Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/CL5tirp3uDGOI3ZZISu-hzZk7pY.roa
File: CL5tirp3uDGOI3ZZISu-hzZk7pY.roa (raw, json)
Hash identifier: Ix1hVkHik6HcNQ9l5XMmhJBZ/UhdLSpUPSHA4fnrBHI=
Subject key identifier: 08:BE:6D:8A:BA:77:B8:31:8E:23:76:59:21:2B:BE:87:36:64:EE:96
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018E0DCB74443FC12407971B01FF02FB3EA9
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/CL5tirp3uDGOI3ZZISu-hzZk7pY.roa
Signing time: Tue 05 Mar 2024 08:47:01 +0000
ROA not before: Tue 05 Mar 2024 08:47:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34267
IP address blocks: 84.42.32.0/19 maxlen: 19
84.42.72.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 29 Mar 2024 12:23:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0d:cb:74:44:3f:c1:24:07:97:1b:01:ff:02:fb:3e:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Mar 5 08:47:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08be6d8aba77b8318e237659212bbe873664ee96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:bc:1f:80:cb:ad:6c:1e:f6:e9:9f:1b:f2:e4:
9d:37:5e:d1:68:45:bc:a8:f1:dc:4e:25:e5:df:9e:
2e:b0:bb:87:72:85:da:30:49:8f:e3:03:a1:df:f0:
36:f9:78:19:08:59:71:76:2d:14:4e:d2:ae:63:1f:
15:5d:12:f6:0a:48:de:07:58:77:74:47:66:44:9c:
f9:ee:67:2b:95:a7:49:62:52:68:67:6b:d3:83:33:
e1:8b:93:fa:6f:a8:04:7e:d2:13:0b:b8:e2:5a:c9:
3d:8a:cd:1f:dc:0f:d3:c2:61:c5:da:49:e2:d8:42:
5b:00:1a:57:be:09:1d:7b:1c:ad:ff:20:8c:a1:6b:
3c:bb:07:d1:e2:3f:3c:d1:c2:0e:15:e7:05:4d:c7:
be:0e:1f:c8:58:ac:17:c3:8d:01:bc:db:9d:a9:4d:
7c:14:32:85:10:e1:8f:9e:2d:64:2e:34:87:2a:67:
96:1d:9e:63:e6:76:0a:99:f9:e8:3a:ac:8d:92:8a:
83:bd:22:95:96:c6:91:74:d7:1e:6a:99:59:01:33:
5a:48:c5:e0:3f:4b:d0:d4:5f:ef:b2:37:80:e9:b0:
f7:6b:54:16:5d:91:af:ad:ad:0f:8f:7a:40:d4:2b:
16:e3:2d:c8:c5:3d:97:a5:92:ae:6c:12:e1:8a:10:
69:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:BE:6D:8A:BA:77:B8:31:8E:23:76:59:21:2B:BE:87:36:64:EE:96
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/CL5tirp3uDGOI3ZZISu-hzZk7pY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.42.32.0/19
84.42.72.0/21
Signature Algorithm: sha256WithRSAEncryption
4d:b5:fc:f0:06:68:6c:0e:8c:93:e0:e2:9e:f6:b0:ea:76:17:
dc:46:7a:ae:e9:30:3c:28:4d:f2:48:05:e7:4d:79:43:34:6e:
0f:60:d3:e0:5a:a1:2a:8d:50:0e:0c:72:c8:74:28:17:e9:65:
da:88:11:25:9a:74:f4:42:ce:85:0f:d5:d8:a3:b1:63:29:2f:
af:9d:a2:ed:30:60:03:70:67:ee:4f:00:ed:31:78:a6:0e:3f:
07:62:05:ac:f0:7f:9d:27:c9:d5:08:f0:bd:63:14:fb:df:4b:
ea:48:6d:cb:ad:b5:ed:44:e4:03:df:67:41:e5:50:56:3b:a0:
f0:39:d8:4d:83:5e:81:43:05:68:c1:01:66:f7:09:fa:db:b9:
2b:52:90:05:3b:8a:30:f5:58:31:ad:6e:ff:6a:63:df:9b:b9:
bd:a7:46:8b:8e:70:05:6e:ec:2c:10:93:4b:a1:f8:7b:97:05:
32:67:5f:84:2f:21:33:2a:b0:e3:7a:ab:2e:4c:37:b6:a6:01:
37:92:ea:63:25:d4:11:d9:8a:a4:2e:2f:93:1b:6d:0d:a1:bc:
df:7d:0e:89:65:1c:73:c3:65:fd:bd:ea:1b:98:ea:5f:d2:d5:
7f:31:18:d5:5a:39:03:c5:7b:ae:87:a2:7f:fc:fe:36:15:1c:
0c:ba:b0:5f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4Ny3REP8EkB5cbAf8C+z6pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMzA1MDg0NzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGJlNmQ4YWJhNzdiODMxOGUyMzc2NTkyMTJiYmU4NzM2NjRlZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLwfgMutbB726Z8b8uSdN17RaEW8
qPHcTiXl354usLuHcoXaMEmP4wOh3/A2+XgZCFlxdi0UTtKuYx8VXRL2CkjeB1h3
dEdmRJz57mcrladJYlJoZ2vTgzPhi5P6b6gEftITC7jiWsk9is0f3A/TwmHF2kni
2EJbABpXvgkdexyt/yCMoWs8uwfR4j880cIOFecFTce+Dh/IWKwXw40BvNudqU18
FDKFEOGPni1kLjSHKmeWHZ5j5nYKmfnoOqyNkoqDvSKVlsaRdNceaplZATNaSMXg
P0vQ1F/vsjeA6bD3a1QWXZGvra0Pj3pA1CsW4y3IxT2XpZKubBLhihBppQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAi+bYq6d7gxjiN2WSErvoc2ZO6WMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvQ0w1dGlycDN1REdPSTNaWklTdS1oelprN3BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFVCogAwQD
VCpIMA0GCSqGSIb3DQEBCwUAA4IBAQBNtfzwBmhsDoyT4OKe9rDqdhfcRnqu6TA8
KE3ySAXnTXlDNG4PYNPgWqEqjVAODHLIdCgX6WXaiBElmnT0Qs6FD9XYo7FjKS+v
naLtMGADcGfuTwDtMXimDj8HYgWs8H+dJ8nVCPC9YxT730vqSG3LrbXtROQD32dB
5VBWO6DwOdhNg16BQwVowQFm9wn627krUpAFO4ow9VgxrW7/amPfm7m9p0aLjnAF
buwsEJNLofh7lwUyZ1+ELyEzKrDjeqsuTDe2pgE3kupjJdQR2YqkLi+TG20Nobzf
fQ6JZRxzw2X9veobmOpf0tV/MRjVWjkDxXuuh6J//P42FRwMurBf
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:55 2024 by rpki-client on console-fra.rpki-client.org