Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/18_qciMkjLHSpIGTBEEMq-lGTgw.roa
File: 18_qciMkjLHSpIGTBEEMq-lGTgw.roa (raw, json)
Hash identifier: H5ChPELyP55Y/u+UDojRwYUvVLXhiCVGXXzFKmD3TAk=
Subject key identifier: D7:CF:EA:72:23:24:8C:B1:D2:A4:81:93:04:41:0C:AB:E9:46:4E:0C
Certificate issuer: /CN=5d86c47da6d9079347b60f04ed5c5557fe983eb8
Certificate serial: 0191C7934306872717F1F18D9513E1878730
Authority key identifier: 5D:86:C4:7D:A6:D9:07:93:47:B6:0F:04:ED:5C:55:57:FE:98:3E:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYbEfabZB5NHtg8E7VxVV_6YPrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/18_qciMkjLHSpIGTBEEMq-lGTgw.roa
Signing time: Fri 06 Sep 2024 13:43:22 +0000
ROA not before: Fri 06 Sep 2024 13:43:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39011
IP address blocks: 5.253.188.0/24 maxlen: 24
5.253.190.0/24 maxlen: 24
5.253.191.0/24 maxlen: 24
194.102.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Sep 2024 12:42:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c7:93:43:06:87:27:17:f1:f1:8d:95:13:e1:87:87:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d86c47da6d9079347b60f04ed5c5557fe983eb8
Validity
Not Before: Sep 6 13:43:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7cfea7223248cb1d2a4819304410cabe9464e0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a6:8b:21:04:eb:5f:1d:1a:5b:9d:b4:38:de:
49:56:1f:3f:19:49:ba:c9:20:f4:75:95:9d:8e:3a:
17:4c:b9:9b:72:72:a3:35:a0:03:ed:e8:d1:7d:3a:
b9:c1:cf:b4:60:ee:e3:fe:f0:ee:bb:50:4b:d6:ca:
1d:5a:7f:43:e4:a7:71:2a:b8:10:40:4f:41:b7:70:
47:6d:9d:a1:ba:d6:24:d1:cc:3e:fa:4e:48:66:b9:
be:d0:e6:68:8b:bf:77:c9:2a:82:70:bc:b7:2e:0c:
cd:37:7d:3d:cc:52:69:4b:ff:2b:08:ba:65:39:43:
06:80:35:2e:94:79:bb:05:99:2c:ae:0c:33:47:55:
65:8f:45:23:f0:5b:7d:f4:3b:13:1f:7b:66:3c:f8:
bd:78:ce:98:d6:ca:23:c7:64:87:52:54:39:20:f6:
03:bc:40:ef:0a:b1:80:58:38:57:d5:0f:99:17:c6:
af:40:9f:48:72:1b:3e:96:4a:4a:66:47:e2:01:28:
aa:ac:5b:7e:2a:9b:34:dc:52:43:72:fa:ad:00:f1:
54:e1:11:37:5d:18:14:a7:47:a2:d1:84:85:66:e1:
cd:cb:5a:63:d1:44:73:ca:a3:13:e2:0f:01:a3:74:
98:9e:f7:59:0a:30:c7:cf:a5:6a:43:e1:3e:68:8c:
fb:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:CF:EA:72:23:24:8C:B1:D2:A4:81:93:04:41:0C:AB:E9:46:4E:0C
X509v3 Authority Key Identifier:
keyid:5D:86:C4:7D:A6:D9:07:93:47:B6:0F:04:ED:5C:55:57:FE:98:3E:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYbEfabZB5NHtg8E7VxVV_6YPrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/18_qciMkjLHSpIGTBEEMq-lGTgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/XYbEfabZB5NHtg8E7VxVV_6YPrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.188.0/24
5.253.190.0/23
194.102.204.0/24
Signature Algorithm: sha256WithRSAEncryption
31:24:b4:0d:42:5a:81:8b:78:78:79:51:3f:c9:00:16:e9:1f:
8e:b5:c9:82:24:e4:22:fb:aa:a9:c1:cf:80:ea:8b:8f:85:91:
cb:9d:ac:8e:83:64:ee:5c:d3:e2:57:07:1e:0d:71:33:b6:65:
af:9f:c2:e3:fc:ed:b3:75:a5:fe:0f:03:b9:0b:e1:ee:1e:1b:
8a:e3:2f:d4:00:61:3d:84:39:24:09:be:be:88:46:ce:d5:73:
fd:bc:42:6c:c5:d0:d6:78:63:68:f0:7f:eb:2d:d9:6b:e8:d1:
77:52:20:a1:9c:47:f9:f5:83:77:29:a3:2b:f9:b9:4f:cf:f0:
f0:33:e6:3a:02:26:d1:1c:63:61:3e:0e:04:57:01:61:60:6a:
63:e8:05:66:0f:69:74:69:61:7f:5b:4e:68:6e:35:f4:8c:4a:
43:f9:80:04:7b:12:01:4a:d1:ec:43:11:df:b6:62:8f:94:4c:
6e:91:5a:bd:c2:23:ce:79:b8:30:0b:d0:77:2c:f1:89:9e:8d:
5c:cf:0d:96:14:fd:05:ad:ba:ba:cd:3c:2c:d4:4f:b9:8e:a1:
8e:51:53:b1:06:25:c8:0a:e2:1a:fc:67:42:43:91:9f:d9:28:
f6:55:34:77:f2:c3:c7:ea:bd:ad:ac:6d:9c:f1:e3:18:c3:ce:
14:19:46:02
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZHHk0MGhycX8fGNlRPhh4cwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkODZjNDdkYTZkOTA3OTM0N2I2MGYwNGVkNWM1NTU3ZmU5
ODNlYjgwHhcNMjQwOTA2MTM0MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2NmZWE3MjIzMjQ4Y2IxZDJhNDgxOTMwNDQxMGNhYmU5NDY0ZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKaLIQTrXx0aW520ON5JVh8/GUm6
ySD0dZWdjjoXTLmbcnKjNaAD7ejRfTq5wc+0YO7j/vDuu1BL1sodWn9D5KdxKrgQ
QE9Bt3BHbZ2hutYk0cw++k5IZrm+0OZoi793ySqCcLy3LgzNN309zFJpS/8rCLpl
OUMGgDUulHm7BZksrgwzR1Vlj0Uj8Ft99DsTH3tmPPi9eM6Y1sojx2SHUlQ5IPYD
vEDvCrGAWDhX1Q+ZF8avQJ9Ichs+lkpKZkfiASiqrFt+Kps03FJDcvqtAPFU4RE3
XRgUp0ei0YSFZuHNy1pj0URzyqMT4g8Bo3SYnvdZCjDHz6VqQ+E+aIz7nwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNfP6nIjJIyx0qSBkwRBDKvpRk4MMB8GA1UdIwQY
MBaAFF2GxH2m2QeTR7YPBO1cVVf+mD64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFliRWZhYlpCNU5IdGc4RTdWeFZWXzZZUHJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9kZjY2YTAtYzk1OC00ZTVjLWE2ZGYt
ZmM2MzI4NDFiYTNlLzEvMThfcWNpTWtqTEhTcElHVEJFRU1xLWxHVGd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9kZjY2YTAtYzk1OC00ZTVjLWE2ZGYtZmM2MzI4NDFiYTNl
LzEvWFliRWZhYlpCNU5IdGc4RTdWeFZWXzZZUHJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABf28AwQB
Bf2+AwQAwmbMMA0GCSqGSIb3DQEBCwUAA4IBAQAxJLQNQlqBi3h4eVE/yQAW6R+O
tcmCJOQi+6qpwc+A6ouPhZHLnayOg2TuXNPiVwceDXEztmWvn8Lj/O2zdaX+DwO5
C+HuHhuK4y/UAGE9hDkkCb6+iEbO1XP9vEJsxdDWeGNo8H/rLdlr6NF3UiChnEf5
9YN3KaMr+blPz/DwM+Y6AibRHGNhPg4EVwFhYGpj6AVmD2l0aWF/W05objX0jEpD
+YAEexIBStHsQxHftmKPlExukVq9wiPOebgwC9B3LPGJno1czw2WFP0Frbq6zTws
1E+5jqGOUVOxBiXICuIa/GdCQ5Gf2Sj2VTR38sPH6r2trG2c8eMYw84UGUYC
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:19 2025 by rpki-client