Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/iC736T6YfNgGLv04zpTlAgJmrSA.roa
File: iC736T6YfNgGLv04zpTlAgJmrSA.roa (raw, json)
Hash identifier: Lw6LMg6V1F5q/aF4jt5gXVqg/p5wpa0NTa2B7UA85sc=
Subject key identifier: 88:2E:F7:E9:3E:98:7C:D8:06:2E:FD:38:CE:94:E5:02:02:66:AD:20
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 01917622E7CC22B3112EC66610B7911A393F
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/iC736T6YfNgGLv04zpTlAgJmrSA.roa
Signing time: Wed 21 Aug 2024 18:11:24 +0000
ROA not before: Wed 21 Aug 2024 18:11:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59729
IP address blocks: 5.42.192.0/24 maxlen: 24
5.42.195.0/24 maxlen: 24
5.42.210.0/24 maxlen: 24
193.200.199.0/24 maxlen: 24
194.26.204.0/24 maxlen: 24
194.55.170.0/24 maxlen: 24
212.18.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Aug 2024 16:09:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:76:22:e7:cc:22:b3:11:2e:c6:66:10:b7:91:1a:39:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Aug 21 18:11:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=882ef7e93e987cd8062efd38ce94e5020266ad20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ef:f2:7e:e1:73:4c:ab:2f:5b:83:f8:06:dd:
46:b2:a3:a2:09:f3:d7:89:b0:df:8a:64:a6:fa:e5:
09:f0:2e:a6:d6:c0:40:dd:f2:99:61:fd:78:74:26:
1c:27:d3:61:8d:91:23:13:e5:26:e1:a9:24:34:18:
41:6e:81:40:9f:2a:dd:09:7a:bc:fc:69:5e:40:1d:
8f:f4:4d:f7:25:76:a7:bc:8a:05:cd:f2:05:3a:62:
80:93:ee:2a:08:85:1c:80:eb:9c:95:70:cc:43:e9:
9f:63:c8:41:d0:d3:11:1c:46:62:30:3a:f3:c8:d6:
86:79:29:4f:2c:ce:34:94:f3:81:0f:aa:27:ab:12:
4c:b7:51:b2:ce:31:15:f7:17:07:56:4c:13:c5:c1:
da:18:cd:95:5e:1c:2d:d3:c0:08:36:86:5b:4a:94:
24:42:67:20:7d:88:d2:7b:30:c4:9e:d4:e2:c6:4c:
5e:9e:f6:32:92:4c:2e:44:ab:bd:83:06:5c:d7:9d:
b7:2c:77:c5:f2:ab:41:c4:73:d2:ce:73:af:91:7d:
e8:e3:40:88:37:ea:15:87:2a:41:bd:d3:25:0f:16:
28:f0:8d:24:08:1c:5e:1c:81:b4:79:d5:d8:71:b5:
a6:ac:fa:1a:24:38:06:a2:d5:25:91:ee:52:57:ae:
f3:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:2E:F7:E9:3E:98:7C:D8:06:2E:FD:38:CE:94:E5:02:02:66:AD:20
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/iC736T6YfNgGLv04zpTlAgJmrSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.192.0/24
5.42.195.0/24
5.42.210.0/24
193.200.199.0/24
194.26.204.0/24
194.55.170.0/24
212.18.120.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:6d:f9:c4:f8:ee:b0:0a:dd:60:9b:e1:bb:24:3e:14:08:9b:
58:79:05:eb:da:4d:78:d8:da:81:47:5c:19:d2:4c:a8:d5:f7:
3c:e6:e8:db:78:17:68:ec:1d:dc:b9:69:60:aa:42:c9:3b:72:
33:7e:11:4d:80:a3:53:09:a3:5a:3b:25:a5:b1:13:d2:d6:8c:
41:ac:82:eb:be:32:6b:68:82:47:ee:52:c6:ee:14:e1:22:cc:
db:2b:a4:22:8b:47:f0:ab:20:c5:72:9a:73:aa:df:40:e9:95:
57:bd:f8:cd:b5:c6:40:33:7f:2f:f5:74:2a:18:34:7e:56:a3:
36:e6:ea:08:18:ce:dc:ca:55:3b:cf:a1:b5:8c:02:03:e5:61:
34:a2:77:11:c4:1c:1a:98:ca:d8:24:56:fb:8e:63:17:91:b8:
bb:26:bf:3c:f6:3a:d9:f7:c0:be:76:ac:ae:7d:af:5f:ab:a5:
b1:b8:d3:5c:c7:ce:cb:b1:a1:09:6f:27:af:ec:bb:12:31:5e:
74:19:f1:60:03:e9:16:99:0b:72:12:93:69:db:06:34:8c:c8:
28:32:29:8e:e6:e7:99:0c:dc:3a:ba:7a:ef:60:ac:2b:a0:dc:
00:83:b0:a6:e2:0e:02:b8:0e:62:53:bb:5a:f5:15:44:b2:5a:
ce:96:8e:8b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZF2IufMIrMRLsZmELeRGjk/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwODIxMTgxMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODJlZjdlOTNlOTg3Y2Q4MDYyZWZkMzhjZTk0ZTUwMjAyNjZhZDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAse/yfuFzTKsvW4P4Bt1GsqOiCfPX
ibDfimSm+uUJ8C6m1sBA3fKZYf14dCYcJ9NhjZEjE+Um4akkNBhBboFAnyrdCXq8
/GleQB2P9E33JXanvIoFzfIFOmKAk+4qCIUcgOuclXDMQ+mfY8hB0NMRHEZiMDrz
yNaGeSlPLM40lPOBD6onqxJMt1GyzjEV9xcHVkwTxcHaGM2VXhwt08AINoZbSpQk
QmcgfYjSezDEntTixkxenvYykkwuRKu9gwZc1523LHfF8qtBxHPSznOvkX3o40CI
N+oVhypBvdMlDxYo8I0kCBxeHIG0edXYcbWmrPoaJDgGotUlke5SV67zcQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIgu9+k+mHzYBi79OM6U5QICZq0gMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvaUM3MzZUNllmTmdHTHYwNHpwVGxBZ0ptclNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABSrAAwQA
BSrDAwQABSrSAwQAwcjHAwQAwhrMAwQAwjeqAwQA1BJ4MA0GCSqGSIb3DQEBCwUA
A4IBAQAfbfnE+O6wCt1gm+G7JD4UCJtYeQXr2k142NqBR1wZ0kyo1fc85ujbeBdo
7B3cuWlgqkLJO3IzfhFNgKNTCaNaOyWlsRPS1oxBrILrvjJraIJH7lLG7hThIszb
K6Qii0fwqyDFcppzqt9A6ZVXvfjNtcZAM38v9XQqGDR+VqM25uoIGM7cylU7z6G1
jAID5WE0oncRxBwamMrYJFb7jmMXkbi7Jr889jrZ98C+dqyufa9fq6WxuNNcx87L
saEJbyev7LsSMV50GfFgA+kWmQtyEpNp2wY0jMgoMimO5ueZDNw6unrvYKwroNwA
g7Cm4g4CuA5iU7ta9RVEslrOlo6L
-----END CERTIFICATE-----
Generated at Thu Aug 22 18:55:02 2024 by rpki-client on console-fra.rpki-client.org