Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5FS5NL9vt6ouQW1axZLaWWi4HBQ.roa
File: 5FS5NL9vt6ouQW1axZLaWWi4HBQ.roa (raw, json)
Hash identifier: tbcISo48W2AYx5DnyIuqi01M+EuFJmmwix6Ieq99low=
Subject key identifier: E4:54:B9:34:BF:6F:B7:AA:2E:41:6D:5A:C5:92:DA:59:68:B8:1C:14
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01936D341594DDD4476EB88222D88FA41942
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5FS5NL9vt6ouQW1axZLaWWi4HBQ.roa
Signing time: Wed 27 Nov 2024 10:39:10 +0000
ROA not before: Wed 27 Nov 2024 10:39:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 81.5.189.0/24 maxlen: 24
81.168.122.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.212.0/24 maxlen: 24
109.176.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Dec 2024 09:20:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6d:34:15:94:dd:d4:47:6e:b8:82:22:d8:8f:a4:19:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 27 10:39:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e454b934bf6fb7aa2e416d5ac592da5968b81c14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:9c:24:c0:4c:f2:7c:11:45:d3:0c:b4:e6:02:
d6:c6:3a:f2:03:8d:ac:a0:1e:ed:7b:49:f5:67:7d:
3d:33:f6:4b:0b:de:b4:01:c9:68:d7:ab:55:2e:9d:
7b:f6:0d:1a:1f:cf:c0:ad:06:56:1d:fa:df:ae:7f:
bd:25:64:14:17:0d:2d:84:e5:70:e8:de:67:0d:b9:
3a:ca:66:19:a8:2e:2c:6a:8b:bd:30:1c:33:88:d3:
27:73:99:d6:24:f8:c9:60:c2:74:83:95:42:55:ee:
e9:08:4e:00:41:a2:b9:c1:78:cc:69:37:7a:87:32:
69:91:95:bd:e0:52:d2:e2:54:4e:d5:cf:85:26:0c:
9a:ce:19:41:e0:a8:0f:e3:bb:55:09:15:bb:0f:97:
5b:5d:44:02:ca:b3:76:0e:28:29:93:59:9d:85:0e:
9d:09:fa:3e:bf:22:53:09:7e:63:fc:94:14:8d:c9:
de:b6:44:c3:80:30:a3:3f:d8:6c:1b:38:86:41:ac:
72:42:87:b6:98:44:4d:21:b7:cb:1c:8f:a9:cc:64:
2e:26:a3:c8:df:c3:e7:e3:31:ec:4e:0b:f1:ea:29:
51:ab:bc:7b:a3:c9:20:47:62:a1:ca:24:51:11:6e:
9a:cd:9b:ff:a6:73:e1:11:0d:11:13:05:ba:ef:17:
8e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:54:B9:34:BF:6F:B7:AA:2E:41:6D:5A:C5:92:DA:59:68:B8:1C:14
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5FS5NL9vt6ouQW1axZLaWWi4HBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
81.168.122.0/24
82.152.131.0/24
89.213.143.0/24
89.213.152.0/24
89.213.176.0/24
89.213.183.0/24
89.213.212.0/24
109.176.230.0/24
Signature Algorithm: sha256WithRSAEncryption
01:6b:96:98:14:ab:a1:fb:c9:88:f0:29:8e:f0:29:a9:9e:38:
c8:f6:03:f0:71:4b:f1:1f:2d:5a:9e:ab:ce:36:89:c5:94:f8:
8f:3f:52:c5:60:d5:6f:19:e8:f4:31:64:7c:3f:98:3e:80:80:
a5:a0:13:f6:73:5f:5d:10:68:5c:e2:d5:9a:ad:bf:0a:8d:1a:
26:7c:65:a6:ea:ac:26:de:1f:9b:c5:b3:5b:d0:05:b2:02:e7:
c6:5e:bb:b9:7b:68:e6:35:1d:79:6f:7f:17:12:ff:25:a6:86:
c3:af:c3:0a:a0:7e:6a:36:da:c1:16:4d:1c:7d:a6:49:2a:b4:
7e:86:66:3b:bb:af:e1:7a:8e:f3:ae:fd:cf:82:be:a6:dd:6a:
b3:a5:6b:07:c6:e7:54:db:73:64:aa:f5:49:37:b0:e9:e2:d2:
3e:82:e2:2f:ef:af:f0:7d:8a:0f:a3:bf:68:d4:43:fe:63:64:
53:98:5b:79:58:e5:7b:1b:34:73:c9:56:1f:c5:39:d1:87:08:
54:e8:c0:9e:45:ce:fd:7a:8b:50:6a:35:95:90:d2:9b:ab:5f:
70:3b:7d:8d:1c:3f:50:b0:b0:56:39:ca:d5:21:05:d0:68:05:
fb:1c:ba:ae:6e:8f:90:2f:25:f9:f3:ac:be:7c:81:b4:b0:33:
e6:2e:74:90
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZNtNBWU3dRHbriCItiPpBlCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTI3MTAzOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDU0YjkzNGJmNmZiN2FhMmU0MTZkNWFjNTkyZGE1OTY4YjgxYzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJwkwEzyfBFF0wy05gLWxjryA42s
oB7te0n1Z309M/ZLC960Aclo16tVLp179g0aH8/ArQZWHfrfrn+9JWQUFw0thOVw
6N5nDbk6ymYZqC4saou9MBwziNMnc5nWJPjJYMJ0g5VCVe7pCE4AQaK5wXjMaTd6
hzJpkZW94FLS4lRO1c+FJgyazhlB4KgP47tVCRW7D5dbXUQCyrN2Digpk1mdhQ6d
Cfo+vyJTCX5j/JQUjcnetkTDgDCjP9hsGziGQaxyQoe2mERNIbfLHI+pzGQuJqPI
38Pn4zHsTgvx6ilRq7x7o8kgR2KhyiRREW6azZv/pnPhEQ0REwW67xeOjQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFORUuTS/b7eqLkFtWsWS2llouBwUMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNUZTNU5MOXZ0Nm91UVcxYXhaTGFXV2k0SEJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAUQW9AwQA
Uah6AwQAUpiDAwQAWdWPAwQAWdWYAwQAWdWwAwQAWdW3AwQAWdXUAwQAbbDmMA0G
CSqGSIb3DQEBCwUAA4IBAQABa5aYFKuh+8mI8CmO8CmpnjjI9gPwcUvxHy1anqvO
NonFlPiPP1LFYNVvGej0MWR8P5g+gICloBP2c19dEGhc4tWarb8KjRomfGWm6qwm
3h+bxbNb0AWyAufGXru5e2jmNR15b38XEv8lpobDr8MKoH5qNtrBFk0cfaZJKrR+
hmY7u6/heo7zrv3Pgr6m3WqzpWsHxudU23NkqvVJN7Dp4tI+guIv76/wfYoPo79o
1EP+Y2RTmFt5WOV7GzRzyVYfxTnRhwhU6MCeRc79eotQajWVkNKbq19wO32NHD9Q
sLBWOcrVIQXQaAX7HLqubo+QLyX586y+fIG0sDPmLnSQ
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:22:26 2025 by rpki-client