Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/d_P7jr8q4qFBmHbFh0_cKuGVHLw.roa
File: d_P7jr8q4qFBmHbFh0_cKuGVHLw.roa (raw, json)
Hash identifier: HR7F1I2954rrGAYJWZnp1CplZJQkZL9lzqhP00TB5DE=
Subject key identifier: 77:F3:FB:8E:BF:2A:E2:A1:41:98:76:C5:87:4F:DC:2A:E1:95:1C:BC
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 018D56A2649BDDFAF42649D705D967365FA1
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/d_P7jr8q4qFBmHbFh0_cKuGVHLw.roa
Signing time: Mon 29 Jan 2024 19:11:39 +0000
ROA not before: Mon 29 Jan 2024 19:11:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30938
IP address blocks: 5.39.248.0/24 maxlen: 24
5.39.250.0/24 maxlen: 24
5.39.251.0/24 maxlen: 24
5.39.252.0/24 maxlen: 24
5.39.253.0/24 maxlen: 24
5.39.254.0/24 maxlen: 24
5.178.96.0/24 maxlen: 24
5.178.97.0/24 maxlen: 24
5.178.99.0/24 maxlen: 24
5.178.104.0/24 maxlen: 24
5.178.109.0/24 maxlen: 24
31.192.240.0/21 maxlen: 21
31.192.246.0/24 maxlen: 24
45.12.216.0/24 maxlen: 24
45.12.217.0/24 maxlen: 24
45.12.218.0/24 maxlen: 24
45.12.219.0/24 maxlen: 24
185.5.36.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 04 Feb 2024 17:14:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:56:a2:64:9b:dd:fa:f4:26:49:d7:05:d9:67:36:5f:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Jan 29 19:11:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77f3fb8ebf2ae2a1419876c5874fdc2ae1951cbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:41:e1:a9:7b:ef:19:ee:ac:d7:55:ca:3c:eb:
a6:9e:4a:09:cc:e4:e8:5e:49:17:35:a5:36:97:0a:
36:a9:e7:ba:0f:d8:f3:a4:ad:ed:8f:4d:09:ed:ce:
39:44:bc:cd:97:b0:49:75:a6:9d:81:a2:98:2b:6c:
3a:e0:99:4b:1f:60:7e:c0:0a:78:16:38:aa:5c:bf:
5f:7c:8c:52:ca:3e:e9:88:74:3d:35:29:c2:a3:2e:
b3:d4:7d:dc:9c:95:e2:8d:cc:e9:fb:17:a0:93:e3:
57:86:72:f1:f7:c8:34:9e:dd:e1:92:c8:9d:c3:b5:
36:f2:a6:e1:71:6d:9d:d7:b7:96:1c:fc:a0:2c:4f:
d8:f5:a8:88:e0:f2:70:21:88:d1:0d:62:c6:d9:b4:
ef:0e:85:e7:06:e8:9c:a6:13:c6:30:1f:cb:dc:8e:
70:85:cf:02:50:42:76:8d:9b:68:f2:28:c4:1b:a6:
3c:b7:9d:24:3c:7c:92:2e:e2:f9:ca:c8:53:ef:1f:
af:d3:c7:48:c9:85:68:c2:d4:aa:ea:ff:3f:1b:85:
4b:ea:76:c1:c9:ab:e6:9d:bd:db:9b:1a:6f:cb:8f:
37:24:7d:97:35:64:53:a0:b7:19:0c:72:84:46:e8:
dc:00:4a:ed:17:60:7e:7c:8d:8e:cf:3a:39:52:c1:
aa:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:F3:FB:8E:BF:2A:E2:A1:41:98:76:C5:87:4F:DC:2A:E1:95:1C:BC
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/d_P7jr8q4qFBmHbFh0_cKuGVHLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.248.0/24
5.39.250.0-5.39.254.255
5.178.96.0/23
5.178.99.0/24
5.178.104.0/24
5.178.109.0/24
31.192.240.0/21
45.12.216.0/22
185.5.36.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:48:6d:3b:9e:fb:81:70:86:0f:8a:24:5d:64:c1:10:d8:da:
85:b1:7b:27:09:74:1b:79:cd:00:35:cf:ef:f9:49:17:f4:3d:
47:84:05:64:c2:f7:fd:07:85:ba:d2:7b:bf:d8:ae:4b:e7:c8:
04:91:d1:d7:4b:65:6e:ce:ed:5d:c7:09:92:31:a8:8a:78:2c:
23:80:1f:b9:cb:51:bd:e8:a9:d2:df:a4:1a:c2:b2:dc:71:0c:
83:2f:78:0a:6f:e6:4c:e5:5c:f8:88:28:b0:4a:ce:42:66:99:
8b:17:f1:3a:e5:de:38:f8:51:e0:f7:2a:fc:78:e9:39:da:0d:
35:f0:f9:55:02:7c:cf:bf:bc:85:b0:e4:50:a3:cb:20:3c:e3:
ab:95:30:e2:6d:ab:b6:99:7e:5d:09:ad:63:bc:5a:57:c4:1a:
47:db:be:d2:8f:74:7c:8d:ec:7e:67:30:40:6e:19:13:31:25:
61:2b:eb:92:50:ce:d6:4e:1c:93:64:1d:79:3a:d2:4c:2a:e8:
6e:f6:e5:a1:fd:de:65:e4:ea:2c:70:02:c4:8d:99:d0:f9:cb:
b2:8b:c4:3f:6a:3a:ed:fd:2f:6e:bd:88:58:e0:c0:7e:73:f8:
49:88:49:30:6b:4b:d3:88:77:cf:be:63:c7:84:8b:a1:45:5a:
0e:41:f5:bf
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAY1WomSb3fr0JknXBdlnNl+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQwMTI5MTkxMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2YzZmI4ZWJmMmFlMmExNDE5ODc2YzU4NzRmZGMyYWUxOTUxY2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5EHhqXvvGe6s11XKPOumnkoJzOTo
XkkXNaU2lwo2qee6D9jzpK3tj00J7c45RLzNl7BJdaadgaKYK2w64JlLH2B+wAp4
FjiqXL9ffIxSyj7piHQ9NSnCoy6z1H3cnJXijczp+xegk+NXhnLx98g0nt3hksid
w7U28qbhcW2d17eWHPygLE/Y9aiI4PJwIYjRDWLG2bTvDoXnBuicphPGMB/L3I5w
hc8CUEJ2jZto8ijEG6Y8t50kPHySLuL5yshT7x+v08dIyYVowtSq6v8/G4VL6nbB
yavmnb3bmxpvy483JH2XNWRToLcZDHKERujcAErtF2B+fI2Ozzo5UsGqIQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFHfz+46/KuKhQZh2xYdP3CrhlRy8MB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvZF9QN2pyOHE0cUZCbUhiRmgwX2NLdUdWSEx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQABSf4MAwD
BAEFJ/oDBAAFJ/4DBAEFsmADBAAFsmMDBAAFsmgDBAAFsm0DBAMfwPADBAItDNgD
BAK5BSQwDQYJKoZIhvcNAQELBQADggEBALpIbTue+4Fwhg+KJF1kwRDY2oWxeycJ
dBt5zQA1z+/5SRf0PUeEBWTC9/0HhbrSe7/YrkvnyASR0ddLZW7O7V3HCZIxqIp4
LCOAH7nLUb3oqdLfpBrCstxxDIMveApv5kzlXPiIKLBKzkJmmYsX8Trl3jj4UeD3
Kvx46TnaDTXw+VUCfM+/vIWw5FCjyyA846uVMOJtq7aZfl0JrWO8WlfEGkfbvtKP
dHyN7H5nMEBuGRMxJWEr65JQztZOHJNkHXk60kwq6G725aH93mXk6ixwAsSNmdD5
y7KLxD9qOu39L269iFjgwH5z+EmISTBrS9OId8++Y8eEi6FFWg5B9b8=
-----END CERTIFICATE-----
Generated at Sun Feb 4 20:01:29 2024 by rpki-client on console-fra.rpki-client.org