Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/PrA4FIuaLWbHgkzKXE2w5iM5cf8.roa
File: PrA4FIuaLWbHgkzKXE2w5iM5cf8.roa (raw, json)
Hash identifier: 40LG582+cCUldDfN4w9uce2pzspvj4LDgPjmK2hhFyA=
Subject key identifier: 3E:B0:38:14:8B:9A:2D:66:C7:82:4C:CA:5C:4D:B0:E6:23:39:71:FF
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 0193A9F58DEA25A0D99C47A54E9E7E7C349A
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/PrA4FIuaLWbHgkzKXE2w5iM5cf8.roa
Signing time: Mon 09 Dec 2024 05:47:42 +0000
ROA not before: Mon 09 Dec 2024 05:47:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197343
IP address blocks: 5.56.128.0/22 maxlen: 22
5.57.34.0/24 maxlen: 24
37.32.40.0/22 maxlen: 24
37.32.42.0/24 maxlen: 24
185.212.48.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Dec 2024 07:28:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a9:f5:8d:ea:25:a0:d9:9c:47:a5:4e:9e:7e:7c:34:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Dec 9 05:47:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3eb038148b9a2d66c7824cca5c4db0e6233971ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c7:d3:24:40:84:79:6a:e8:be:bb:87:fd:57:
7b:8b:e1:56:1c:9d:8f:b9:2e:83:e2:23:e9:47:1e:
f5:97:30:01:6e:8b:af:96:75:5d:ff:f9:c9:6c:ce:
74:81:00:6b:e4:70:26:56:b0:63:37:00:a0:87:34:
62:c2:20:02:8a:b9:d7:80:53:df:6b:ba:98:c6:c8:
38:d3:36:f9:84:59:3a:03:4f:6c:d0:b8:d4:68:a4:
b5:38:f8:b7:1e:6f:ce:75:08:e9:aa:bf:ed:3b:4e:
4b:07:59:d0:d3:c8:f6:bb:80:fe:25:91:32:4a:0e:
33:19:a7:62:c3:a0:59:d1:29:b1:54:1f:e3:cd:8b:
9e:59:23:f1:74:72:8a:3f:9e:93:d0:90:3f:2d:2d:
f8:f0:6f:59:e3:85:90:c6:85:f5:11:d5:03:4c:cd:
56:a7:c0:ff:4c:23:08:fe:a8:2c:49:ce:56:8c:52:
bb:58:9c:39:7a:45:74:f4:65:da:cc:1e:6b:b4:15:
db:9d:30:a9:a6:ca:25:dc:70:0b:b0:5f:d9:93:55:
b5:32:f6:ba:6d:63:42:3c:c1:44:f6:bc:5f:26:dd:
70:70:3e:41:8f:e7:59:13:6b:10:c0:4f:a7:5e:39:
e0:ca:66:f3:80:13:40:42:45:73:98:ec:6a:18:f6:
d4:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:B0:38:14:8B:9A:2D:66:C7:82:4C:CA:5C:4D:B0:E6:23:39:71:FF
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/PrA4FIuaLWbHgkzKXE2w5iM5cf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.128.0/22
5.57.34.0/24
37.32.40.0/22
185.212.48.0/24
Signature Algorithm: sha256WithRSAEncryption
15:1f:00:65:5a:55:53:1f:9c:d7:0c:1c:67:2a:71:38:6f:b7:
06:de:c1:41:23:27:6b:d7:9b:ca:34:1f:f8:d5:36:3e:b5:45:
82:7c:3f:0d:71:18:0a:e1:41:c9:0a:8f:27:d7:87:13:43:ab:
ab:ee:97:c3:b1:7f:c6:49:a9:b8:8f:3f:89:3b:1f:7e:6e:5c:
24:53:35:74:a2:3d:2d:f2:96:59:15:68:08:2f:dd:2e:12:d4:
57:e1:11:3c:84:20:d1:51:bc:e4:d8:d7:f0:cc:b2:88:fe:1b:
12:51:1d:8c:8d:7c:9a:55:0e:08:02:ef:b3:08:d5:14:f6:f3:
e3:ba:aa:19:65:01:1b:e6:9d:ab:52:db:cc:0a:23:9c:32:df:
12:44:74:73:e5:d4:29:fd:6d:e4:81:13:38:14:5a:bd:12:16:
69:10:f3:3c:03:3d:56:08:6a:ef:28:e3:53:96:f1:c5:30:4c:
6e:a3:a7:95:ed:00:6a:3e:af:26:56:74:7e:5b:57:4b:b1:a7:
c6:91:93:46:e4:ac:c4:d7:fe:83:16:e0:bd:a2:3d:4f:79:4d:
8a:b1:25:ee:38:80:c9:db:2a:19:24:99:7e:91:9b:63:d5:8d:
5d:19:fb:a5:ea:36:65:ac:28:40:b1:c5:20:73:be:79:41:53:
d2:05:8c:6e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZOp9Y3qJaDZnEelTp5+fDSaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjQxMjA5MDU0NzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWIwMzgxNDhiOWEyZDY2Yzc4MjRjY2E1YzRkYjBlNjIzMzk3MWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8fTJECEeWrovruH/Vd7i+FWHJ2P
uS6D4iPpRx71lzABbouvlnVd//nJbM50gQBr5HAmVrBjNwCghzRiwiACirnXgFPf
a7qYxsg40zb5hFk6A09s0LjUaKS1OPi3Hm/OdQjpqr/tO05LB1nQ08j2u4D+JZEy
Sg4zGadiw6BZ0SmxVB/jzYueWSPxdHKKP56T0JA/LS348G9Z44WQxoX1EdUDTM1W
p8D/TCMI/qgsSc5WjFK7WJw5ekV09GXazB5rtBXbnTCppsol3HALsF/Zk1W1Mva6
bWNCPMFE9rxfJt1wcD5Bj+dZE2sQwE+nXjngymbzgBNAQkVzmOxqGPbUqQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD6wOBSLmi1mx4JMylxNsOYjOXH/MB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvUHJBNEZJdWFMV2JIZ2t6S1hFMnc1aU01Y2Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBTiAAwQA
BTkiAwQCJSAoAwQAudQwMA0GCSqGSIb3DQEBCwUAA4IBAQAVHwBlWlVTH5zXDBxn
KnE4b7cG3sFBIydr15vKNB/41TY+tUWCfD8NcRgK4UHJCo8n14cTQ6ur7pfDsX/G
Sam4jz+JOx9+blwkUzV0oj0t8pZZFWgIL90uEtRX4RE8hCDRUbzk2NfwzLKI/hsS
UR2MjXyaVQ4IAu+zCNUU9vPjuqoZZQEb5p2rUtvMCiOcMt8SRHRz5dQp/W3kgRM4
FFq9EhZpEPM8Az1WCGrvKONTlvHFMExuo6eV7QBqPq8mVnR+W1dLsafGkZNG5KzE
1/6DFuC9oj1PeU2KsSXuOIDJ2yoZJJl+kZtj1Y1dGful6jZlrChAscUgc755QVPS
BYxu
-----END CERTIFICATE-----
Generated at Wed Apr 23 07:34:40 2025 by rpki-client