Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/iRhz1pqRJ2OMZFvuMP0SdYvDiH0.roa
File: iRhz1pqRJ2OMZFvuMP0SdYvDiH0.roa (raw, json)
Hash identifier: JNKIaIE/qI1p1L5QZkSa4oaqbBHmEnWAg7H11jLthRM=
Subject key identifier: 89:18:73:D6:9A:91:27:63:8C:64:5B:EE:30:FD:12:75:8B:C3:88:7D
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 01916D99828B1A5001B2743607608663E510
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/iRhz1pqRJ2OMZFvuMP0SdYvDiH0.roa
Signing time: Tue 20 Aug 2024 02:24:22 +0000
ROA not before: Tue 20 Aug 2024 02:24:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49556
IP address blocks: 5.159.49.0/24 maxlen: 24
5.159.54.0/24 maxlen: 24
45.94.213.0/24 maxlen: 24
45.94.214.0/24 maxlen: 24
45.94.215.0/24 maxlen: 24
89.44.240.0/24 maxlen: 24
89.44.241.0/24 maxlen: 24
185.239.0.0/24 maxlen: 24
185.239.2.0/24 maxlen: 24
188.212.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Oct 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6d:99:82:8b:1a:50:01:b2:74:36:07:60:86:63:e5:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Aug 20 02:24:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=891873d69a9127638c645bee30fd12758bc3887d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:40:44:cf:88:b1:73:de:c5:c1:a2:78:97:a1:
d3:d3:0f:c9:e7:68:f1:aa:3c:87:ea:79:83:34:8a:
12:66:9f:e1:af:8d:d9:71:33:6c:58:2f:08:5e:18:
cf:1f:f5:f8:2f:a7:ef:4e:ef:e7:0d:2b:b5:2c:df:
1d:2b:ee:9b:04:a5:a5:f4:b6:ae:40:89:6d:0a:21:
4c:0c:40:b7:15:2b:e7:0d:c0:a3:8a:97:ea:33:28:
a6:66:87:ee:7e:9c:74:c5:e6:3c:b3:66:2a:40:7d:
66:d3:25:26:ea:56:13:80:03:98:e5:b5:71:a1:1f:
76:56:2d:0e:fa:12:0c:cc:02:fd:f5:e9:2c:e5:5b:
0e:c4:b0:1f:4d:ce:84:b0:6f:cd:91:d0:70:f3:98:
e5:0a:94:6e:25:6e:1c:aa:a7:73:27:95:52:90:c4:
64:a4:ba:ad:8c:bb:80:bf:0b:5d:8c:4f:e9:01:79:
1d:f9:1a:17:0a:3a:ba:02:92:35:fa:27:61:0c:cd:
aa:a9:c0:0d:a2:73:50:b7:0d:0e:d9:e0:ec:b8:fe:
ed:b4:b5:72:26:ce:76:05:4a:3e:f4:4c:2a:96:2a:
a8:16:48:40:47:ed:aa:f9:8f:ec:fd:7a:50:e8:ab:
23:7e:df:ff:60:16:9b:3e:c8:bd:26:28:11:d6:52:
0f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:18:73:D6:9A:91:27:63:8C:64:5B:EE:30:FD:12:75:8B:C3:88:7D
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/iRhz1pqRJ2OMZFvuMP0SdYvDiH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.49.0/24
5.159.54.0/24
45.94.213.0-45.94.215.255
89.44.240.0/23
185.239.0.0/24
185.239.2.0/24
188.212.99.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:5c:8a:59:84:71:a5:17:3c:92:87:17:b4:ef:07:4c:2c:69:
64:8d:1c:29:09:0f:0d:a7:d4:3b:74:bd:04:a5:aa:24:4a:20:
46:01:27:cb:e9:7a:07:be:51:c9:cb:7c:fc:60:ba:c8:4c:52:
16:03:54:0b:70:be:bc:95:3a:ef:3f:a8:f8:f0:b7:6b:d9:47:
29:2e:1d:be:8e:6e:cc:f8:13:d0:47:03:25:01:d6:5e:b0:bd:
d1:36:80:7d:0d:cd:3b:54:84:3a:e0:07:1a:a5:75:fd:16:60:
b1:01:6b:b1:a0:0e:f8:bd:f6:08:6e:a8:e0:03:47:cf:5c:2c:
33:34:39:a9:0c:fa:49:d5:68:67:64:72:e9:b1:56:11:2e:bd:
e7:ac:6a:f8:75:ae:d1:40:91:84:d4:ea:51:f7:71:d5:77:72:
ae:08:11:21:76:c7:5e:22:07:89:03:c6:c5:4c:b7:64:7c:dc:
8a:1e:34:cb:c0:c0:ed:59:6b:17:a4:be:c9:71:b7:c7:9c:23:
46:b2:52:e4:27:43:f1:fe:d6:31:9b:b8:5b:fb:bf:23:83:20:
8f:bd:2a:57:fd:bc:cf:7f:09:cf:0a:77:14:58:fb:49:11:dc:
94:26:8c:37:9c:13:4b:42:ce:5c:db:2c:3f:9c:f8:4e:dd:e2:
e6:82:4d:9a
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZFtmYKLGlABsnQ2B2CGY+UQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQwODIwMDIyNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTE4NzNkNjlhOTEyNzYzOGM2NDViZWUzMGZkMTI3NThiYzM4ODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA60BEz4ixc97FwaJ4l6HT0w/J52jx
qjyH6nmDNIoSZp/hr43ZcTNsWC8IXhjPH/X4L6fvTu/nDSu1LN8dK+6bBKWl9Lau
QIltCiFMDEC3FSvnDcCjipfqMyimZofufpx0xeY8s2YqQH1m0yUm6lYTgAOY5bVx
oR92Vi0O+hIMzAL99eks5VsOxLAfTc6EsG/NkdBw85jlCpRuJW4cqqdzJ5VSkMRk
pLqtjLuAvwtdjE/pAXkd+RoXCjq6ApI1+idhDM2qqcANonNQtw0O2eDsuP7ttLVy
Js52BUo+9EwqliqoFkhAR+2q+Y/s/XpQ6Ksjft//YBabPsi9JigR1lIP5QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFIkYc9aakSdjjGRb7jD9EnWLw4h9MB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvaVJoejFwcVJKMk9NWkZ2dU1QMFNkWXZEaUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQABZ8xAwQA
BZ82MAwDBAAtXtUDBAMtXtADBAFZLPADBAC57wADBAC57wIDBAC81GMwDQYJKoZI
hvcNAQELBQADggEBALBcilmEcaUXPJKHF7TvB0wsaWSNHCkJDw2n1Dt0vQSlqiRK
IEYBJ8vpege+UcnLfPxgushMUhYDVAtwvryVOu8/qPjwt2vZRykuHb6Obsz4E9BH
AyUB1l6wvdE2gH0NzTtUhDrgBxqldf0WYLEBa7GgDvi99ghuqOADR89cLDM0OakM
+knVaGdkcumxVhEuveesavh1rtFAkYTU6lH3cdV3cq4IESF2x14iB4kDxsVMt2R8
3IoeNMvAwO1Zaxekvslxt8ecI0ayUuQnQ/H+1jGbuFv7vyODII+9Klf9vM9/Cc8K
dxRY+0kR3JQmjDecE0tCzlzbLD+c+E7d4uaCTZo=
-----END CERTIFICATE-----
Generated at Mon Oct 7 20:37:57 2024 by rpki-client on console-fra.rpki-client.org