Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/NO20_Djf5hzYIJnUVSitqQVIb2I.roa
File: NO20_Djf5hzYIJnUVSitqQVIb2I.roa (raw, json)
Hash identifier: xYJPc6Bgv+nchZYr6l1q4aQsQvAt0xyHFCFvanH+MXw=
Subject key identifier: 34:ED:B4:FC:38:DF:E6:1C:D8:20:99:D4:55:28:AD:A9:05:48:6F:62
Certificate issuer: /CN=6665dd97665a23b1b183e223822b66b5ae536a2f
Certificate serial: 01856D53DD1594593EA7EF6E1063FBB98BE5
Authority key identifier: 66:65:DD:97:66:5A:23:B1:B1:83:E2:23:82:2B:66:B5:AE:53:6A:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZmXdl2ZaI7Gxg-Ijgitmta5Tai8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/NO20_Djf5hzYIJnUVSitqQVIb2I.roa
Signing time: Sun 01 Jan 2023 12:34:50 +0000
ROA not before: Sun 01 Jan 2023 12:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3170
IP address blocks: 5.198.138.0/24 maxlen: 24
5.198.139.0/24 maxlen: 24
5.198.137.0/24 maxlen: 24
5.198.141.0/24 maxlen: 24
188.92.139.0/24 maxlen: 24
188.92.138.0/24 maxlen: 24
83.137.212.0/24 maxlen: 24
83.137.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:dd:15:94:59:3e:a7:ef:6e:10:63:fb:b9:8b:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6665dd97665a23b1b183e223822b66b5ae536a2f
Validity
Not Before: Jan 1 12:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34edb4fc38dfe61cd82099d45528ada905486f62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:47:8b:43:81:8e:02:a9:c8:16:9c:64:af:13:
28:5d:15:7b:31:30:5e:4c:2f:1c:67:00:2d:2e:4d:
66:14:ba:0d:89:35:de:19:44:bf:14:7e:e5:ee:66:
6d:bb:31:0c:b5:da:95:c0:15:84:8e:14:e4:ae:82:
61:fc:c7:38:d1:73:bd:63:b3:10:2a:a8:95:d3:d4:
5e:c5:c8:68:45:0a:ed:07:55:90:d7:72:a6:82:26:
f1:fb:c8:63:37:99:80:11:c3:ed:a4:b2:3a:ce:0f:
b3:a9:73:08:d6:d6:78:f8:db:57:60:98:c4:84:74:
e5:be:1b:85:77:3a:02:89:9d:54:59:aa:92:c3:74:
25:8e:3f:8a:ab:a4:cf:26:ac:66:a2:52:c5:85:75:
86:76:e5:47:a2:fd:53:df:e3:7e:ea:f1:d8:72:3a:
50:b6:03:b1:f6:fe:d4:f9:b6:f8:de:e1:d0:aa:53:
85:d5:02:9b:bb:ce:7f:71:7a:e3:40:02:a2:4e:a9:
d6:64:57:6f:aa:dd:53:8a:3d:b8:c6:05:83:c6:fa:
53:4d:76:e5:41:92:b8:dd:55:0a:df:06:2a:85:ad:
2e:37:e8:ca:d8:fe:a0:f5:e2:e4:b5:9f:e8:e5:d8:
89:ce:19:8e:a8:01:a7:dc:f4:b5:5a:41:01:5b:bd:
d8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:ED:B4:FC:38:DF:E6:1C:D8:20:99:D4:55:28:AD:A9:05:48:6F:62
X509v3 Authority Key Identifier:
keyid:66:65:DD:97:66:5A:23:B1:B1:83:E2:23:82:2B:66:B5:AE:53:6A:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZmXdl2ZaI7Gxg-Ijgitmta5Tai8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/NO20_Djf5hzYIJnUVSitqQVIb2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/ZmXdl2ZaI7Gxg-Ijgitmta5Tai8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.198.137.0-5.198.139.255
5.198.141.0/24
83.137.211.0-83.137.212.255
188.92.138.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:62:c0:44:59:9f:e9:f6:23:0f:96:8a:b2:3e:e4:d1:fc:36:
45:4f:4e:32:5e:97:9c:54:21:f1:56:96:59:41:0f:65:8d:3c:
b7:68:38:65:11:b6:d6:a0:fb:42:a6:d5:f7:3f:23:74:f9:e2:
2a:05:30:f9:a2:75:4c:0a:09:07:84:25:91:72:cd:a4:ef:70:
96:65:75:e4:98:10:69:da:a7:aa:5e:71:19:ae:b4:79:a9:f1:
84:db:aa:ef:25:47:f0:c5:d9:d9:3a:9e:75:20:c2:47:33:16:
f5:07:45:26:44:7b:9f:35:08:7b:98:c4:cd:28:ae:6a:70:c4:
31:19:0e:e2:a6:2f:cf:bb:71:ed:2f:6f:74:bc:b5:8d:6a:bb:
f2:0e:9e:97:4d:72:ae:3d:8d:3d:6a:dc:2f:37:f6:c3:77:0b:
d9:1f:fe:80:59:6c:f1:e4:dc:52:2a:d5:d0:0d:66:5f:05:cb:
b3:7e:c5:1c:9a:35:9c:12:dc:97:1a:c0:cc:d6:e7:e1:3c:a6:
4c:a1:7a:58:fc:b6:a5:47:32:04:6c:20:c3:c7:b5:b8:65:3a:
de:2d:aa:75:18:9c:8c:b2:31:51:01:dc:f1:04:94:5e:10:9e:
63:03:8a:c3:ae:27:70:5d:76:8d:9e:c8:64:a1:01:00:9d:05:
ea:87:e0:a1
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVtU90VlFk+p+9uEGP7uYvlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NjVkZDk3NjY1YTIzYjFiMTgzZTIyMzgyMmI2NmI1YWU1
MzZhMmYwHhcNMjMwMTAxMTIzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGVkYjRmYzM4ZGZlNjFjZDgyMDk5ZDQ1NTI4YWRhOTA1NDg2ZjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkeLQ4GOAqnIFpxkrxMoXRV7MTBe
TC8cZwAtLk1mFLoNiTXeGUS/FH7l7mZtuzEMtdqVwBWEjhTkroJh/Mc40XO9Y7MQ
KqiV09RexchoRQrtB1WQ13Kmgibx+8hjN5mAEcPtpLI6zg+zqXMI1tZ4+NtXYJjE
hHTlvhuFdzoCiZ1UWaqSw3Qljj+Kq6TPJqxmolLFhXWGduVHov1T3+N+6vHYcjpQ
tgOx9v7U+bb43uHQqlOF1QKbu85/cXrjQAKiTqnWZFdvqt1Tij24xgWDxvpTTXbl
QZK43VUK3wYqha0uN+jK2P6g9eLktZ/o5diJzhmOqAGn3PS1WkEBW73YIwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDTttPw43+Yc2CCZ1FUorakFSG9iMB8GA1UdIwQY
MBaAFGZl3ZdmWiOxsYPiI4IrZrWuU2ovMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm1YZGwyWmFJN0d4Zy1JamdpdG10YTVUYWk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8zMTI1MjktNzNmNi00ODA5LWFmOWIt
ZThkNzA3MTdmZjhhLzEvTk8yMF9EamY1aHpZSUpuVVZTaXRxUVZJYjJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8zMTI1MjktNzNmNi00ODA5LWFmOWItZThkNzA3MTdmZjhh
LzEvWm1YZGwyWmFJN0d4Zy1JamdpdG10YTVUYWk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAAFxokD
BAIFxogDBAAFxo0wDAMEAFOJ0wMEAFOJ1AMEAbxcijANBgkqhkiG9w0BAQsFAAOC
AQEAK2LARFmf6fYjD5aKsj7k0fw2RU9OMl6XnFQh8VaWWUEPZY08t2g4ZRG21qD7
QqbV9z8jdPniKgUw+aJ1TAoJB4QlkXLNpO9wlmV15JgQadqnql5xGa60eanxhNuq
7yVH8MXZ2TqedSDCRzMW9QdFJkR7nzUIe5jEzSiuanDEMRkO4qYvz7tx7S9vdLy1
jWq78g6el01yrj2NPWrcLzf2w3cL2R/+gFls8eTcUirV0A1mXwXLs37FHJo1nBLc
lxrAzNbn4TymTKF6WPy2pUcyBGwgw8e1uGU63i2qdRicjLIxUQHc8QSUXhCeYwOK
w64ncF12jZ7IZKEBAJ0F6ofgoQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:59 2024 by rpki-client on console-ams.rpki-client.org