Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/5afb3d-0f37-44b1-811e-46610fa8d56e/1/rlGguhlCseIBtgEioMkZfFT_DTM.roa
File: rlGguhlCseIBtgEioMkZfFT_DTM.roa (raw, json)
Hash identifier: sIu7917jq+QKpkObfEvJbWfO8wEkjM+VsURgXqFfKfg=
Subject key identifier: AE:51:A0:BA:19:42:B1:E2:01:B6:01:22:A0:C9:19:7C:54:FF:0D:33
Certificate issuer: /CN=65dc6efa6b136b1e45e21e434e859a292d2e5e14
Certificate serial: 0189AB16839BAAE7878808284ED3FBE0B737
Authority key identifier: 65:DC:6E:FA:6B:13:6B:1E:45:E2:1E:43:4E:85:9A:29:2D:2E:5E:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zdxu-msTax5F4h5DToWaKS0uXhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/5afb3d-0f37-44b1-811e-46610fa8d56e/1/rlGguhlCseIBtgEioMkZfFT_DTM.roa
Signing time: Mon 31 Jul 2023 08:35:26 +0000
ROA not before: Mon 31 Jul 2023 08:35:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42184
IP address blocks: 185.124.232.0/22 maxlen: 24
2a06:b600::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ab:16:83:9b:aa:e7:87:88:08:28:4e:d3:fb:e0:b7:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65dc6efa6b136b1e45e21e434e859a292d2e5e14
Validity
Not Before: Jul 31 08:35:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae51a0ba1942b1e201b60122a0c9197c54ff0d33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:96:bf:6b:7d:fa:c4:b9:ca:bf:da:f7:52:af:
92:d0:59:07:1a:4b:fe:e5:47:19:54:fb:29:77:d7:
42:64:84:72:77:0d:e1:ef:86:88:3a:91:20:86:a0:
37:0b:c9:bc:71:6b:82:8f:32:1a:d4:e4:b8:7b:5d:
26:67:3d:5d:c1:5e:c2:4d:dd:66:ac:b4:70:6b:1a:
39:4e:b7:4d:16:00:d7:2f:2d:f9:5f:3c:5f:0a:a2:
2b:33:0e:e4:bc:80:49:61:ef:53:a5:46:df:62:b4:
51:9e:89:4c:21:df:cd:40:18:62:c5:fa:e2:32:3d:
b2:21:5a:b3:71:58:26:9d:78:f8:57:03:6b:34:42:
fd:bd:ac:15:3d:5e:30:c1:d1:71:16:86:4b:ca:c9:
c9:38:1c:f5:94:b5:9f:3b:09:7d:e2:36:ac:85:ef:
e7:6e:25:fd:fb:0d:db:28:e2:fc:84:97:97:1b:bf:
5e:86:38:8b:ed:db:12:5f:93:2f:2a:09:e7:fe:ce:
8e:e9:78:e2:ec:73:90:bd:7d:c6:af:0d:c9:36:0d:
e0:03:76:35:be:8b:d7:f9:45:cb:3d:93:b4:8f:1c:
13:05:e1:d7:bf:71:5a:85:f7:f0:b6:21:e0:7b:33:
a5:ed:82:f2:ce:c8:a2:e5:88:4a:fb:6f:64:5e:62:
93:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:51:A0:BA:19:42:B1:E2:01:B6:01:22:A0:C9:19:7C:54:FF:0D:33
X509v3 Authority Key Identifier:
keyid:65:DC:6E:FA:6B:13:6B:1E:45:E2:1E:43:4E:85:9A:29:2D:2E:5E:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zdxu-msTax5F4h5DToWaKS0uXhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/5afb3d-0f37-44b1-811e-46610fa8d56e/1/rlGguhlCseIBtgEioMkZfFT_DTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/5afb3d-0f37-44b1-811e-46610fa8d56e/1/Zdxu-msTax5F4h5DToWaKS0uXhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.232.0/22
IPv6:
2a06:b600::/29
Signature Algorithm: sha256WithRSAEncryption
6b:e7:78:62:2d:e6:26:2f:32:28:1f:e8:6b:ff:6e:8b:49:5d:
fa:db:d3:52:8f:84:3f:bb:fb:27:95:10:1f:64:13:cc:5b:1d:
2b:f9:79:b2:50:88:2e:2f:9a:e5:51:58:8d:f4:49:8c:ec:b2:
0a:d6:b2:7d:2b:bd:c9:fc:a9:bc:68:d3:bf:74:2f:8a:52:93:
a7:1a:b7:f7:e4:f7:7f:d6:7b:30:55:c0:21:e6:f6:16:a1:5f:
04:de:23:73:65:2c:9d:93:ab:c1:a2:fd:e5:19:d9:3b:17:84:
f0:90:e4:db:81:16:63:65:77:26:bc:80:98:5d:43:9e:d3:10:
9f:b6:bc:a3:c3:24:25:6a:73:62:64:fd:f3:46:19:41:93:29:
7e:0b:68:f0:19:48:82:5f:e8:b0:02:ac:32:28:95:0c:8a:7d:
7c:06:55:53:a8:cd:38:2c:f1:b5:4c:06:3e:ac:98:91:9b:5a:
96:b7:51:ac:85:5a:30:a5:24:f0:d6:d4:04:09:d9:8d:44:4f:
10:08:bc:9d:93:19:ed:31:19:87:9e:d7:dd:d6:13:55:28:ec:
e3:3f:8f:6d:d8:f5:0d:17:ea:c1:d6:ce:68:47:fa:08:ee:53:
b6:87:05:b0:fd:53:fa:91:e0:99:02:5d:d3:82:09:57:2d:5c:
89:0d:2c:b3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYmrFoObqueHiAgoTtP74Lc3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZGM2ZWZhNmIxMzZiMWU0NWUyMWU0MzRlODU5YTI5MmQy
ZTVlMTQwHhcNMjMwNzMxMDgzNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTUxYTBiYTE5NDJiMWUyMDFiNjAxMjJhMGM5MTk3YzU0ZmYwZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5a/a336xLnKv9r3Uq+S0FkHGkv+
5UcZVPspd9dCZIRydw3h74aIOpEghqA3C8m8cWuCjzIa1OS4e10mZz1dwV7CTd1m
rLRwaxo5TrdNFgDXLy35XzxfCqIrMw7kvIBJYe9TpUbfYrRRnolMId/NQBhixfri
Mj2yIVqzcVgmnXj4VwNrNEL9vawVPV4wwdFxFoZLysnJOBz1lLWfOwl94jashe/n
biX9+w3bKOL8hJeXG79ehjiL7dsSX5MvKgnn/s6O6Xji7HOQvX3Grw3JNg3gA3Y1
vovX+UXLPZO0jxwTBeHXv3FahffwtiHgezOl7YLyzsii5YhK+29kXmKTYwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK5RoLoZQrHiAbYBIqDJGXxU/w0zMB8GA1UdIwQY
MBaAFGXcbvprE2seReIeQ06FmiktLl4UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmR4dS1tc1RheDVGNGg1RFRvV2FLUzB1WGhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi81YWZiM2QtMGYzNy00NGIxLTgxMWUt
NDY2MTBmYThkNTZlLzEvcmxHZ3VobENzZUlCdGdFaW9Na1pmRlRfRFRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi81YWZiM2QtMGYzNy00NGIxLTgxMWUtNDY2MTBmYThkNTZl
LzEvWmR4dS1tc1RheDVGNGg1RFRvV2FLUzB1WGhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXzoMA0E
AgACMAcDBQMqBrYAMA0GCSqGSIb3DQEBCwUAA4IBAQBr53hiLeYmLzIoH+hr/26L
SV3629NSj4Q/u/snlRAfZBPMWx0r+XmyUIguL5rlUViN9EmM7LIK1rJ9K73J/Km8
aNO/dC+KUpOnGrf35Pd/1nswVcAh5vYWoV8E3iNzZSydk6vBov3lGdk7F4TwkOTb
gRZjZXcmvICYXUOe0xCftryjwyQlanNiZP3zRhlBkyl+C2jwGUiCX+iwAqwyKJUM
in18BlVTqM04LPG1TAY+rJiRm1qWt1GshVowpSTw1tQECdmNRE8QCLydkxntMRmH
ntfd1hNVKOzjP49t2PUNF+rB1s5oR/oI7lO2hwWw/VP6keCZAl3TgglXLVyJDSyz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:21 2024 by rpki-client on console-fra.rpki-client.org