Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/LSRdX80dPXHjbO70cPk0BI2Blho.roa
File: LSRdX80dPXHjbO70cPk0BI2Blho.roa (raw, json)
Hash identifier: O0uzxGOZxcS+9wWBIBXXcXTxKcWyH1L75K9kmZBmTlM=
Subject key identifier: 2D:24:5D:5F:CD:1D:3D:71:E3:6C:EE:F4:70:F9:34:04:8D:81:96:1A
Certificate issuer: /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial: 018E790BE075D89A94B8B9CB235845BEBB56
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/LSRdX80dPXHjbO70cPk0BI2Blho.roa
Signing time: Tue 26 Mar 2024 04:36:45 +0000
ROA not before: Tue 26 Mar 2024 04:36:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58289
IP address blocks: 91.147.110.0/24 maxlen: 24
91.147.111.0/24 maxlen: 24
185.162.234.0/24 maxlen: 24
193.43.251.0/24 maxlen: 24
194.31.133.0/24 maxlen: 24
194.31.135.0/24 maxlen: 24
2a0e:6600::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 14 Jun 2024 05:25:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:79:0b:e0:75:d8:9a:94:b8:b9:cb:23:58:45:be:bb:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Validity
Not Before: Mar 26 04:36:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d245d5fcd1d3d71e36ceef470f934048d81961a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f3:51:14:ab:20:ea:40:40:1f:d0:f5:7a:b9:
c0:c8:17:5c:4a:11:19:ae:00:ce:b1:cf:3b:39:2d:
0e:80:11:a3:ad:a0:80:2b:8c:43:70:09:6b:b2:ea:
54:0c:6e:46:8e:05:44:dc:6d:6e:98:a2:86:5a:b0:
77:ef:d1:6d:07:77:67:3a:c4:d6:35:a7:89:9d:a9:
cd:81:d6:b7:a2:9a:44:36:ab:1b:04:8e:b8:1d:cf:
8a:e1:d5:69:f9:23:50:6e:f6:d1:06:24:4f:36:4a:
be:2c:ad:1b:df:eb:88:81:0d:0f:15:dc:cb:4a:20:
58:e8:f7:6b:f5:76:52:f3:1b:66:06:19:a7:65:89:
ff:12:47:84:57:df:73:78:c3:32:50:ab:94:d8:1d:
86:93:c4:58:67:8e:8d:f4:1f:41:e0:23:96:33:6e:
40:4d:07:0c:66:4f:30:a5:75:a7:ea:56:0e:8a:c0:
e0:0f:10:7f:69:7f:87:55:70:45:e2:34:9f:d4:86:
28:d8:4b:1a:ba:2d:cc:c3:70:15:1e:4b:5c:cd:45:
bd:c9:ad:6a:ed:8f:c5:b3:24:4f:9f:68:3a:e7:84:
4a:c0:d9:2f:ff:08:c7:dd:48:6e:2a:57:7f:67:b4:
ec:41:85:55:11:c7:b8:30:02:54:11:65:5f:bb:e6:
00:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:24:5D:5F:CD:1D:3D:71:E3:6C:EE:F4:70:F9:34:04:8D:81:96:1A
X509v3 Authority Key Identifier:
keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/LSRdX80dPXHjbO70cPk0BI2Blho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.110.0/23
185.162.234.0/24
193.43.251.0/24
194.31.133.0/24
194.31.135.0/24
IPv6:
2a0e:6600::/48
Signature Algorithm: sha256WithRSAEncryption
3d:0a:89:5b:b7:81:d4:c3:9b:13:97:0e:1b:58:7d:5f:42:d8:
79:a1:df:fa:44:af:75:fb:1f:32:54:33:91:88:d6:36:20:23:
bf:63:bf:52:00:2a:69:8c:06:fa:12:d2:a1:47:17:3b:58:d2:
ad:e7:e7:b1:07:8d:d1:70:d9:9b:01:e6:6f:7b:87:5c:22:04:
5a:ae:58:be:3e:15:dc:e2:84:05:9f:3b:e3:0d:11:44:4e:d8:
f9:76:bf:14:a4:43:eb:5c:f4:55:c6:ad:ae:73:f8:9f:d6:c4:
88:76:8d:b2:8f:5c:12:70:f2:52:1f:86:e8:f4:80:3b:85:90:
b6:d1:90:a2:e1:7b:31:ba:da:f3:96:ff:b6:d0:9a:97:8c:14:
55:66:ad:bf:f0:9e:1b:91:78:4d:7d:15:78:75:47:69:d1:b7:
9f:0b:ba:66:cc:aa:f0:8d:81:29:bd:1c:02:ce:05:98:cd:45:
de:4d:43:5c:27:a3:54:bc:54:6b:ee:0f:44:ce:1c:8a:eb:28:
b1:82:49:a5:9c:03:94:9b:2f:81:ae:01:4f:41:a5:c5:74:df:
be:3c:40:4d:60:3d:38:9c:e8:ca:e9:28:f4:63:69:9d:c4:6d:
17:cf:41:ea:e2:92:27:c8:04:c5:0e:2c:ee:3f:45:15:64:a0:
08:b2:97:f4
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY55C+B12JqUuLnLI1hFvrtWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjQwMzI2MDQzNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDI0NWQ1ZmNkMWQzZDcxZTM2Y2VlZjQ3MGY5MzQwNDhkODE5NjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPNRFKsg6kBAH9D1ernAyBdcShEZ
rgDOsc87OS0OgBGjraCAK4xDcAlrsupUDG5GjgVE3G1umKKGWrB379FtB3dnOsTW
NaeJnanNgda3oppENqsbBI64Hc+K4dVp+SNQbvbRBiRPNkq+LK0b3+uIgQ0PFdzL
SiBY6Pdr9XZS8xtmBhmnZYn/EkeEV99zeMMyUKuU2B2Gk8RYZ46N9B9B4COWM25A
TQcMZk8wpXWn6lYOisDgDxB/aX+HVXBF4jSf1IYo2Esaui3Mw3AVHktczUW9ya1q
7Y/FsyRPn2g654RKwNkv/wjH3UhuKld/Z7TsQYVVEce4MAJUEWVfu+YAfQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFC0kXV/NHT1x42zu9HD5NASNgZYaMB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEvTFNSZFg4MGRQWEhqYk83MGNQazBCSTJCbGhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQBW5NuAwQA
uaLqAwQAwSv7AwQAwh+FAwQAwh+HMA8EAgACMAkDBwAqDmYAAAAwDQYJKoZIhvcN
AQELBQADggEBAD0KiVu3gdTDmxOXDhtYfV9C2Hmh3/pEr3X7HzJUM5GI1jYgI79j
v1IAKmmMBvoS0qFHFztY0q3n57EHjdFw2ZsB5m97h1wiBFquWL4+FdzihAWfO+MN
EURO2Pl2vxSkQ+tc9FXGra5z+J/WxIh2jbKPXBJw8lIfhuj0gDuFkLbRkKLhezG6
2vOW/7bQmpeMFFVmrb/wnhuReE19FXh1R2nRt58LumbMqvCNgSm9HALOBZjNRd5N
Q1wno1S8VGvuD0TOHIrrKLGCSaWcA5SbL4GuAU9BpcV03748QE1gPTic6MrpKPRj
aZ3EbRfPQerikifIBMUOLO4/RRVkoAiyl/Q=
-----END CERTIFICATE-----
Generated at Fri Jun 14 10:40:43 2024 by rpki-client on console-ams.rpki-client.org