Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/4X2Pmk0DtdY3MiYKZ1xMK9hWrK8.roa
File: 4X2Pmk0DtdY3MiYKZ1xMK9hWrK8.roa (raw, json)
Hash identifier: M1mIS/yupTYTyAJEwa3FRme8SiweQ/YD5mmt8cDG9Ek=
Subject key identifier: E1:7D:8F:9A:4D:03:B5:D6:37:32:26:0A:67:5C:4C:2B:D8:56:AC:AF
Certificate issuer: /CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Certificate serial: 018D1E6721B9DA6E3E610BCFD38090EC0345
Authority key identifier: 2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/4X2Pmk0DtdY3MiYKZ1xMK9hWrK8.roa
Signing time: Thu 18 Jan 2024 21:08:11 +0000
ROA not before: Thu 18 Jan 2024 21:08:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211020
IP address blocks: 5.201.162.0/24 maxlen: 24
89.37.12.0/22 maxlen: 24
89.37.12.0/24 maxlen: 24
89.43.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Jan 2024 18:14:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1e:67:21:b9:da:6e:3e:61:0b:cf:d3:80:90:ec:03:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Validity
Not Before: Jan 18 21:08:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e17d8f9a4d03b5d63732260a675c4c2bd856acaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f7:a5:59:62:67:ed:27:00:da:68:e1:1f:b2:
b4:66:f0:77:74:cf:80:dc:a7:c6:3d:2c:cb:ad:b0:
93:26:aa:ea:2b:f0:ed:d1:b7:88:9a:c1:13:81:31:
7d:be:79:c9:9c:e7:17:5d:b6:25:b0:99:3d:8a:98:
5c:3d:bb:6f:e1:d2:8f:da:19:83:9a:c7:8f:10:15:
2f:85:dc:53:3e:24:fe:05:32:24:5e:fb:7e:0e:df:
9c:0d:cc:40:49:06:9b:59:3d:d4:d7:42:ef:cf:5f:
9b:67:58:02:da:de:ae:fa:d0:a6:f6:54:4b:f2:56:
94:7b:9c:57:60:99:d6:18:4d:2b:26:e4:9f:fe:9c:
3d:a2:54:8e:5b:95:b4:22:0e:56:71:cf:c8:93:6d:
39:c0:6f:59:fd:96:16:f2:6e:64:5e:7c:13:75:71:
33:4f:9c:17:10:ad:62:9a:8b:be:f5:10:9d:e2:fa:
3d:cb:1c:c7:48:f7:3c:67:1d:d2:2e:c6:b2:3d:fd:
b1:ae:2b:0c:cc:1b:af:2b:cd:34:ad:f8:82:32:80:
c5:3e:2c:66:48:6b:a7:11:db:c2:51:3a:70:da:0c:
16:53:2a:1d:78:62:9c:dd:ef:e2:39:68:80:7d:45:
88:9a:bb:f5:11:49:72:8e:60:11:ff:5e:8e:f1:ea:
30:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:7D:8F:9A:4D:03:B5:D6:37:32:26:0A:67:5C:4C:2B:D8:56:AC:AF
X509v3 Authority Key Identifier:
keyid:2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/4X2Pmk0DtdY3MiYKZ1xMK9hWrK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.201.162.0/24
89.37.12.0/22
89.43.2.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:93:6b:c1:92:aa:77:4c:df:c1:1c:c9:8f:0f:b5:de:8f:50:
0c:b3:b7:c1:1b:07:6d:06:39:a9:d0:fc:ee:5d:8c:0e:b9:af:
1e:0a:b3:9b:06:21:0e:9a:73:ef:86:b9:22:84:38:d1:91:f3:
5b:7f:e4:7c:35:d2:e2:89:14:dd:30:d8:e2:0f:98:4f:aa:63:
a4:2e:e0:fb:9f:ea:a8:5d:ad:73:44:ed:68:4e:be:43:3e:78:
26:37:d6:45:2d:75:04:5a:25:f0:96:58:b8:2b:23:0e:f7:75:
0f:a6:23:c8:3c:18:10:d2:80:f5:66:de:94:39:f3:f3:59:93:
2b:f3:68:5d:c8:b1:17:01:da:6b:88:59:35:13:59:d1:f9:54:
a4:45:cc:1b:a5:68:54:6a:b7:e6:1a:54:87:b0:e9:57:0b:6a:
2a:5e:dd:b7:36:7e:04:9f:0c:54:38:c6:20:9b:a8:e1:9d:c1:
e0:f5:d1:29:0e:f8:b4:6c:bf:2d:5d:fe:6b:dd:4e:fd:7f:b6:
08:85:3d:34:ae:62:87:c2:40:0d:66:c1:0c:9c:af:88:f4:59:
97:bf:4c:be:f1:87:50:f6:75:af:d2:02:32:62:75:f7:a6:f1:
5a:21:05:d2:81:52:46:da:27:c7:14:3e:48:c7:3e:83:20:2c:
9d:be:40:04
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0eZyG52m4+YQvP04CQ7ANFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmE0MzRjNGI1ZDIzOWM0ZTZlNDFiN2U1ODVjOGQ1OGY4
OTk1YWIwHhcNMjQwMTE4MjEwODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTdkOGY5YTRkMDNiNWQ2MzczMjI2MGE2NzVjNGMyYmQ4NTZhY2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvelWWJn7ScA2mjhH7K0ZvB3dM+A
3KfGPSzLrbCTJqrqK/Dt0beImsETgTF9vnnJnOcXXbYlsJk9iphcPbtv4dKP2hmD
msePEBUvhdxTPiT+BTIkXvt+Dt+cDcxASQabWT3U10Lvz1+bZ1gC2t6u+tCm9lRL
8laUe5xXYJnWGE0rJuSf/pw9olSOW5W0Ig5Wcc/Ik205wG9Z/ZYW8m5kXnwTdXEz
T5wXEK1imou+9RCd4vo9yxzHSPc8Zx3SLsayPf2xrisMzBuvK800rfiCMoDFPixm
SGunEdvCUTpw2gwWUyodeGKc3e/iOWiAfUWImrv1EUlyjmAR/16O8eowfQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOF9j5pNA7XWNzImCmdcTCvYVqyvMB8GA1UdIwQY
MBaAFC9qQ0xLXSOcTm5Bt+WFyNWPiZWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWIt
NDBiNmQ2N2ZjZDk0LzEvNFgyUG1rMER0ZFkzTWlZS1oxeE1LOWhXcks4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWItNDBiNmQ2N2ZjZDk0
LzEvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABcmiAwQC
WSUMAwQAWSsCMA0GCSqGSIb3DQEBCwUAA4IBAQB9k2vBkqp3TN/BHMmPD7Xej1AM
s7fBGwdtBjmp0PzuXYwOua8eCrObBiEOmnPvhrkihDjRkfNbf+R8NdLiiRTdMNji
D5hPqmOkLuD7n+qoXa1zRO1oTr5DPngmN9ZFLXUEWiXwlli4KyMO93UPpiPIPBgQ
0oD1Zt6UOfPzWZMr82hdyLEXAdpriFk1E1nR+VSkRcwbpWhUarfmGlSHsOlXC2oq
Xt23Nn4EnwxUOMYgm6jhncHg9dEpDvi0bL8tXf5r3U79f7YIhT00rmKHwkANZsEM
nK+I9FmXv0y+8YdQ9nWv0gIyYnX3pvFaIQXSgVJG2ifHFD5Ixz6DICydvkAE
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:32 2025 by rpki-client