Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1-lKvj3TwLJ-2YXScnXa45NosE6Q.roa
File: 1-lKvj3TwLJ-2YXScnXa45NosE6Q.roa (raw, json)
Hash identifier: kqhkNyjhInPlqC+6T+2dbJgyHZMPtbO57pK8koZvEUw=
Subject key identifier: FA:52:AF:8F:74:F0:2C:9F:B6:61:74:9C:9D:76:B8:E4:DA:2C:13:A4
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018E4BCE74F7FA91DB66812876CDA3B116DB
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1-lKvj3TwLJ-2YXScnXa45NosE6Q.roa
Signing time: Sun 17 Mar 2024 09:46:45 +0000
ROA not before: Sun 17 Mar 2024 09:46:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 5.44.42.0/24 maxlen: 24
31.129.22.0/24 maxlen: 24
37.220.87.0/24 maxlen: 24
45.95.232.0/24 maxlen: 24
45.95.233.0/24 maxlen: 24
45.129.184.0/24 maxlen: 24
85.92.109.0/24 maxlen: 24
92.118.112.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
185.166.199.0/24 maxlen: 24
185.247.184.0/24 maxlen: 24
195.80.48.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 11:59:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4b:ce:74:f7:fa:91:db:66:81:28:76:cd:a3:b1:16:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Mar 17 09:46:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa52af8f74f02c9fb661749c9d76b8e4da2c13a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:60:2e:3a:86:83:92:d5:79:ca:80:24:39:f7:
9e:b5:95:6c:5e:6e:06:5e:4f:f1:08:85:eb:14:9d:
3f:1a:ef:ea:ef:47:53:c7:9e:31:dc:78:3e:c9:80:
85:e4:56:64:e9:c5:6b:54:cb:49:84:8d:86:23:2e:
30:f7:20:6b:c3:a3:26:47:9b:17:7d:99:1d:98:4a:
9e:87:71:7e:cb:96:66:80:7e:29:a4:9c:8d:03:a7:
59:02:ba:72:1d:c0:42:cb:e1:14:f3:50:29:81:5d:
67:9b:fa:73:5a:0e:cd:a2:29:d5:ac:46:70:c3:59:
b2:07:2c:e6:7b:f2:50:8d:be:56:f8:97:48:b5:21:
e7:3c:8b:2a:6d:e6:e3:88:f6:a9:cc:51:e2:a0:e7:
09:aa:9c:a7:a1:4b:4a:8d:8f:8f:a8:cd:55:78:b4:
9f:fa:91:d1:5a:60:af:09:4d:8f:b9:d1:f9:63:9a:
7e:50:96:b6:32:9c:b2:89:cb:c4:4b:46:de:6b:9a:
3f:e5:5f:e4:0e:25:20:63:e6:18:0b:93:1b:33:6b:
ff:22:15:8e:21:3c:c6:e9:6b:d0:53:61:96:a3:a6:
19:57:de:23:b0:58:15:96:b4:f1:ee:a9:ad:f3:b8:
57:65:78:5c:a3:09:a3:00:f4:f3:20:f1:03:d5:ac:
85:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:52:AF:8F:74:F0:2C:9F:B6:61:74:9C:9D:76:B8:E4:DA:2C:13:A4
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1-lKvj3TwLJ-2YXScnXa45NosE6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.42.0/24
31.129.22.0/24
37.220.87.0/24
45.95.232.0/23
45.129.184.0/24
85.92.109.0/24
92.118.112.0/24
141.98.233.0-141.98.234.255
185.166.199.0/24
185.247.184.0/24
195.80.48.0/24
Signature Algorithm: sha256WithRSAEncryption
69:04:80:20:d1:78:7e:10:f0:58:6b:8a:fd:40:c3:30:ae:5e:
62:e4:b7:47:3b:68:61:5f:1e:bb:0c:53:dc:90:41:48:e5:f9:
6c:30:79:e7:8f:0e:03:81:b1:e0:27:f2:8a:19:e8:d8:b6:7c:
a7:a0:4e:b2:6a:4e:21:42:9c:e4:6e:96:41:aa:a3:14:8c:b0:
67:4c:7c:31:72:25:59:a4:26:82:85:ca:44:ce:d4:71:6f:77:
24:51:1f:01:48:11:39:38:36:ea:69:18:0d:de:b0:77:47:52:
15:e2:a0:a1:e5:65:2a:0b:5b:f7:13:cc:e2:26:59:22:47:67:
54:17:43:b5:19:19:93:e4:2f:5b:36:e5:3f:01:22:d7:95:be:
ab:45:65:92:8d:06:74:00:c2:c0:84:47:51:3a:6f:f1:ba:ec:
15:76:26:c0:30:f0:6c:ff:8c:38:66:bf:22:2b:00:18:67:61:
6a:ce:f9:9a:34:8b:b1:2c:68:cb:93:53:b7:26:ce:97:b6:4c:
c9:85:a1:6e:b5:45:64:8a:ef:e6:e0:4e:b6:52:94:1a:83:ab:
9f:2c:fa:51:4b:4a:a9:2f:82:f0:cd:f2:10:3c:ab:d1:11:76:
b0:82:16:46:b7:18:df:5c:4a:dc:a5:67:21:51:07:d2:2d:87:
d6:0e:b3:a7
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAY5LznT3+pHbZoEods2jsRbbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjQwMzE3MDk0NjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTUyYWY4Zjc0ZjAyYzlmYjY2MTc0OWM5ZDc2YjhlNGRhMmMxM2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGAuOoaDktV5yoAkOfeetZVsXm4G
Xk/xCIXrFJ0/Gu/q70dTx54x3Hg+yYCF5FZk6cVrVMtJhI2GIy4w9yBrw6MmR5sX
fZkdmEqeh3F+y5ZmgH4ppJyNA6dZArpyHcBCy+EU81ApgV1nm/pzWg7NoinVrEZw
w1myByzme/JQjb5W+JdItSHnPIsqbebjiPapzFHioOcJqpynoUtKjY+PqM1VeLSf
+pHRWmCvCU2PudH5Y5p+UJa2MpyyicvES0bea5o/5V/kDiUgY+YYC5MbM2v/IhWO
ITzG6WvQU2GWo6YZV94jsFgVlrTx7qmt87hXZXhcowmjAPTzIPED1ayF/QIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFPpSr4908CyftmF0nJ12uOTaLBOkMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvMS1sS3ZqM1R3TEotMllYU2NuWGE0NU5vc0U2US5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTgvYzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgy
OC8xL0JiSFJQQzRtNFNlR0pHcGV4TVctcHBoa3NnOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBjBggrBgEFBQcBBwEB/wRUMFIwUAQCAAEwSgMEAAUsKgME
AB+BFgMEACXcVwMEAS1f6AMEAC2BuAMEAFVcbQMEAFx2cDAMAwQAjWLpAwQAjWLq
AwQAuabHAwQAufe4AwQAw1AwMA0GCSqGSIb3DQEBCwUAA4IBAQBpBIAg0Xh+EPBY
a4r9QMMwrl5i5LdHO2hhXx67DFPckEFI5flsMHnnjw4DgbHgJ/KKGejYtnynoE6y
ak4hQpzkbpZBqqMUjLBnTHwxciVZpCaChcpEztRxb3ckUR8BSBE5ODbqaRgN3rB3
R1IV4qCh5WUqC1v3E8ziJlkiR2dUF0O1GRmT5C9bNuU/ASLXlb6rRWWSjQZ0AMLA
hEdROm/xuuwVdibAMPBs/4w4Zr8iKwAYZ2FqzvmaNIuxLGjLk1O3Js6XtkzJhaFu
tUVkiu/m4E62UpQag6ufLPpRS0qpL4LwzfIQPKvREXawghZGtxjfXErcpWchUQfS
LYfWDrOn
-----END CERTIFICATE-----
Generated at Tue Apr 2 17:16:05 2024 by rpki-client on console-fra.rpki-client.org