Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/5az9puWSPvK_DnTwR1138QNJKtc.roa
File: 5az9puWSPvK_DnTwR1138QNJKtc.roa (raw, json)
Hash identifier: P16UM9sFk0rBYrdk88OwKCd6TPAFDHC6v4WbLinC3Bg=
Subject key identifier: E5:AC:FD:A6:E5:92:3E:F2:BF:0E:74:F0:47:5D:77:F1:03:49:2A:D7
Certificate issuer: /CN=3ad734cf90c773428806b968209515b914831a9d
Certificate serial: 0192293B0E65BC9A40054A5D475D5DA8697C
Authority key identifier: 3A:D7:34:CF:90:C7:73:42:88:06:B9:68:20:95:15:B9:14:83:1A:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Otc0z5DHc0KIBrloIJUVuRSDGp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/5az9puWSPvK_DnTwR1138QNJKtc.roa
Signing time: Wed 25 Sep 2024 12:49:49 +0000
ROA not before: Wed 25 Sep 2024 12:49:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.191.21.0/24 maxlen: 24
188.95.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Sep 2024 06:11:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:29:3b:0e:65:bc:9a:40:05:4a:5d:47:5d:5d:a8:69:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ad734cf90c773428806b968209515b914831a9d
Validity
Not Before: Sep 25 12:49:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5acfda6e5923ef2bf0e74f0475d77f103492ad7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:97:48:79:5a:77:4a:70:cc:0b:b1:72:c3:a3:
60:e6:c7:45:74:c0:c3:23:90:11:5f:6c:da:2b:d6:
63:31:67:63:e5:7a:88:0d:ec:73:1d:7b:bb:80:d8:
3a:87:46:70:3c:d8:f7:c2:6c:fa:35:04:3f:fd:21:
bc:5a:e9:75:d3:2e:f1:b1:ac:b6:be:e7:b1:39:12:
54:7e:4b:db:24:29:4a:1b:06:4c:1d:e0:ae:a3:10:
45:5e:94:6f:45:e7:e4:85:f3:c7:1d:89:21:16:41:
77:cc:eb:64:d7:d7:98:1c:f7:a7:ae:a7:f8:f8:dd:
5d:d8:63:b1:12:91:24:63:9b:74:62:13:63:19:6d:
77:da:8e:8f:73:ec:8b:8a:c3:0c:4c:18:ed:de:25:
23:4e:83:f3:e8:41:a7:15:6f:28:35:1f:28:a3:f8:
54:db:98:5a:ba:b7:30:31:6d:b6:cd:50:f6:a1:1f:
58:0e:2d:d6:cb:cc:b3:ba:a4:4c:95:51:b3:bf:a1:
1b:ba:9e:97:a8:95:89:31:5f:39:b6:75:8c:f4:ba:
8d:d6:3d:55:5c:ed:18:9e:a5:83:04:6a:71:14:ea:
2e:8e:ce:45:35:b3:e7:87:7b:5a:a8:f5:2e:43:60:
c1:54:03:c0:eb:4e:40:ee:eb:d7:35:1d:6b:72:c6:
7b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:AC:FD:A6:E5:92:3E:F2:BF:0E:74:F0:47:5D:77:F1:03:49:2A:D7
X509v3 Authority Key Identifier:
keyid:3A:D7:34:CF:90:C7:73:42:88:06:B9:68:20:95:15:B9:14:83:1A:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Otc0z5DHc0KIBrloIJUVuRSDGp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/5az9puWSPvK_DnTwR1138QNJKtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/Otc0z5DHc0KIBrloIJUVuRSDGp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.21.0/24
188.95.69.0/24
Signature Algorithm: sha256WithRSAEncryption
04:ef:4e:c8:16:d2:0b:f8:d0:b1:0e:6c:fb:98:12:a0:46:3f:
58:25:6c:ef:f6:61:16:c8:1f:d2:73:66:69:48:cc:4a:54:61:
c0:a1:c0:42:12:3b:09:52:e7:fa:66:8a:06:d2:40:a7:a3:5f:
00:cc:9c:03:72:ff:b0:c9:26:f9:d1:f3:12:82:3f:a9:8e:07:
8e:68:7a:f1:38:d5:14:86:ea:04:9d:93:21:2b:e1:8d:c7:f8:
1f:03:0e:b9:07:b9:31:69:2c:e5:70:7c:8b:a9:86:44:d4:46:
db:de:25:ec:82:41:09:db:55:68:fa:35:22:c2:37:b5:31:db:
cc:8a:fe:e9:c5:03:6b:0f:2b:43:d4:c0:8f:81:2c:db:29:df:
5f:5a:ca:25:a3:ae:17:5c:03:22:a5:5d:4a:00:37:82:d3:c6:
54:21:c5:8b:aa:88:44:d0:2e:f4:82:56:ac:2f:da:2e:7d:62:
7f:f4:57:e2:bf:bd:7f:a1:cd:21:94:b4:fa:f7:f1:66:51:93:
38:56:e0:f7:8d:ad:07:07:36:65:a3:58:e3:f8:0f:89:d0:2f:
70:43:1a:4d:51:b6:ac:85:86:93:e3:3a:a2:69:b6:13:f8:0d:
1e:d9:54:3f:04:5a:ad:d2:5a:93:a1:2b:59:10:9c:56:e6:a3:
38:cc:69:b5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZIpOw5lvJpABUpdR11dqGl8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZDczNGNmOTBjNzczNDI4ODA2Yjk2ODIwOTUxNWI5MTQ4
MzFhOWQwHhcNMjQwOTI1MTI0OTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWFjZmRhNmU1OTIzZWYyYmYwZTc0ZjA0NzVkNzdmMTAzNDkyYWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpdIeVp3SnDMC7Fyw6Ng5sdFdMDD
I5ARX2zaK9ZjMWdj5XqIDexzHXu7gNg6h0ZwPNj3wmz6NQQ//SG8Wul10y7xsay2
vuexORJUfkvbJClKGwZMHeCuoxBFXpRvRefkhfPHHYkhFkF3zOtk19eYHPenrqf4
+N1d2GOxEpEkY5t0YhNjGW132o6Pc+yLisMMTBjt3iUjToPz6EGnFW8oNR8oo/hU
25haurcwMW22zVD2oR9YDi3Wy8yzuqRMlVGzv6Ebup6XqJWJMV85tnWM9LqN1j1V
XO0YnqWDBGpxFOoujs5FNbPnh3taqPUuQ2DBVAPA605A7uvXNR1rcsZ7BwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOWs/ablkj7yvw508Eddd/EDSSrXMB8GA1UdIwQY
MBaAFDrXNM+Qx3NCiAa5aCCVFbkUgxqdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3RjMHo1REhjMEtJQnJsb0lKVVZ1UlNER3AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lYmYzODEtMDBjOC00ODBkLWE2NmMt
NzZhMWQ0ZDgzMTk3LzEvNWF6OXB1V1NQdktfRG5Ud1IxMTM4UU5KS3RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lYmYzODEtMDBjOC00ODBkLWE2NmMtNzZhMWQ0ZDgzMTk3
LzEvT3RjMHo1REhjMEtJQnJsb0lKVVZ1UlNER3AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAub8VAwQA
vF9FMA0GCSqGSIb3DQEBCwUAA4IBAQAE707IFtIL+NCxDmz7mBKgRj9YJWzv9mEW
yB/Sc2ZpSMxKVGHAocBCEjsJUuf6ZooG0kCno18AzJwDcv+wySb50fMSgj+pjgeO
aHrxONUUhuoEnZMhK+GNx/gfAw65B7kxaSzlcHyLqYZE1Ebb3iXsgkEJ21Vo+jUi
wje1MdvMiv7pxQNrDytD1MCPgSzbKd9fWsolo64XXAMipV1KADeC08ZUIcWLqohE
0C70glasL9oufWJ/9Ffiv71/oc0hlLT69/FmUZM4VuD3ja0HBzZlo1jj+A+J0C9w
QxpNUbashYaT4zqiabYT+A0e2VQ/BFqt0lqToStZEJxW5qM4zGm1
-----END CERTIFICATE-----
Generated at Thu Sep 26 08:25:50 2024 by rpki-client on console-ams.rpki-client.org