Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/54bb50-01be-4ec6-9418-eee7fae5c037/1/dndX_P3Nf2wZ3JlctvIludDdG-c.roa
File: dndX_P3Nf2wZ3JlctvIludDdG-c.roa (raw, json)
Hash identifier: 6Wn1x+8Id5zGpleNwqYXaZsCGXivHKxukcIiAN0K/SQ=
Subject key identifier: 76:77:57:FC:FD:CD:7F:6C:19:DC:99:5C:B6:F2:25:B9:D0:DD:1B:E7
Certificate issuer: /CN=828672cd736b57e1e3dfc7dd736f3bd8a616ba81
Certificate serial: 018CC5DCDC5EF09581D61823CFBA86A3573D
Authority key identifier: 82:86:72:CD:73:6B:57:E1:E3:DF:C7:DD:73:6F:3B:D8:A6:16:BA:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/goZyzXNrV-Hj38fdc2872KYWuoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/54bb50-01be-4ec6-9418-eee7fae5c037/1/dndX_P3Nf2wZ3JlctvIludDdG-c.roa
Signing time: Mon 01 Jan 2024 16:30:35 +0000
ROA not before: Mon 01 Jan 2024 16:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56561
IP address blocks: 5.39.206.0/24 maxlen: 24
5.39.204.0/22 maxlen: 22
5.39.204.0/23 maxlen: 23
5.39.204.0/24 maxlen: 24
5.39.206.0/23 maxlen: 23
5.39.205.0/24 maxlen: 24
5.39.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:dc:5e:f0:95:81:d6:18:23:cf:ba:86:a3:57:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=828672cd736b57e1e3dfc7dd736f3bd8a616ba81
Validity
Not Before: Jan 1 16:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=767757fcfdcd7f6c19dc995cb6f225b9d0dd1be7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:95:cb:b2:8d:98:2e:b8:b6:00:af:3f:6f:c2:
a1:66:f9:9c:a4:83:a1:82:62:99:70:92:7f:e9:94:
ff:30:d5:ce:da:03:26:43:60:d3:b0:f1:fb:35:be:
a7:e3:5b:1d:8c:ec:ef:74:21:a4:83:48:ea:83:18:
85:2b:24:01:2e:10:8e:5a:ea:ab:a9:9a:5f:8d:01:
23:91:c6:52:c8:60:95:d1:1b:de:9e:c4:87:cc:97:
bd:0c:7f:08:5f:45:e9:49:b2:c6:c0:93:d2:d6:ce:
7e:90:86:dc:5b:96:92:54:8a:68:ba:2a:bc:81:96:
c7:b8:1f:26:d0:6b:17:8d:f4:45:5a:2b:4a:6b:d9:
dc:4a:9f:d2:48:c3:aa:03:6b:90:d1:2a:90:08:05:
29:19:2d:9d:88:f5:f4:82:48:52:c1:29:03:7b:c5:
c2:c9:98:e1:c8:d0:31:3a:11:26:e4:2e:02:df:6f:
7a:a9:cc:06:9f:7d:6b:17:b2:93:98:79:c2:42:87:
62:c8:1e:e3:a2:dd:6a:10:fa:2b:48:62:ca:45:51:
a0:f9:76:86:91:89:6c:a4:54:69:f7:e9:d8:7c:80:
ff:2c:92:d7:5b:06:d1:41:7d:b9:3e:09:3b:31:b9:
a7:83:2b:90:1f:2a:23:8b:cd:cc:50:83:ca:2d:93:
88:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:77:57:FC:FD:CD:7F:6C:19:DC:99:5C:B6:F2:25:B9:D0:DD:1B:E7
X509v3 Authority Key Identifier:
keyid:82:86:72:CD:73:6B:57:E1:E3:DF:C7:DD:73:6F:3B:D8:A6:16:BA:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/goZyzXNrV-Hj38fdc2872KYWuoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/54bb50-01be-4ec6-9418-eee7fae5c037/1/dndX_P3Nf2wZ3JlctvIludDdG-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/54bb50-01be-4ec6-9418-eee7fae5c037/1/goZyzXNrV-Hj38fdc2872KYWuoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.204.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:75:1b:24:1a:77:17:04:8a:3e:e9:19:73:6c:ca:2c:00:4d:
71:e6:99:40:a8:67:94:ae:7f:2b:9a:03:61:72:dd:ed:a9:ed:
18:f3:91:c6:f2:76:26:e8:15:43:3d:fc:ac:84:b2:30:7f:06:
6d:b9:d4:4e:92:0e:55:25:c6:b4:f9:9a:26:cf:dd:97:ec:51:
b7:97:4a:a6:9a:43:6e:6a:7e:6a:0b:b4:6b:cc:bc:92:bd:74:
1e:bf:c7:f8:d4:ea:df:3f:66:cb:60:8c:bd:7d:49:2c:cc:21:
5b:f0:76:2f:9b:7b:74:94:db:76:b0:9f:8f:eb:c1:f1:14:e4:
a2:a4:87:e4:bb:d9:49:84:e6:d4:0e:66:18:58:1a:94:a7:d7:
a2:7d:a9:44:2b:19:bd:33:c6:7d:e8:e0:77:19:a8:a7:83:13:
5e:d2:f5:fb:e0:a2:c7:32:38:6e:6e:b4:a0:52:bd:7d:d9:b3:
9d:52:93:a9:98:23:d8:17:8f:dd:8a:24:57:ee:b2:d8:c2:ce:
2b:76:c4:2f:96:a7:01:46:30:f0:a9:d2:ec:38:ca:92:b0:0f:
a0:6c:24:13:75:9f:83:31:a8:0d:04:76:7a:f6:fd:f4:85:d4:
f4:e1:ab:f1:d3:2b:9b:0c:58:30:ce:69:c4:48:9e:b0:37:5e:
4a:f0:69:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3Nxe8JWB1hgjz7qGo1c9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyODY3MmNkNzM2YjU3ZTFlM2RmYzdkZDczNmYzYmQ4YTYx
NmJhODEwHhcNMjQwMTAxMTYzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Njc3NTdmY2ZkY2Q3ZjZjMTlkYzk5NWNiNmYyMjViOWQwZGQxYmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZXLso2YLri2AK8/b8KhZvmcpIOh
gmKZcJJ/6ZT/MNXO2gMmQ2DTsPH7Nb6n41sdjOzvdCGkg0jqgxiFKyQBLhCOWuqr
qZpfjQEjkcZSyGCV0RvensSHzJe9DH8IX0XpSbLGwJPS1s5+kIbcW5aSVIpouiq8
gZbHuB8m0GsXjfRFWitKa9ncSp/SSMOqA2uQ0SqQCAUpGS2diPX0gkhSwSkDe8XC
yZjhyNAxOhEm5C4C3296qcwGn31rF7KTmHnCQodiyB7jot1qEPorSGLKRVGg+XaG
kYlspFRp9+nYfID/LJLXWwbRQX25Pgk7MbmngyuQHyoji83MUIPKLZOIPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHZ3V/z9zX9sGdyZXLbyJbnQ3RvnMB8GA1UdIwQY
MBaAFIKGcs1za1fh49/H3XNvO9imFrqBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ29aeXpYTnJWLUhqMzhmZGMyODcyS1lXdW9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC81NGJiNTAtMDFiZS00ZWM2LTk0MTgt
ZWVlN2ZhZTVjMDM3LzEvZG5kWF9QM05mMndaM0psY3R2SWx1ZERkRy1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC81NGJiNTAtMDFiZS00ZWM2LTk0MTgtZWVlN2ZhZTVjMDM3
LzEvZ29aeXpYTnJWLUhqMzhmZGMyODcyS1lXdW9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBSfMMA0G
CSqGSIb3DQEBCwUAA4IBAQBbdRskGncXBIo+6RlzbMosAE1x5plAqGeUrn8rmgNh
ct3tqe0Y85HG8nYm6BVDPfyshLIwfwZtudROkg5VJca0+Zomz92X7FG3l0qmmkNu
an5qC7RrzLySvXQev8f41OrfP2bLYIy9fUkszCFb8HYvm3t0lNt2sJ+P68HxFOSi
pIfku9lJhObUDmYYWBqUp9eifalEKxm9M8Z96OB3GaingxNe0vX74KLHMjhubrSg
Ur192bOdUpOpmCPYF4/diiRX7rLYws4rdsQvlqcBRjDwqdLsOMqSsA+gbCQTdZ+D
MagNBHZ69v30hdT04avx0yubDFgwzmnESJ6wN15K8Glh
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:14 2025 by rpki-client