Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/kj8HP3lwq1powHd7_myg49TaMl0.roa
File: kj8HP3lwq1powHd7_myg49TaMl0.roa (raw, json)
Hash identifier: 75ooBKKUhZ2LH19efUCZNK/7gCZ1ykGQGWEcE/xEpL4=
Subject key identifier: 92:3F:07:3F:79:70:AB:5A:68:C0:77:7B:FE:6C:A0:E3:D4:DA:32:5D
Certificate issuer: /CN=3fffcbec888c1047f221d7cf9396bf1412abaf9b
Certificate serial: 018CC64A7C626E77C58399D8E2F445C3932D
Authority key identifier: 3F:FF:CB:EC:88:8C:10:47:F2:21:D7:CF:93:96:BF:14:12:AB:AF:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P__L7IiMEEfyIdfPk5a_FBKrr5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/kj8HP3lwq1powHd7_myg49TaMl0.roa
Signing time: Mon 01 Jan 2024 18:30:19 +0000
ROA not before: Mon 01 Jan 2024 18:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212602
IP address blocks: 5.180.112.0/24 maxlen: 24
5.180.113.0/24 maxlen: 24
185.194.208.0/22 maxlen: 22
5.133.114.0/24 maxlen: 24
2a10:7040::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 24 Feb 2024 13:27:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:7c:62:6e:77:c5:83:99:d8:e2:f4:45:c3:93:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fffcbec888c1047f221d7cf9396bf1412abaf9b
Validity
Not Before: Jan 1 18:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=923f073f7970ab5a68c0777bfe6ca0e3d4da325d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:af:ea:28:99:0b:49:55:3f:22:f3:44:41:ce:
71:72:20:84:68:4f:9b:7d:c4:c7:8c:7c:ee:35:ab:
c8:27:97:d7:31:5e:42:3c:c3:37:94:e9:a3:0e:94:
5d:0e:f5:3f:ec:cb:1f:a3:47:6c:e0:50:0b:b7:6f:
47:78:a4:79:b6:15:14:f7:d4:c3:c5:88:4c:c0:4f:
b6:93:97:76:4d:b7:b9:86:7d:d8:5d:a5:9c:f5:4f:
b4:ce:33:ec:94:db:18:55:55:0e:6f:cb:c6:a3:c4:
98:d6:48:66:39:d8:e5:d5:c2:2e:54:8b:2c:03:77:
2f:04:86:82:f5:e8:af:3e:c9:7b:6d:85:18:d3:e9:
21:b0:46:72:a7:57:05:69:22:ae:6c:da:4a:be:a7:
62:26:12:b8:bd:bc:b6:05:f1:52:d3:26:e4:b3:24:
c7:88:84:87:ee:88:79:e7:00:d1:ae:77:b7:75:52:
a2:a7:60:0c:5f:9f:ea:97:19:84:8e:ad:bc:f2:2d:
be:b9:47:5f:0e:32:e2:2c:cd:43:87:2b:a1:5f:d1:
20:cd:bb:70:30:6d:20:96:8f:02:30:fe:c9:96:3f:
52:d5:ab:77:9a:45:89:20:21:19:4b:9c:e7:47:4d:
31:bc:68:83:99:6f:f9:f9:95:ac:d1:b4:82:7f:59:
fa:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:3F:07:3F:79:70:AB:5A:68:C0:77:7B:FE:6C:A0:E3:D4:DA:32:5D
X509v3 Authority Key Identifier:
keyid:3F:FF:CB:EC:88:8C:10:47:F2:21:D7:CF:93:96:BF:14:12:AB:AF:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P__L7IiMEEfyIdfPk5a_FBKrr5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/kj8HP3lwq1powHd7_myg49TaMl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/P__L7IiMEEfyIdfPk5a_FBKrr5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.114.0/24
5.180.112.0/23
185.194.208.0/22
IPv6:
2a10:7040::/29
Signature Algorithm: sha256WithRSAEncryption
7d:2b:9b:54:1f:86:9c:6c:2a:14:87:65:b9:d8:2e:1e:80:59:
7d:4c:eb:be:bd:3c:32:7a:a5:8d:54:71:9f:f2:31:24:c6:19:
5b:e8:04:81:1c:c5:48:04:5d:f4:41:c5:67:48:47:b1:f2:17:
2d:23:8d:57:93:7e:11:54:ee:84:5d:1a:f1:93:9f:77:06:14:
72:6f:cf:3c:3e:c3:f6:67:83:35:78:39:0f:da:57:61:02:d2:
81:33:11:e5:d6:94:e6:c4:c0:93:34:f5:85:98:db:c7:d4:2c:
0a:f3:8a:48:b5:22:69:7a:22:21:8e:45:58:6b:14:09:3e:0c:
d7:f2:26:29:78:13:42:04:07:c3:28:2a:19:e0:ed:2d:6b:e4:
f2:88:fd:b4:89:4d:2c:72:f0:0c:16:55:1c:12:3b:4e:38:f6:
9e:6c:69:aa:e1:71:57:cd:b3:3f:4f:e4:0f:3f:af:82:12:30:
da:40:88:b3:fd:07:49:39:4d:a6:0e:72:4e:1d:07:c7:a8:ee:
2f:80:e7:e4:e7:e7:e9:59:ec:ca:83:c7:e5:75:b0:72:27:f0:
ef:f3:73:15:6b:20:5f:44:7a:b3:7d:12:80:d7:57:38:cb:6b:
ce:4f:80:97:5f:d2:d7:4c:f1:bd:a0:9e:8c:13:ed:1d:c5:88:
c2:ca:3b:ed
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGSnxibnfFg5nY4vRFw5MtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZmZjYmVjODg4YzEwNDdmMjIxZDdjZjkzOTZiZjE0MTJh
YmFmOWIwHhcNMjQwMTAxMTgzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjNmMDczZjc5NzBhYjVhNjhjMDc3N2JmZTZjYTBlM2Q0ZGEzMjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmq/qKJkLSVU/IvNEQc5xciCEaE+b
fcTHjHzuNavIJ5fXMV5CPMM3lOmjDpRdDvU/7Msfo0ds4FALt29HeKR5thUU99TD
xYhMwE+2k5d2Tbe5hn3YXaWc9U+0zjPslNsYVVUOb8vGo8SY1khmOdjl1cIuVIss
A3cvBIaC9eivPsl7bYUY0+khsEZyp1cFaSKubNpKvqdiJhK4vby2BfFS0ybksyTH
iISH7oh55wDRrne3dVKip2AMX5/qlxmEjq288i2+uUdfDjLiLM1DhyuhX9Egzbtw
MG0glo8CMP7Jlj9S1at3mkWJICEZS5znR00xvGiDmW/5+ZWs0bSCf1n6RQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJI/Bz95cKtaaMB3e/5soOPU2jJdMB8GA1UdIwQY
MBaAFD//y+yIjBBH8iHXz5OWvxQSq6+bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUF9fTDdJaU1FRWZ5SWRmUGs1YV9GQktycjVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9iYmI3YjYtM2VlNS00NmQ5LWIzN2It
NjE2NjdjNzY5MWIyLzEva2o4SFAzbHdxMXBvd0hkN19teWc0OVRhTWwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9iYmI3YjYtM2VlNS00NmQ5LWIzN2ItNjE2NjdjNzY5MWIy
LzEvUF9fTDdJaU1FRWZ5SWRmUGs1YV9GQktycjVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQABYVyAwQB
BbRwAwQCucLQMA0EAgACMAcDBQMqEHBAMA0GCSqGSIb3DQEBCwUAA4IBAQB9K5tU
H4acbCoUh2W52C4egFl9TOu+vTwyeqWNVHGf8jEkxhlb6ASBHMVIBF30QcVnSEex
8hctI41Xk34RVO6EXRrxk593BhRyb888PsP2Z4M1eDkP2ldhAtKBMxHl1pTmxMCT
NPWFmNvH1CwK84pItSJpeiIhjkVYaxQJPgzX8iYpeBNCBAfDKCoZ4O0ta+TyiP20
iU0scvAMFlUcEjtOOPaebGmq4XFXzbM/T+QPP6+CEjDaQIiz/QdJOU2mDnJOHQfH
qO4vgOfk5+fpWezKg8fldbByJ/Dv83MVayBfRHqzfRKA11c4y2vOT4CXX9LXTPG9
oJ6ME+0dxYjCyjvt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:39 2024 by rpki-client on console-ams.rpki-client.org