Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/eM829wW2qFjhAXhB70a7ONS61_w.roa
File: eM829wW2qFjhAXhB70a7ONS61_w.roa (raw, json)
Hash identifier: wCPxLeXiO8B/dmubDwbL74MnNyPmNnZKadusATDAUog=
Subject key identifier: 78:CF:36:F7:05:B6:A8:58:E1:01:78:41:EF:46:BB:38:D4:BA:D7:FC
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 018E89BD8E43607951B533F245313BB2FBBF
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/eM829wW2qFjhAXhB70a7ONS61_w.roa
Signing time: Fri 29 Mar 2024 10:24:45 +0000
ROA not before: Fri 29 Mar 2024 10:24:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215433
IP address blocks: 5.39.251.0/24 maxlen: 24
5.144.176.0/24 maxlen: 24
5.178.104.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 May 2024 19:18:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:89:bd:8e:43:60:79:51:b5:33:f2:45:31:3b:b2:fb:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Mar 29 10:24:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78cf36f705b6a858e1017841ef46bb38d4bad7fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d0:bb:5e:23:96:4a:22:35:b7:32:c9:cc:55:
95:d3:1c:d0:1a:d6:e2:12:b9:fe:aa:7f:79:12:e6:
05:79:47:ee:d4:58:41:13:51:d7:c1:13:34:4c:b8:
1a:1b:e1:3b:38:5a:b9:b1:e8:d5:7e:91:71:89:b0:
16:24:9c:f0:c2:76:4e:75:53:12:b1:10:a6:8c:df:
e1:d2:8c:ee:69:3d:64:a6:68:d8:14:ac:e3:e0:17:
4f:b0:db:f3:f8:7f:80:13:ce:ec:16:cd:29:2f:3f:
1c:ff:b8:10:56:0e:87:52:5d:96:fd:ce:36:24:c5:
70:38:7b:5f:d1:17:8c:8f:d9:ac:41:3e:a8:96:ec:
d7:cd:b9:4d:2e:01:7b:91:10:84:e8:0e:80:d2:cb:
4c:6e:50:bc:fa:b1:e7:4a:d8:89:bb:2b:62:97:a9:
d6:99:1f:f4:3f:0c:c3:70:7d:85:35:71:38:39:4f:
9f:48:d2:05:36:5b:8e:8d:e9:3c:9f:93:06:48:8c:
b1:32:b0:38:42:53:03:27:2d:6c:2b:05:c6:5f:cb:
13:bb:77:83:1c:8f:7f:23:03:38:e4:f8:d7:78:bf:
04:d4:50:f6:35:4d:c5:44:1d:b2:0d:17:08:01:47:
97:e7:8e:7b:1c:dc:ff:b6:07:dc:fd:38:7d:7c:53:
43:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:CF:36:F7:05:B6:A8:58:E1:01:78:41:EF:46:BB:38:D4:BA:D7:FC
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/eM829wW2qFjhAXhB70a7ONS61_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.251.0/24
5.144.176.0/24
5.178.104.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:45:31:4c:fa:13:3d:5f:3b:3c:0b:71:80:b6:a8:e3:e5:ed:
7a:ac:ee:8b:25:ce:4c:b4:25:de:0c:77:76:1c:46:eb:0c:a4:
09:cd:2e:d3:77:ac:2c:9e:84:ad:06:0b:0b:d2:1b:78:c3:0b:
ac:d0:91:4c:13:ed:b0:dd:71:c6:20:99:3c:bc:39:18:fe:15:
f7:f2:06:51:d4:2c:f2:ee:14:6f:bc:07:e6:50:1f:98:fc:17:
88:50:7d:ab:ef:c0:6c:97:97:77:df:c0:19:73:75:66:ce:cb:
eb:80:c3:cd:1a:55:c9:10:74:1b:e9:4d:90:03:27:5d:c6:48:
7c:04:2c:c0:84:02:3b:0b:58:6c:55:e2:88:b7:28:4d:f0:2a:
7d:40:30:ff:8d:a4:33:1f:80:4d:ef:e8:24:52:58:89:d8:9c:
3c:19:49:b7:c7:dc:22:c4:f8:8f:04:d0:d3:b0:69:2d:23:64:
b9:74:17:94:ba:17:93:73:dc:4c:1f:2e:9d:42:6f:11:12:9f:
5c:07:cd:0d:bb:56:b1:14:5a:62:34:94:6b:f7:8f:94:5a:70:
4a:14:db:97:58:70:6e:49:70:9c:f1:f3:20:f7:e4:33:70:f8:
19:a0:34:d0:f9:3f:4c:c7:86:d7:5e:1b:f3:a2:9c:2a:39:09:
21:d3:c0:da
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6JvY5DYHlRtTPyRTE7svu/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQwMzI5MTAyNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGNmMzZmNzA1YjZhODU4ZTEwMTc4NDFlZjQ2YmIzOGQ0YmFkN2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtC7XiOWSiI1tzLJzFWV0xzQGtbi
Ern+qn95EuYFeUfu1FhBE1HXwRM0TLgaG+E7OFq5sejVfpFxibAWJJzwwnZOdVMS
sRCmjN/h0ozuaT1kpmjYFKzj4BdPsNvz+H+AE87sFs0pLz8c/7gQVg6HUl2W/c42
JMVwOHtf0ReMj9msQT6oluzXzblNLgF7kRCE6A6A0stMblC8+rHnStiJuytil6nW
mR/0PwzDcH2FNXE4OU+fSNIFNluOjek8n5MGSIyxMrA4QlMDJy1sKwXGX8sTu3eD
HI9/IwM45PjXeL8E1FD2NU3FRB2yDRcIAUeX5457HNz/tgfc/Th9fFNDuQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHjPNvcFtqhY4QF4Qe9GuzjUutf8MB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvZU04Mjl3VzJxRmpoQVhoQjcwYTdPTlM2MV93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABSf7AwQA
BZCwAwQABbJoMA0GCSqGSIb3DQEBCwUAA4IBAQAtRTFM+hM9Xzs8C3GAtqjj5e16
rO6LJc5MtCXeDHd2HEbrDKQJzS7Td6wsnoStBgsL0ht4wwus0JFME+2w3XHGIJk8
vDkY/hX38gZR1Czy7hRvvAfmUB+Y/BeIUH2r78Bsl5d338AZc3VmzsvrgMPNGlXJ
EHQb6U2QAyddxkh8BCzAhAI7C1hsVeKItyhN8Cp9QDD/jaQzH4BN7+gkUliJ2Jw8
GUm3x9wixPiPBNDTsGktI2S5dBeUuheTc9xMHy6dQm8REp9cB80Nu1axFFpiNJRr
94+UWnBKFNuXWHBuSXCc8fMg9+QzcPgZoDTQ+T9Mx4bXXhvzopwqOQkh08Da
-----END CERTIFICATE-----
Generated at Fri May 10 22:18:23 2024 by rpki-client on console-ams.rpki-client.org