Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/5cac1e-831d-4d9e-9a22-1eef11a8dddf/1/CL_M7hu65zqtLgPjfUsGGP3s8L4.roa
File: CL_M7hu65zqtLgPjfUsGGP3s8L4.roa (raw, json)
Hash identifier: fc5s65/lJdIcnvtLR61RTs/Jdhlo0+rBc+6P4OVDvjI=
Subject key identifier: 08:BF:CC:EE:1B:BA:E7:3A:AD:2E:03:E3:7D:4B:06:18:FD:EC:F0:BE
Certificate issuer: /CN=3e276ac51a132401db4cd741d866a54622a0d15c
Certificate serial: 01857139E02D4A5E8326FCCF07E160DF096F
Authority key identifier: 3E:27:6A:C5:1A:13:24:01:DB:4C:D7:41:D8:66:A5:46:22:A0:D1:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PidqxRoTJAHbTNdB2GalRiKg0Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/5cac1e-831d-4d9e-9a22-1eef11a8dddf/1/CL_M7hu65zqtLgPjfUsGGP3s8L4.roa
Signing time: Mon 02 Jan 2023 06:44:56 +0000
ROA not before: Mon 02 Jan 2023 06:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206330
IP address blocks: 185.135.189.0/24 maxlen: 24
2a10:1646::/32 maxlen: 48
2a10:1647::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:e0:2d:4a:5e:83:26:fc:cf:07:e1:60:df:09:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e276ac51a132401db4cd741d866a54622a0d15c
Validity
Not Before: Jan 2 06:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08bfccee1bbae73aad2e03e37d4b0618fdecf0be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3d:b8:a3:1b:d3:a2:24:52:6a:8a:8e:cc:0c:
1a:cf:3c:84:38:18:db:8b:49:58:88:29:20:75:21:
83:ea:d5:76:68:e3:33:28:e1:e1:45:af:1b:8e:a6:
4b:e2:4c:2b:f9:94:54:de:d4:65:7b:53:38:33:1d:
b8:38:3f:fb:7e:e6:4b:5f:81:02:22:ff:ba:d8:90:
9a:fa:2f:50:b7:bd:26:70:07:2a:1f:95:f0:c1:ea:
a5:60:d8:a8:a8:43:0a:d1:48:4c:bf:0a:70:d1:53:
eb:bd:ed:d2:f7:f9:b0:01:fc:9a:ae:74:1c:39:79:
da:4d:33:f7:15:2f:47:09:e6:79:3e:b3:39:d5:83:
e2:ef:99:0f:de:f7:79:1c:4f:fa:6c:84:d2:4b:8e:
d7:a9:13:da:a9:91:49:ba:48:9f:91:db:0d:42:b5:
4d:ef:db:42:84:d7:34:5b:17:54:6d:f0:55:16:37:
e5:e1:b4:b6:a2:de:eb:97:eb:74:31:2f:fc:9a:88:
69:62:63:ad:3d:64:34:aa:78:10:b6:1a:16:fb:4d:
f4:05:27:35:df:ae:2a:e2:fd:80:2e:b2:97:16:38:
87:96:77:9f:e2:97:30:34:71:62:30:fa:fc:ac:4d:
09:04:56:d7:d5:6b:a8:d9:bc:64:96:17:7d:77:1e:
c9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:BF:CC:EE:1B:BA:E7:3A:AD:2E:03:E3:7D:4B:06:18:FD:EC:F0:BE
X509v3 Authority Key Identifier:
keyid:3E:27:6A:C5:1A:13:24:01:DB:4C:D7:41:D8:66:A5:46:22:A0:D1:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PidqxRoTJAHbTNdB2GalRiKg0Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/5cac1e-831d-4d9e-9a22-1eef11a8dddf/1/CL_M7hu65zqtLgPjfUsGGP3s8L4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/5cac1e-831d-4d9e-9a22-1eef11a8dddf/1/PidqxRoTJAHbTNdB2GalRiKg0Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.189.0/24
IPv6:
2a10:1646::/31
Signature Algorithm: sha256WithRSAEncryption
6f:92:0e:34:22:d0:d7:b1:a3:15:87:d2:18:10:38:68:d7:4d:
b4:30:86:c1:f6:6e:a8:72:f5:93:ab:f9:2d:06:f6:e0:61:7c:
37:50:61:12:de:5a:0c:81:a9:a4:c2:d5:75:02:06:c3:0d:d0:
85:59:50:17:12:99:81:47:71:d9:27:a9:f3:b2:e4:5f:ea:b4:
a6:61:26:e2:24:5a:d7:f3:f2:d6:a4:22:8c:70:82:23:55:a3:
7b:94:44:e3:56:ed:e6:3d:5f:ea:ed:38:fd:cb:51:0b:aa:8f:
23:4d:02:a2:96:55:5c:4a:42:5a:48:ef:6a:31:ff:b2:f5:eb:
e4:34:a6:07:5a:49:de:39:33:36:e4:29:38:5f:66:b1:40:e0:
19:45:c8:e7:00:c9:86:f9:6b:04:ad:f9:df:0f:48:e3:d4:b8:
6a:0b:58:41:1d:e4:9f:06:ba:f0:d1:3d:66:a5:7e:10:4e:18:
d0:03:2c:29:de:ca:e8:46:31:00:52:eb:32:41:e1:a2:60:47:
13:05:cf:94:68:fe:b7:e3:11:bf:6f:aa:92:02:7c:3d:82:57:
46:7c:a4:72:4f:cc:8d:d5:02:01:ec:26:4a:e1:6f:8d:ac:30:
59:f6:69:c1:69:88:50:33:d9:cf:b6:d4:3b:94:31:1b:7c:b1:
66:11:48:07
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxOeAtSl6DJvzPB+Fg3wlvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjc2YWM1MWExMzI0MDFkYjRjZDc0MWQ4NjZhNTQ2MjJh
MGQxNWMwHhcNMjMwMTAyMDY0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGJmY2NlZTFiYmFlNzNhYWQyZTAzZTM3ZDRiMDYxOGZkZWNmMGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvj24oxvToiRSaoqOzAwazzyEOBjb
i0lYiCkgdSGD6tV2aOMzKOHhRa8bjqZL4kwr+ZRU3tRle1M4Mx24OD/7fuZLX4EC
Iv+62JCa+i9Qt70mcAcqH5XwweqlYNioqEMK0UhMvwpw0VPrve3S9/mwAfyarnQc
OXnaTTP3FS9HCeZ5PrM51YPi75kP3vd5HE/6bITSS47XqRPaqZFJukifkdsNQrVN
79tChNc0WxdUbfBVFjfl4bS2ot7rl+t0MS/8mohpYmOtPWQ0qngQthoW+030BSc1
364q4v2ALrKXFjiHlnef4pcwNHFiMPr8rE0JBFbX1Wuo2bxklhd9dx7JpwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAi/zO4buuc6rS4D431LBhj97PC+MB8GA1UdIwQY
MBaAFD4nasUaEyQB20zXQdhmpUYioNFcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlkcXhSb1RKQUhiVE5kQjJHYWxSaUtnMFZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi81Y2FjMWUtODMxZC00ZDllLTlhMjIt
MWVlZjExYThkZGRmLzEvQ0xfTTdodTY1enF0TGdQamZVc0dHUDNzOEw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi81Y2FjMWUtODMxZC00ZDllLTlhMjItMWVlZjExYThkZGRm
LzEvUGlkcXhSb1RKQUhiVE5kQjJHYWxSaUtnMFZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuYe9MA0E
AgACMAcDBQEqEBZGMA0GCSqGSIb3DQEBCwUAA4IBAQBvkg40ItDXsaMVh9IYEDho
1020MIbB9m6ocvWTq/ktBvbgYXw3UGES3loMgamkwtV1AgbDDdCFWVAXEpmBR3HZ
J6nzsuRf6rSmYSbiJFrX8/LWpCKMcIIjVaN7lETjVu3mPV/q7Tj9y1ELqo8jTQKi
llVcSkJaSO9qMf+y9evkNKYHWkneOTM25Ck4X2axQOAZRcjnAMmG+WsErfnfD0jj
1LhqC1hBHeSfBrrw0T1mpX4QThjQAywp3sroRjEAUusyQeGiYEcTBc+UaP634xG/
b6qSAnw9gldGfKRyT8yN1QIB7CZK4W+NrDBZ9mnBaYhQM9nPttQ7lDEbfLFmEUgH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:55 2024 by rpki-client on console-ams.rpki-client.org