Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/3iRHXU5iNujb5TDqT5WyGy-uM8k.roa
File: 3iRHXU5iNujb5TDqT5WyGy-uM8k.roa (raw, json)
Hash identifier: ezyQzB2V4qm+4IiVxdCoJfv+1UTVPs4RgQAP89hBHBg=
Subject key identifier: DE:24:47:5D:4E:62:36:E8:DB:E5:30:EA:4F:95:B2:1B:2F:AE:33:C9
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018EADDC854A8D175B22F0D4A7EE99945164
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/3iRHXU5iNujb5TDqT5WyGy-uM8k.roa
Signing time: Fri 05 Apr 2024 10:44:54 +0000
ROA not before: Fri 05 Apr 2024 10:44:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211619
IP address blocks: 5.182.115.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
77.242.152.0/24 maxlen: 24
77.242.154.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.158.0/24 maxlen: 24
88.209.205.0/24 maxlen: 24
88.209.206.0/24 maxlen: 24
88.209.219.0/24 maxlen: 24
88.209.228.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.236.0/24 maxlen: 24
88.209.237.0/24 maxlen: 24
88.209.238.0/24 maxlen: 24
88.209.239.0/24 maxlen: 24
88.209.254.0/24 maxlen: 24
92.52.217.0/24 maxlen: 24
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Apr 2024 11:11:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ad:dc:85:4a:8d:17:5b:22:f0:d4:a7:ee:99:94:51:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Apr 5 10:44:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de24475d4e6236e8dbe530ea4f95b21b2fae33c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b0:b6:fb:f4:68:03:fe:3d:85:34:d3:c3:55:
26:a5:ca:02:5e:c4:75:3a:f1:72:3e:15:bb:91:4a:
48:6a:ff:8c:8f:28:47:9d:38:39:e0:99:7a:a8:aa:
35:12:f7:d8:46:f5:f8:4e:91:f3:13:c6:d4:35:df:
63:d9:a6:5d:60:0f:dd:c8:0c:6c:8f:96:57:1a:d3:
13:21:99:4c:47:ee:2b:ee:c2:93:1f:e9:3d:cd:2d:
0f:be:33:3f:82:90:11:3f:77:03:f7:b6:97:31:72:
c5:cd:ba:68:86:51:b4:a2:14:72:25:77:49:b5:b9:
d7:1d:87:09:f0:0d:73:30:10:96:05:ab:e0:c0:a7:
14:67:53:08:60:25:93:cf:b2:1c:1d:ca:23:e7:7d:
32:c5:de:48:e3:20:11:d7:f5:c3:81:a2:cf:c8:11:
a6:88:f1:ee:7b:59:44:d1:d3:10:28:65:d0:bd:48:
f2:76:fd:cc:ad:97:85:1c:fe:18:18:5d:44:aa:4b:
59:0c:7b:05:5b:d1:b0:28:43:b9:2a:bf:32:50:db:
9d:33:51:a6:3f:1d:a6:e1:ca:4e:f6:1f:d4:db:fd:
61:16:da:53:bb:bd:9e:34:22:af:a8:e7:d4:cf:20:
ff:4a:ee:31:6b:52:f0:71:69:58:2d:5e:fa:f8:4e:
40:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:24:47:5D:4E:62:36:E8:DB:E5:30:EA:4F:95:B2:1B:2F:AE:33:C9
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/3iRHXU5iNujb5TDqT5WyGy-uM8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.115.0/24
45.9.168.0/24
77.242.152.0/24
77.242.154.0/24
83.137.157.0-83.137.158.255
88.209.205.0-88.209.206.255
88.209.219.0/24
88.209.228.0/24
88.209.236.0/22
88.209.254.0/24
92.52.217.0-92.52.218.255
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:12:71:c8:94:8b:be:82:eb:ab:be:1f:28:71:76:01:48:c0:
c0:5e:84:4b:71:31:39:7a:97:dd:b7:2d:f8:3f:b7:e4:f4:d6:
ea:a1:f8:47:06:4b:b2:16:ef:78:bb:e7:8a:2f:ff:04:46:7c:
2f:60:13:2c:76:40:62:88:76:15:b7:5a:78:5a:29:e2:6e:2c:
73:63:ed:1a:c6:8e:bf:11:4e:4b:9d:41:76:f2:a6:b1:e6:53:
1a:df:39:fd:f4:82:33:6f:be:f7:0d:49:f8:27:33:a6:e8:05:
c9:b0:2f:60:17:49:7f:f4:14:82:21:2c:85:8e:6d:57:eb:73:
d6:18:b9:18:cf:14:20:a4:97:50:a9:8d:48:28:e2:fa:b6:af:
7a:5c:36:53:c4:eb:a3:a0:1b:b0:0a:ba:d2:8c:f0:bd:99:56:
27:39:7a:ba:b2:ec:7f:c4:0e:25:bd:c0:4f:0e:e7:97:a0:ff:
82:fe:3b:5c:03:a0:fe:9e:49:f9:9c:b8:f3:3c:e2:67:33:3e:
f1:fe:66:22:54:8a:0e:b3:d0:05:f8:0a:0d:61:55:78:93:88:
df:a9:21:81:64:aa:3c:bb:0b:e1:dd:f7:ec:a5:89:30:a4:f5:
f7:26:3a:11:47:03:a5:4f:65:da:dd:56:7b:0a:1a:c6:91:ec:
e0:6d:24:7d
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAY6t3IVKjRdbIvDUp+6ZlFFkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwNDA1MTA0NDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTI0NDc1ZDRlNjIzNmU4ZGJlNTMwZWE0Zjk1YjIxYjJmYWUzM2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbC2+/RoA/49hTTTw1UmpcoCXsR1
OvFyPhW7kUpIav+MjyhHnTg54Jl6qKo1EvfYRvX4TpHzE8bUNd9j2aZdYA/dyAxs
j5ZXGtMTIZlMR+4r7sKTH+k9zS0PvjM/gpARP3cD97aXMXLFzbpohlG0ohRyJXdJ
tbnXHYcJ8A1zMBCWBavgwKcUZ1MIYCWTz7IcHcoj530yxd5I4yAR1/XDgaLPyBGm
iPHue1lE0dMQKGXQvUjydv3MrZeFHP4YGF1EqktZDHsFW9GwKEO5Kr8yUNudM1Gm
Px2m4cpO9h/U2/1hFtpTu72eNCKvqOfUzyD/Su4xa1LwcWlYLV76+E5A1QIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFN4kR11OYjbo2+Uw6k+VshsvrjPJMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvM2lSSFhVNWlOdWpiNVREcVQ1V3lHeS11TThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQABbZzAwQA
LQmoAwQATfKYAwQATfKaMAwDBABTiZ0DBABTiZ4wDAMEAFjRzQMEAFjRzgMEAFjR
2wMEAFjR5AMEAljR7AMEAFjR/jAMAwQAXDTZAwQAXDTaAwQAwikvMA0GCSqGSIb3
DQEBCwUAA4IBAQCMEnHIlIu+guurvh8ocXYBSMDAXoRLcTE5epfdty34P7fk9Nbq
ofhHBkuyFu94u+eKL/8ERnwvYBMsdkBiiHYVt1p4WinibixzY+0axo6/EU5LnUF2
8qax5lMa3zn99IIzb773DUn4JzOm6AXJsC9gF0l/9BSCISyFjm1X63PWGLkYzxQg
pJdQqY1IKOL6tq96XDZTxOujoBuwCrrSjPC9mVYnOXq6sux/xA4lvcBPDueXoP+C
/jtcA6D+nkn5nLjzPOJnMz7x/mYiVIoOs9AF+AoNYVV4k4jfqSGBZKo8uwvh3ffs
pYkwpPX3JjoRRwOlT2Xa3VZ7ChrGkezgbSR9
-----END CERTIFICATE-----
Generated at Wed Apr 24 13:50:29 2024 by rpki-client on console-fra.rpki-client.org