Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/_8lswWzv5NpXTelMXXwOmTcsnVc.roa
File: _8lswWzv5NpXTelMXXwOmTcsnVc.roa (raw, json)
Hash identifier: A3q1LGRypufgS9pqs9N/q7RJ1PryJbfZ8960AJMs0Jk=
Subject key identifier: FF:C9:6C:C1:6C:EF:E4:DA:57:4D:E9:4C:5D:7C:0E:99:37:2C:9D:57
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01902B5870AEBDE090063A614B6A12F14683
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/_8lswWzv5NpXTelMXXwOmTcsnVc.roa
Signing time: Tue 18 Jun 2024 12:35:34 +0000
ROA not before: Tue 18 Jun 2024 12:35:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.85.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
91.223.110.0/24 maxlen: 24
2a07:9201::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 22 Jun 2024 11:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2b:58:70:ae:bd:e0:90:06:3a:61:4b:6a:12:f1:46:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jun 18 12:35:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffc96cc16cefe4da574de94c5d7c0e99372c9d57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:60:5b:c6:69:2a:20:da:fd:ba:5d:3a:f5:7e:
9e:38:a7:a0:c8:a1:bc:ad:8c:01:d0:16:ab:3f:bb:
2e:63:e6:f2:73:30:08:87:f1:2e:ae:b2:9f:31:3f:
2e:a9:10:87:7e:76:f1:1e:c3:e3:24:4e:ad:c2:9a:
b8:4c:9a:b5:20:0c:25:c2:fd:9d:aa:3b:f6:53:79:
ea:20:9b:fd:c9:ef:68:f4:e6:f9:1d:77:0d:94:b6:
8f:29:69:15:63:3f:e0:4f:3a:00:d0:ff:95:09:7d:
93:de:7f:59:4a:c6:2a:4a:b5:e5:f6:22:2d:3e:69:
03:cf:57:2a:5f:7e:6a:e6:df:5c:f7:46:d1:09:f3:
aa:d6:1a:9d:fc:e6:63:03:0e:8b:5b:74:9a:38:b7:
69:91:15:40:3b:b8:f7:d9:f8:78:a4:0f:3d:06:9c:
bf:6c:ce:26:a2:15:b5:aa:97:f2:d8:fd:b2:6a:e0:
00:d8:bc:a7:9a:a8:8c:cf:49:35:b9:8f:12:ce:3c:
fc:6e:d0:c1:be:8e:84:34:d4:54:ea:66:5c:c5:49:
4b:4a:32:2c:81:97:20:6b:da:1b:02:c9:c7:e6:78:
c9:55:89:df:40:d7:4d:3e:13:19:eb:6f:3a:3d:e6:
ec:28:3c:d1:fc:c4:1e:c5:0a:6d:a5:39:68:03:ee:
6b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:C9:6C:C1:6C:EF:E4:DA:57:4D:E9:4C:5D:7C:0E:99:37:2C:9D:57
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/_8lswWzv5NpXTelMXXwOmTcsnVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/23
45.94.170.0/24
91.223.110.0/24
IPv6:
2a07:9201::/32
Signature Algorithm: sha256WithRSAEncryption
4d:a2:4a:2a:78:bd:01:60:e9:27:c9:36:08:9c:54:40:c1:1e:
19:62:2b:41:e6:6f:20:ff:94:91:e5:db:c3:c9:7d:5a:85:f6:
2c:0c:48:99:aa:b8:cf:c2:34:9d:b5:4a:08:3e:ce:3f:11:f0:
63:90:6f:4e:11:f3:1c:fe:16:04:33:c2:09:55:8c:ac:11:08:
e9:fd:06:97:2a:66:a7:85:4a:46:a8:8a:ed:0c:72:7b:83:88:
65:43:31:45:f8:88:7f:4e:0c:52:ad:ac:bf:5f:2c:81:7e:0d:
7d:26:e7:b8:b1:22:39:ba:fa:ee:6e:f5:ba:d4:06:fc:1b:fa:
f6:11:75:70:13:5e:39:03:e1:78:7d:12:47:53:8e:aa:d9:7c:
bc:bb:43:42:01:ff:8d:7c:da:5d:2b:31:28:5e:d5:c8:8b:7b:
ac:be:33:90:f3:fb:b8:96:43:83:bd:f2:1a:19:3a:33:2f:48:
ca:cf:a5:a0:38:84:2d:d1:a3:48:fe:89:ed:38:58:31:09:5d:
0a:14:ff:15:ac:0f:f1:b9:00:f5:c2:9e:4c:95:b4:06:ea:ad:
56:68:a7:08:cd:ee:98:c6:6d:d7:31:2e:a3:92:fd:ca:86:79:
9c:4c:f6:93:56:63:13:f5:3a:91:fa:b5:37:75:51:36:9f:b1:
ad:3d:6a:7f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZArWHCuveCQBjphS2oS8UaDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNjE4MTIzNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmM5NmNjMTZjZWZlNGRhNTc0ZGU5NGM1ZDdjMGU5OTM3MmM5ZDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGBbxmkqINr9ul069X6eOKegyKG8
rYwB0BarP7suY+byczAIh/EurrKfMT8uqRCHfnbxHsPjJE6twpq4TJq1IAwlwv2d
qjv2U3nqIJv9ye9o9Ob5HXcNlLaPKWkVYz/gTzoA0P+VCX2T3n9ZSsYqSrXl9iIt
PmkDz1cqX35q5t9c90bRCfOq1hqd/OZjAw6LW3SaOLdpkRVAO7j32fh4pA89Bpy/
bM4mohW1qpfy2P2yauAA2LynmqiMz0k1uY8Szjz8btDBvo6ENNRU6mZcxUlLSjIs
gZcga9obAsnH5njJVYnfQNdNPhMZ6286PebsKDzR/MQexQptpTloA+5rjQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFP/JbMFs7+TaV03pTF18Dpk3LJ1XMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvXzhsc3dXenY1TnBYVGVsTVhYd09tVGNzblZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBBbVUAwQA
LV6qAwQAW99uMA0EAgACMAcDBQAqB5IBMA0GCSqGSIb3DQEBCwUAA4IBAQBNokoq
eL0BYOknyTYInFRAwR4ZYitB5m8g/5SR5dvDyX1ahfYsDEiZqrjPwjSdtUoIPs4/
EfBjkG9OEfMc/hYEM8IJVYysEQjp/QaXKmanhUpGqIrtDHJ7g4hlQzFF+Ih/TgxS
ray/XyyBfg19Jue4sSI5uvrubvW61Ab8G/r2EXVwE145A+F4fRJHU46q2Xy8u0NC
Af+NfNpdKzEoXtXIi3usvjOQ8/u4lkODvfIaGTozL0jKz6WgOIQt0aNI/ontOFgx
CV0KFP8VrA/xuQD1wp5MlbQG6q1WaKcIze6Yxm3XMS6jkv3KhnmcTPaTVmMT9TqR
+rU3dVE2n7GtPWp/
-----END CERTIFICATE-----
Generated at Sat Jun 22 11:55:18 2024 by rpki-client on console-fra.rpki-client.org