Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/4u5CkchLzbSRzrhnuxWjEzoE5hM.roa
File: 4u5CkchLzbSRzrhnuxWjEzoE5hM.roa (raw, json)
Hash identifier: x3BUTSz4ag9UrOon8Ux8Zo9p5SGqBKkNzeqQgw7qD3A=
Subject key identifier: E2:EE:42:91:C8:4B:CD:B4:91:CE:B8:67:BB:15:A3:13:3A:04:E6:13
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01887C213A9504E34244F4FAC292F3937AAE
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/4u5CkchLzbSRzrhnuxWjEzoE5hM.roa
Signing time: Fri 02 Jun 2023 12:42:12 +0000
ROA not before: Fri 02 Jun 2023 12:42:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 194.146.92.0/24 maxlen: 24
194.146.93.0/24 maxlen: 24
79.98.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Jun 2023 17:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7c:21:3a:95:04:e3:42:44:f4:fa:c2:92:f3:93:7a:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jun 2 12:42:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2ee4291c84bcdb491ceb867bb15a3133a04e613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b4:cc:5a:bb:9e:f3:3f:dc:66:46:64:06:0a:
72:bc:65:ba:52:c5:c3:46:55:d5:98:71:97:ff:8f:
60:a4:eb:f0:74:36:30:ae:54:29:bc:18:7c:14:e1:
4b:dd:fc:98:8c:d2:59:e3:3b:93:3e:b2:cb:4e:63:
49:72:5d:ae:6d:2d:3f:49:9f:11:02:66:87:3d:69:
c6:ec:8f:cd:50:9b:0f:f0:95:ca:b2:3a:5f:8c:2b:
05:75:21:9e:2c:28:8c:8f:b9:d2:c4:1f:6f:5a:72:
40:17:72:bc:60:58:d9:d8:8b:fb:0b:11:8b:66:34:
e0:d6:23:07:60:43:81:47:61:3a:33:c5:e7:07:d5:
d2:c6:ee:9b:07:d9:6f:19:09:ca:cb:33:b0:51:b1:
b9:79:e4:11:41:25:56:79:f0:3f:73:ff:83:49:d3:
3a:61:f3:1b:2d:69:35:0c:42:7b:01:8d:6a:de:8c:
ff:03:dd:fd:6c:b9:d4:bb:9b:0d:64:fb:f0:cc:92:
09:34:fc:20:df:c8:ac:8d:7c:26:30:70:7a:ab:aa:
12:f6:a5:29:62:af:d3:14:14:7c:9c:e5:fd:57:91:
e1:1e:eb:fc:42:ff:05:b8:98:1e:70:35:b3:51:e4:
8f:7d:62:bf:87:1b:4a:d6:87:28:c8:f0:79:64:ba:
8e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:EE:42:91:C8:4B:CD:B4:91:CE:B8:67:BB:15:A3:13:3A:04:E6:13
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/4u5CkchLzbSRzrhnuxWjEzoE5hM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.247.0/24
194.146.92.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:b5:2a:4b:9e:ce:d1:a2:95:78:4a:cd:09:26:6a:b7:eb:83:
b9:1b:19:0c:a7:f7:92:54:53:c4:52:d6:b9:c2:fe:19:44:81:
e0:bd:78:06:4f:fa:99:52:fa:53:b1:e5:48:9b:7f:7d:ec:68:
89:c4:d7:53:45:ba:27:3c:41:b3:f1:9f:4f:4c:e2:b2:a6:00:
c5:96:df:7e:9b:8d:ee:7b:22:05:fd:06:96:4e:45:8f:66:4f:
19:bc:8b:4f:8c:48:c5:e9:40:e2:dc:5c:c0:f0:09:33:43:91:
83:c9:bc:22:eb:fe:88:76:bf:88:54:4e:25:c6:6c:4e:26:f4:
b3:70:ff:dd:5e:29:f8:25:b2:62:4a:1b:71:0e:bf:1a:bf:47:
ab:44:58:74:f2:70:77:ba:86:6e:bb:d0:2c:38:57:9d:34:8f:
4d:68:f3:f6:8f:00:04:f2:53:b6:83:54:81:41:be:88:5d:e9:
c0:4c:f3:aa:43:eb:43:e9:52:c4:7a:aa:f6:ad:3a:d2:e3:d6:
38:7d:ed:f4:57:0f:0c:e4:17:d5:3b:b4:7c:09:5b:d8:8f:77:
ff:10:98:19:d8:05:5b:61:d7:5a:f1:12:22:16:ba:05:17:c6:
ee:bf:06:9a:ff:ed:f9:93:ad:b5:ed:b8:b0:54:0b:f1:f9:49:
87:66:9f:ee
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYh8ITqVBONCRPT6wpLzk3quMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNjAyMTI0MjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmVlNDI5MWM4NGJjZGI0OTFjZWI4NjdiYjE1YTMxMzNhMDRlNjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7TMWrue8z/cZkZkBgpyvGW6UsXD
RlXVmHGX/49gpOvwdDYwrlQpvBh8FOFL3fyYjNJZ4zuTPrLLTmNJcl2ubS0/SZ8R
AmaHPWnG7I/NUJsP8JXKsjpfjCsFdSGeLCiMj7nSxB9vWnJAF3K8YFjZ2Iv7CxGL
ZjTg1iMHYEOBR2E6M8XnB9XSxu6bB9lvGQnKyzOwUbG5eeQRQSVWefA/c/+DSdM6
YfMbLWk1DEJ7AY1q3oz/A939bLnUu5sNZPvwzJIJNPwg38isjXwmMHB6q6oS9qUp
Yq/TFBR8nOX9V5HhHuv8Qv8FuJgecDWzUeSPfWK/hxtK1ocoyPB5ZLqOwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOLuQpHIS820kc64Z7sVoxM6BOYTMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvNHU1Q2tjaEx6YlNSenJobnV4V2pFem9FNWhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAT2L3AwQB
wpJcMA0GCSqGSIb3DQEBCwUAA4IBAQAOtSpLns7RopV4Ss0JJmq364O5GxkMp/eS
VFPEUta5wv4ZRIHgvXgGT/qZUvpTseVIm3997GiJxNdTRbonPEGz8Z9PTOKypgDF
lt9+m43ueyIF/QaWTkWPZk8ZvItPjEjF6UDi3FzA8AkzQ5GDybwi6/6Idr+IVE4l
xmxOJvSzcP/dXin4JbJiShtxDr8av0erRFh08nB3uoZuu9AsOFedNI9NaPP2jwAE
8lO2g1SBQb6IXenATPOqQ+tD6VLEeqr2rTrS49Y4fe30Vw8M5BfVO7R8CVvYj3f/
EJgZ2AVbYdda8RIiFroFF8buvwaa/+35k6217biwVAvx+UmHZp/u
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org