Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/667DkJ8NEX_tEaqkCF0d8Atr9TY.roa
File: 667DkJ8NEX_tEaqkCF0d8Atr9TY.roa (raw, json)
Hash identifier: u5dp1AFOsD7ijfjC6P+0QhcR1G6hD0wMFqSZCITrALk=
Subject key identifier: EB:AE:C3:90:9F:0D:11:7F:ED:11:AA:A4:08:5D:1D:F0:0B:6B:F5:36
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 018DEB963D40D63E57279F5BDB727BE067C7
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/667DkJ8NEX_tEaqkCF0d8Atr9TY.roa
Signing time: Tue 27 Feb 2024 17:21:48 +0000
ROA not before: Tue 27 Feb 2024 17:21:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215433
IP address blocks: 5.39.251.0/24 maxlen: 24
5.144.176.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Mar 2024 10:24:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:eb:96:3d:40:d6:3e:57:27:9f:5b:db:72:7b:e0:67:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Feb 27 17:21:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ebaec3909f0d117fed11aaa4085d1df00b6bf536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:01:0e:a8:d6:7d:01:50:1c:83:26:68:85:5e:
8b:e7:e0:f6:e2:75:d8:c2:e2:b3:57:55:4e:48:de:
f5:4b:4d:fa:81:44:29:fc:f0:c7:f2:9d:93:06:3e:
b3:de:cd:20:e8:5d:e3:d3:4e:a4:06:de:96:b7:d7:
78:7e:d9:95:b5:b6:33:61:9d:1b:0c:9a:50:5b:b3:
cc:11:28:71:06:f5:68:0f:52:33:8e:64:dd:3f:cd:
87:0e:b4:1b:ab:1e:52:28:4f:19:11:d4:34:cd:fd:
83:54:2c:f6:7d:14:9e:cc:c5:68:03:bd:8a:65:7f:
8a:a7:4b:85:9f:74:47:2e:c6:32:71:ef:5c:a5:91:
7b:c1:cd:e6:86:10:7e:69:ce:21:09:ca:ee:11:5d:
b1:24:2d:b2:6a:41:3a:be:37:41:b8:b7:f6:2d:0b:
0b:7f:11:1b:09:fc:66:39:90:55:f2:cc:ea:d2:a8:
60:61:be:5c:96:10:03:d8:3c:e4:ae:d1:a8:71:3e:
79:3f:b4:c2:fe:e7:87:c2:c4:76:b7:1c:d4:2e:07:
f8:7a:91:f0:a4:82:8f:ec:e9:e1:8b:df:3b:1f:f6:
5b:ae:0d:e2:cb:cb:de:42:98:c2:ae:33:98:02:b1:
3a:7a:30:e5:4e:9e:b7:57:cd:b1:58:b4:1e:26:01:
84:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:AE:C3:90:9F:0D:11:7F:ED:11:AA:A4:08:5D:1D:F0:0B:6B:F5:36
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/667DkJ8NEX_tEaqkCF0d8Atr9TY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.251.0/24
5.144.176.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:38:38:61:e8:6d:2c:73:22:24:94:40:2c:82:70:04:69:3c:
8d:d9:de:09:c4:e5:bc:2b:12:ec:3d:6f:f2:b9:22:d4:0f:75:
36:54:c9:fe:11:1f:36:9c:32:8c:31:a9:33:ec:47:4d:c2:66:
e4:36:85:46:0c:29:90:aa:cc:d9:0a:0e:e0:c7:ad:fb:ea:cb:
47:4f:9a:b2:4e:fd:d3:7b:4f:28:85:31:5a:67:1c:7f:04:dd:
70:d3:0d:c5:49:0f:22:9c:7f:5e:79:1a:e3:ed:7a:e5:1d:9f:
51:a7:88:93:cf:08:1d:04:93:84:ec:f2:e1:4f:bf:7d:5d:de:
f1:0c:16:0a:f1:d8:27:56:1f:ed:92:cf:11:98:ee:8e:03:a6:
27:a3:5e:0c:6a:53:5f:71:83:16:64:92:1b:d7:a5:96:3b:33:
dd:40:64:4e:1b:b4:cf:c1:37:03:86:52:5c:c1:e8:74:26:96:
1e:dd:0c:b1:0c:8b:3d:69:7c:b1:ad:62:1a:f7:ec:60:2f:26:
97:b9:88:7b:05:87:40:2b:30:29:70:09:c1:39:a9:97:0c:49:
35:8c:ec:f9:e3:ef:0a:90:ae:07:c5:3f:5c:cd:ce:48:0e:3e:
e1:81:dd:b6:bf:33:b8:4e:a6:58:9d:fa:c1:14:b2:ff:8e:8e:
a0:1c:69:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3rlj1A1j5XJ59b23J74GfHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQwMjI3MTcyMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmFlYzM5MDlmMGQxMTdmZWQxMWFhYTQwODVkMWRmMDBiNmJmNTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAEOqNZ9AVAcgyZohV6L5+D24nXY
wuKzV1VOSN71S036gUQp/PDH8p2TBj6z3s0g6F3j006kBt6Wt9d4ftmVtbYzYZ0b
DJpQW7PMEShxBvVoD1IzjmTdP82HDrQbqx5SKE8ZEdQ0zf2DVCz2fRSezMVoA72K
ZX+Kp0uFn3RHLsYyce9cpZF7wc3mhhB+ac4hCcruEV2xJC2yakE6vjdBuLf2LQsL
fxEbCfxmOZBV8szq0qhgYb5clhAD2DzkrtGocT55P7TC/ueHwsR2txzULgf4epHw
pIKP7Onhi987H/Zbrg3iy8veQpjCrjOYArE6ejDlTp63V82xWLQeJgGEHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOuuw5CfDRF/7RGqpAhdHfALa/U2MB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvNjY3RGtKOE5FWF90RWFxa0NGMGQ4QXRyOVRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABSf7AwQA
BZCwMA0GCSqGSIb3DQEBCwUAA4IBAQBdODhh6G0scyIklEAsgnAEaTyN2d4JxOW8
KxLsPW/yuSLUD3U2VMn+ER82nDKMMakz7EdNwmbkNoVGDCmQqszZCg7gx6376stH
T5qyTv3Te08ohTFaZxx/BN1w0w3FSQ8inH9eeRrj7XrlHZ9Rp4iTzwgdBJOE7PLh
T799Xd7xDBYK8dgnVh/tks8RmO6OA6Yno14MalNfcYMWZJIb16WWOzPdQGROG7TP
wTcDhlJcweh0JpYe3QyxDIs9aXyxrWIa9+xgLyaXuYh7BYdAKzApcAnBOamXDEk1
jOz54+8KkK4HxT9czc5IDj7hgd22vzO4TqZYnfrBFLL/jo6gHGmq
-----END CERTIFICATE-----
Generated at Fri Mar 29 11:47:06 2024 by rpki-client on console-fra.rpki-client.org