Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/awCg29yTBrQAxTgw7BMxRKfD77I.roa
File: awCg29yTBrQAxTgw7BMxRKfD77I.roa (raw, json)
Hash identifier: gvHu6xL96iMsPorqRJTfzi984DE8SsJmc7ODwj0OkR4=
Subject key identifier: 6B:00:A0:DB:DC:93:06:B4:00:C5:38:30:EC:13:31:44:A7:C3:EF:B2
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0191526CFDDF9E6FC0D72A2FB66A35945501
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/awCg29yTBrQAxTgw7BMxRKfD77I.roa
Signing time: Wed 14 Aug 2024 19:46:00 +0000
ROA not before: Wed 14 Aug 2024 19:46:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43201
IP address blocks: 5.42.216.0/24 maxlen: 24
37.72.131.0/24 maxlen: 24
46.175.132.0/24 maxlen: 24
193.8.74.0/24 maxlen: 24
194.104.139.0/24 maxlen: 24
194.104.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Aug 2024 18:11:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:52:6c:fd:df:9e:6f:c0:d7:2a:2f:b6:6a:35:94:55:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Aug 14 19:46:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b00a0dbdc9306b400c53830ec133144a7c3efb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:74:da:b0:c4:3d:f0:02:94:d8:e9:2e:5f:b1:
82:1d:1a:68:54:5b:ca:1c:97:7d:4b:d5:75:48:d8:
45:b7:54:6c:5b:b4:0a:ea:6c:c4:cf:a4:23:24:39:
10:aa:90:a1:be:09:d6:3e:99:01:78:74:f0:63:3e:
54:4e:c6:bf:df:d6:df:82:9f:79:9f:52:06:39:be:
f5:63:67:c3:23:87:34:d9:8f:89:0b:85:38:b4:f9:
3f:9b:e8:b6:eb:2e:e5:13:90:6c:b5:bd:6c:83:35:
60:ac:7c:f9:21:43:34:6b:67:f0:c2:73:b9:da:92:
ba:bd:f1:50:9d:c0:58:c4:22:7e:b0:23:9f:52:31:
07:de:77:b8:5b:d4:15:ea:24:34:0a:77:d9:23:30:
15:b4:c8:b0:e7:b3:40:dd:7d:63:c1:04:8d:10:c9:
80:f4:7a:9d:7c:a7:76:81:4f:22:a3:b2:b6:86:d6:
8e:15:0b:48:7d:47:ff:f9:18:66:9a:d8:5b:97:0f:
40:9d:45:83:33:b4:db:d3:61:8b:e7:20:d5:2b:b9:
80:4a:bb:d2:83:e9:5d:4b:e2:a0:37:64:79:a4:1d:
f5:fa:0e:51:57:83:da:e6:60:50:db:56:ea:d3:37:
f9:b0:a4:d1:62:db:8a:21:3c:f8:8e:2d:37:01:19:
12:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:00:A0:DB:DC:93:06:B4:00:C5:38:30:EC:13:31:44:A7:C3:EF:B2
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/awCg29yTBrQAxTgw7BMxRKfD77I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.216.0/24
37.72.131.0/24
46.175.132.0/24
193.8.74.0/24
194.104.139.0-194.104.140.255
Signature Algorithm: sha256WithRSAEncryption
81:5f:39:24:e3:cc:f4:1a:43:78:d2:0d:c9:b9:27:86:e6:57:
f7:82:cb:7d:61:06:0f:31:f7:6b:af:11:4d:e8:ff:72:81:5c:
d3:40:f5:ba:54:a2:cc:60:74:40:71:f3:9a:3d:ca:cb:af:df:
48:69:bd:06:99:d1:e8:a4:f4:cb:0c:be:03:3b:68:de:5f:72:
f4:e7:85:ec:44:ca:6f:cc:87:29:80:ef:b7:c8:f1:35:a4:c1:
4f:30:1a:b2:b7:d4:a9:ba:e8:e1:50:d4:98:7a:6a:72:c0:86:
12:c3:87:33:84:35:2b:cf:a4:53:88:7d:6f:e4:01:18:8f:c0:
b0:9e:1b:e1:69:c7:7d:dd:9b:9b:ec:29:e5:0f:2b:8b:38:69:
35:5f:9c:d2:ee:86:c7:40:ae:b2:36:aa:50:fc:79:e5:86:c7:
28:e2:58:bb:31:98:2a:5a:3d:8e:f1:5a:ff:65:42:c3:43:f7:
e8:fc:af:e6:8c:3f:ee:0b:4a:13:11:cc:55:f1:09:24:0b:4f:
20:32:5d:e4:07:c8:19:e1:05:13:84:6e:19:33:1f:26:58:ab:
74:3e:08:ad:0f:f5:1b:de:66:4c:07:1f:ab:5f:41:92:d5:45:
59:f5:d0:27:2a:e9:d7:b0:3f:6d:08:0c:02:c5:d3:6f:1d:66:
8a:8e:5a:b8
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZFSbP3fnm/A1yovtmo1lFUBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwODE0MTk0NjAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjAwYTBkYmRjOTMwNmI0MDBjNTM4MzBlYzEzMzE0NGE3YzNlZmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4nTasMQ98AKU2OkuX7GCHRpoVFvK
HJd9S9V1SNhFt1RsW7QK6mzEz6QjJDkQqpChvgnWPpkBeHTwYz5UTsa/39bfgp95
n1IGOb71Y2fDI4c02Y+JC4U4tPk/m+i26y7lE5Bstb1sgzVgrHz5IUM0a2fwwnO5
2pK6vfFQncBYxCJ+sCOfUjEH3ne4W9QV6iQ0CnfZIzAVtMiw57NA3X1jwQSNEMmA
9HqdfKd2gU8io7K2htaOFQtIfUf/+Rhmmthblw9AnUWDM7Tb02GL5yDVK7mASrvS
g+ldS+KgN2R5pB31+g5RV4Pa5mBQ21bq0zf5sKTRYtuKITz4ji03ARkSFwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFGsAoNvckwa0AMU4MOwTMUSnw++yMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvYXdDZzI5eVRCclFBeFRndzdCTXhSS2ZENzdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQABSrYAwQA
JUiDAwQALq+EAwQAwQhKMAwDBADCaIsDBADCaIwwDQYJKoZIhvcNAQELBQADggEB
AIFfOSTjzPQaQ3jSDcm5J4bmV/eCy31hBg8x92uvEU3o/3KBXNNA9bpUosxgdEBx
85o9ysuv30hpvQaZ0eik9MsMvgM7aN5fcvTnhexEym/MhymA77fI8TWkwU8wGrK3
1Km66OFQ1Jh6anLAhhLDhzOENSvPpFOIfW/kARiPwLCeG+Fpx33dm5vsKeUPK4s4
aTVfnNLuhsdArrI2qlD8eeWGxyjiWLsxmCpaPY7xWv9lQsND9+j8r+aMP+4LShMR
zFXxCSQLTyAyXeQHyBnhBROEbhkzHyZYq3Q+CK0P9RveZkwHH6tfQZLVRVn10Ccq
6dewP20IDALF028dZoqOWrg=
-----END CERTIFICATE-----
Generated at Wed Aug 21 23:31:40 2024 by rpki-client on console-ams.rpki-client.org