Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/5SlYmx2poSMQaViBLTEulWjL4_o.roa
File: 5SlYmx2poSMQaViBLTEulWjL4_o.roa (raw, json)
Hash identifier: lqxe6/mTwRm9AQfeYoTjf4yLYAUa5UPsYHNps5voSsw=
Subject key identifier: E5:29:58:9B:1D:A9:A1:23:10:69:58:81:2D:31:2E:95:68:CB:E3:FA
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 01856D0AD0F9872C1D60DEF470CA70E539BC
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/5SlYmx2poSMQaViBLTEulWjL4_o.roa
Signing time: Sun 01 Jan 2023 11:15:03 +0000
ROA not before: Sun 01 Jan 2023 11:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34383
IP address blocks: 89.170.0.0/16 maxlen: 16
85.192.192.0/18 maxlen: 18
85.117.128.0/19 maxlen: 19
95.136.128.0/17 maxlen: 17
2a00:5e80::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:d0:f9:87:2c:1d:60:de:f4:70:ca:70:e5:39:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 1 11:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e529589b1da9a123106958812d312e9568cbe3fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fe:b9:69:90:a8:f5:02:c8:c5:95:de:3f:5c:
ef:c8:cf:67:2f:01:08:0a:ae:a6:93:77:8c:d1:3d:
52:a0:61:12:f8:98:54:12:9d:63:c6:f1:0c:a9:68:
17:98:b8:8a:1f:20:ab:eb:c3:f1:d9:97:b6:0f:63:
41:67:ce:f8:70:3c:c9:00:af:34:e7:04:28:74:5a:
fc:20:b1:c1:fe:f3:1a:ee:18:4d:36:df:a3:bd:83:
f5:3b:10:60:49:26:2d:37:87:04:f6:a6:9b:13:1d:
82:46:13:81:42:62:d9:bd:f8:db:d5:6f:99:a5:4f:
9f:24:ec:16:e0:1a:69:6f:3d:24:ef:9a:59:56:d1:
ee:7e:47:d4:5f:b8:c8:78:40:ff:6b:57:a4:b6:a4:
a1:b6:e1:6c:cc:da:84:5b:a9:5a:1a:23:29:3d:e6:
c0:81:3a:b7:7a:8a:6a:61:ba:c9:fa:1b:f4:ce:16:
68:98:2e:11:33:cf:63:59:c2:59:fa:16:56:47:fc:
28:89:dd:89:dd:69:a7:32:b7:ec:56:a2:ef:5d:81:
8d:11:42:c2:4d:72:e8:38:ab:2d:ee:b0:c3:ab:31:
6e:2b:5c:fa:b7:0a:de:9c:cc:d3:c7:ed:b6:b6:0a:
8c:bf:eb:28:a8:7e:28:3f:a3:24:88:c4:ba:62:3f:
2a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:29:58:9B:1D:A9:A1:23:10:69:58:81:2D:31:2E:95:68:CB:E3:FA
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/5SlYmx2poSMQaViBLTEulWjL4_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.128.0/19
85.192.192.0/18
89.170.0.0/16
95.136.128.0/17
IPv6:
2a00:5e80::/32
Signature Algorithm: sha256WithRSAEncryption
3a:05:91:ae:19:9a:42:74:c3:46:c1:20:06:fd:20:03:47:59:
50:7b:0d:7c:33:49:f2:cf:fc:65:ab:ab:b0:48:2f:0e:31:04:
a1:1f:c7:24:5f:ee:34:22:e1:bd:bd:93:9f:e3:a3:96:4e:40:
38:6f:36:7f:f9:9e:86:81:c9:ab:8c:4b:4c:74:a9:17:c9:60:
e5:9a:4c:7c:8d:b7:90:32:e3:6a:a6:8e:7a:93:91:56:fb:b6:
f0:70:e3:45:fb:35:ac:2c:46:71:8d:84:4f:9b:c3:b1:ed:66:
78:a5:47:9f:e0:f9:fe:12:3d:d3:85:df:94:42:90:80:06:f0:
9c:6c:66:89:23:51:4c:c1:32:c6:3b:dd:31:d5:c0:7d:a1:45:
1d:00:f3:e3:fc:8c:b8:df:e2:bb:eb:78:e4:5b:2c:d1:c4:84:
cd:53:44:de:1f:bf:03:ad:a0:d2:5d:65:70:55:5c:f3:1e:2c:
bf:ea:4a:26:43:5e:81:bd:31:9e:ce:d0:5d:64:ae:1e:f6:8b:
37:bb:e1:d1:a2:5c:4d:89:54:c6:f7:94:67:01:6e:6d:5d:97:
7a:ed:ca:6c:84:99:e8:e0:e9:35:5b:5a:ea:3f:56:29:fa:ce:
84:70:99:46:f2:76:9e:77:90:0e:e9:fd:39:54:fd:3c:fd:43:
7a:ee:92:64
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVtCtD5hywdYN70cMpw5Tm8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjMwMTAxMTExNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTI5NTg5YjFkYTlhMTIzMTA2OTU4ODEyZDMxMmU5NTY4Y2JlM2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAof65aZCo9QLIxZXeP1zvyM9nLwEI
Cq6mk3eM0T1SoGES+JhUEp1jxvEMqWgXmLiKHyCr68Px2Ze2D2NBZ874cDzJAK80
5wQodFr8ILHB/vMa7hhNNt+jvYP1OxBgSSYtN4cE9qabEx2CRhOBQmLZvfjb1W+Z
pU+fJOwW4Bppbz0k75pZVtHufkfUX7jIeED/a1ektqShtuFszNqEW6laGiMpPebA
gTq3eopqYbrJ+hv0zhZomC4RM89jWcJZ+hZWR/woid2J3WmnMrfsVqLvXYGNEULC
TXLoOKst7rDDqzFuK1z6twrenMzTx+22tgqMv+soqH4oP6MkiMS6Yj8qwQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFOUpWJsdqaEjEGlYgS0xLpVoy+P6MB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvNVNsWW14MnBvU01RYVZpQkxURXVsV2pMNF9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwQFVXWAAwQG
VcDAAwMAWaoDBAdfiIAwDQQCAAIwBwMFACoAXoAwDQYJKoZIhvcNAQELBQADggEB
ADoFka4ZmkJ0w0bBIAb9IANHWVB7DXwzSfLP/GWrq7BILw4xBKEfxyRf7jQi4b29
k5/jo5ZOQDhvNn/5noaByauMS0x0qRfJYOWaTHyNt5Ay42qmjnqTkVb7tvBw40X7
NawsRnGNhE+bw7HtZnilR5/g+f4SPdOF35RCkIAG8JxsZokjUUzBMsY73THVwH2h
RR0A8+P8jLjf4rvreORbLNHEhM1TRN4fvwOtoNJdZXBVXPMeLL/qSiZDXoG9MZ7O
0F1krh72ize74dGiXE2JVMb3lGcBbm1dl3rtymyEmejg6TVbWuo/Vin6zoRwmUby
dp53kA7p/TlU/Tz9Q3rukmQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:55 2024 by rpki-client on console-fra.rpki-client.org