Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/ArkgzYfV9xHzughAsZkex37Xe1U.roa
File: ArkgzYfV9xHzughAsZkex37Xe1U.roa (raw, json)
Hash identifier: kx4W4ScCI5AzjCxGAfBsrlnbZGQuOJX2q8xFI3nQyVM=
Subject key identifier: 02:B9:20:CD:87:D5:F7:11:F3:BA:08:40:B1:99:1E:C7:7E:D7:7B:55
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018E99059AD9E4E77BDF8E17765D456F3BDD
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/ArkgzYfV9xHzughAsZkex37Xe1U.roa
Signing time: Mon 01 Apr 2024 09:37:45 +0000
ROA not before: Mon 01 Apr 2024 09:37:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35177
IP address blocks: 5.139.192.0/19 maxlen: 19
85.173.136.0/21 maxlen: 21
178.35.192.0/19 maxlen: 19
Validation: Failed, certificate revoked on Tue 16 Apr 2024 08:26:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:99:05:9a:d9:e4:e7:7b:df:8e:17:76:5d:45:6f:3b:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 1 09:37:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02b920cd87d5f711f3ba0840b1991ec77ed77b55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:26:d5:2b:10:76:fb:d9:9c:e8:14:ec:6c:25:
79:fa:9b:5b:bb:9d:fd:54:3e:72:48:92:ff:3d:27:
b3:91:97:33:45:fa:0a:8d:1d:0e:da:65:a4:51:45:
64:9e:63:dd:fb:2e:9d:4c:dd:43:a4:b2:0a:72:49:
e3:c3:66:70:93:c1:73:f6:01:01:3f:9c:7a:cf:c4:
38:50:ef:bc:83:1f:ca:df:a0:06:f3:20:ae:88:c4:
c5:da:7b:42:ae:a1:94:21:4e:67:e5:f7:81:63:c4:
90:47:69:a2:c0:85:33:b4:bc:d9:79:a5:6b:0f:0d:
b6:31:21:3a:2d:c2:79:ba:3d:4d:17:65:17:42:f0:
b4:32:df:04:9b:a5:7f:cb:9b:52:10:d0:09:7f:a1:
92:0f:1a:fd:55:13:d6:7e:ed:0a:fb:b6:c0:5f:5d:
e9:d1:2d:b8:51:07:83:51:a1:f1:a9:df:03:87:09:
dc:4f:2d:14:96:19:24:38:58:0a:e1:72:8b:54:5a:
7a:56:37:c5:b0:16:f4:56:22:e2:18:58:f1:dc:c3:
88:be:3f:a0:cc:18:8d:f2:f1:18:9f:37:0d:40:86:
96:45:d1:7c:d1:66:1e:0a:f2:f2:78:94:fc:30:4c:
4e:9f:99:e1:5f:8b:e8:af:64:4f:b8:82:b2:75:37:
54:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:B9:20:CD:87:D5:F7:11:F3:BA:08:40:B1:99:1E:C7:7E:D7:7B:55
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/ArkgzYfV9xHzughAsZkex37Xe1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.139.192.0/19
85.173.136.0/21
178.35.192.0/19
Signature Algorithm: sha256WithRSAEncryption
80:12:e3:cb:39:ce:93:be:57:50:a3:f3:74:89:9b:33:7c:0c:
cc:d3:8c:de:5c:51:cb:49:fc:aa:2f:44:89:a4:a7:b0:ef:65:
00:48:29:ef:cd:fc:73:3b:5f:5c:0b:8e:1f:1e:2d:88:d7:38:
f0:4e:c4:d8:ce:50:96:a4:37:08:64:e3:a4:0e:aa:5d:e1:7e:
88:53:e9:d1:7b:ff:42:ac:f2:43:57:29:51:7c:6b:73:03:74:
1e:0b:01:a1:9a:aa:6b:4e:71:64:ce:d2:0b:d5:5f:66:86:e9:
20:f8:03:41:ae:d7:3d:cd:ab:e0:71:34:f5:07:60:5c:73:01:
9d:cb:9a:12:6c:ad:e7:cb:83:db:94:ec:3e:51:ac:7b:d2:ba:
c4:94:8d:7d:d1:88:28:86:db:3d:68:c4:c6:10:ce:90:38:4a:
63:50:eb:35:90:e4:28:40:10:0e:60:fa:4a:36:44:b3:49:fa:
fa:be:14:46:47:ea:b6:98:ce:9c:13:eb:46:19:5e:e6:05:de:
3b:96:39:04:af:36:ac:2e:b8:ec:d3:57:31:1c:15:e7:9c:8a:
07:29:6d:c0:7a:3c:6f:70:aa:97:1b:70:30:01:a7:db:9d:48:
85:57:cb:45:94:68:5f:43:b7:92:c9:90:e0:b9:c7:34:ee:95:
72:18:7a:e3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6ZBZrZ5Od7344Xdl1FbzvdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDAxMDkzNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmI5MjBjZDg3ZDVmNzExZjNiYTA4NDBiMTk5MWVjNzdlZDc3YjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ibVKxB2+9mc6BTsbCV5+ptbu539
VD5ySJL/PSezkZczRfoKjR0O2mWkUUVknmPd+y6dTN1DpLIKcknjw2Zwk8Fz9gEB
P5x6z8Q4UO+8gx/K36AG8yCuiMTF2ntCrqGUIU5n5feBY8SQR2miwIUztLzZeaVr
Dw22MSE6LcJ5uj1NF2UXQvC0Mt8Em6V/y5tSENAJf6GSDxr9VRPWfu0K+7bAX13p
0S24UQeDUaHxqd8DhwncTy0UlhkkOFgK4XKLVFp6VjfFsBb0ViLiGFjx3MOIvj+g
zBiN8vEYnzcNQIaWRdF80WYeCvLyeJT8MExOn5nhX4vor2RPuIKydTdUgQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAK5IM2H1fcR87oIQLGZHsd+13tVMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvQXJrZ3pZZlY5eEh6dWdoQXNaa2V4MzdYZTFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFBYvAAwQD
Va2IAwQFsiPAMA0GCSqGSIb3DQEBCwUAA4IBAQCAEuPLOc6TvldQo/N0iZszfAzM
04zeXFHLSfyqL0SJpKew72UASCnvzfxzO19cC44fHi2I1zjwTsTYzlCWpDcIZOOk
Dqpd4X6IU+nRe/9CrPJDVylRfGtzA3QeCwGhmqprTnFkztIL1V9mhukg+ANBrtc9
zavgcTT1B2BccwGdy5oSbK3ny4PblOw+Uax70rrElI190Ygohts9aMTGEM6QOEpj
UOs1kOQoQBAOYPpKNkSzSfr6vhRGR+q2mM6cE+tGGV7mBd47ljkErzasLrjs01cx
HBXnnIoHKW3AejxvcKqXG3AwAafbnUiFV8tFlGhfQ7eSyZDgucc07pVyGHrj
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:55:10 2025 by rpki-client