Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/PQ6R7k3X5Zt43eIKK8lxMW_ia3U.roa
File: PQ6R7k3X5Zt43eIKK8lxMW_ia3U.roa (raw, json)
Hash identifier: c9/5K81DqYwXpFevMxBKSfe/QMK3CYsU84oJQU5aobw=
Subject key identifier: 3D:0E:91:EE:4D:D7:E5:9B:78:DD:E2:0A:2B:C9:71:31:6F:E2:6B:75
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 018E89BCA584975FA23008074883EC05AC71
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/PQ6R7k3X5Zt43eIKK8lxMW_ia3U.roa
Signing time: Fri 29 Mar 2024 10:23:45 +0000
ROA not before: Fri 29 Mar 2024 10:23:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30938
IP address blocks: 5.39.248.0/24 maxlen: 24
5.39.252.0/24 maxlen: 24
5.39.254.0/24 maxlen: 24
5.178.97.0/24 maxlen: 24
5.178.99.0/24 maxlen: 24
31.192.240.0/21 maxlen: 21
45.12.216.0/24 maxlen: 24
185.5.36.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 29 Mar 2024 23:54:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:89:bc:a5:84:97:5f:a2:30:08:07:48:83:ec:05:ac:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Mar 29 10:23:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d0e91ee4dd7e59b78dde20a2bc971316fe26b75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:60:e8:b6:dd:4f:ab:0c:b9:9e:e1:8c:14:2b:
d0:92:f0:0c:2b:bd:ee:4f:b5:b5:6b:89:9c:6f:93:
76:2f:65:e3:1a:74:8f:ef:ba:c2:90:12:e4:7a:26:
a0:93:a4:02:95:a2:da:db:54:98:0f:cf:b7:83:81:
47:84:2a:f5:86:d0:38:45:c3:96:81:0c:11:2e:88:
dc:81:d5:fb:ce:33:77:b1:c5:ac:46:ee:0f:2b:a3:
f2:01:fd:7f:81:59:7f:93:05:9a:34:a9:18:37:cb:
d8:ea:cd:bc:49:8d:b0:60:0d:8e:ec:91:87:e8:de:
40:de:b1:ec:c9:64:6c:5a:7d:50:9f:6b:05:8e:d3:
e4:c4:db:a1:fe:7a:34:86:0e:7e:e1:8d:3a:36:8e:
7f:cb:0b:3a:8a:6d:eb:55:19:7d:25:f5:88:c5:e9:
91:dc:ca:15:94:ce:23:3f:fe:1a:00:51:03:f7:a8:
50:bd:44:05:62:4f:a0:72:72:0a:75:49:20:a6:e6:
77:f6:f9:e9:f6:e4:87:bd:51:aa:15:b5:0f:17:21:
d4:24:86:39:3b:e8:a4:9f:48:bb:c3:33:fe:a7:ca:
a1:ea:0a:22:b2:c6:9e:a9:d3:48:bf:9f:fd:3c:3a:
09:ac:00:0d:51:9b:1d:39:3f:78:60:46:30:9a:69:
41:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:0E:91:EE:4D:D7:E5:9B:78:DD:E2:0A:2B:C9:71:31:6F:E2:6B:75
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/PQ6R7k3X5Zt43eIKK8lxMW_ia3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.248.0/24
5.39.252.0/24
5.39.254.0/24
5.178.97.0/24
5.178.99.0/24
31.192.240.0/21
45.12.216.0/24
185.5.36.0/22
Signature Algorithm: sha256WithRSAEncryption
62:d6:6b:41:0a:91:8c:99:49:37:18:56:0b:0a:f2:ae:9c:de:
f3:e5:66:24:ad:6a:10:89:5d:ac:f7:d7:e8:58:7b:1c:28:88:
f9:48:3b:1e:d9:be:2d:a0:a9:3f:99:ad:ba:50:89:3c:f9:2b:
e3:f0:12:c2:68:27:1b:9f:e2:55:f4:69:0c:2c:af:fc:88:03:
fa:ed:8e:45:0e:66:d1:4d:65:cf:82:39:bf:97:c3:07:21:7d:
c0:c9:44:a3:85:26:9c:54:74:be:a0:7b:6a:32:7e:de:02:b1:
ac:91:59:20:f7:52:10:15:47:d4:01:76:b2:f4:ee:cb:40:d9:
3f:bf:d4:dc:52:29:cf:35:db:bc:14:bd:14:d1:50:7d:7a:17:
73:b2:ee:b2:56:1b:ef:f1:d5:aa:87:09:1b:f6:4c:e7:8b:71:
64:ad:4b:fc:d4:25:64:d1:7c:a9:b8:d2:6f:d9:bc:37:0b:ce:
c9:67:ea:33:74:19:2f:e6:39:4b:b3:9f:72:2d:e2:ee:1c:9d:
91:2d:ef:a4:f2:44:69:88:40:b2:8b:98:ce:44:1f:28:e6:81:
f6:73:d6:5e:d9:8e:91:2f:d9:b1:14:c6:ea:5d:b5:47:7c:fd:
4f:01:98:95:63:4f:f1:59:58:e5:74:fc:ba:03:40:aa:8f:23:
c4:cf:f6:38
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY6JvKWEl1+iMAgHSIPsBaxxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQwMzI5MTAyMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDBlOTFlZTRkZDdlNTliNzhkZGUyMGEyYmM5NzEzMTZmZTI2Yjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2Dott1Pqwy5nuGMFCvQkvAMK73u
T7W1a4mcb5N2L2XjGnSP77rCkBLkeiagk6QClaLa21SYD8+3g4FHhCr1htA4RcOW
gQwRLojcgdX7zjN3scWsRu4PK6PyAf1/gVl/kwWaNKkYN8vY6s28SY2wYA2O7JGH
6N5A3rHsyWRsWn1Qn2sFjtPkxNuh/no0hg5+4Y06No5/yws6im3rVRl9JfWIxemR
3MoVlM4jP/4aAFED96hQvUQFYk+gcnIKdUkgpuZ39vnp9uSHvVGqFbUPFyHUJIY5
O+ikn0i7wzP+p8qh6goissaeqdNIv5/9PDoJrAANUZsdOT94YEYwmmlBIwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFD0Oke5N1+WbeN3iCivJcTFv4mt1MB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvUFE2UjdrM1g1WnQ0M2VJS0s4bHhNV19pYTNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABSf4AwQA
BSf8AwQABSf+AwQABbJhAwQABbJjAwQDH8DwAwQALQzYAwQCuQUkMA0GCSqGSIb3
DQEBCwUAA4IBAQBi1mtBCpGMmUk3GFYLCvKunN7z5WYkrWoQiV2s99foWHscKIj5
SDse2b4toKk/ma26UIk8+Svj8BLCaCcbn+JV9GkMLK/8iAP67Y5FDmbRTWXPgjm/
l8MHIX3AyUSjhSacVHS+oHtqMn7eArGskVkg91IQFUfUAXay9O7LQNk/v9TcUinP
Ndu8FL0U0VB9ehdzsu6yVhvv8dWqhwkb9kzni3FkrUv81CVk0XypuNJv2bw3C87J
Z+ozdBkv5jlLs59yLeLuHJ2RLe+k8kRpiECyi5jORB8o5oH2c9Ze2Y6RL9mxFMbq
XbVHfP1PAZiVY0/xWVjldPy6A0CqjyPEz/Y4
-----END CERTIFICATE-----
Generated at Sat Mar 30 01:11:00 2024 by rpki-client on console-ams.rpki-client.org