Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/C5Rgvp4Y9VllM4DDlBsa-uLhBc0.roa
File: C5Rgvp4Y9VllM4DDlBsa-uLhBc0.roa (raw, json)
Hash identifier: BjEugH40MrVgWzL3WNMnZEZYwdghus6und5Dk5+kgeQ=
Subject key identifier: 0B:94:60:BE:9E:18:F5:59:65:33:80:C3:94:1B:1A:FA:E2:E1:05:CD
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01890250C7FD8DBD214BCD9258BB84E1FF4A
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/C5Rgvp4Y9VllM4DDlBsa-uLhBc0.roa
Signing time: Wed 28 Jun 2023 14:03:15 +0000
ROA not before: Wed 28 Jun 2023 14:03:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3561
IP address blocks: 77.36.112.0/21 maxlen: 24
77.36.124.0/22 maxlen: 22
93.120.96.0/22 maxlen: 22
46.151.36.0/22 maxlen: 24
91.237.44.0/22 maxlen: 24
194.33.102.0/23 maxlen: 24
194.33.100.0/23 maxlen: 24
194.33.100.0/22 maxlen: 24
81.161.4.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:02:50:c7:fd:8d:bd:21:4b:cd:92:58:bb:84:e1:ff:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jun 28 14:03:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b9460be9e18f559653380c3941b1afae2e105cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3b:9b:ac:ce:8d:72:56:59:67:57:ba:ff:81:
c4:f0:f8:9e:5f:b1:68:d1:4b:b2:90:3a:c3:63:e3:
2a:6c:26:9d:c9:14:80:b9:46:ef:ab:f6:ca:e2:e6:
93:16:db:a2:cc:f0:42:f9:0a:10:5a:7d:ef:7d:3c:
30:e7:bc:30:63:b7:95:12:9a:5d:e0:11:f0:9f:28:
63:24:25:62:54:02:78:ab:d2:2c:2d:dd:d2:ca:3c:
37:78:51:47:56:3f:54:48:bd:55:07:c2:d7:40:d4:
0d:52:0c:af:b4:c8:05:28:e7:c5:90:56:6a:f5:91:
1c:d4:6b:20:71:9b:3c:d7:fb:2c:ab:dc:14:d3:78:
8a:07:ff:0c:14:d6:df:6a:6d:2e:8c:f5:33:a4:17:
a5:50:c4:80:ea:b7:bc:3d:77:ec:47:b6:a4:78:80:
45:7f:96:ce:a6:6a:ff:f6:56:45:dc:5f:81:3f:10:
88:e0:86:b6:6d:5c:d6:7d:e0:fd:27:63:e6:ff:97:
a5:74:c9:a7:9e:31:40:e8:ac:2e:9e:f7:04:1a:bd:
85:53:98:ee:62:b6:92:f8:40:f0:b0:51:88:e3:da:
4d:32:1a:6b:5e:52:43:66:b2:e0:ad:2d:a9:a0:e7:
9a:bc:90:da:41:a5:f7:86:ab:b0:b2:46:c4:90:ad:
4c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:94:60:BE:9E:18:F5:59:65:33:80:C3:94:1B:1A:FA:E2:E1:05:CD
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/C5Rgvp4Y9VllM4DDlBsa-uLhBc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.151.36.0/22
77.36.112.0/21
77.36.124.0/22
81.161.4.0/22
91.237.44.0/22
93.120.96.0/22
194.33.100.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:ee:ee:d4:d8:07:82:62:37:d2:49:85:6b:0f:ef:79:1e:ab:
e4:76:5d:0b:f6:63:10:3e:1d:ab:14:7c:36:89:15:1b:ee:a7:
19:85:55:7e:8a:b5:d9:fb:c1:60:31:a2:d0:d6:56:74:ba:ef:
86:db:34:0d:54:82:ce:55:0e:46:c6:51:75:08:22:9f:e1:96:
da:34:53:50:93:bd:5b:54:d0:e9:57:22:6c:47:45:41:ec:c6:
22:9f:2a:2b:27:ad:a1:72:18:8c:7a:ad:2b:4a:36:dc:90:48:
14:33:b6:dc:80:96:c4:7d:27:f3:fd:4e:60:80:21:fb:c0:7c:
eb:fb:d6:e9:73:12:e9:6d:24:63:5f:2b:eb:af:4a:47:13:59:
68:a8:02:f0:38:00:64:4a:fc:a6:7d:21:73:e1:7d:30:65:55:
e9:ef:e9:77:7f:dd:da:b8:1d:e5:bd:98:77:a1:a9:e6:2f:02:
c5:3c:42:0f:94:d7:bb:03:ba:cc:d0:2f:01:66:e9:1b:74:c7:
71:15:29:1a:3f:a3:87:9c:45:9e:06:29:53:72:1f:06:5d:13:
10:cb:a7:c6:f3:d5:55:e7:fa:87:32:44:8a:ed:aa:8d:d7:f1:
d2:7f:e9:0e:c7:72:2f:de:17:be:b5:53:b3:17:a0:86:ae:21:
23:d9:d3:53
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYkCUMf9jb0hS82SWLuE4f9KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwNjI4MTQwMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjk0NjBiZTllMThmNTU5NjUzMzgwYzM5NDFiMWFmYWUyZTEwNWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDubrM6NclZZZ1e6/4HE8PieX7Fo
0UuykDrDY+MqbCadyRSAuUbvq/bK4uaTFtuizPBC+QoQWn3vfTww57wwY7eVEppd
4BHwnyhjJCViVAJ4q9IsLd3Syjw3eFFHVj9USL1VB8LXQNQNUgyvtMgFKOfFkFZq
9ZEc1GsgcZs81/ssq9wU03iKB/8MFNbfam0ujPUzpBelUMSA6re8PXfsR7akeIBF
f5bOpmr/9lZF3F+BPxCI4Ia2bVzWfeD9J2Pm/5eldMmnnjFA6KwunvcEGr2FU5ju
YraS+EDwsFGI49pNMhprXlJDZrLgrS2poOeavJDaQaX3hquwskbEkK1MnQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAuUYL6eGPVZZTOAw5QbGvri4QXNMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvQzVSZ3ZwNFk5VmxsTTRERGxCc2EtdUxoQmMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLpckAwQD
TSRwAwQCTSR8AwQCUaEEAwQCW+0sAwQCXXhgAwQCwiFkMA0GCSqGSIb3DQEBCwUA
A4IBAQCi7u7U2AeCYjfSSYVrD+95Hqvkdl0L9mMQPh2rFHw2iRUb7qcZhVV+irXZ
+8FgMaLQ1lZ0uu+G2zQNVILOVQ5GxlF1CCKf4ZbaNFNQk71bVNDpVyJsR0VB7MYi
nyorJ62hchiMeq0rSjbckEgUM7bcgJbEfSfz/U5ggCH7wHzr+9bpcxLpbSRjXyvr
r0pHE1loqALwOABkSvymfSFz4X0wZVXp7+l3f93auB3lvZh3oanmLwLFPEIPlNe7
A7rM0C8BZukbdMdxFSkaP6OHnEWeBilTch8GXRMQy6fG89VV5/qHMkSK7aqN1/HS
f+kOx3Iv3he+tVOzF6CGriEj2dNT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org