Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/5DNd6DsgpL64-bHik2YcZrgj9cc.roa
File: 5DNd6DsgpL64-bHik2YcZrgj9cc.roa (raw, json)
Hash identifier: in+L0dHp6GoNKh9eI8h32ra8uN3GF/plss2BRl1wUck=
Subject key identifier: E4:33:5D:E8:3B:20:A4:BE:B8:F9:B1:E2:93:66:1C:66:B8:23:F5:C7
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 01917AD98AC98DF683F998DC4151FF6F0132
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/5DNd6DsgpL64-bHik2YcZrgj9cc.roa
Signing time: Thu 22 Aug 2024 16:09:22 +0000
ROA not before: Thu 22 Aug 2024 16:09:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201211
IP address blocks: 80.242.53.0/24 maxlen: 24
95.130.224.0/24 maxlen: 24
185.19.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7a:d9:8a:c9:8d:f6:83:f9:98:dc:41:51:ff:6f:01:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Aug 22 16:09:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4335de83b20a4beb8f9b1e293661c66b823f5c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6e:d7:51:ff:cd:8b:98:3f:58:66:9c:fd:d9:
2b:5f:19:ed:71:05:91:23:eb:33:f7:ca:35:2e:69:
10:ce:89:35:dd:9a:7b:28:f8:c4:6c:6f:03:f3:b6:
87:93:5f:7d:ef:7c:08:4a:fe:5a:5e:a7:91:b3:3d:
8c:8e:05:d5:dc:76:61:97:6a:04:cf:a9:3e:e9:a1:
51:7e:28:bb:da:42:b7:96:c2:47:f0:b9:9a:29:6d:
1a:39:b1:2e:dd:fa:bd:41:3a:af:f1:d1:2f:f1:55:
80:52:ba:2e:99:5b:c7:d7:a6:22:05:ed:2f:08:fe:
5b:0d:c5:a1:5a:ad:49:da:06:2d:ec:7b:39:50:d4:
af:e2:d8:1c:cd:8d:7b:e0:0f:f9:46:35:1f:a5:6d:
2b:2c:28:04:ec:27:02:90:e2:12:ca:8b:51:75:39:
51:66:0e:a0:03:93:a0:84:25:46:73:f1:db:97:ae:
94:f4:5f:99:d0:7a:86:db:eb:05:13:e9:ca:d8:f9:
36:63:36:5c:b7:9b:03:a4:84:59:b4:6e:2d:93:e2:
3e:60:61:01:bb:65:4d:c3:38:81:dd:f9:80:f3:a2:
d7:f9:8f:21:42:80:ba:db:3d:36:33:fa:86:3d:81:
21:40:1f:01:84:02:46:e2:bf:c2:b0:43:67:6d:6f:
d7:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:33:5D:E8:3B:20:A4:BE:B8:F9:B1:E2:93:66:1C:66:B8:23:F5:C7
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/5DNd6DsgpL64-bHik2YcZrgj9cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.242.53.0/24
95.130.224.0/24
185.19.202.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:3f:00:f0:f0:0b:dc:39:0b:0b:29:fc:0d:f4:ae:a4:9b:5c:
94:56:40:0f:f9:d4:4f:a5:ee:f9:b5:5f:95:3f:38:83:7d:7b:
cc:bb:f6:d2:db:39:64:fd:89:ba:0a:18:31:0c:ec:0c:5a:d2:
8f:ee:5a:74:86:40:b0:6b:4a:97:ca:ad:e4:ac:b0:18:23:46:
32:c3:d0:6f:4d:5f:3d:75:60:30:8a:43:0e:ef:2a:72:51:96:
a0:89:a0:d7:64:6b:76:ce:3f:98:a2:b9:82:c8:45:42:67:88:
a5:41:51:32:b2:41:dc:62:87:8d:f8:57:34:da:da:09:0f:89:
38:e1:70:b0:a4:3d:6a:20:cf:8d:99:3c:b7:57:6d:58:74:0a:
75:03:92:03:c3:86:40:49:80:01:0c:62:16:1a:02:7c:af:8f:
52:ef:3f:e6:15:1a:f1:93:3c:26:47:48:6e:78:4a:b4:da:91:
71:4b:ad:9f:bf:f9:d3:04:3f:a7:d8:6f:8d:8e:5a:7a:56:97:
77:2e:d8:2b:79:1d:0c:0a:82:da:e7:6c:87:07:c0:88:02:87:
88:df:8f:60:86:be:1f:3f:7b:a5:95:db:f8:f5:71:9f:af:0d:
8a:dc:c7:04:d4:fc:ef:be:b7:72:30:df:77:68:85:bf:73:40:
7d:19:a7:91
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZF62YrJjfaD+ZjcQVH/bwEyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwODIyMTYwOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDMzNWRlODNiMjBhNGJlYjhmOWIxZTI5MzY2MWM2NmI4MjNmNWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAum7XUf/Ni5g/WGac/dkrXxntcQWR
I+sz98o1LmkQzok13Zp7KPjEbG8D87aHk19973wISv5aXqeRsz2MjgXV3HZhl2oE
z6k+6aFRfii72kK3lsJH8LmaKW0aObEu3fq9QTqv8dEv8VWAUroumVvH16YiBe0v
CP5bDcWhWq1J2gYt7Hs5UNSv4tgczY174A/5RjUfpW0rLCgE7CcCkOISyotRdTlR
Zg6gA5OghCVGc/Hbl66U9F+Z0HqG2+sFE+nK2Pk2YzZct5sDpIRZtG4tk+I+YGEB
u2VNwziB3fmA86LX+Y8hQoC62z02M/qGPYEhQB8BhAJG4r/CsENnbW/XewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOQzXeg7IKS+uPmx4pNmHGa4I/XHMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvNUROZDZEc2dwTDY0LWJIaWsyWWNacmdqOWNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUPI1AwQA
X4LgAwQAuRPKMA0GCSqGSIb3DQEBCwUAA4IBAQCcPwDw8AvcOQsLKfwN9K6km1yU
VkAP+dRPpe75tV+VPziDfXvMu/bS2zlk/Ym6ChgxDOwMWtKP7lp0hkCwa0qXyq3k
rLAYI0Yyw9BvTV89dWAwikMO7ypyUZagiaDXZGt2zj+YormCyEVCZ4ilQVEyskHc
YoeN+Fc02toJD4k44XCwpD1qIM+NmTy3V21YdAp1A5IDw4ZASYABDGIWGgJ8r49S
7z/mFRrxkzwmR0hueEq02pFxS62fv/nTBD+n2G+Njlp6Vpd3LtgreR0MCoLa52yH
B8CIAoeI349ghr4fP3ulldv49XGfrw2K3McE1PzvvrdyMN93aIW/c0B9GaeR
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:11:07 2025 by rpki-client