Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/vMmXoP5UO5jk5iqlxqes58UC4no.roa
File: vMmXoP5UO5jk5iqlxqes58UC4no.roa (raw, json)
Hash identifier: Ls7mABnCtaqPqAx4V6xZmZZBxQtJRzm74p5aHivDf8E=
Subject key identifier: BC:C9:97:A0:FE:54:3B:98:E4:E6:2A:A5:C6:A7:AC:E7:C5:02:E2:7A
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 0191451932398DEC22D9AB97A2C1CACC38A9
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/vMmXoP5UO5jk5iqlxqes58UC4no.roa
Signing time: Mon 12 Aug 2024 05:39:24 +0000
ROA not before: Mon 12 Aug 2024 05:39:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.144.155.0/24 maxlen: 24
194.33.150.0/24 maxlen: 24
194.33.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 15:28:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:45:19:32:39:8d:ec:22:d9:ab:97:a2:c1:ca:cc:38:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Aug 12 05:39:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bcc997a0fe543b98e4e62aa5c6a7ace7c502e27a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4a:3e:73:d9:6d:af:8a:0e:30:d1:7f:fd:38:
7e:5f:13:50:f5:a2:44:74:7d:07:eb:03:34:93:a3:
88:32:5d:21:94:18:f7:ee:80:03:14:f8:1b:30:f1:
89:b2:b6:53:bd:cd:6b:2f:40:78:57:c6:3a:c0:4f:
f6:91:77:0f:5d:f6:b7:e9:2c:b7:d1:ad:27:f0:6d:
c4:b6:0f:cb:4e:d8:78:c8:97:36:ec:ef:7f:03:99:
9a:4e:69:09:c5:ae:d8:1d:1e:30:b7:3a:29:d1:94:
2d:cc:83:83:fe:16:fb:73:e5:9e:59:e5:15:37:6a:
c1:d0:fb:07:95:29:2f:be:0d:66:68:ef:dd:ed:36:
52:5c:4d:8a:b7:cf:7f:f2:96:5d:0e:a7:45:a4:8d:
b9:42:7c:86:35:49:14:04:af:3a:8d:9e:0c:60:5b:
60:6e:d2:e2:c8:f6:d5:60:6d:d7:49:bf:a9:cd:8f:
b2:e8:f8:4f:c9:1c:ae:9a:90:8e:0b:14:6c:6f:5c:
a4:d6:a2:31:d7:c6:92:8f:68:2e:e2:3b:c9:c1:3e:
81:ab:fe:35:92:f3:2a:fe:8d:71:0b:17:8b:e2:9f:
f7:e5:bd:a0:c3:30:d8:fd:30:08:6d:09:38:33:df:
ef:42:02:0b:a1:82:cf:95:32:bd:43:76:e2:8d:3c:
b7:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:C9:97:A0:FE:54:3B:98:E4:E6:2A:A5:C6:A7:AC:E7:C5:02:E2:7A
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/vMmXoP5UO5jk5iqlxqes58UC4no.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.155.0/24
194.33.150.0/23
Signature Algorithm: sha256WithRSAEncryption
89:09:a7:35:06:d3:02:16:1a:e9:cc:9d:0a:2d:6b:9c:4a:2b:
2c:17:f6:ed:e1:71:11:60:35:77:77:b4:ec:68:c7:82:a1:4f:
92:78:e2:da:1d:10:78:3b:a4:a0:43:6a:db:11:67:a2:66:a5:
43:6f:6c:de:21:94:07:bd:33:61:7e:a7:f9:76:62:11:e7:66:
b6:c5:92:30:a2:a5:7d:dd:6c:32:3c:1c:d2:c2:62:2b:0f:08:
e5:66:06:52:7a:66:d1:7c:dc:8b:2d:20:4b:68:a3:e6:92:70:
f9:f0:d2:bd:db:62:09:cf:e7:27:6f:92:b4:62:4c:62:0c:00:
69:ec:82:67:0d:47:f7:22:11:b3:63:e7:df:13:aa:c3:0d:fa:
b4:c2:bc:ed:67:30:e6:dd:63:1a:47:39:15:db:ba:3c:5c:0b:
c8:2b:37:1e:1e:d5:a3:03:bf:7b:74:05:49:8c:b2:a4:9c:ab:
ce:7a:4b:45:e6:ae:ac:92:6a:a0:e4:80:36:b2:5e:79:f9:58:
77:1d:5b:79:4f:3c:bb:f5:ce:2c:c0:18:9d:a2:2d:6f:42:21:
33:f2:a1:c2:ba:38:02:ea:92:7d:1a:70:36:3a:2b:e1:a7:44:
95:39:48:0c:90:95:72:ca:e0:5c:f6:f0:41:07:34:96:0b:5c:
64:db:37:54
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZFFGTI5jewi2auXosHKzDipMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjQwODEyMDUzOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2M5OTdhMGZlNTQzYjk4ZTRlNjJhYTVjNmE3YWNlN2M1MDJlMjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEo+c9ltr4oOMNF//Th+XxNQ9aJE
dH0H6wM0k6OIMl0hlBj37oADFPgbMPGJsrZTvc1rL0B4V8Y6wE/2kXcPXfa36Sy3
0a0n8G3Etg/LTth4yJc27O9/A5maTmkJxa7YHR4wtzop0ZQtzIOD/hb7c+WeWeUV
N2rB0PsHlSkvvg1maO/d7TZSXE2Kt89/8pZdDqdFpI25QnyGNUkUBK86jZ4MYFtg
btLiyPbVYG3XSb+pzY+y6PhPyRyumpCOCxRsb1yk1qIx18aSj2gu4jvJwT6Bq/41
kvMq/o1xCxeL4p/35b2gwzDY/TAIbQk4M9/vQgILoYLPlTK9Q3bijTy3uwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLzJl6D+VDuY5OYqpcanrOfFAuJ6MB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvdk1tWG9QNVVPNWprNWlxbHhxZXM1OFVDNG5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABZCbAwQB
wiGWMA0GCSqGSIb3DQEBCwUAA4IBAQCJCac1BtMCFhrpzJ0KLWucSissF/bt4XER
YDV3d7TsaMeCoU+SeOLaHRB4O6SgQ2rbEWeiZqVDb2zeIZQHvTNhfqf5dmIR52a2
xZIwoqV93WwyPBzSwmIrDwjlZgZSembRfNyLLSBLaKPmknD58NK922IJz+cnb5K0
YkxiDABp7IJnDUf3IhGzY+ffE6rDDfq0wrztZzDm3WMaRzkV27o8XAvIKzceHtWj
A797dAVJjLKknKvOektF5q6skmqg5IA2sl55+Vh3HVt5Tzy79c4swBidoi1vQiEz
8qHCujgC6pJ9GnA2Oivhp0SVOUgMkJVyyuBc9vBBBzSWC1xk2zdU
-----END CERTIFICATE-----
Generated at Mon Aug 26 18:39:40 2024 by rpki-client on console-fra.rpki-client.org