Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b7f1da-467a-4362-8b2e-1970de84a1f0/1/LdxdBodb0h1Vg5TuS_feVRzqWeg.roa
File: LdxdBodb0h1Vg5TuS_feVRzqWeg.roa (raw, json)
Hash identifier: opWFoc25Iex/SOxeYA8JKAiU/m2Kdqc2qFD53/4ZZ3w=
Subject key identifier: 2D:DC:5D:06:87:5B:D2:1D:55:83:94:EE:4B:F7:DE:55:1C:EA:59:E8
Certificate issuer: /CN=c0142e5d5cfaa452166bc7b55a65558f524d6751
Certificate serial: 018718C48C30EBBE732754AA024E165DC27C
Authority key identifier: C0:14:2E:5D:5C:FA:A4:52:16:6B:C7:B5:5A:65:55:8F:52:4D:67:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wBQuXVz6pFIWa8e1WmVVj1JNZ1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b7f1da-467a-4362-8b2e-1970de84a1f0/1/LdxdBodb0h1Vg5TuS_feVRzqWeg.roa
Signing time: Sat 25 Mar 2023 12:35:46 +0000
ROA not before: Sat 25 Mar 2023 12:35:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198454
IP address blocks: 128.0.52.0/24 maxlen: 24
5.154.187.0/24 maxlen: 24
185.33.132.0/22 maxlen: 24
31.211.184.0/21 maxlen: 24
188.208.100.0/24 maxlen: 24
94.24.38.0/23 maxlen: 24
2a00:fdc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:18:c4:8c:30:eb:be:73:27:54:aa:02:4e:16:5d:c2:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0142e5d5cfaa452166bc7b55a65558f524d6751
Validity
Not Before: Mar 25 12:35:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ddc5d06875bd21d558394ee4bf7de551cea59e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d4:be:41:09:87:0a:8b:c2:fc:ea:c0:71:e1:
27:b6:b5:c7:5d:17:39:c7:97:9e:54:1d:15:5d:0c:
16:88:ae:45:3f:35:be:e7:06:11:13:f0:c6:98:64:
c5:c8:1f:3a:f1:47:06:7d:6a:13:4b:cc:10:2b:3e:
b5:c1:2a:6a:9c:5a:34:39:9e:46:d1:12:51:1b:6a:
7c:6c:79:78:2c:4f:63:f4:6a:60:f3:ef:af:d6:21:
07:7d:25:f2:8c:59:df:aa:02:36:6f:b3:66:22:52:
64:83:c7:44:da:de:31:1f:da:4d:01:e4:a3:7e:75:
86:be:ab:b2:b1:5f:75:60:bb:2d:17:15:6c:ed:23:
6b:d5:66:83:3d:88:00:62:81:b1:52:aa:c8:9f:8f:
c5:1e:3e:33:94:bd:63:26:54:b7:14:5d:64:8b:40:
d3:ce:76:53:4a:dc:4a:7e:82:bc:22:49:2e:b4:c8:
85:7d:5c:71:6e:b9:04:f2:04:11:bb:49:12:f3:91:
64:83:23:4a:2e:63:8a:17:5d:7f:fb:ea:99:df:4c:
21:9b:c1:8c:52:1e:d0:a1:d3:50:2c:bc:d0:74:e9:
ca:56:f1:a7:ec:71:b5:7b:3d:f8:ed:3e:4e:f8:e4:
47:1f:8f:dc:d3:f6:ae:64:ad:ce:ec:f0:60:b7:99:
14:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:DC:5D:06:87:5B:D2:1D:55:83:94:EE:4B:F7:DE:55:1C:EA:59:E8
X509v3 Authority Key Identifier:
keyid:C0:14:2E:5D:5C:FA:A4:52:16:6B:C7:B5:5A:65:55:8F:52:4D:67:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wBQuXVz6pFIWa8e1WmVVj1JNZ1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b7f1da-467a-4362-8b2e-1970de84a1f0/1/LdxdBodb0h1Vg5TuS_feVRzqWeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b7f1da-467a-4362-8b2e-1970de84a1f0/1/wBQuXVz6pFIWa8e1WmVVj1JNZ1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.187.0/24
31.211.184.0/21
94.24.38.0/23
128.0.52.0/24
185.33.132.0/22
188.208.100.0/24
IPv6:
2a00:fdc0::/32
Signature Algorithm: sha256WithRSAEncryption
61:2b:63:75:8c:11:e8:67:04:34:22:f6:64:fc:2c:b0:89:ad:
05:b0:d5:30:2b:40:8f:37:2f:3f:2a:78:b2:4e:4a:60:1f:33:
d8:bc:5d:82:a6:1d:ec:1d:93:78:cd:84:13:48:14:62:80:a7:
fa:17:ad:0c:69:9f:87:9d:69:f8:3d:bf:e5:1f:da:16:5a:77:
c9:62:e7:4b:6e:6f:22:d5:0d:bd:b6:60:2d:c9:14:15:4f:e0:
33:cb:36:b2:a0:c9:d8:97:29:c0:3b:29:1e:c4:e4:f3:ca:d7:
88:ae:0a:ac:13:c5:6c:97:46:de:5f:40:a5:e3:85:a1:a7:ad:
45:9a:e4:74:c7:14:d5:4b:d0:5a:52:09:5f:d9:0f:fa:9b:fc:
d9:8c:d1:64:4a:2a:7d:49:c7:14:dc:87:03:e7:e9:ae:6a:a2:
90:df:30:0d:2d:73:36:4a:23:03:cc:c0:fa:dc:0f:c1:9f:e2:
08:cb:10:e1:72:4f:5b:96:10:65:d6:4f:2f:bd:95:1f:cd:02:
4e:8a:d2:be:01:79:c7:f9:25:8f:b5:53:f4:56:f9:fa:97:d2:
b2:c1:c3:ce:64:fc:8b:73:1d:1c:e5:69:72:6a:e8:66:71:d8:
0d:e5:d7:c3:c3:ac:58:d0:ad:bd:01:bc:40:1a:18:4c:92:9d:
4f:45:d7:ba
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYcYxIww675zJ1SqAk4WXcJ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwMTQyZTVkNWNmYWE0NTIxNjZiYzdiNTVhNjU1NThmNTI0
ZDY3NTEwHhcNMjMwMzI1MTIzNTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGRjNWQwNjg3NWJkMjFkNTU4Mzk0ZWU0YmY3ZGU1NTFjZWE1OWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdS+QQmHCovC/OrAceEntrXHXRc5
x5eeVB0VXQwWiK5FPzW+5wYRE/DGmGTFyB868UcGfWoTS8wQKz61wSpqnFo0OZ5G
0RJRG2p8bHl4LE9j9Gpg8++v1iEHfSXyjFnfqgI2b7NmIlJkg8dE2t4xH9pNAeSj
fnWGvquysV91YLstFxVs7SNr1WaDPYgAYoGxUqrIn4/FHj4zlL1jJlS3FF1ki0DT
znZTStxKfoK8IkkutMiFfVxxbrkE8gQRu0kS85FkgyNKLmOKF11/++qZ30whm8GM
Uh7QodNQLLzQdOnKVvGn7HG1ez347T5O+ORHH4/c0/auZK3O7PBgt5kUuQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFC3cXQaHW9IdVYOU7kv33lUc6lnoMB8GA1UdIwQY
MBaAFMAULl1c+qRSFmvHtVplVY9STWdRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0JRdVhWejZwRklXYThlMVdtVlZqMUpOWjFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iN2YxZGEtNDY3YS00MzYyLThiMmUt
MTk3MGRlODRhMWYwLzEvTGR4ZEJvZGIwaDFWZzVUdVNfZmVWUnpxV2VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iN2YxZGEtNDY3YS00MzYyLThiMmUtMTk3MGRlODRhMWYw
LzEvd0JRdVhWejZwRklXYThlMVdtVlZqMUpOWjFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQABZq7AwQD
H9O4AwQBXhgmAwQAgAA0AwQCuSGEAwQAvNBkMA0EAgACMAcDBQAqAP3AMA0GCSqG
SIb3DQEBCwUAA4IBAQBhK2N1jBHoZwQ0IvZk/Cywia0FsNUwK0CPNy8/KniyTkpg
HzPYvF2Cph3sHZN4zYQTSBRigKf6F60MaZ+HnWn4Pb/lH9oWWnfJYudLbm8i1Q29
tmAtyRQVT+AzyzayoMnYlynAOykexOTzyteIrgqsE8Vsl0beX0Cl44Whp61FmuR0
xxTVS9BaUglf2Q/6m/zZjNFkSip9SccU3IcD5+muaqKQ3zANLXM2SiMDzMD63A/B
n+IIyxDhck9blhBl1k8vvZUfzQJOitK+AXnH+SWPtVP0Vvn6l9KywcPOZPyLcx0c
5WlyauhmcdgN5dfDw6xY0K29AbxAGhhMkp1PRde6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:36 2024 by rpki-client on console-fra.rpki-client.org