Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/jkslkvBshAm4duJxQF7REggXFBE.roa
File: jkslkvBshAm4duJxQF7REggXFBE.roa (raw, json)
Hash identifier: b+slzBCr7qn5tiRSa8JFAjbYG4MiaerzJ/UBzsj+FJ8=
Subject key identifier: 8E:4B:25:92:F0:6C:84:09:B8:76:E2:71:40:5E:D1:12:08:17:14:11
Certificate issuer: /CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Certificate serial: 018E1F0FC1D13ED413F8FA01B09B6013223B
Authority key identifier: 1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/jkslkvBshAm4duJxQF7REggXFBE.roa
Signing time: Fri 08 Mar 2024 17:15:10 +0000
ROA not before: Fri 08 Mar 2024 17:15:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57910
IP address blocks: 37.10.72.0/21 maxlen: 24
45.149.228.0/22 maxlen: 24
46.18.72.0/21 maxlen: 24
109.69.48.0/21 maxlen: 24
185.11.236.0/22 maxlen: 24
185.161.12.0/22 maxlen: 24
185.226.236.0/22 maxlen: 24
193.57.36.0/22 maxlen: 24
194.56.236.0/22 maxlen: 24
194.127.158.0/23 maxlen: 24
194.127.162.0/23 maxlen: 24
2a00:b5c0::/32 maxlen: 32
2a02:2110::/32 maxlen: 32
2a0c:7a00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 11 Mar 2024 12:17:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1f:0f:c1:d1:3e:d4:13:f8:fa:01:b0:9b:60:13:22:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Validity
Not Before: Mar 8 17:15:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e4b2592f06c8409b876e271405ed11208171411
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e0:87:13:47:b0:63:0a:a4:79:8a:c8:f7:e0:
41:64:aa:ea:57:c6:3c:bf:2f:45:c8:c5:b0:7a:f9:
0c:b1:15:fe:48:0e:81:aa:c9:8c:4c:5f:5c:ae:0a:
1d:b4:6a:53:df:cc:60:76:c0:4e:46:c6:8d:4e:4d:
c8:80:50:11:aa:0e:37:4a:6a:21:53:19:88:ea:26:
87:71:bf:f9:b6:75:92:f5:3b:cc:70:3a:e9:7d:e5:
f0:b8:81:48:11:ea:f6:16:94:a4:5d:66:8d:bc:0f:
1d:de:0d:c8:47:58:91:16:d7:5c:e3:d6:a7:68:c7:
ea:ea:4c:f8:b9:03:80:b6:38:8b:47:cb:18:4f:59:
c1:1f:75:12:06:22:10:26:97:ae:32:b5:1f:99:d1:
5d:f6:aa:55:ad:e3:bc:31:70:72:ea:20:54:1c:91:
3a:04:a7:d7:43:26:eb:2a:e0:7a:ac:00:6e:83:21:
d3:ac:29:f4:04:75:fa:85:39:97:87:0d:83:2d:34:
7f:c8:f8:3a:60:ee:17:c0:7c:85:b8:88:e1:55:fc:
5f:45:5c:7c:7d:56:dc:44:2d:a1:63:fc:1c:53:b9:
91:7d:2d:8f:6e:61:53:ae:a5:19:ca:ba:89:a6:5c:
6d:d9:36:1d:cd:1f:3d:5c:0f:a3:71:e6:ec:90:04:
21:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:4B:25:92:F0:6C:84:09:B8:76:E2:71:40:5E:D1:12:08:17:14:11
X509v3 Authority Key Identifier:
keyid:1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/jkslkvBshAm4duJxQF7REggXFBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.10.72.0/21
45.149.228.0/22
46.18.72.0/21
109.69.48.0/21
185.11.236.0/22
185.161.12.0/22
185.226.236.0/22
193.57.36.0/22
194.56.236.0/22
194.127.158.0/23
194.127.162.0/23
IPv6:
2a00:b5c0::/32
2a02:2110::/32
2a0c:7a00::/29
Signature Algorithm: sha256WithRSAEncryption
57:f2:c7:b4:74:ec:7f:df:42:e6:7f:53:9f:a9:2a:30:73:11:
25:1c:62:ec:84:a9:88:4b:43:16:5a:d4:74:2f:20:77:e5:fc:
d5:b2:b6:be:4a:74:ab:8e:b0:cb:9e:14:04:e1:7b:dc:4f:86:
0a:71:80:0f:e0:ed:6e:f8:f1:f9:e2:dc:2b:8c:28:25:c3:91:
cf:6e:d1:08:50:8b:77:6b:63:5e:84:a7:22:3f:6d:14:7a:bd:
35:bb:c5:c0:78:fe:f7:8d:86:67:28:16:c1:20:51:fa:eb:53:
f1:0d:75:7e:07:db:38:a5:ee:7c:0c:d2:f1:96:4e:89:13:2a:
82:91:d9:c0:0c:73:5f:06:80:91:04:a1:5c:64:c4:d0:bd:c0:
74:65:25:e8:7f:39:cf:96:6f:26:77:a3:0f:49:27:ee:e9:61:
3b:1e:72:62:73:5d:b2:36:e7:22:ce:39:9f:9c:3f:d9:18:72:
6a:14:88:de:4e:2b:3c:0c:34:71:5a:96:06:f9:b0:bd:8f:1c:
6e:ef:9f:38:83:41:0b:b0:7d:03:75:cc:b4:cf:1c:83:46:1c:
05:7d:94:cc:50:29:85:7b:f2:26:31:b3:9c:b4:95:da:de:07:
10:b2:9b:e4:ac:cb:ea:89:83:e3:bd:cd:aa:f4:a8:1b:ca:80:
ca:13:70:84
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAY4fD8HRPtQT+PoBsJtgEyI7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWFhZjNkMDY4M2RjOGEwZDU4YzY0MzgyNmUxNjZkM2My
OGNjYTkwHhcNMjQwMzA4MTcxNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTRiMjU5MmYwNmM4NDA5Yjg3NmUyNzE0MDVlZDExMjA4MTcxNDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOCHE0ewYwqkeYrI9+BBZKrqV8Y8
vy9FyMWwevkMsRX+SA6BqsmMTF9crgodtGpT38xgdsBORsaNTk3IgFARqg43Smoh
UxmI6iaHcb/5tnWS9TvMcDrpfeXwuIFIEer2FpSkXWaNvA8d3g3IR1iRFtdc49an
aMfq6kz4uQOAtjiLR8sYT1nBH3USBiIQJpeuMrUfmdFd9qpVreO8MXBy6iBUHJE6
BKfXQybrKuB6rABugyHTrCn0BHX6hTmXhw2DLTR/yPg6YO4XwHyFuIjhVfxfRVx8
fVbcRC2hY/wcU7mRfS2PbmFTrqUZyrqJplxt2TYdzR89XA+jcebskAQhgQIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFI5LJZLwbIQJuHbicUBe0RIIFxQRMB8GA1UdIwQY
MBaAFB5arz0Gg9yKDVjGQ4JuFm08KMypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMt
NGNkMzhiNzU4ZDVjLzEvamtzbGt2QnNoQW00ZHVKeFFGN1JFZ2dYRkJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMtNGNkMzhiNzU4ZDVj
LzEvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBIBAIAATBCAwQDJQpIAwQC
LZXkAwQDLhJIAwQDbUUwAwQCuQvsAwQCuaEMAwQCueLsAwQCwTkkAwQCwjjsAwQB
wn+eAwQBwn+iMBsEAgACMBUDBQAqALXAAwUAKgIhEAMFAyoMegAwDQYJKoZIhvcN
AQELBQADggEBAFfyx7R07H/fQuZ/U5+pKjBzESUcYuyEqYhLQxZa1HQvIHfl/NWy
tr5KdKuOsMueFAThe9xPhgpxgA/g7W748fni3CuMKCXDkc9u0QhQi3drY16EpyI/
bRR6vTW7xcB4/veNhmcoFsEgUfrrU/ENdX4H2zil7nwM0vGWTokTKoKR2cAMc18G
gJEEoVxkxNC9wHRlJeh/Oc+WbyZ3ow9JJ+7pYTsecmJzXbI25yLOOZ+cP9kYcmoU
iN5OKzwMNHFalgb5sL2PHG7vnziDQQuwfQN1zLTPHINGHAV9lMxQKYV78iYxs5y0
ldreBxCym+Ssy+qJg+O9zar0qBvKgMoTcIQ=
-----END CERTIFICATE-----
Generated at Mon Mar 11 15:12:34 2024 by rpki-client on console-ams.rpki-client.org