Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/lEhzxyupEI1By6UW0TkGGnRHf2Q.roa
File: lEhzxyupEI1By6UW0TkGGnRHf2Q.roa (raw, json)
Hash identifier: pAHAfuwahfcpM3staiHPN3IofT3V9vtnm4NfaYIY9r4=
Subject key identifier: 94:48:73:C7:2B:A9:10:8D:41:CB:A5:16:D1:39:06:1A:74:47:7F:64
Certificate issuer: /CN=39f086ca6211bb95d0643089c7da576fe67c2152
Certificate serial: 018F1EC5228B8F03164E5EFC82834A644CFE
Authority key identifier: 39:F0:86:CA:62:11:BB:95:D0:64:30:89:C7:DA:57:6F:E6:7C:21:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfCGymIRu5XQZDCJx9pXb-Z8IVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/lEhzxyupEI1By6UW0TkGGnRHf2Q.roa
Signing time: Sat 27 Apr 2024 08:56:26 +0000
ROA not before: Sat 27 Apr 2024 08:56:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 5.42.218.0/24 maxlen: 24
195.69.161.0/24 maxlen: 24
195.211.164.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Jun 2024 10:24:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1e:c5:22:8b:8f:03:16:4e:5e:fc:82:83:4a:64:4c:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f086ca6211bb95d0643089c7da576fe67c2152
Validity
Not Before: Apr 27 08:56:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=944873c72ba9108d41cba516d139061a74477f64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:54:17:95:99:86:d1:40:94:d0:a9:c0:c9:55:
d4:25:f8:2e:93:ee:c2:c0:8e:63:ce:0e:3e:1c:26:
94:93:6b:30:10:e0:3f:e4:0d:68:bc:07:68:eb:ff:
8a:a6:00:09:f8:0d:88:f6:19:16:04:25:fd:cc:a6:
5d:16:37:bc:18:0b:1a:77:02:6f:8f:c3:77:86:91:
86:94:ff:af:4f:4f:b1:88:ce:f1:de:47:31:a8:f2:
d2:2d:92:6e:99:e1:a4:07:90:a4:50:15:d5:7d:e7:
57:38:24:87:e7:4e:46:40:b2:9a:8c:59:25:35:95:
27:9c:cf:4d:25:7a:c6:5e:f3:1b:bf:b5:9c:a0:f3:
34:b8:42:7c:c4:04:fa:1f:ea:73:97:36:2b:fb:72:
68:02:c3:ce:62:39:32:48:67:48:95:f9:62:b4:58:
45:e2:81:e5:08:3d:bc:8d:46:36:47:b9:cf:be:d9:
1f:58:48:d8:f7:a6:8c:8c:ce:95:84:8c:69:c6:d8:
58:24:e9:01:6a:c8:bd:bf:e7:5a:21:fa:c5:12:c1:
c9:f5:0e:93:1b:06:67:fe:89:e8:ee:20:5e:35:ea:
4a:ef:cb:a8:24:64:7c:35:55:e2:05:93:d7:3e:4c:
4b:aa:40:e9:49:63:c1:58:83:6c:9e:ea:0a:26:87:
fe:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:48:73:C7:2B:A9:10:8D:41:CB:A5:16:D1:39:06:1A:74:47:7F:64
X509v3 Authority Key Identifier:
keyid:39:F0:86:CA:62:11:BB:95:D0:64:30:89:C7:DA:57:6F:E6:7C:21:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfCGymIRu5XQZDCJx9pXb-Z8IVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/lEhzxyupEI1By6UW0TkGGnRHf2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/OfCGymIRu5XQZDCJx9pXb-Z8IVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.218.0/24
195.69.161.0/24
195.211.164.0/24
Signature Algorithm: sha256WithRSAEncryption
30:e0:62:5f:c9:84:20:8a:55:86:c8:51:c1:55:fb:42:1e:58:
87:9a:d6:e9:e0:4b:5f:b9:eb:bb:2f:12:80:54:dc:04:40:4e:
ba:bd:01:9c:20:fd:cb:16:b6:9c:c2:61:36:8b:16:69:32:4f:
e2:f3:e6:f1:56:ec:fa:1a:d5:1a:e4:b8:90:90:bc:c8:3a:51:
97:1b:9b:20:c0:02:08:68:2a:dd:88:c3:f6:b1:0d:ad:13:99:
c0:4b:50:71:38:ca:f4:8f:c7:08:52:7c:7d:b7:6e:2b:3b:e5:
ef:60:81:ac:52:d2:be:22:23:65:f1:f0:9e:60:65:97:be:27:
e8:0b:cf:bb:38:da:f8:71:c7:8a:3a:50:38:3c:6c:46:14:41:
f5:18:3e:3b:1b:3f:18:dd:84:d0:20:4c:e7:98:8d:0f:7a:7f:
65:4c:91:09:63:2a:89:a4:44:3b:23:cd:dd:44:ce:ee:39:da:
5a:84:ce:c9:d9:93:7d:92:5e:c3:06:b8:b3:ff:03:67:53:3b:
88:7c:cf:41:cb:5b:44:5a:57:a5:ac:8a:ec:f4:7f:33:fa:92:
e4:95:f4:06:24:52:96:ae:f9:79:e0:b2:24:df:7f:50:0c:2d:
d1:21:17:c8:85:03:b8:5c:34:fc:45:d3:14:d3:b8:f5:00:fa:
e0:aa:ff:89
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8exSKLjwMWTl78goNKZEz+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ZjA4NmNhNjIxMWJiOTVkMDY0MzA4OWM3ZGE1NzZmZTY3
YzIxNTIwHhcNMjQwNDI3MDg1NjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDQ4NzNjNzJiYTkxMDhkNDFjYmE1MTZkMTM5MDYxYTc0NDc3ZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVQXlZmG0UCU0KnAyVXUJfguk+7C
wI5jzg4+HCaUk2swEOA/5A1ovAdo6/+KpgAJ+A2I9hkWBCX9zKZdFje8GAsadwJv
j8N3hpGGlP+vT0+xiM7x3kcxqPLSLZJumeGkB5CkUBXVfedXOCSH505GQLKajFkl
NZUnnM9NJXrGXvMbv7WcoPM0uEJ8xAT6H+pzlzYr+3JoAsPOYjkySGdIlflitFhF
4oHlCD28jUY2R7nPvtkfWEjY96aMjM6VhIxpxthYJOkBasi9v+daIfrFEsHJ9Q6T
GwZn/ono7iBeNepK78uoJGR8NVXiBZPXPkxLqkDpSWPBWINsnuoKJof+OwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJRIc8crqRCNQculFtE5Bhp0R39kMB8GA1UdIwQY
MBaAFDnwhspiEbuV0GQwicfaV2/mfCFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2ZDR3ltSVJ1NVhRWkRDSng5cFhiLVo4SVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8wZDY0ZTItZTJkYS00NjhhLThmN2Qt
N2ZlMzI4NTcxOTM4LzEvbEVoenh5dXBFSTFCeTZVVzBUa0dHblJIZjJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8wZDY0ZTItZTJkYS00NjhhLThmN2QtN2ZlMzI4NTcxOTM4
LzEvT2ZDR3ltSVJ1NVhRWkRDSng5cFhiLVo4SVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABSraAwQA
w0WhAwQAw9OkMA0GCSqGSIb3DQEBCwUAA4IBAQAw4GJfyYQgilWGyFHBVftCHliH
mtbp4Etfueu7LxKAVNwEQE66vQGcIP3LFracwmE2ixZpMk/i8+bxVuz6GtUa5LiQ
kLzIOlGXG5sgwAIIaCrdiMP2sQ2tE5nAS1BxOMr0j8cIUnx9t24rO+XvYIGsUtK+
IiNl8fCeYGWXvifoC8+7ONr4cceKOlA4PGxGFEH1GD47Gz8Y3YTQIEznmI0Pen9l
TJEJYyqJpEQ7I83dRM7uOdpahM7J2ZN9kl7DBriz/wNnUzuIfM9By1tEWlelrIrs
9H8z+pLklfQGJFKWrvl54LIk339QDC3RIRfIhQO4XDT8RdMU07j1APrgqv+J
-----END CERTIFICATE-----
Generated at Thu Jun 20 12:35:48 2024 by rpki-client on console-fra.rpki-client.org