Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/m53_aC6eNeIj5Zd_up-2RQaMiK0.roa
File: m53_aC6eNeIj5Zd_up-2RQaMiK0.roa (raw, json)
Hash identifier: pQtBLkGt3m/Lv3HV9jTKc0c3++lePCwUuTgOu3lcUFk=
Subject key identifier: 9B:9D:FF:68:2E:9E:35:E2:23:E5:97:7F:BA:9F:B6:45:06:8C:88:AD
Certificate issuer: /CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Certificate serial: 01889A80CCD7EEFEC3511DB6039DF3284E2B
Authority key identifier: 9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/m53_aC6eNeIj5Zd_up-2RQaMiK0.roa
Signing time: Thu 08 Jun 2023 10:15:12 +0000
ROA not before: Thu 08 Jun 2023 10:15:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34984
IP address blocks: 5.182.244.0/24 maxlen: 24
93.157.191.0/24 maxlen: 24
185.233.245.0/24 maxlen: 24
89.200.218.0/24 maxlen: 24
89.200.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Nov 2023 18:23:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:80:cc:d7:ee:fe:c3:51:1d:b6:03:9d:f3:28:4e:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Validity
Not Before: Jun 8 10:15:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b9dff682e9e35e223e5977fba9fb645068c88ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8a:c4:3f:47:dc:54:5f:1e:a1:88:0e:e0:37:
5c:5e:af:93:1c:c8:73:c8:78:1c:36:6c:48:89:fb:
19:f1:5f:09:a5:11:02:32:05:67:f5:c4:ea:b4:b1:
6c:6e:af:1b:18:8e:b4:35:e5:59:33:fd:35:f9:a2:
96:83:80:b2:06:17:aa:25:84:82:fe:29:be:33:27:
20:cd:68:07:10:f6:4f:48:e0:79:3b:0e:7b:25:9e:
df:12:49:23:e8:53:3e:0d:b4:56:76:cc:0c:03:69:
cf:fe:f9:45:a6:89:f9:65:de:fb:e9:2b:af:c2:1a:
b4:eb:9b:40:86:6e:05:50:10:52:8a:ae:26:72:18:
d5:c7:66:6f:2c:8d:92:b7:25:ac:c4:83:0a:97:3f:
d3:c9:06:30:f4:0f:a6:ad:bd:5c:73:da:ac:c2:e7:
37:0b:70:e1:2e:cf:e0:da:1b:4f:68:7d:62:73:bb:
0d:47:40:fe:33:6b:53:e7:12:75:ad:3a:d4:e1:60:
5a:2e:4f:a7:39:82:2b:f3:1e:77:9d:51:f6:e6:8f:
ff:0e:82:48:2f:2d:79:c9:30:60:28:61:69:18:9b:
75:65:3c:0e:91:50:8b:51:64:0d:c3:02:7d:72:1e:
97:12:44:87:55:56:02:03:22:28:c1:83:7c:4d:52:
19:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:9D:FF:68:2E:9E:35:E2:23:E5:97:7F:BA:9F:B6:45:06:8C:88:AD
X509v3 Authority Key Identifier:
keyid:9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/m53_aC6eNeIj5Zd_up-2RQaMiK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/nlUyAHdpaUSxYTwujJxgah4G63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.244.0/24
89.200.218.0/23
93.157.191.0/24
185.233.245.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:90:b2:48:e2:7a:cb:f1:3f:51:23:8d:2c:2f:2a:83:85:5e:
72:8f:90:08:70:ac:bc:f9:d1:56:49:16:ba:2d:96:24:43:ee:
1a:dc:79:d1:c6:a3:fa:8a:78:b2:ec:6b:29:1c:79:e1:a5:da:
89:7d:15:2a:c5:1d:2d:79:ed:e1:d6:1a:e2:5c:24:13:ba:1c:
e3:fa:b0:e2:62:18:f9:66:ba:bc:8b:a6:db:cf:04:68:ad:1a:
c2:c5:72:16:4f:9c:08:92:35:cc:42:f4:ed:1a:d7:c8:00:af:
70:72:6d:bb:4c:41:9d:8a:64:29:0f:95:09:49:6c:d3:d6:fd:
21:51:85:51:d0:ef:68:5d:27:96:c0:f8:3b:61:f0:22:e4:85:
44:61:f0:83:30:4e:ec:08:7a:9a:c7:8f:81:78:c0:7c:0b:28:
7c:3b:db:42:34:19:86:76:76:5b:f0:59:61:6f:07:e1:0a:27:
f3:50:ac:36:68:4d:1e:27:5c:aa:98:0a:a1:49:d6:67:77:f0:
a4:58:64:3d:97:48:35:92:22:6b:70:67:a1:57:6e:de:c1:3a:
cc:ff:4e:20:00:8d:8d:68:fa:25:38:17:74:9a:88:06:0a:a9:
46:64:05:12:bf:ac:42:c1:5d:36:14:09:0d:e9:cb:3d:3e:dc:
d9:ee:46:80
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYiagMzX7v7DUR22A53zKE4rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTUzMjAwNzc2OTY5NDRiMTYxM2MyZThjOWM2MDZhMWUw
NmViNzkwHhcNMjMwNjA4MTAxNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjlkZmY2ODJlOWUzNWUyMjNlNTk3N2ZiYTlmYjY0NTA2OGM4OGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIrEP0fcVF8eoYgO4DdcXq+THMhz
yHgcNmxIifsZ8V8JpRECMgVn9cTqtLFsbq8bGI60NeVZM/01+aKWg4CyBheqJYSC
/im+MycgzWgHEPZPSOB5Ow57JZ7fEkkj6FM+DbRWdswMA2nP/vlFpon5Zd776Suv
whq065tAhm4FUBBSiq4mchjVx2ZvLI2StyWsxIMKlz/TyQYw9A+mrb1cc9qswuc3
C3DhLs/g2htPaH1ic7sNR0D+M2tT5xJ1rTrU4WBaLk+nOYIr8x53nVH25o//DoJI
Ly15yTBgKGFpGJt1ZTwOkVCLUWQNwwJ9ch6XEkSHVVYCAyIowYN8TVIZLQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJud/2gunjXiI+WXf7qftkUGjIitMB8GA1UdIwQY
MBaAFJ5VMgB3aWlEsWE8LoycYGoeBut5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxVeUFIZHBhVVN4WVR3dWpKeGdhaDRHNjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8yNjBiNjEtYTM0OC00ZDQ3LTkyZjYt
MWUwZThiOTA5ZTM0LzEvbTUzX2FDNmVOZUlqNVpkX3VwLTJSUWFNaUswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8yNjBiNjEtYTM0OC00ZDQ3LTkyZjYtMWUwZThiOTA5ZTM0
LzEvbmxVeUFIZHBhVVN4WVR3dWpKeGdhaDRHNjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABbb0AwQB
WcjaAwQAXZ2/AwQAuen1MA0GCSqGSIb3DQEBCwUAA4IBAQCOkLJI4nrL8T9RI40s
LyqDhV5yj5AIcKy8+dFWSRa6LZYkQ+4a3HnRxqP6iniy7GspHHnhpdqJfRUqxR0t
ee3h1hriXCQTuhzj+rDiYhj5Zrq8i6bbzwRorRrCxXIWT5wIkjXMQvTtGtfIAK9w
cm27TEGdimQpD5UJSWzT1v0hUYVR0O9oXSeWwPg7YfAi5IVEYfCDME7sCHqax4+B
eMB8Cyh8O9tCNBmGdnZb8FlhbwfhCifzUKw2aE0eJ1yqmAqhSdZnd/CkWGQ9l0g1
kiJrcGehV27ewTrM/04gAI2NaPolOBd0mogGCqlGZAUSv6xCwV02FAkN6cs9PtzZ
7kaA
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:43 2024 by rpki-client on console-ams.rpki-client.org