Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/5UMQxB5mFjZB-bX4FGDfQ3GI_dQ.roa
File: 5UMQxB5mFjZB-bX4FGDfQ3GI_dQ.roa (raw, json)
Hash identifier: 2jaCAcB0NGDYhhcJ8zcDGol8EUJjXVTV0OVuWy7odBg=
Subject key identifier: E5:43:10:C4:1E:66:16:36:41:F9:B5:F8:14:60:DF:43:71:88:FD:D4
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 018CC4938A238882FBAD34BE448221293C2B
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/5UMQxB5mFjZB-bX4FGDfQ3GI_dQ.roa
Signing time: Mon 01 Jan 2024 10:30:52 +0000
ROA not before: Mon 01 Jan 2024 10:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212192
IP address blocks: 146.66.211.0/24 maxlen: 24
188.74.244.0/24 maxlen: 24
188.119.164.0/24 maxlen: 24
188.119.167.0/24 maxlen: 24
188.74.156.0/22 maxlen: 22
91.235.122.0/24 maxlen: 24
5.157.164.0/22 maxlen: 24
37.35.38.0/24 maxlen: 24
37.35.32.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 03 Oct 2024 12:55:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:8a:23:88:82:fb:ad:34:be:44:82:21:29:3c:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 1 10:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e54310c41e66163641f9b5f81460df437188fdd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:7b:14:b2:3b:b9:d5:ee:3b:c9:c5:cb:fc:82:
e4:c9:33:d5:d4:cd:23:ca:6f:69:07:60:04:58:3f:
18:f1:6c:10:ab:71:dd:10:23:ce:c1:48:3f:29:2a:
f3:d9:8d:22:1e:67:ca:1f:7e:b4:f6:f4:e6:43:eb:
b7:0f:49:8f:16:ce:34:38:10:5b:4a:ba:6a:f1:3d:
2f:db:21:64:98:dd:4a:b5:72:87:25:d3:c2:cc:f4:
95:a4:50:bf:24:f9:90:d9:c3:cd:11:36:be:22:a7:
e4:70:ee:ea:75:db:14:ca:a3:13:c1:ca:20:d7:95:
5a:9e:5b:5e:0b:aa:8a:1e:bd:3f:ff:46:32:ef:44:
0f:15:62:a8:89:eb:cb:67:d8:3b:c5:ad:11:b6:38:
82:c6:a4:a3:30:c3:8d:08:9e:ee:ef:7a:45:1a:27:
c4:46:bf:fb:3e:d9:75:35:64:50:6b:f6:88:35:b0:
c0:df:31:57:f5:e0:eb:88:b3:10:c0:a9:f3:8e:cc:
99:77:cf:cb:69:1a:b0:8f:3d:0c:cf:3a:6d:3e:df:
ce:86:73:f7:8c:96:7e:94:9b:10:fb:b5:a5:c2:e4:
87:ab:16:b0:32:25:94:1d:3d:0e:7a:de:be:24:91:
1b:d6:07:f4:82:ba:e8:1d:5d:68:ef:4d:f4:d8:6d:
44:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:43:10:C4:1E:66:16:36:41:F9:B5:F8:14:60:DF:43:71:88:FD:D4
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/5UMQxB5mFjZB-bX4FGDfQ3GI_dQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.164.0/22
37.35.32.0/22
37.35.38.0/24
91.235.122.0/24
146.66.211.0/24
188.74.156.0/22
188.74.244.0/24
188.119.164.0/24
188.119.167.0/24
Signature Algorithm: sha256WithRSAEncryption
20:9f:bf:83:08:34:90:b9:cc:51:be:53:72:c7:3f:9c:6e:ae:
a1:84:72:ab:16:1b:17:13:02:33:01:9d:51:30:79:54:42:46:
15:a7:50:46:49:10:66:18:22:2e:f4:ce:eb:3c:d5:8b:d4:29:
0f:17:3f:16:d9:e9:34:19:45:46:97:cb:27:63:f9:97:73:1a:
86:23:4b:bf:e8:cf:c3:a9:2b:7a:4c:fd:90:22:6f:51:5b:95:
98:60:d9:b6:c4:83:8e:84:0c:18:93:65:64:b9:1e:f3:91:96:
b8:58:9d:39:2d:07:28:5b:f8:82:5e:18:6d:70:2a:34:ba:de:
75:cf:35:39:fa:a5:ab:2b:89:8b:d4:78:4b:fb:f9:48:f3:4d:
ed:90:2a:36:86:79:94:37:ce:c7:f3:6a:6a:30:bb:07:86:18:
46:e5:6c:65:c4:ec:3e:dd:fb:5a:95:ba:14:e0:a0:69:f8:0e:
88:dc:12:8d:40:d1:47:07:06:bb:6a:fd:6b:5b:08:b5:df:e2:
15:81:bb:a5:09:23:16:ab:3d:ae:1a:c6:11:c4:2a:9f:44:ab:
b1:75:a3:90:17:b2:62:f4:38:fa:94:92:7d:05:b3:c6:ea:af:
2e:69:e1:f0:fb:1e:b8:90:f2:d6:1c:a2:94:88:89:04:e7:50:
ab:27:88:16
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzEk4ojiIL7rTS+RIIhKTwrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjQwMTAxMTAzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTQzMTBjNDFlNjYxNjM2NDFmOWI1ZjgxNDYwZGY0MzcxODhmZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3sUsju51e47ycXL/ILkyTPV1M0j
ym9pB2AEWD8Y8WwQq3HdECPOwUg/KSrz2Y0iHmfKH3609vTmQ+u3D0mPFs40OBBb
Srpq8T0v2yFkmN1KtXKHJdPCzPSVpFC/JPmQ2cPNETa+IqfkcO7qddsUyqMTwcog
15VanlteC6qKHr0//0Yy70QPFWKoievLZ9g7xa0RtjiCxqSjMMONCJ7u73pFGifE
Rr/7Ptl1NWRQa/aINbDA3zFX9eDriLMQwKnzjsyZd8/LaRqwjz0MzzptPt/OhnP3
jJZ+lJsQ+7WlwuSHqxawMiWUHT0Oet6+JJEb1gf0grroHV1o70302G1EQwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOVDEMQeZhY2Qfm1+BRg30NxiP3UMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvNVVNUXhCNW1GalpCLWJYNEZHRGZRM0dJX2RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCBZ2kAwQC
JSMgAwQAJSMmAwQAW+t6AwQAkkLTAwQCvEqcAwQAvEr0AwQAvHekAwQAvHenMA0G
CSqGSIb3DQEBCwUAA4IBAQAgn7+DCDSQucxRvlNyxz+cbq6hhHKrFhsXEwIzAZ1R
MHlUQkYVp1BGSRBmGCIu9M7rPNWL1CkPFz8W2ek0GUVGl8snY/mXcxqGI0u/6M/D
qSt6TP2QIm9RW5WYYNm2xIOOhAwYk2VkuR7zkZa4WJ05LQcoW/iCXhhtcCo0ut51
zzU5+qWrK4mL1HhL+/lI803tkCo2hnmUN87H82pqMLsHhhhG5WxlxOw+3ftalboU
4KBp+A6I3BKNQNFHBwa7av1rWwi13+IVgbulCSMWqz2uGsYRxCqfRKuxdaOQF7Ji
9Dj6lJJ9BbPG6q8uaeHw+x64kPLWHKKUiIkE51CrJ4gW
-----END CERTIFICATE-----
Generated at Thu Oct 3 15:33:11 2024 by rpki-client on console-fra.rpki-client.org