Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Pu6zE0qi1TM23hXheVcESN_oNFo.roa
File: Pu6zE0qi1TM23hXheVcESN_oNFo.roa (raw, json)
Hash identifier: IQ4PeZUeQM6GIaqznV+8NzwCe/enJhGlQfnQ3IdcVMM=
Subject key identifier: 3E:EE:B3:13:4A:A2:D5:33:36:DE:15:E1:79:57:04:48:DF:E8:34:5A
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0191C7EDE7E9FF9E03A656BE612DA926BAE4
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Pu6zE0qi1TM23hXheVcESN_oNFo.roa
Signing time: Fri 06 Sep 2024 15:22:22 +0000
ROA not before: Fri 06 Sep 2024 15:22:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198427
IP address blocks: 5.182.112.0/24 maxlen: 24
77.242.154.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Oct 2024 12:56:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c7:ed:e7:e9:ff:9e:03:a6:56:be:61:2d:a9:26:ba:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Sep 6 15:22:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3eeeb3134aa2d53336de15e179570448dfe8345a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:fa:63:bf:40:de:2c:16:8d:e0:b0:a2:ac:7e:
b5:cc:6a:69:b9:e9:ef:a9:24:a7:5a:20:92:20:51:
09:80:fd:3c:ce:24:4e:a9:1a:e0:d6:6a:dd:32:07:
94:a8:4d:1a:5c:7b:bf:4c:27:c9:5d:59:c6:1e:04:
28:2b:69:e5:f1:a8:df:bb:ee:ef:40:86:a2:03:b8:
cd:e2:d3:4c:ef:31:cb:6e:2a:45:62:b2:3e:f2:ef:
09:6c:3b:57:8d:3b:b0:e4:e8:65:7f:c4:c1:64:fc:
be:5f:c1:5a:fd:93:71:98:68:f8:fb:d3:c7:fb:8a:
63:be:f5:2c:e1:09:2c:66:04:75:89:e2:93:70:ad:
9b:02:76:62:ef:8b:de:4f:4d:d3:82:46:5f:ba:4b:
19:eb:28:5f:fc:84:5c:61:b8:3a:14:29:01:c4:68:
a2:f0:c1:6a:3f:47:3e:f2:40:70:82:fa:c8:6a:83:
2c:6d:f6:69:99:50:5c:5e:8e:de:f8:c7:b2:fd:c1:
52:e5:23:24:9f:86:5b:e9:4c:4d:28:27:43:24:2d:
a3:85:40:9f:ce:ee:2a:50:36:74:68:c9:e1:6f:67:
5c:81:d6:71:d9:3e:9d:af:3e:fa:45:89:06:c5:71:
dc:12:d2:e8:46:73:2a:fb:ca:b5:f0:5e:ad:6e:b5:
54:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:EE:B3:13:4A:A2:D5:33:36:DE:15:E1:79:57:04:48:DF:E8:34:5A
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Pu6zE0qi1TM23hXheVcESN_oNFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
77.242.154.0/24
83.137.153.0/24
83.137.156.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:9d:f4:e4:2e:ff:f5:6f:de:99:54:35:66:b7:f1:f0:0a:ce:
3f:31:33:3e:d4:61:dd:a6:8d:0a:29:98:1d:e5:c2:ad:71:8f:
62:0b:1a:b6:a4:18:2d:22:a7:8a:d2:86:68:ad:95:f8:b5:5f:
d2:39:43:df:8a:29:e3:ce:53:36:b3:1e:49:db:2f:ac:6d:ff:
7f:57:e9:a8:6d:39:6c:b4:ba:46:de:69:e4:35:7d:c7:15:53:
84:2e:4f:6f:67:4a:dc:a2:30:6f:8f:09:8a:dd:1d:b6:59:c5:
21:bd:50:63:ba:ac:95:7f:54:d2:92:bb:68:6a:72:fd:78:ea:
b4:f8:ac:25:a0:5e:63:57:ea:7c:fd:3b:db:e2:91:28:aa:b5:
c4:b2:0d:ee:42:02:ce:b9:74:b7:05:38:27:fa:c6:b0:8d:25:
e4:c9:12:a5:97:c8:74:6a:f0:d7:13:6d:dc:50:8d:be:7d:4b:
11:7b:6a:f6:51:07:44:5d:48:ee:2b:95:d9:14:13:47:16:53:
31:3c:98:5f:c3:47:94:49:7d:76:3d:09:b8:75:99:89:dd:b4:
34:53:7d:b0:ca:41:e0:af:b5:41:71:9e:2e:f7:d9:1a:7a:a8:
a9:c7:41:14:7b:a9:91:eb:8b:90:f5:23:62:0e:b2:fc:fe:59:
cb:cb:dd:f4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZHH7efp/54Dpla+YS2pJrrkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwOTA2MTUyMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWVlYjMxMzRhYTJkNTMzMzZkZTE1ZTE3OTU3MDQ0OGRmZTgzNDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5/pjv0DeLBaN4LCirH61zGppuenv
qSSnWiCSIFEJgP08ziROqRrg1mrdMgeUqE0aXHu/TCfJXVnGHgQoK2nl8ajfu+7v
QIaiA7jN4tNM7zHLbipFYrI+8u8JbDtXjTuw5Ohlf8TBZPy+X8Fa/ZNxmGj4+9PH
+4pjvvUs4QksZgR1ieKTcK2bAnZi74veT03TgkZfuksZ6yhf/IRcYbg6FCkBxGii
8MFqP0c+8kBwgvrIaoMsbfZpmVBcXo7e+Mey/cFS5SMkn4Zb6UxNKCdDJC2jhUCf
zu4qUDZ0aMnhb2dcgdZx2T6drz76RYkGxXHcEtLoRnMq+8q18F6tbrVUTQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD7usxNKotUzNt4V4XlXBEjf6DRaMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvUHU2ekUwcWkxVE0yM2hYaGVWY0VTTl9vTkZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABbZwAwQA
TfKaAwQAU4mZAwQAU4mcMA0GCSqGSIb3DQEBCwUAA4IBAQBNnfTkLv/1b96ZVDVm
t/HwCs4/MTM+1GHdpo0KKZgd5cKtcY9iCxq2pBgtIqeK0oZorZX4tV/SOUPfiinj
zlM2sx5J2y+sbf9/V+mobTlstLpG3mnkNX3HFVOELk9vZ0rcojBvjwmK3R22WcUh
vVBjuqyVf1TSkrtoanL9eOq0+KwloF5jV+p8/Tvb4pEoqrXEsg3uQgLOuXS3BTgn
+sawjSXkyRKll8h0avDXE23cUI2+fUsRe2r2UQdEXUjuK5XZFBNHFlMxPJhfw0eU
SX12PQm4dZmJ3bQ0U32wykHgr7VBcZ4u99kaeqipx0EUe6mR64uQ9SNiDrL8/lnL
y930
-----END CERTIFICATE-----
Generated at Fri Oct 18 16:42:25 2024 by rpki-client on console-ams.rpki-client.org