Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/38c694-23a7-48b2-aaec-6c8fd0bc5b00/1/AL0vIXLS7VOX2gHrZJMOcPk0n-k.roa
File: AL0vIXLS7VOX2gHrZJMOcPk0n-k.roa (raw, json)
Hash identifier: orFb5U5/UE+w9z/Jh7h2YarQrYy8DzLhlTLrEjxA7OQ=
Subject key identifier: 00:BD:2F:21:72:D2:ED:53:97:DA:01:EB:64:93:0E:70:F9:34:9F:E9
Certificate issuer: /CN=3950303615aca6e5f6f5b5691c7c2c8dca5f234d
Certificate serial: 01856ED4A714AE97CD4E0E8CBC592C3F1060
Authority key identifier: 39:50:30:36:15:AC:A6:E5:F6:F5:B5:69:1C:7C:2C:8D:CA:5F:23:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OVAwNhWspuX29bVpHHwsjcpfI00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/38c694-23a7-48b2-aaec-6c8fd0bc5b00/1/AL0vIXLS7VOX2gHrZJMOcPk0n-k.roa
Signing time: Sun 01 Jan 2023 19:35:08 +0000
ROA not before: Sun 01 Jan 2023 19:35:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21100
IP address blocks: 185.14.28.0/22 maxlen: 22
217.12.218.0/24 maxlen: 24
217.12.200.0/23 maxlen: 23
5.34.180.0/23 maxlen: 23
217.12.208.0/23 maxlen: 23
2a02:27ab::/32 maxlen: 32
2a02:27a9::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:a7:14:ae:97:cd:4e:0e:8c:bc:59:2c:3f:10:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3950303615aca6e5f6f5b5691c7c2c8dca5f234d
Validity
Not Before: Jan 1 19:35:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00bd2f2172d2ed5397da01eb64930e70f9349fe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:91:bb:9b:6b:f4:d2:ac:cd:20:97:5e:5a:6a:
41:f6:70:96:33:0c:66:36:5d:76:c5:dd:27:97:a9:
bb:1c:30:16:d6:85:d9:08:42:ef:08:cc:2e:01:56:
2a:f6:c7:b4:ed:45:ac:fe:1d:a6:b9:3f:3b:27:79:
98:15:82:25:3c:9c:29:5a:17:1f:0e:72:66:3a:4c:
23:24:df:a6:fa:72:87:ba:c6:e4:da:7f:19:ad:72:
42:fb:3c:91:81:76:60:59:aa:c7:fe:a3:94:a6:5c:
e1:f3:18:93:e3:39:5b:23:ed:e2:96:df:c7:c1:e2:
7e:32:82:9a:e3:c4:c8:ca:7e:74:48:f8:46:b0:60:
8d:4c:9a:3f:31:f2:68:39:77:0a:44:45:a0:88:7f:
c3:fc:c0:23:23:21:30:e1:cd:51:ba:8d:36:d7:ef:
6b:a5:a8:dd:ca:27:3a:59:2e:87:5a:61:49:23:eb:
58:aa:9b:c7:78:a8:66:8c:51:52:73:10:1c:27:d0:
d7:86:b0:24:02:db:13:c0:8f:76:12:85:77:00:82:
44:3e:8d:1f:7f:2c:51:65:6d:ab:0d:f1:76:70:61:
0c:98:49:c4:f9:38:d2:4f:29:86:de:d5:e7:6f:db:
19:dd:61:7b:c4:39:cd:f5:fc:fa:f1:49:c1:9f:df:
1b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:BD:2F:21:72:D2:ED:53:97:DA:01:EB:64:93:0E:70:F9:34:9F:E9
X509v3 Authority Key Identifier:
keyid:39:50:30:36:15:AC:A6:E5:F6:F5:B5:69:1C:7C:2C:8D:CA:5F:23:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OVAwNhWspuX29bVpHHwsjcpfI00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/38c694-23a7-48b2-aaec-6c8fd0bc5b00/1/AL0vIXLS7VOX2gHrZJMOcPk0n-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/38c694-23a7-48b2-aaec-6c8fd0bc5b00/1/OVAwNhWspuX29bVpHHwsjcpfI00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.180.0/23
185.14.28.0/22
217.12.200.0/23
217.12.208.0/23
217.12.218.0/24
IPv6:
2a02:27a9::/32
2a02:27ab::/32
Signature Algorithm: sha256WithRSAEncryption
80:a8:3b:0a:77:34:f5:15:7a:16:b2:28:1b:9a:c0:d1:9c:7e:
0f:3d:ca:81:e0:fe:bc:54:04:af:b7:63:80:7f:c7:96:4a:d9:
1b:c8:70:5f:0d:8f:63:d5:78:5e:09:62:d1:b6:ef:74:bd:84:
e9:b1:ce:7d:cd:65:70:c8:de:3a:7d:2a:f1:2c:c0:5f:82:d9:
d5:f5:7d:bd:26:bb:9b:e2:57:e4:6f:af:30:1d:42:1a:61:9c:
ad:99:f6:16:6f:a1:e9:6d:a9:b1:99:15:e1:f8:f6:3b:36:19:
0d:82:6b:e7:15:cf:30:1a:a3:35:f3:78:c9:9d:6d:4e:7d:16:
16:8d:79:f1:74:4f:c1:1d:a7:ff:2a:5f:e4:9f:5b:8a:11:d9:
44:6e:fc:d2:76:85:c1:eb:6d:ae:95:9a:fc:ec:5f:af:0e:92:
04:3b:ac:83:d4:d7:6d:28:49:8f:32:6f:b7:67:07:72:0c:b6:
81:6f:08:8c:e2:4f:43:51:66:6e:1d:59:d9:06:6d:56:8f:66:
e7:1d:58:e6:a2:04:08:16:50:ca:ae:f8:c4:d5:b8:b6:61:f4:
21:95:c7:6c:24:05:2b:f6:b7:bb:a2:11:59:9f:f5:a2:3b:09:
97:32:a8:52:e1:20:1c:4e:d9:b9:e9:86:04:44:fb:46:81:e6:
1c:5e:1c:79
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYVu1KcUrpfNTg6MvFksPxBgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NTAzMDM2MTVhY2E2ZTVmNmY1YjU2OTFjN2MyYzhkY2E1
ZjIzNGQwHhcNMjMwMTAxMTkzNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGJkMmYyMTcyZDJlZDUzOTdkYTAxZWI2NDkzMGU3MGY5MzQ5ZmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5G7m2v00qzNIJdeWmpB9nCWMwxm
Nl12xd0nl6m7HDAW1oXZCELvCMwuAVYq9se07UWs/h2muT87J3mYFYIlPJwpWhcf
DnJmOkwjJN+m+nKHusbk2n8ZrXJC+zyRgXZgWarH/qOUplzh8xiT4zlbI+3ilt/H
weJ+MoKa48TIyn50SPhGsGCNTJo/MfJoOXcKREWgiH/D/MAjIyEw4c1Ruo021+9r
pajdyic6WS6HWmFJI+tYqpvHeKhmjFFScxAcJ9DXhrAkAtsTwI92EoV3AIJEPo0f
fyxRZW2rDfF2cGEMmEnE+TjSTymG3tXnb9sZ3WF7xDnN9fz68UnBn98bRQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFAC9LyFy0u1Tl9oB62STDnD5NJ/pMB8GA1UdIwQY
MBaAFDlQMDYVrKbl9vW1aRx8LI3KXyNNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1ZBd05oV3NwdVgyOWJWcEhId3NqY3BmSTAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8zOGM2OTQtMjNhNy00OGIyLWFhZWMt
NmM4ZmQwYmM1YjAwLzEvQUwwdklYTFM3Vk9YMmdIclpKTU9jUGswbi1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8zOGM2OTQtMjNhNy00OGIyLWFhZWMtNmM4ZmQwYmM1YjAw
LzEvT1ZBd05oV3NwdVgyOWJWcEhId3NqY3BmSTAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQBBSK0AwQC
uQ4cAwQB2QzIAwQB2QzQAwQA2QzaMBQEAgACMA4DBQAqAiepAwUAKgInqzANBgkq
hkiG9w0BAQsFAAOCAQEAgKg7Cnc09RV6FrIoG5rA0Zx+Dz3KgeD+vFQEr7djgH/H
lkrZG8hwXw2PY9V4Xgli0bbvdL2E6bHOfc1lcMjeOn0q8SzAX4LZ1fV9vSa7m+JX
5G+vMB1CGmGcrZn2Fm+h6W2psZkV4fj2OzYZDYJr5xXPMBqjNfN4yZ1tTn0WFo15
8XRPwR2n/ypf5J9bihHZRG780naFwettrpWa/Oxfrw6SBDusg9TXbShJjzJvt2cH
cgy2gW8IjOJPQ1Fmbh1Z2QZtVo9m5x1Y5qIECBZQyq74xNW4tmH0IZXHbCQFK/a3
u6IRWZ/1ojsJlzKoUuEgHE7ZuemGBET7RoHmHF4ceQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:22 2024 by rpki-client on console-fra.rpki-client.org