Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/pMAqQ7BwpwBmJMmao5d0W7_2pfU.roa
File: pMAqQ7BwpwBmJMmao5d0W7_2pfU.roa (raw, json)
Hash identifier: hTd1o5M8piIbS+Kg5f8J9FMM1YFhKL7HUJ5e6D2br90=
Subject key identifier: A4:C0:2A:43:B0:70:A7:00:66:24:C9:9A:A3:97:74:5B:BF:F6:A5:F5
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018E5AD2C1280996A316658EF8AC3F882035
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/pMAqQ7BwpwBmJMmao5d0W7_2pfU.roa
Signing time: Wed 20 Mar 2024 07:45:45 +0000
ROA not before: Wed 20 Mar 2024 07:45:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198427
IP address blocks: 5.182.112.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
88.209.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Apr 2024 10:31:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5a:d2:c1:28:09:96:a3:16:65:8e:f8:ac:3f:88:20:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 20 07:45:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4c02a43b070a7006624c99aa397745bbff6a5f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:8f:9d:be:48:4b:f0:3e:a0:ec:73:2f:6c:fe:
db:af:02:5a:eb:25:6b:07:72:13:6f:78:fe:72:c7:
ec:8b:18:22:0d:a1:36:b6:d9:dc:2f:b1:dd:23:01:
b4:00:ff:a1:55:90:25:21:95:cf:01:d4:5f:03:cf:
8b:e5:c6:3f:0b:32:7d:58:6b:23:e7:bf:78:2c:92:
89:fa:94:4a:59:02:77:c4:72:f2:c2:c1:f4:53:a6:
33:e7:01:ec:9e:91:5c:0b:78:56:31:45:0a:66:2b:
ab:66:1f:60:8f:9b:33:bd:5e:31:a2:46:7f:32:11:
81:b8:21:b1:af:71:af:8b:25:65:a6:29:f8:9e:72:
13:8c:36:a6:c3:fd:2c:42:1a:4e:94:a7:5c:8c:06:
4e:98:18:24:38:12:ad:92:4a:3d:36:48:a5:96:45:
77:b4:5a:f3:ce:fb:97:2e:71:b3:35:ca:37:70:85:
3f:cf:20:83:71:83:17:f1:80:32:e5:fe:89:26:53:
da:f7:e9:50:06:42:9b:09:e7:67:31:02:f6:24:c8:
f3:35:c5:8c:26:0d:3d:cf:a9:d3:5f:e6:f0:fc:1a:
61:a4:9f:00:19:43:d5:a0:38:83:8f:f7:02:bb:bd:
cb:8d:a4:11:09:d6:16:33:83:6e:e8:16:14:a6:53:
5c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:C0:2A:43:B0:70:A7:00:66:24:C9:9A:A3:97:74:5B:BF:F6:A5:F5
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/pMAqQ7BwpwBmJMmao5d0W7_2pfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
83.137.153.0/24
83.137.156.0/24
88.209.205.0/24
Signature Algorithm: sha256WithRSAEncryption
18:9a:67:8f:8c:dc:a3:d2:d4:fc:69:08:19:41:70:63:c9:18:
ec:b1:ff:df:8a:78:55:ba:f9:10:db:bf:35:98:eb:e8:f1:e8:
1c:14:78:82:37:87:3a:9b:ff:87:af:83:e6:14:43:66:7d:c9:
45:ba:a5:ab:19:d5:3f:91:bb:51:b4:77:8a:45:14:2b:4c:c4:
9c:28:12:03:4a:30:d7:79:d2:c3:f7:d6:a1:62:29:ac:6f:0c:
39:ec:31:7f:e0:e7:01:3f:43:1c:68:7f:76:cd:06:11:21:71:
60:4a:f3:bf:f4:45:8b:d0:8a:83:18:78:ad:ba:d5:59:1d:02:
eb:5b:55:5c:ab:a8:3b:8b:23:2b:14:63:0e:61:67:50:6f:08:
54:fb:c0:7f:17:0f:3f:43:c9:17:bc:e6:6b:e2:cc:a3:34:12:
0a:17:7c:f7:41:62:1c:aa:38:11:31:d0:7a:0b:b4:3f:01:1e:
20:e6:00:98:bc:c8:a2:15:14:54:cb:f5:9e:a7:05:3c:14:49:
1e:1a:29:88:e7:a0:48:76:12:e4:07:1e:63:15:3d:4a:4c:94:
88:40:53:ba:9a:57:db:45:10:3a:f9:28:41:3b:86:a1:ff:e3:
04:70:bf:7e:81:48:90:56:e9:1b:ee:e0:16:9b:32:cb:93:4e:
b6:6e:91:a4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY5a0sEoCZajFmWO+Kw/iCA1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMzIwMDc0NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGMwMmE0M2IwNzBhNzAwNjYyNGM5OWFhMzk3NzQ1YmJmZjZhNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4+dvkhL8D6g7HMvbP7brwJa6yVr
B3ITb3j+csfsixgiDaE2ttncL7HdIwG0AP+hVZAlIZXPAdRfA8+L5cY/CzJ9WGsj
5794LJKJ+pRKWQJ3xHLywsH0U6Yz5wHsnpFcC3hWMUUKZiurZh9gj5szvV4xokZ/
MhGBuCGxr3GviyVlpin4nnITjDamw/0sQhpOlKdcjAZOmBgkOBKtkko9NkillkV3
tFrzzvuXLnGzNco3cIU/zyCDcYMX8YAy5f6JJlPa9+lQBkKbCednMQL2JMjzNcWM
Jg09z6nTX+bw/BphpJ8AGUPVoDiDj/cCu73LjaQRCdYWM4Nu6BYUplNcmwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKTAKkOwcKcAZiTJmqOXdFu/9qX1MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvcE1BcVE3Qndwd0JtSk1tYW81ZDBXN18ycGZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABbZwAwQA
U4mZAwQAU4mcAwQAWNHNMA0GCSqGSIb3DQEBCwUAA4IBAQAYmmePjNyj0tT8aQgZ
QXBjyRjssf/finhVuvkQ2781mOvo8egcFHiCN4c6m/+Hr4PmFENmfclFuqWrGdU/
kbtRtHeKRRQrTMScKBIDSjDXedLD99ahYimsbww57DF/4OcBP0McaH92zQYRIXFg
SvO/9EWL0IqDGHitutVZHQLrW1Vcq6g7iyMrFGMOYWdQbwhU+8B/Fw8/Q8kXvOZr
4syjNBIKF3z3QWIcqjgRMdB6C7Q/AR4g5gCYvMiiFRRUy/WepwU8FEkeGimI56BI
dhLkBx5jFT1KTJSIQFO6mlfbRRA6+ShBO4ah/+MEcL9+gUiQVukb7uAWmzLLk062
bpGk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org