Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/hW0YvHkELt0dKih3ky5UFyzfaYs.roa
File: hW0YvHkELt0dKih3ky5UFyzfaYs.roa (raw, json)
Hash identifier: VtAPZngLmuFSjp2qoKI3xYlJKkqhzZQheTbUfSjtpWI=
Subject key identifier: 85:6D:18:BC:79:04:2E:DD:1D:2A:28:77:93:2E:54:17:2C:DF:69:8B
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 01924248C464ABAD4F45F7851285600D3E33
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/hW0YvHkELt0dKih3ky5UFyzfaYs.roa
Signing time: Mon 30 Sep 2024 09:35:18 +0000
ROA not before: Mon 30 Sep 2024 09:35:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50129
IP address blocks: 5.187.38.0/24 maxlen: 24
5.187.39.0/24 maxlen: 24
185.104.153.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Oct 2024 18:15:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:42:48:c4:64:ab:ad:4f:45:f7:85:12:85:60:0d:3e:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Sep 30 09:35:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=856d18bc79042edd1d2a2877932e54172cdf698b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:90:da:2a:a1:92:37:43:a6:ff:4d:cd:8e:38:
d3:60:b3:93:9e:d4:23:1d:ff:c1:25:8b:ba:35:fd:
5d:53:16:32:dc:82:75:5b:8a:74:2a:b0:de:7c:79:
af:10:aa:32:8c:9b:06:73:db:60:10:d0:c3:89:41:
92:00:92:02:e1:56:fe:b9:10:79:cd:ec:70:b6:36:
bf:c6:4f:9d:2d:00:39:f7:ff:07:0b:0f:7f:aa:29:
6e:72:d0:31:a2:6e:1a:fd:56:1d:50:68:66:0f:17:
6a:ab:d8:17:2f:00:0e:75:1b:b7:41:88:e4:ac:8b:
e0:f0:c8:af:56:60:bf:5f:a5:ed:af:ae:3d:e7:2b:
6f:36:d2:9b:7b:82:c8:9d:71:8d:3f:da:54:3b:88:
be:86:fc:87:c7:54:87:d9:be:38:95:e3:d5:9b:39:
88:17:26:f8:7a:ee:40:cb:ee:52:72:8c:ae:ee:fb:
ca:c9:7e:9f:01:f6:6c:fb:bf:aa:74:03:1c:4f:99:
a2:b2:15:e8:ec:98:ac:5c:cb:b5:9d:f4:36:c1:07:
26:c5:67:50:48:b8:0e:b5:8b:ed:9c:45:79:5e:65:
6a:d1:96:5a:d9:cb:ad:48:2c:14:ca:27:96:6d:2c:
83:2f:da:51:bd:ed:dc:fd:9b:c8:60:c3:7e:2b:7d:
9e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:6D:18:BC:79:04:2E:DD:1D:2A:28:77:93:2E:54:17:2C:DF:69:8B
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/hW0YvHkELt0dKih3ky5UFyzfaYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.38.0/23
185.104.153.0/24
185.122.186.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:a1:b6:af:90:0f:2b:81:ee:82:bd:58:83:6f:e9:93:21:48:
66:20:45:e7:2c:6c:13:98:5d:c2:3a:fc:6e:4d:5a:e0:9d:64:
1a:02:25:33:00:2f:4c:20:20:b7:d0:47:7e:e0:6d:4a:0f:0d:
6c:ee:11:f8:85:89:45:7e:16:45:54:8d:4f:a7:5a:15:bc:c0:
0b:84:fc:d2:5d:76:23:41:78:e6:c9:00:6e:fb:a1:99:34:8b:
ac:fe:ac:a4:10:d8:66:04:e6:ac:df:64:02:89:a3:3d:8f:f8:
f9:b3:04:49:29:19:89:38:42:97:87:49:9d:5f:19:c0:bc:65:
89:2a:47:79:23:b2:fc:c3:7a:2e:a2:f0:c8:e1:a4:ea:f8:a9:
9f:89:dd:22:a1:8b:da:c2:5a:dd:64:3b:90:5a:83:07:23:91:
a1:ba:a7:f4:8c:28:d4:28:1d:f6:cd:08:cc:dd:d0:3c:4f:d2:
fa:86:45:85:19:5d:96:ac:c4:3c:9b:03:47:c7:2c:83:78:e1:
0a:a1:52:84:c8:e7:fc:a1:bc:4a:99:7d:4a:88:4d:57:11:4d:
91:15:6a:b8:8f:fd:4d:3b:11:5b:8d:05:c2:0c:47:12:9b:da:
e4:3f:21:84:1e:30:c2:37:96:fc:dd:90:12:64:86:6b:ea:93:
df:c2:e0:43
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZJCSMRkq61PRfeFEoVgDT4zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjQwOTMwMDkzNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTZkMThiYzc5MDQyZWRkMWQyYTI4Nzc5MzJlNTQxNzJjZGY2OThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJDaKqGSN0Om/03NjjjTYLOTntQj
Hf/BJYu6Nf1dUxYy3IJ1W4p0KrDefHmvEKoyjJsGc9tgENDDiUGSAJIC4Vb+uRB5
zexwtja/xk+dLQA59/8HCw9/qiluctAxom4a/VYdUGhmDxdqq9gXLwAOdRu3QYjk
rIvg8MivVmC/X6Xtr6495ytvNtKbe4LInXGNP9pUO4i+hvyHx1SH2b44lePVmzmI
Fyb4eu5Ay+5Scoyu7vvKyX6fAfZs+7+qdAMcT5mishXo7JisXMu1nfQ2wQcmxWdQ
SLgOtYvtnEV5XmVq0ZZa2cutSCwUyieWbSyDL9pRve3c/ZvIYMN+K32eCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIVtGLx5BC7dHSood5MuVBcs32mLMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvaFcwWXZIa0VMdDBkS2loM2t5NVVGeXpmYVlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBbsmAwQA
uWiZAwQBuXq6MA0GCSqGSIb3DQEBCwUAA4IBAQAeobavkA8rge6CvViDb+mTIUhm
IEXnLGwTmF3COvxuTVrgnWQaAiUzAC9MICC30Ed+4G1KDw1s7hH4hYlFfhZFVI1P
p1oVvMALhPzSXXYjQXjmyQBu+6GZNIus/qykENhmBOas32QCiaM9j/j5swRJKRmJ
OEKXh0mdXxnAvGWJKkd5I7L8w3ouovDI4aTq+Kmfid0ioYvawlrdZDuQWoMHI5Gh
uqf0jCjUKB32zQjM3dA8T9L6hkWFGV2WrMQ8mwNHxyyDeOEKoVKEyOf8obxKmX1K
iE1XEU2RFWq4j/1NOxFbjQXCDEcSm9rkPyGEHjDCN5b83ZASZIZr6pPfwuBD
-----END CERTIFICATE-----
Generated at Mon Oct 7 23:07:57 2024 by rpki-client on console-ams.rpki-client.org