hash identifier: o+y5PKI0475AsqrK8k1yLb4VZu3VDHtYLL5xtkDgDBs=
Subject key identifier: C5:D9:87:10:70:DA:88:5A:96:55:CA:69:3A:9B:9D:18:95:B1:F3:4C
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019319A3BE14DACAF423C1D0EB9B85E4DB45
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/xdmHEHDaiFqWVcppOpudGJWx80w.roa
Signing time: Mon 11 Nov 2024 05:13:01 +0000
ROA not before: Mon 11 Nov 2024 05:13:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
85.118.162.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.249.138.0/24 maxlen: 24
94.249.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Nov 2024 22:12:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:19:a3:be:14:da:ca:f4:23:c1:d0:eb:9b:85:e4:db:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Nov 11 05:13:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5d9871070da885a9655ca693a9b9d1895b1f34c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:22:92:b1:de:2d:bf:fb:13:18:11:71:c5:6c:
f2:4c:a6:da:b5:bf:86:d1:80:f7:6f:be:7d:3f:55:
b5:d9:46:00:66:5f:44:0d:11:fe:1c:03:52:74:71:
56:25:0b:21:f3:23:6b:e4:ec:ef:70:92:01:4d:ed:
1b:aa:9f:69:91:44:bc:b4:e9:03:99:83:22:5b:19:
50:13:1d:ad:b2:00:da:f6:d9:37:62:66:b3:79:2b:
bb:88:12:f0:ad:48:ad:fa:bc:89:8d:c5:42:50:d4:
24:a2:9e:b0:de:ef:3b:f9:7a:42:ce:b5:7d:fc:fc:
8f:40:3a:06:69:ce:35:6d:a1:ad:8c:60:54:87:cd:
f7:3a:0e:8d:f9:18:8b:89:5f:0e:8c:ff:a8:d3:02:
93:f0:2d:90:11:18:41:cb:ba:02:32:2f:6a:40:6b:
b3:66:5f:3d:4d:5c:32:df:c0:de:a1:02:d9:11:ba:
c4:b5:32:78:2e:12:28:c1:a2:01:b6:c8:9f:aa:42:
dc:24:99:d4:1e:f3:b9:3f:66:f5:59:02:d7:ac:10:
13:c7:55:35:32:f2:2a:00:f2:8f:d4:df:46:2c:73:
d9:d4:34:57:fc:7a:7e:0c:be:e7:a1:df:bf:ed:a6:
61:00:09:45:8f:e0:b6:5c:b6:a1:7c:cd:ed:63:a0:
26:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:D9:87:10:70:DA:88:5A:96:55:CA:69:3A:9B:9D:18:95:B1:F3:4C
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/xdmHEHDaiFqWVcppOpudGJWx80w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
77.90.54.0/24
85.118.162.0/24
87.239.131.0/24
94.249.138.0/24
94.249.148.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:05:3b:23:97:24:e1:01:0b:41:a9:77:85:2c:37:00:ac:1b:
71:a1:44:ad:87:23:be:c0:10:5c:6c:63:82:a9:83:5c:05:15:
74:5b:cc:58:19:16:c3:ae:de:dd:76:42:4d:04:4e:75:61:06:
15:21:86:6a:f4:15:7a:f3:19:f8:f5:aa:07:e5:2b:4d:ed:3c:
5b:eb:50:0d:68:15:39:f3:8f:d1:d0:91:da:98:fe:f1:60:d2:
0d:3e:9c:ed:00:7d:95:fc:1d:67:6a:82:dc:86:9a:48:c9:1c:
84:0c:20:38:f4:a5:9c:d4:46:24:08:ab:73:dd:ab:ba:73:f2:
6d:0d:69:e3:87:63:c8:32:9a:77:f1:2c:68:f4:de:8a:92:c0:
bd:53:e8:e2:cb:c3:1d:81:bb:f3:b6:05:de:63:e8:3f:cb:4a:
66:fa:d7:39:98:11:86:05:30:a2:24:3d:cb:16:f9:f8:82:30:
ee:58:4c:92:a8:fd:77:c3:dd:fe:da:3e:fc:23:f8:68:d0:c1:
31:a3:a7:ad:b4:9f:b7:ec:e0:35:78:12:1c:18:7b:ca:c3:11:
50:97:f2:1c:7f:ad:55:23:8e:d2:ef:c7:38:89:14:04:fa:22:
e0:5d:02:7c:a1:e8:27:d6:58:f9:93:a9:5d:9b:2f:a6:1b:71:
ae:be:a3:89
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZMZo74U2sr0I8HQ65uF5NtFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMTExMDUxMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWQ5ODcxMDcwZGE4ODVhOTY1NWNhNjkzYTliOWQxODk1YjFmMzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyKSsd4tv/sTGBFxxWzyTKbatb+G
0YD3b759P1W12UYAZl9EDRH+HANSdHFWJQsh8yNr5OzvcJIBTe0bqp9pkUS8tOkD
mYMiWxlQEx2tsgDa9tk3YmazeSu7iBLwrUit+ryJjcVCUNQkop6w3u87+XpCzrV9
/PyPQDoGac41baGtjGBUh833Og6N+RiLiV8OjP+o0wKT8C2QERhBy7oCMi9qQGuz
Zl89TVwy38DeoQLZEbrEtTJ4LhIowaIBtsifqkLcJJnUHvO5P2b1WQLXrBATx1U1
MvIqAPKP1N9GLHPZ1DRX/Hp+DL7nod+/7aZhAAlFj+C2XLahfM3tY6AmqQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMXZhxBw2ohallXKaTqbnRiVsfNMMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEveGRtSEVIRGFpRnFXVmNwcE9wdWRHSld4ODB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABVOBAwQA
TVo2AwQAVXaiAwQAV++DAwQAXvmKAwQAXvmUMA0GCSqGSIb3DQEBCwUAA4IBAQBc
BTsjlyThAQtBqXeFLDcArBtxoUSthyO+wBBcbGOCqYNcBRV0W8xYGRbDrt7ddkJN
BE51YQYVIYZq9BV68xn49aoH5StN7Txb61ANaBU584/R0JHamP7xYNINPpztAH2V
/B1naoLchppIyRyEDCA49KWc1EYkCKtz3au6c/JtDWnjh2PIMpp38Sxo9N6KksC9
U+jiy8MdgbvztgXeY+g/y0pm+tc5mBGGBTCiJD3LFvn4gjDuWEySqP13w93+2j78
I/ho0MExo6ettJ+37OA1eBIcGHvKwxFQl/Icf61VI47S78c4iRQE+iLgXQJ8oegn
1lj5k6ldmy+mG3GuvqOJ
-----END CERTIFICATE-----
Generated at Tue Nov 12 02:40:04 2024 by rpki-client on console-fra.rpki-client.org