Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/5LkIaH7c7Ch1-mNN2KfGiZbCE4E.roa
File: 5LkIaH7c7Ch1-mNN2KfGiZbCE4E.roa (raw, json)
Hash identifier: 1EXLoCaY318wGPqXsmaIU9n2fFj3DI8OtJnK2cghdEU=
Subject key identifier: E4:B9:08:68:7E:DC:EC:28:75:FA:63:4D:D8:A7:C6:89:96:C2:13:81
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 0191B670F9122E0C8B6908F8014CFA83CEAD
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/5LkIaH7c7Ch1-mNN2KfGiZbCE4E.roa
Signing time: Tue 03 Sep 2024 05:52:22 +0000
ROA not before: Tue 03 Sep 2024 05:52:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.144.155.0/24 maxlen: 24
79.135.102.0/23 maxlen: 24
194.33.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Sep 2024 10:45:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b6:70:f9:12:2e:0c:8b:69:08:f8:01:4c:fa:83:ce:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Sep 3 05:52:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4b908687edcec2875fa634dd8a7c68996c21381
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:44:3d:07:a5:57:37:44:77:60:44:92:17:fb:
f2:b4:f1:cf:98:71:de:cc:f9:37:72:ef:e5:c9:4d:
db:bf:fb:b3:f7:a2:da:92:b5:0c:ec:84:94:17:64:
03:6c:9f:3f:46:f2:03:0c:f5:1d:e7:69:1c:6b:d7:
dc:cb:42:10:2f:2b:e6:de:a4:e4:7f:30:3a:e5:e6:
8f:f2:e3:1d:71:6d:9b:99:6a:30:dc:c9:a7:0b:6e:
78:ea:8d:de:24:62:5d:e5:e9:d0:98:94:0a:a9:31:
3d:a4:58:e7:a4:f0:07:6d:98:4b:82:41:c6:bd:53:
94:54:3b:9a:86:e6:57:fa:cf:0a:68:9b:56:12:76:
ab:bf:31:bf:c0:b1:f4:d9:b3:d8:b3:a4:47:76:19:
97:91:8d:ac:ec:e8:17:79:3a:52:17:6a:f5:fb:0b:
e3:94:38:dc:05:31:98:c2:90:89:d0:9a:bb:1f:c0:
4a:d9:8a:fc:78:c7:33:4a:4c:48:d4:4e:8d:4c:35:
da:22:1b:13:13:16:b3:1f:ce:f4:dc:39:ba:9b:1a:
a8:61:a2:9d:63:62:fa:82:a2:ab:78:56:6f:36:18:
c4:2d:77:90:a3:35:3f:17:c2:fd:9f:69:38:0a:aa:
b4:79:bf:f7:6d:c9:ab:0f:49:f2:37:35:62:88:f3:
ee:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:B9:08:68:7E:DC:EC:28:75:FA:63:4D:D8:A7:C6:89:96:C2:13:81
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/5LkIaH7c7Ch1-mNN2KfGiZbCE4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.155.0/24
79.135.102.0/23
194.33.151.0/24
Signature Algorithm: sha256WithRSAEncryption
90:5d:df:e7:2d:b2:d5:d1:36:2d:17:c9:eb:74:35:cc:3f:bf:
4c:71:fb:7e:1b:f4:fe:b6:9d:9d:27:15:4a:a6:da:d9:db:44:
64:d5:7d:43:b7:9f:ad:fa:ee:43:8d:96:2f:45:7c:59:e8:2a:
bd:e1:d1:a7:d4:e2:c9:53:03:f4:55:2a:f4:db:a6:ed:ca:bc:
da:71:23:31:3b:8c:9b:0f:49:69:6d:18:d0:b1:44:a9:6f:60:
ba:b7:62:4d:29:c9:a0:5d:2b:1a:7b:0f:78:82:40:16:42:44:
99:72:fe:da:8f:21:5e:5d:a7:f6:c4:b0:9b:91:43:6e:09:fe:
cb:9a:b4:70:b3:4b:ea:5c:50:0f:f8:8b:34:33:52:c0:4c:5d:
b8:9a:22:bc:40:ab:27:65:57:91:2d:2a:29:a7:6b:df:8a:c0:
29:18:5d:d1:2d:68:cc:44:69:8c:18:18:51:e2:53:3d:3d:60:
bf:7b:e2:60:d0:27:20:4f:bd:63:d7:cb:6b:c6:d5:9a:2b:67:
07:aa:7d:18:f1:7f:a8:11:1e:a7:07:9a:9c:e4:dc:51:72:87:
f4:48:72:c1:10:43:15:c9:06:4d:fe:9f:4d:ee:07:f5:be:a0:
63:bc:75:b4:81:e9:77:5d:99:2e:aa:02:78:d8:bc:28:76:6f:
fc:b0:0a:fc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZG2cPkSLgyLaQj4AUz6g86tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjQwOTAzMDU1MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGI5MDg2ODdlZGNlYzI4NzVmYTYzNGRkOGE3YzY4OTk2YzIxMzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0Q9B6VXN0R3YESSF/vytPHPmHHe
zPk3cu/lyU3bv/uz96LakrUM7ISUF2QDbJ8/RvIDDPUd52kca9fcy0IQLyvm3qTk
fzA65eaP8uMdcW2bmWow3MmnC2546o3eJGJd5enQmJQKqTE9pFjnpPAHbZhLgkHG
vVOUVDuahuZX+s8KaJtWEnarvzG/wLH02bPYs6RHdhmXkY2s7OgXeTpSF2r1+wvj
lDjcBTGYwpCJ0Jq7H8BK2Yr8eMczSkxI1E6NTDXaIhsTExazH8703Dm6mxqoYaKd
Y2L6gqKreFZvNhjELXeQozU/F8L9n2k4Cqq0eb/3bcmrD0nyNzViiPPu4wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOS5CGh+3OwodfpjTdinxomWwhOBMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvNUxrSWFIN2M3Q2gxLW1OTjJLZkdpWmJDRTRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABZCbAwQB
T4dmAwQAwiGXMA0GCSqGSIb3DQEBCwUAA4IBAQCQXd/nLbLV0TYtF8nrdDXMP79M
cft+G/T+tp2dJxVKptrZ20Rk1X1Dt5+t+u5DjZYvRXxZ6Cq94dGn1OLJUwP0VSr0
26btyrzacSMxO4ybD0lpbRjQsUSpb2C6t2JNKcmgXSsaew94gkAWQkSZcv7ajyFe
Xaf2xLCbkUNuCf7LmrRws0vqXFAP+Is0M1LATF24miK8QKsnZVeRLSopp2vfisAp
GF3RLWjMRGmMGBhR4lM9PWC/e+Jg0CcgT71j18trxtWaK2cHqn0Y8X+oER6nB5qc
5NxRcof0SHLBEEMVyQZN/p9N7gf1vqBjvHW0gel3XZkuqgJ42Lwodm/8sAr8
-----END CERTIFICATE-----
Generated at Thu Sep 12 12:52:46 2024 by rpki-client on console-fra.rpki-client.org