Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/2VnarzfxCTWgEnxOLan-BM0-feg.roa
File: 2VnarzfxCTWgEnxOLan-BM0-feg.roa (raw, json)
Hash identifier: oMOQILlsnyZD7U3C1NYaLjRdEyLZu0FrKijTf//P+OE=
Subject key identifier: D9:59:DA:AF:37:F1:09:35:A0:12:7C:4E:2D:A9:FE:04:CD:3E:7D:E8
Certificate issuer: /CN=e4c86da3f483246518d368034bc86113906a55a3
Certificate serial: 019270FE61172A39B0A62AE3F931CE48B760
Authority key identifier: E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/2VnarzfxCTWgEnxOLan-BM0-feg.roa
Signing time: Wed 09 Oct 2024 11:16:11 +0000
ROA not before: Wed 09 Oct 2024 11:16:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29512
IP address blocks: 5.39.192.0/22 maxlen: 22
79.110.0.0/20 maxlen: 24
94.231.224.0/20 maxlen: 24
195.140.236.0/22 maxlen: 24
2a00:fbc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 09 Oct 2024 11:38:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:70:fe:61:17:2a:39:b0:a6:2a:e3:f9:31:ce:48:b7:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4c86da3f483246518d368034bc86113906a55a3
Validity
Not Before: Oct 9 11:16:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d959daaf37f10935a0127c4e2da9fe04cd3e7de8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9e:26:db:86:16:16:9b:59:10:38:22:00:20:
34:6e:1d:66:92:e6:80:2f:58:d0:66:f1:ec:65:00:
49:ef:fe:23:06:38:c9:43:f0:9e:a1:69:4e:62:25:
36:d4:83:9b:e2:be:ba:ab:29:44:23:f4:52:ea:47:
69:a8:b3:ee:ed:c6:35:88:da:0a:f8:e0:eb:4f:ad:
7e:15:3d:15:f3:9c:5c:bf:8e:0c:21:c9:8d:4e:c1:
24:07:6c:50:da:c6:df:64:33:55:49:14:c1:eb:44:
a0:95:0e:ad:45:bf:11:8a:fe:ee:54:dd:4f:60:c3:
c2:22:c7:13:26:20:73:a7:15:16:b6:cf:b5:dc:1b:
35:5f:32:0b:15:22:58:1c:b1:4c:d8:8c:5c:20:c3:
65:30:6d:c0:32:59:19:fd:5c:01:b5:75:f5:6b:5a:
d2:77:83:34:a7:c5:c9:8a:4b:82:47:9c:aa:63:3f:
4d:bd:61:66:df:da:90:7b:1f:fe:2a:28:4e:b9:3b:
21:4d:e0:52:8c:ba:fd:6e:2c:b4:fe:ff:b2:91:52:
c6:b9:86:73:1d:fc:65:18:79:2d:eb:92:9b:a8:28:
03:6e:46:78:30:ed:06:f7:f1:af:c5:3f:51:a0:33:
6d:56:45:af:c0:0d:72:89:08:a9:e2:24:6d:1b:3f:
65:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:59:DA:AF:37:F1:09:35:A0:12:7C:4E:2D:A9:FE:04:CD:3E:7D:E8
X509v3 Authority Key Identifier:
keyid:E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/2VnarzfxCTWgEnxOLan-BM0-feg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/5Mhto_SDJGUY02gDS8hhE5BqVaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.192.0/22
79.110.0.0/20
94.231.224.0/20
195.140.236.0/22
IPv6:
2a00:fbc0::/29
Signature Algorithm: sha256WithRSAEncryption
37:1d:4a:c8:6b:d7:a6:2d:34:b4:b2:24:54:4c:4d:85:40:47:
d5:0e:85:c9:ca:97:14:1c:37:42:ed:cf:3c:c9:27:e2:b4:e7:
1a:db:cd:be:12:ae:15:f3:e9:22:52:91:34:11:88:15:6f:3a:
0e:9d:ef:93:35:67:f9:10:40:8e:20:6e:6d:01:17:e6:c4:5c:
0a:d2:f7:7a:8f:d3:b9:99:86:37:10:99:ce:a7:89:1e:d6:ac:
b2:60:2f:02:8d:c0:35:17:57:ab:c3:1a:9e:e8:b8:e6:e7:14:
22:e6:5a:11:e9:23:9c:ca:0b:6c:c0:c9:41:c4:58:6a:40:3c:
0c:d7:bc:4d:ae:eb:1e:30:20:ef:a4:e2:35:a9:b4:fb:7f:46:
df:ae:7d:fe:25:16:f1:1f:47:ef:53:4f:0d:2e:9a:52:68:aa:
7e:cc:a2:05:08:c2:19:67:7d:4e:e1:00:d2:d2:7a:d4:ac:78:
62:37:1a:98:81:6d:96:7a:6f:97:9b:87:3e:54:88:f9:f6:81:
03:7a:1e:bd:fd:92:f8:14:66:4b:af:68:a8:85:f0:fc:cc:de:
d1:7f:45:8c:d5:60:85:60:9e:13:b5:0a:71:6f:e7:ef:31:3d:
45:35:00:f8:f0:fb:ee:99:56:3e:d8:2b:00:49:75:c6:1e:d9:
61:6f:2b:13
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZJw/mEXKjmwpirj+THOSLdgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0Yzg2ZGEzZjQ4MzI0NjUxOGQzNjgwMzRiYzg2MTEzOTA2
YTU1YTMwHhcNMjQxMDA5MTExNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTU5ZGFhZjM3ZjEwOTM1YTAxMjdjNGUyZGE5ZmUwNGNkM2U3ZGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZ4m24YWFptZEDgiACA0bh1mkuaA
L1jQZvHsZQBJ7/4jBjjJQ/CeoWlOYiU21IOb4r66qylEI/RS6kdpqLPu7cY1iNoK
+ODrT61+FT0V85xcv44MIcmNTsEkB2xQ2sbfZDNVSRTB60SglQ6tRb8Riv7uVN1P
YMPCIscTJiBzpxUWts+13Bs1XzILFSJYHLFM2IxcIMNlMG3AMlkZ/VwBtXX1a1rS
d4M0p8XJikuCR5yqYz9NvWFm39qQex/+KihOuTshTeBSjLr9biy0/v+ykVLGuYZz
HfxlGHkt65KbqCgDbkZ4MO0G9/GvxT9RoDNtVkWvwA1yiQip4iRtGz9lYwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNlZ2q838Qk1oBJ8Ti2p/gTNPn3oMB8GA1UdIwQY
MBaAFOTIbaP0gyRlGNNoA0vIYROQalWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTct
YzUxMWEzZTkxMmI2LzEvMlZuYXJ6ZnhDVFdnRW54T0xhbi1CTTAtZmVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTctYzUxMWEzZTkxMmI2
LzEvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCBSfAAwQE
T24AAwQEXufgAwQCw4zsMA0EAgACMAcDBQMqAPvAMA0GCSqGSIb3DQEBCwUAA4IB
AQA3HUrIa9emLTS0siRUTE2FQEfVDoXJypcUHDdC7c88ySfitOca282+Eq4V8+ki
UpE0EYgVbzoOne+TNWf5EECOIG5tARfmxFwK0vd6j9O5mYY3EJnOp4ke1qyyYC8C
jcA1F1erwxqe6Ljm5xQi5loR6SOcygtswMlBxFhqQDwM17xNruseMCDvpOI1qbT7
f0bfrn3+JRbxH0fvU08NLppSaKp+zKIFCMIZZ31O4QDS0nrUrHhiNxqYgW2Wem+X
m4c+VIj59oEDeh69/ZL4FGZLr2iohfD8zN7Rf0WM1WCFYJ4TtQpxb+fvMT1FNQD4
8PvumVY+2CsASXXGHtlhbysT
-----END CERTIFICATE-----
Generated at Sat May 10 13:27:04 2025 by rpki-client