Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/RWXbO_EYsM0ziFiVV7YL6DPJwLI.roa
File: RWXbO_EYsM0ziFiVV7YL6DPJwLI.roa (raw, json)
Hash identifier: lxGlDGrGmg6HobNRi6WatdX6fEaH0oE5BJmuIxi8uAg=
Subject key identifier: 45:65:DB:3B:F1:18:B0:CD:33:88:58:95:57:B6:0B:E8:33:C9:C0:B2
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 018E8FC5227A2B65C9DB04C71E9D4DB2362C
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/RWXbO_EYsM0ziFiVV7YL6DPJwLI.roa
Signing time: Sat 30 Mar 2024 14:30:45 +0000
ROA not before: Sat 30 Mar 2024 14:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26383
IP address blocks: 5.39.250.0/24 maxlen: 24
5.39.252.0/24 maxlen: 24
5.39.254.0/24 maxlen: 24
5.144.178.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 May 2024 08:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8f:c5:22:7a:2b:65:c9:db:04:c7:1e:9d:4d:b2:36:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Mar 30 14:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4565db3bf118b0cd3388589557b60be833c9c0b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:46:db:9d:14:28:f8:b5:bc:c3:f4:c6:6a:bd:
24:ab:70:78:15:b5:98:f2:42:f2:8d:62:72:31:de:
af:d0:e1:52:e0:3b:db:d6:14:64:83:06:80:2c:9a:
4f:93:c6:1d:c3:db:1b:b4:0b:0d:c4:52:9d:5f:f7:
9c:09:b1:17:66:66:20:ad:d7:07:be:90:5e:2e:a4:
07:3e:85:c1:a2:22:b5:ee:74:20:2e:bc:ab:6e:1f:
4f:2e:8a:4d:8c:85:9a:85:78:08:8f:e1:ab:fc:b3:
8d:04:45:ef:4f:d5:a0:07:76:5f:b9:0d:63:38:ae:
ca:de:2b:2a:2f:e9:c0:34:1a:d5:6e:9d:91:3e:43:
3b:1a:1a:23:6b:05:be:89:f7:9d:80:62:13:43:6c:
a1:65:bf:dd:92:2b:60:90:69:00:bb:98:f1:2a:f3:
fe:f5:51:10:a9:41:18:81:ec:12:ee:0c:a9:3b:df:
ef:34:56:38:7d:f5:0a:bc:60:f9:7e:e1:88:0b:07:
b9:ab:01:01:2d:32:22:43:3b:0c:53:21:62:eb:2e:
f1:3b:4f:50:a7:27:e9:ef:ff:23:24:1e:87:b3:e8:
4c:4c:a0:06:2a:7b:82:5c:a5:7d:49:6f:3c:53:9c:
26:08:f1:97:0e:bf:da:d5:c3:67:20:21:6c:b5:79:
68:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:65:DB:3B:F1:18:B0:CD:33:88:58:95:57:B6:0B:E8:33:C9:C0:B2
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/RWXbO_EYsM0ziFiVV7YL6DPJwLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.250.0/24
5.39.252.0/24
5.39.254.0/24
5.144.178.0/24
Signature Algorithm: sha256WithRSAEncryption
35:9f:79:9b:b6:21:67:95:5e:63:f3:fd:91:f8:8a:05:a0:1d:
da:7d:be:77:67:b0:bd:66:e2:15:d5:4e:f9:a2:e5:32:7d:fc:
b7:b1:c1:58:3a:99:23:4c:d5:81:f8:39:17:3d:c2:85:da:93:
99:1c:2d:5e:1b:44:70:8e:74:d9:87:dd:68:d4:15:81:14:94:
69:46:31:f0:38:67:96:92:86:42:f4:1a:e4:92:80:d6:6f:6e:
43:44:6a:58:80:fb:8b:90:03:94:92:9e:02:e1:a7:78:df:87:
17:d0:82:12:b9:71:b2:6e:7c:d9:74:46:b7:3a:8d:1f:01:3b:
cb:58:1e:8c:22:f6:85:70:78:23:bc:00:e3:ce:1a:26:e8:1b:
15:d5:79:64:1f:17:c8:6d:a2:05:e1:84:25:97:3e:22:57:c0:
d5:70:15:81:b5:ee:2f:d4:b5:a8:fe:7d:6f:8b:96:ab:c1:8a:
38:b6:96:73:cc:0d:7e:2d:57:ab:08:8c:0d:24:25:3d:14:db:
49:98:4a:1a:9c:38:1f:b0:c5:f3:1c:cd:95:f2:7d:c7:a2:62:
04:20:d6:2d:32:1e:a0:50:87:c2:9a:3f:ca:bd:f2:9b:ab:d6:
36:d7:15:ea:05:d4:4d:fe:28:9e:54:06:cc:3f:fe:d7:07:00:
0e:74:76:db
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY6PxSJ6K2XJ2wTHHp1NsjYsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQwMzMwMTQzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTY1ZGIzYmYxMThiMGNkMzM4ODU4OTU1N2I2MGJlODMzYzljMGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEbbnRQo+LW8w/TGar0kq3B4FbWY
8kLyjWJyMd6v0OFS4Dvb1hRkgwaALJpPk8Ydw9sbtAsNxFKdX/ecCbEXZmYgrdcH
vpBeLqQHPoXBoiK17nQgLryrbh9PLopNjIWahXgIj+Gr/LONBEXvT9WgB3ZfuQ1j
OK7K3isqL+nANBrVbp2RPkM7GhojawW+ifedgGITQ2yhZb/dkitgkGkAu5jxKvP+
9VEQqUEYgewS7gypO9/vNFY4ffUKvGD5fuGICwe5qwEBLTIiQzsMUyFi6y7xO09Q
pyfp7/8jJB6Hs+hMTKAGKnuCXKV9SW88U5wmCPGXDr/a1cNnICFstXlojQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEVl2zvxGLDNM4hYlVe2C+gzycCyMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvUldYYk9fRVlzTTB6aUZpVlY3WUw2RFBKd0xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABSf6AwQA
BSf8AwQABSf+AwQABZCyMA0GCSqGSIb3DQEBCwUAA4IBAQA1n3mbtiFnlV5j8/2R
+IoFoB3afb53Z7C9ZuIV1U75ouUyffy3scFYOpkjTNWB+DkXPcKF2pOZHC1eG0Rw
jnTZh91o1BWBFJRpRjHwOGeWkoZC9BrkkoDWb25DRGpYgPuLkAOUkp4C4ad434cX
0IISuXGybnzZdEa3Oo0fATvLWB6MIvaFcHgjvADjzhom6BsV1XlkHxfIbaIF4YQl
lz4iV8DVcBWBte4v1LWo/n1vi5arwYo4tpZzzA1+LVerCIwNJCU9FNtJmEoanDgf
sMXzHM2V8n3HomIEINYtMh6gUIfCmj/KvfKbq9Y21xXqBdRN/iieVAbMP/7XBwAO
dHbb
-----END CERTIFICATE-----
Generated at Mon May 20 10:29:02 2024 by rpki-client on console-fra.rpki-client.org