Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/dFpWciWIQshi06lfPMeMRabB0YU.roa
File: dFpWciWIQshi06lfPMeMRabB0YU.roa (raw, json)
Hash identifier: cbs/La7LySEp2zOaACqikgDsE5rjmtLsy5tUXDaFeXo=
Subject key identifier: 74:5A:56:72:25:88:42:C8:62:D3:A9:5F:3C:C7:8C:45:A6:C1:D1:85
Certificate issuer: /CN=836528e152b6dcba1571241ac55be5bce01118b7
Certificate serial: 018CC794A3F21ECBCFF5A782CCAE47F3AD7E
Authority key identifier: 83:65:28:E1:52:B6:DC:BA:15:71:24:1A:C5:5B:E5:BC:E0:11:18:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g2Uo4VK23LoVcSQaxVvlvOARGLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/dFpWciWIQshi06lfPMeMRabB0YU.roa
Signing time: Tue 02 Jan 2024 00:30:56 +0000
ROA not before: Tue 02 Jan 2024 00:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197991
IP address blocks: 149.126.32.0/20 maxlen: 24
178.132.58.0/23 maxlen: 24
178.132.60.0/22 maxlen: 24
5.144.144.0/21 maxlen: 24
2a0d:a5c0::/29 maxlen: 36
Validation: Failed, certificate revoked on Fri 22 Mar 2024 09:58:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:a3:f2:1e:cb:cf:f5:a7:82:cc:ae:47:f3:ad:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=836528e152b6dcba1571241ac55be5bce01118b7
Validity
Not Before: Jan 2 00:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=745a5672258842c862d3a95f3cc78c45a6c1d185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:84:72:47:75:9c:c1:ef:1b:bf:d1:c4:35:90:
77:c3:f5:e1:12:64:67:69:58:12:23:5b:d2:25:8e:
8e:c1:48:db:4a:2c:52:61:77:96:ac:d8:2d:5a:00:
d5:b1:3d:c8:69:fe:70:0a:b1:68:48:df:c0:c2:6d:
dd:47:17:08:14:ac:31:c9:9c:09:38:67:95:85:4d:
a4:9b:ff:17:58:a9:81:39:1f:91:dc:6b:a1:44:33:
65:bf:2e:e3:6d:f9:83:76:af:96:80:b0:16:7e:60:
da:48:d4:32:c9:c5:ec:63:78:0c:9e:2f:77:4b:97:
54:3d:61:97:2b:3e:12:22:3b:1a:5f:eb:76:86:09:
73:2f:45:43:de:2f:ad:df:b3:38:80:ca:5b:2a:11:
10:1b:09:93:39:04:67:89:15:93:e0:7c:4d:c4:b8:
29:60:a5:30:ca:a3:6c:f9:be:c7:0d:b7:eb:30:6f:
8a:ce:1d:10:11:48:1d:2f:2b:7c:e1:54:8f:46:b9:
a9:8b:b3:9a:e8:50:55:05:9e:25:63:b4:d3:57:e4:
61:96:88:4b:7f:1a:af:54:bd:6b:94:68:c6:98:56:
d9:a7:f5:99:0e:29:e0:48:41:94:d3:8c:6f:62:35:
d4:70:b5:76:73:52:49:c1:2b:c2:c8:a3:26:cf:56:
38:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:5A:56:72:25:88:42:C8:62:D3:A9:5F:3C:C7:8C:45:A6:C1:D1:85
X509v3 Authority Key Identifier:
keyid:83:65:28:E1:52:B6:DC:BA:15:71:24:1A:C5:5B:E5:BC:E0:11:18:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g2Uo4VK23LoVcSQaxVvlvOARGLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/dFpWciWIQshi06lfPMeMRabB0YU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/g2Uo4VK23LoVcSQaxVvlvOARGLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.144.0/21
149.126.32.0/20
178.132.58.0-178.132.63.255
IPv6:
2a0d:a5c0::/29
Signature Algorithm: sha256WithRSAEncryption
a7:50:8f:1a:52:fc:9e:ec:27:09:71:cb:46:96:5e:87:c7:60:
65:f7:51:65:24:64:21:f4:44:8a:2b:47:d2:5c:53:39:9b:ff:
1e:73:10:10:6a:7a:b5:71:71:ba:9e:08:fb:98:b2:bb:2c:45:
41:f9:46:7b:5c:a1:c4:6a:47:d7:f2:b6:68:d6:12:fa:e0:d7:
62:56:26:52:1d:f7:ab:fc:07:d9:28:68:69:15:a0:44:38:61:
6b:7f:92:dd:11:d8:a8:0f:f9:e5:f7:a0:89:5f:d5:ac:48:e9:
68:f8:74:b1:f6:53:25:4a:8c:54:eb:d4:58:64:1d:1b:53:6b:
22:12:bb:09:92:4d:be:7b:3c:a9:0c:73:b0:c3:38:af:ba:22:
da:95:c1:2f:e6:92:ec:de:7e:e8:5e:fa:39:c8:0d:1d:e0:eb:
a0:73:66:1a:40:a9:ae:b1:5e:6d:d9:a9:03:0f:7f:6c:af:b4:
29:f4:ad:32:27:1c:95:a6:84:0a:41:a0:b8:e6:66:82:21:7c:
da:31:1f:6b:16:89:ed:19:7a:02:83:19:7b:8a:3d:d8:1f:af:
b1:3f:73:97:e7:ef:f9:45:34:25:ad:43:8a:36:d3:2c:70:b0:
2e:f9:c7:ce:d9:3c:ab:e0:e9:0d:dd:9b:d9:28:36:7c:d5:6d:
f9:5c:dc:0f
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzHlKPyHsvP9aeCzK5H861+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNjUyOGUxNTJiNmRjYmExNTcxMjQxYWM1NWJlNWJjZTAx
MTE4YjcwHhcNMjQwMTAyMDAzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDVhNTY3MjI1ODg0MmM4NjJkM2E5NWYzY2M3OGM0NWE2YzFkMTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYRyR3Wcwe8bv9HENZB3w/XhEmRn
aVgSI1vSJY6OwUjbSixSYXeWrNgtWgDVsT3Iaf5wCrFoSN/Awm3dRxcIFKwxyZwJ
OGeVhU2km/8XWKmBOR+R3GuhRDNlvy7jbfmDdq+WgLAWfmDaSNQyycXsY3gMni93
S5dUPWGXKz4SIjsaX+t2hglzL0VD3i+t37M4gMpbKhEQGwmTOQRniRWT4HxNxLgp
YKUwyqNs+b7HDbfrMG+Kzh0QEUgdLyt84VSPRrmpi7Oa6FBVBZ4lY7TTV+RhlohL
fxqvVL1rlGjGmFbZp/WZDingSEGU04xvYjXUcLV2c1JJwSvCyKMmz1Y4WwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFHRaVnIliELIYtOpXzzHjEWmwdGFMB8GA1UdIwQY
MBaAFINlKOFStty6FXEkGsVb5bzgERi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzJVbzRWSzIzTG9WY1NRYXhWdmx2T0FSR0xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC83YzcwZjQtNWYzYS00ZmQzLTg4M2Mt
ZWI5NDE1ZWM1NDhhLzEvZEZwV2NpV0lRc2hpMDZsZlBNZU1SYWJCMFlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC83YzcwZjQtNWYzYS00ZmQzLTg4M2MtZWI5NDE1ZWM1NDhh
LzEvZzJVbzRWSzIzTG9WY1NRYXhWdmx2T0FSR0xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQDBZCQAwQE
lX4gMAwDBAGyhDoDBAayhAAwDQQCAAIwBwMFAyoNpcAwDQYJKoZIhvcNAQELBQAD
ggEBAKdQjxpS/J7sJwlxy0aWXofHYGX3UWUkZCH0RIorR9JcUzmb/x5zEBBqerVx
cbqeCPuYsrssRUH5RntcocRqR9fytmjWEvrg12JWJlId96v8B9koaGkVoEQ4YWt/
kt0R2KgP+eX3oIlf1axI6Wj4dLH2UyVKjFTr1FhkHRtTayISuwmSTb57PKkMc7DD
OK+6ItqVwS/mkuzefuhe+jnIDR3g66BzZhpAqa6xXm3ZqQMPf2yvtCn0rTInHJWm
hApBoLjmZoIhfNoxH2sWie0ZegKDGXuKPdgfr7E/c5fn7/lFNCWtQ4o20yxwsC75
x87ZPKvg6Q3dm9koNnzVbflc3A8=
-----END CERTIFICATE-----
Generated at Fri Mar 22 13:35:23 2024 by rpki-client on console-ams.rpki-client.org