Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/sggvE2MMUFBENRLPCRbAkjFMz0A.roa
File: sggvE2MMUFBENRLPCRbAkjFMz0A.roa (raw, json)
Hash identifier: pmgO+ehDC7+WxkpF8kWoQFjkF4SgRZp/qi9FDINmqEs=
Subject key identifier: B2:08:2F:13:63:0C:50:50:44:35:12:CF:09:16:C0:92:31:4C:CF:40
Certificate issuer: /CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Certificate serial: 018D4726296C69FF5ED04A398916912E658F
Authority key identifier: 2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/sggvE2MMUFBENRLPCRbAkjFMz0A.roa
Signing time: Fri 26 Jan 2024 19:01:39 +0000
ROA not before: Fri 26 Jan 2024 19:01:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211020
IP address blocks: 5.201.162.0/24 maxlen: 24
89.37.12.0/24 maxlen: 24
185.135.230.0/24 maxlen: 24
185.135.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 27 Jan 2024 10:42:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:47:26:29:6c:69:ff:5e:d0:4a:39:89:16:91:2e:65:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Validity
Not Before: Jan 26 19:01:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2082f13630c5050443512cf0916c092314ccf40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cb:5d:e1:01:2a:83:c3:ec:45:e6:65:4a:2d:
0f:d9:b0:3f:39:5f:f6:4a:4d:59:b8:4b:54:0e:58:
22:c6:53:78:bb:4d:09:a1:80:ac:52:87:a4:4f:82:
11:ec:04:49:09:01:7d:26:dd:14:a6:c2:f2:bd:30:
8e:a8:41:12:9f:3e:35:c0:06:c9:c0:86:1e:f8:03:
3a:11:2c:37:3f:c4:27:23:2a:64:4c:48:c8:cb:60:
2c:b0:11:77:b0:67:bc:1d:99:a6:58:d0:2e:ff:b2:
63:53:68:b8:0a:67:5a:a5:88:e4:68:86:fc:d0:f9:
20:18:d7:70:a2:37:2e:ab:28:e7:d3:f5:bd:62:b5:
46:62:72:dd:53:54:df:4b:74:08:32:c2:0d:f8:b6:
42:ac:1c:19:39:60:55:3e:a1:c9:9b:95:d0:16:cf:
16:7e:8d:f6:2f:f2:13:10:e5:63:ab:68:5b:71:08:
f8:9f:fd:5a:8d:20:21:69:fc:13:77:3e:0a:99:50:
d4:c6:45:86:e1:dd:cc:cd:9f:5b:1e:1f:63:ae:64:
d7:d4:6b:3e:c6:bf:f1:68:4f:a8:85:34:37:e8:be:
c0:95:62:90:c6:2a:4f:ec:12:77:a1:3d:41:78:a4:
80:cd:d7:16:d9:1f:75:b8:58:fd:ef:69:b4:51:26:
db:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:08:2F:13:63:0C:50:50:44:35:12:CF:09:16:C0:92:31:4C:CF:40
X509v3 Authority Key Identifier:
keyid:2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/sggvE2MMUFBENRLPCRbAkjFMz0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.201.162.0/24
89.37.12.0/24
185.135.230.0/23
Signature Algorithm: sha256WithRSAEncryption
14:85:de:9f:9d:e5:e8:80:0d:29:3a:4c:25:61:15:10:42:39:
ee:62:4c:64:7f:1e:d5:34:98:c3:00:37:63:53:9f:25:12:45:
0b:fb:8f:2c:46:8a:ce:8f:78:c0:18:e6:bf:64:16:2b:24:d6:
85:5c:22:b3:e3:d8:c9:1e:f0:34:2b:97:52:c7:4c:94:fa:91:
aa:70:b7:11:45:08:01:b4:bc:0c:24:41:51:37:82:86:af:c3:
9f:48:e4:2e:ad:e6:72:46:6b:a3:b0:7d:c2:40:bf:68:e9:e3:
32:0d:a6:8c:a2:22:e0:eb:0c:a7:4d:1f:df:4a:2c:9d:b1:ff:
35:0a:ab:94:d5:82:11:4d:9d:26:41:bf:37:98:39:3a:cb:12:
55:09:dc:1b:16:17:e9:9b:26:05:2e:8c:95:c2:d7:f1:46:fb:
d0:24:11:ec:9a:78:ec:32:ce:d4:a2:9b:be:98:6e:6b:0f:2e:
4c:1d:f0:6d:ab:8a:d2:f0:3a:44:e5:ce:71:6d:66:61:0c:f9:
9d:e5:a4:cd:a0:3c:bd:8a:2b:09:fc:63:b3:37:96:b6:c3:cb:
10:65:39:ea:c9:1d:14:e8:34:b4:f5:32:c4:6c:22:13:8d:0f:
da:a1:1a:68:21:46:bd:59:5f:70:95:6e:cb:46:4f:80:30:2d:
bf:a1:eb:18
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1HJilsaf9e0Eo5iRaRLmWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmE0MzRjNGI1ZDIzOWM0ZTZlNDFiN2U1ODVjOGQ1OGY4
OTk1YWIwHhcNMjQwMTI2MTkwMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjA4MmYxMzYzMGM1MDUwNDQzNTEyY2YwOTE2YzA5MjMxNGNjZjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArctd4QEqg8PsReZlSi0P2bA/OV/2
Sk1ZuEtUDlgixlN4u00JoYCsUoekT4IR7ARJCQF9Jt0UpsLyvTCOqEESnz41wAbJ
wIYe+AM6ESw3P8QnIypkTEjIy2AssBF3sGe8HZmmWNAu/7JjU2i4CmdapYjkaIb8
0PkgGNdwojcuqyjn0/W9YrVGYnLdU1TfS3QIMsIN+LZCrBwZOWBVPqHJm5XQFs8W
fo32L/ITEOVjq2hbcQj4n/1ajSAhafwTdz4KmVDUxkWG4d3MzZ9bHh9jrmTX1Gs+
xr/xaE+ohTQ36L7AlWKQxipP7BJ3oT1BeKSAzdcW2R91uFj972m0USbb2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLIILxNjDFBQRDUSzwkWwJIxTM9AMB8GA1UdIwQY
MBaAFC9qQ0xLXSOcTm5Bt+WFyNWPiZWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWIt
NDBiNmQ2N2ZjZDk0LzEvc2dndkUyTU1VRkJFTlJMUENSYkFrakZNejBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWItNDBiNmQ2N2ZjZDk0
LzEvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABcmiAwQA
WSUMAwQBuYfmMA0GCSqGSIb3DQEBCwUAA4IBAQAUhd6fneXogA0pOkwlYRUQQjnu
Ykxkfx7VNJjDADdjU58lEkUL+48sRorOj3jAGOa/ZBYrJNaFXCKz49jJHvA0K5dS
x0yU+pGqcLcRRQgBtLwMJEFRN4KGr8OfSOQureZyRmujsH3CQL9o6eMyDaaMoiLg
6wynTR/fSiydsf81CquU1YIRTZ0mQb83mDk6yxJVCdwbFhfpmyYFLoyVwtfxRvvQ
JBHsmnjsMs7Uopu+mG5rDy5MHfBtq4rS8DpE5c5xbWZhDPmd5aTNoDy9iisJ/GOz
N5a2w8sQZTnqyR0U6DS09TLEbCITjQ/aoRpoIUa9WV9wlW7LRk+AMC2/oesY
-----END CERTIFICATE-----
Generated at Wed Apr 23 14:55:20 2025 by rpki-client