Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/1BXmtbOaxv2hteWvKwl0PBmuf9M.roa
File: 1BXmtbOaxv2hteWvKwl0PBmuf9M.roa (raw, json)
Hash identifier: wVeUwLOkjk/A/VpRJvHEDhVO9KjxZoNkBqijDTlm/mM=
Subject key identifier: D4:15:E6:B5:B3:9A:C6:FD:A1:B5:E5:AF:2B:09:74:3C:19:AE:7F:D3
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 01917AD98A38168C89F19EED9990945B55CD
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/1BXmtbOaxv2hteWvKwl0PBmuf9M.roa
Signing time: Thu 22 Aug 2024 16:09:22 +0000
ROA not before: Thu 22 Aug 2024 16:09:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59729
IP address blocks: 5.42.192.0/24 maxlen: 24
5.42.195.0/24 maxlen: 24
5.42.210.0/24 maxlen: 24
193.9.20.0/24 maxlen: 24
193.200.199.0/24 maxlen: 24
194.26.204.0/24 maxlen: 24
194.55.170.0/24 maxlen: 24
212.18.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 30 Aug 2024 06:46:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7a:d9:8a:38:16:8c:89:f1:9e:ed:99:90:94:5b:55:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Aug 22 16:09:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d415e6b5b39ac6fda1b5e5af2b09743c19ae7fd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:18:82:a9:0e:a1:f5:56:e8:67:e1:8c:50:a1:
65:37:4e:1c:9b:00:99:d5:69:37:22:54:b5:3d:aa:
1b:7b:42:46:6d:ae:9a:bc:a4:de:be:03:d8:b1:c1:
57:9a:12:d6:89:1a:4a:25:ac:02:23:2f:44:ef:0e:
30:0c:4e:cf:d9:b7:64:b0:df:d9:cb:68:19:c0:e1:
e1:b6:25:fe:54:7c:dd:9b:9f:0a:79:e3:c6:a5:79:
51:7c:f7:de:c0:e4:e9:1a:55:58:0c:11:dd:ca:b2:
32:a2:6e:b8:5e:e3:da:e3:ba:24:71:3e:12:e5:c5:
f9:87:bd:02:6b:6f:06:19:51:b3:57:93:4a:2e:bb:
b1:bf:3d:cc:78:6a:ac:51:d2:bd:f6:03:03:5a:75:
a9:40:21:d8:62:83:41:a0:4a:d8:25:8d:d3:d4:b0:
46:0e:9c:0e:5a:ab:27:38:0c:88:77:c1:d4:bc:48:
18:03:52:e9:a5:a4:66:4e:e3:64:1e:64:a0:44:2c:
27:bc:07:2a:51:d9:55:af:99:4f:08:09:4d:d2:8d:
d3:72:f5:2a:41:25:3b:06:e5:dd:a4:26:58:7e:2c:
7f:34:25:7d:b3:43:13:b4:d6:e8:96:46:7c:2b:c9:
de:91:75:97:b3:f9:5d:cf:27:ac:45:1e:b9:98:82:
d5:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:15:E6:B5:B3:9A:C6:FD:A1:B5:E5:AF:2B:09:74:3C:19:AE:7F:D3
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/1BXmtbOaxv2hteWvKwl0PBmuf9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.192.0/24
5.42.195.0/24
5.42.210.0/24
193.9.20.0/24
193.200.199.0/24
194.26.204.0/24
194.55.170.0/24
212.18.120.0/24
Signature Algorithm: sha256WithRSAEncryption
72:4f:e2:65:00:00:6d:ef:21:98:42:8a:51:c7:e8:7a:ac:4c:
2b:16:41:6e:27:21:4d:b6:c5:1c:1f:74:a8:cb:29:9b:61:78:
dd:fa:8d:3d:04:10:7f:24:7a:3e:7a:0f:ff:4e:91:e6:f4:e4:
ab:4d:7b:91:09:32:c9:cc:dc:46:9d:c9:84:37:21:a2:dc:17:
28:f0:72:60:8e:e2:a0:06:fa:df:61:c6:a0:f2:d8:11:27:82:
75:de:ff:1a:8b:c9:9d:13:84:47:48:3b:25:88:8e:3b:16:7a:
80:90:b7:1a:1f:38:bf:a2:c0:9f:2d:45:f1:5d:ca:b0:4d:db:
74:ac:db:4e:ba:e8:9c:bd:8b:dc:c2:70:f8:0e:e5:4d:68:69:
aa:c7:97:ff:79:40:b4:3c:80:d9:ef:8a:90:75:0d:b9:96:03:
03:b4:eb:45:de:b6:82:8f:d4:19:e6:a7:cc:56:3e:9d:d3:f2:
3e:5e:3f:1c:bd:8d:1f:c0:6f:97:f6:40:c1:ba:e8:ee:82:96:
2d:ac:9a:11:53:41:4d:2a:60:24:15:44:3f:f7:50:c5:2e:4d:
84:4b:e0:55:92:de:6b:4f:60:95:9e:91:e2:d7:72:97:89:25:
b5:96:6d:d3:01:f1:f5:2e:2c:1b:36:5c:2d:7c:0e:b2:40:b6:
94:3b:58:dc
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZF62Yo4FoyJ8Z7tmZCUW1XNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwODIyMTYwOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDE1ZTZiNWIzOWFjNmZkYTFiNWU1YWYyYjA5NzQzYzE5YWU3ZmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBiCqQ6h9VboZ+GMUKFlN04cmwCZ
1Wk3IlS1Paobe0JGba6avKTevgPYscFXmhLWiRpKJawCIy9E7w4wDE7P2bdksN/Z
y2gZwOHhtiX+VHzdm58KeePGpXlRfPfewOTpGlVYDBHdyrIyom64XuPa47okcT4S
5cX5h70Ca28GGVGzV5NKLruxvz3MeGqsUdK99gMDWnWpQCHYYoNBoErYJY3T1LBG
DpwOWqsnOAyId8HUvEgYA1LppaRmTuNkHmSgRCwnvAcqUdlVr5lPCAlN0o3TcvUq
QSU7BuXdpCZYfix/NCV9s0MTtNbolkZ8K8nekXWXs/ldzyesRR65mILV2QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNQV5rWzmsb9obXlrysJdDwZrn/TMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvMUJYbXRiT2F4djJodGVXdkt3bDBQQm11ZjlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABSrAAwQA
BSrDAwQABSrSAwQAwQkUAwQAwcjHAwQAwhrMAwQAwjeqAwQA1BJ4MA0GCSqGSIb3
DQEBCwUAA4IBAQByT+JlAABt7yGYQopRx+h6rEwrFkFuJyFNtsUcH3SoyymbYXjd
+o09BBB/JHo+eg//TpHm9OSrTXuRCTLJzNxGncmENyGi3Bco8HJgjuKgBvrfYcag
8tgRJ4J13v8ai8mdE4RHSDsliI47FnqAkLcaHzi/osCfLUXxXcqwTdt0rNtOuuic
vYvcwnD4DuVNaGmqx5f/eUC0PIDZ74qQdQ25lgMDtOtF3raCj9QZ5qfMVj6d0/I+
Xj8cvY0fwG+X9kDBuujugpYtrJoRU0FNKmAkFUQ/91DFLk2ES+BVkt5rT2CVnpHi
13KXiSW1lm3TAfH1LiwbNlwtfA6yQLaUO1jc
-----END CERTIFICATE-----
Generated at Fri Aug 30 09:04:40 2024 by rpki-client on console-fra.rpki-client.org