Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/g5Ra5AaSEYNMmZ1LWOXmP1DovHs.roa
File: g5Ra5AaSEYNMmZ1LWOXmP1DovHs.roa (raw, json)
Hash identifier: h7YPeWX7bA7TxJ/hroR10h7EKGKlWbOugmaxVg+52Y4=
Subject key identifier: 83:94:5A:E4:06:92:11:83:4C:99:9D:4B:58:E5:E6:3F:50:E8:BC:7B
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018CC94DB6A58C4B597D43693D7381A7BFFD
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/g5Ra5AaSEYNMmZ1LWOXmP1DovHs.roa
Signing time: Tue 02 Jan 2024 08:32:42 +0000
ROA not before: Tue 02 Jan 2024 08:32:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206757
IP address blocks: 78.136.68.0/24 maxlen: 24
5.154.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Mar 2024 08:14:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:b6:a5:8c:4b:59:7d:43:69:3d:73:81:a7:bf:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 08:32:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83945ae4069211834c999d4b58e5e63f50e8bc7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:28:77:15:1f:7e:36:b3:ad:ae:68:12:78:59:
55:fc:25:33:40:dc:b0:d5:16:03:09:a1:f4:ab:4d:
d4:cc:6e:6f:5e:90:18:bc:99:c5:e5:b4:3d:52:f8:
65:09:63:d9:21:89:c1:6a:e8:35:4f:5b:be:05:8c:
c0:76:c1:b9:b4:c5:2f:9c:7f:83:4c:36:32:3c:f2:
53:d8:e8:24:68:77:72:d4:17:4c:97:2b:66:57:d3:
3b:1d:70:67:44:67:e2:e6:82:f0:ca:24:3d:0f:62:
16:7a:29:aa:be:bf:c7:e1:c5:df:47:0c:7e:31:73:
ba:1a:9c:00:ce:6a:31:07:84:93:f4:d7:64:96:85:
07:50:56:25:eb:f0:eb:27:8b:36:62:a1:fa:3a:bd:
5d:5d:86:cb:72:28:c0:9a:ff:03:50:5e:9a:86:e8:
8e:d6:1b:51:96:3e:fe:95:c0:61:a1:9a:b3:cf:4e:
bf:94:e7:8b:f8:d7:f6:06:d8:42:d3:3d:60:55:c8:
bd:99:8f:b3:c1:6b:39:4f:28:fc:0b:a5:43:2d:a8:
b0:02:36:0d:d7:09:7a:c7:74:cd:9f:8c:97:32:ae:
0f:00:49:4d:19:f5:96:d8:1b:a2:be:be:6a:4a:ad:
2e:b0:8b:e7:e5:3c:0d:86:df:04:28:8e:58:49:5d:
ae:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:94:5A:E4:06:92:11:83:4C:99:9D:4B:58:E5:E6:3F:50:E8:BC:7B
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/g5Ra5AaSEYNMmZ1LWOXmP1DovHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.37.0/24
78.136.68.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:09:34:13:d0:98:3f:d3:c8:22:a1:2e:c2:e6:a3:a8:81:0f:
73:83:63:17:b7:8c:61:de:e9:d3:ae:b0:71:07:ca:78:d0:77:
dd:ba:fa:66:51:f6:23:11:61:26:a9:95:95:b8:bd:b8:92:6e:
b4:e1:ea:1a:b4:e0:08:f1:f2:84:cc:04:b9:05:6a:90:85:6b:
11:d4:77:48:b3:43:ad:76:b2:58:6f:34:c1:0f:9e:fa:4a:b0:
8d:37:ef:e8:4e:9b:1f:1f:fa:db:b0:b1:8b:6b:3c:bc:40:40:
38:f7:8b:f7:d7:9e:82:2f:a7:5c:21:4d:30:ad:6b:52:d4:7b:
84:d0:bb:38:87:ae:94:eb:f7:b4:4d:33:2a:b7:3c:05:44:ca:
9f:c0:1c:6d:13:22:b8:13:27:eb:18:8a:75:83:54:48:5e:a5:
45:99:dd:cd:b3:3b:8b:8d:28:15:ef:00:df:3b:a8:67:4a:fa:
e6:ad:fd:6b:01:fa:b4:84:96:0d:04:fe:c8:67:cb:2b:f7:e4:
e1:2c:c5:6e:63:4f:b7:c5:e7:17:2a:7f:5c:2b:f3:ba:38:ac:
89:83:92:a5:fd:19:d1:f5:1e:69:6c:c4:ad:ed:cc:29:97:f5:
b4:67:2e:e1:2b:88:74:49:d1:03:1c:38:d9:36:e4:5c:f8:91:
a0:93:6c:a4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTbaljEtZfUNpPXOBp7/9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjQwMTAyMDgzMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mzk0NWFlNDA2OTIxMTgzNGM5OTlkNGI1OGU1ZTYzZjUwZThiYzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ih3FR9+NrOtrmgSeFlV/CUzQNyw
1RYDCaH0q03UzG5vXpAYvJnF5bQ9UvhlCWPZIYnBaug1T1u+BYzAdsG5tMUvnH+D
TDYyPPJT2OgkaHdy1BdMlytmV9M7HXBnRGfi5oLwyiQ9D2IWeimqvr/H4cXfRwx+
MXO6GpwAzmoxB4ST9NdkloUHUFYl6/DrJ4s2YqH6Or1dXYbLcijAmv8DUF6ahuiO
1htRlj7+lcBhoZqzz06/lOeL+Nf2BthC0z1gVci9mY+zwWs5Tyj8C6VDLaiwAjYN
1wl6x3TNn4yXMq4PAElNGfWW2Buivr5qSq0usIvn5TwNht8EKI5YSV2uPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIOUWuQGkhGDTJmdS1jl5j9Q6Lx7MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvZzVSYTVBYVNFWU5NbVoxTFdPWG1QMURvdkhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABZolAwQA
TohEMA0GCSqGSIb3DQEBCwUAA4IBAQDICTQT0Jg/08gioS7C5qOogQ9zg2MXt4xh
3unTrrBxB8p40HfduvpmUfYjEWEmqZWVuL24km604eoatOAI8fKEzAS5BWqQhWsR
1HdIs0OtdrJYbzTBD576SrCNN+/oTpsfH/rbsLGLazy8QEA494v3156CL6dcIU0w
rWtS1HuE0Ls4h66U6/e0TTMqtzwFRMqfwBxtEyK4EyfrGIp1g1RIXqVFmd3NszuL
jSgV7wDfO6hnSvrmrf1rAfq0hJYNBP7IZ8sr9+ThLMVuY0+3xecXKn9cK/O6OKyJ
g5Kl/RnR9R5pbMSt7cwpl/W0Zy7hK4h0SdEDHDjZNuRc+JGgk2yk
-----END CERTIFICATE-----
Generated at Tue Mar 5 12:43:29 2024 by rpki-client on console-fra.rpki-client.org