Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/38c694-23a7-48b2-aaec-6c8fd0bc5b00/1/fRZu0UWVj5tfCYdn_yJcTdSK4qA.roa
File: fRZu0UWVj5tfCYdn_yJcTdSK4qA.roa (raw, json)
Hash identifier: 0WDD6YLsWIGch9IsX2IjuFD73n3z9fy3LvMGE6BdkMU=
Subject key identifier: 7D:16:6E:D1:45:95:8F:9B:5F:09:87:67:FF:22:5C:4D:D4:8A:E2:A0
Certificate issuer: /CN=3950303615aca6e5f6f5b5691c7c2c8dca5f234d
Certificate serial: 01856ED4A8AB29E9B92CB40CA69E2CC3BA53
Authority key identifier: 39:50:30:36:15:AC:A6:E5:F6:F5:B5:69:1C:7C:2C:8D:CA:5F:23:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OVAwNhWspuX29bVpHHwsjcpfI00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/38c694-23a7-48b2-aaec-6c8fd0bc5b00/1/fRZu0UWVj5tfCYdn_yJcTdSK4qA.roa
Signing time: Sun 01 Jan 2023 19:35:08 +0000
ROA not before: Sun 01 Jan 2023 19:35:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204957
IP address blocks: 5.34.176.0/23 maxlen: 23
5.34.178.0/23 maxlen: 23
217.12.206.0/23 maxlen: 23
82.118.20.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:a8:ab:29:e9:b9:2c:b4:0c:a6:9e:2c:c3:ba:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3950303615aca6e5f6f5b5691c7c2c8dca5f234d
Validity
Not Before: Jan 1 19:35:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d166ed145958f9b5f098767ff225c4dd48ae2a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:76:21:12:9e:03:f3:13:3c:d4:6a:ce:a8:8c:
0a:d8:49:66:85:65:80:6d:53:45:c1:19:b9:e6:d9:
99:31:9c:28:43:e8:47:ec:91:c4:8a:af:71:d4:5d:
87:c8:33:79:0c:bd:64:74:a9:27:44:a3:07:c7:62:
e2:5e:12:dc:0c:29:78:b1:08:b4:54:39:f6:72:e7:
df:f4:f5:ce:c7:d9:b9:fc:6a:85:4c:93:d7:7a:f6:
3f:33:3c:43:cb:72:f4:81:9a:12:51:cb:d4:4c:22:
e7:23:56:dc:95:83:6b:55:b8:e3:80:5c:5f:1e:18:
98:e5:72:a6:fa:69:15:c7:3c:76:80:89:90:60:f3:
d5:cc:e0:c3:ff:44:19:2f:b2:bf:fe:6c:ae:42:ea:
8c:33:ee:4d:08:61:05:5a:e5:a2:7e:5d:d4:42:b3:
2e:dd:35:35:d8:84:e2:68:00:07:75:08:3c:b7:9c:
e3:d5:98:fb:0d:9f:1b:20:86:1a:31:62:d8:bf:68:
11:df:cf:97:81:0e:a9:f6:2a:3c:c1:58:7d:bc:45:
55:0e:a4:86:f1:05:3e:12:2c:74:c5:52:e7:43:17:
72:2d:d2:3f:27:db:a6:5d:71:b1:fc:c5:b9:7c:e8:
75:b8:18:61:6f:79:a4:17:94:64:19:1b:f9:87:dc:
c3:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:16:6E:D1:45:95:8F:9B:5F:09:87:67:FF:22:5C:4D:D4:8A:E2:A0
X509v3 Authority Key Identifier:
keyid:39:50:30:36:15:AC:A6:E5:F6:F5:B5:69:1C:7C:2C:8D:CA:5F:23:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OVAwNhWspuX29bVpHHwsjcpfI00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/38c694-23a7-48b2-aaec-6c8fd0bc5b00/1/fRZu0UWVj5tfCYdn_yJcTdSK4qA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/38c694-23a7-48b2-aaec-6c8fd0bc5b00/1/OVAwNhWspuX29bVpHHwsjcpfI00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.176.0/22
82.118.20.0/22
217.12.206.0/23
Signature Algorithm: sha256WithRSAEncryption
64:41:0d:2d:97:af:28:39:78:b6:95:56:f4:e2:cb:81:0c:a5:
84:64:10:4e:14:a0:1e:c3:9f:2f:9a:63:54:83:0c:11:3b:93:
61:78:a7:26:3f:74:79:d8:db:7b:45:11:6d:ee:22:23:2c:9b:
18:8d:9f:2a:bc:7c:55:4e:b5:91:de:1f:f6:b3:ba:4f:e4:bd:
27:1e:68:ab:95:ae:1f:6e:27:b7:3d:11:e9:8a:a1:82:1e:a6:
66:0b:f0:c6:f5:af:58:d3:9d:80:87:6a:77:d4:9e:d0:8c:23:
98:bf:b1:f7:68:f5:aa:bf:f0:d3:98:78:83:f3:7b:3d:7b:41:
9d:18:ee:dc:a6:97:20:16:82:5c:e4:91:c9:e5:6f:50:3a:dc:
a0:34:57:00:0c:d5:e5:af:ef:ff:b3:bb:f2:7d:fe:23:42:fd:
d0:09:f2:93:33:04:91:04:4e:05:5b:c0:a0:89:cb:ad:c9:8f:
7d:fb:a0:e0:53:9e:ea:9d:14:0c:af:7b:ff:3e:c6:36:dd:56:
97:d6:2c:49:ad:96:07:99:3f:24:cf:ce:f7:8a:45:2c:40:67:
2c:1c:0c:a1:f6:08:0f:89:12:fd:2d:a0:6f:c1:d4:31:02:20:
4e:90:2f:17:d5:97:d2:0d:84:8d:aa:61:37:e5:f2:05:16:ef:
63:f1:a8:19
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVu1KirKem5LLQMpp4sw7pTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NTAzMDM2MTVhY2E2ZTVmNmY1YjU2OTFjN2MyYzhkY2E1
ZjIzNGQwHhcNMjMwMTAxMTkzNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDE2NmVkMTQ1OTU4ZjliNWYwOTg3NjdmZjIyNWM0ZGQ0OGFlMmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3YhEp4D8xM81GrOqIwK2ElmhWWA
bVNFwRm55tmZMZwoQ+hH7JHEiq9x1F2HyDN5DL1kdKknRKMHx2LiXhLcDCl4sQi0
VDn2cuff9PXOx9m5/GqFTJPXevY/MzxDy3L0gZoSUcvUTCLnI1bclYNrVbjjgFxf
HhiY5XKm+mkVxzx2gImQYPPVzODD/0QZL7K//myuQuqMM+5NCGEFWuWifl3UQrMu
3TU12ITiaAAHdQg8t5zj1Zj7DZ8bIIYaMWLYv2gR38+XgQ6p9io8wVh9vEVVDqSG
8QU+Eix0xVLnQxdyLdI/J9umXXGx/MW5fOh1uBhhb3mkF5RkGRv5h9zDUQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH0WbtFFlY+bXwmHZ/8iXE3UiuKgMB8GA1UdIwQY
MBaAFDlQMDYVrKbl9vW1aRx8LI3KXyNNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1ZBd05oV3NwdVgyOWJWcEhId3NqY3BmSTAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8zOGM2OTQtMjNhNy00OGIyLWFhZWMt
NmM4ZmQwYmM1YjAwLzEvZlJadTBVV1ZqNXRmQ1lkbl95SmNUZFNLNHFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8zOGM2OTQtMjNhNy00OGIyLWFhZWMtNmM4ZmQwYmM1YjAw
LzEvT1ZBd05oV3NwdVgyOWJWcEhId3NqY3BmSTAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBSKwAwQC
UnYUAwQB2QzOMA0GCSqGSIb3DQEBCwUAA4IBAQBkQQ0tl68oOXi2lVb04suBDKWE
ZBBOFKAew58vmmNUgwwRO5NheKcmP3R52Nt7RRFt7iIjLJsYjZ8qvHxVTrWR3h/2
s7pP5L0nHmirla4fbie3PRHpiqGCHqZmC/DG9a9Y052Ah2p31J7QjCOYv7H3aPWq
v/DTmHiD83s9e0GdGO7cppcgFoJc5JHJ5W9QOtygNFcADNXlr+//s7vyff4jQv3Q
CfKTMwSRBE4FW8CgicutyY99+6DgU57qnRQMr3v/PsY23VaX1ixJrZYHmT8kz873
ikUsQGcsHAyh9ggPiRL9LaBvwdQxAiBOkC8X1ZfSDYSNqmE35fIFFu9j8agZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:22 2024 by rpki-client on console-fra.rpki-client.org