Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/L5lKYG9FYgEdVKTEVPkKfS1Mv58.roa
File: L5lKYG9FYgEdVKTEVPkKfS1Mv58.roa (raw, json)
Hash identifier: MNDwtRTneCNsGu42ou5oWJ6dkwUwyWAhOzpmF/P276o=
Subject key identifier: 2F:99:4A:60:6F:45:62:01:1D:54:A4:C4:54:F9:0A:7D:2D:4C:BF:9F
Certificate issuer: /CN=5f7da568ad027b9e249c13e223d322769881a29f
Certificate serial: 018CC49320EE0EAE056690BA2AFE397DB319
Authority key identifier: 5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/L5lKYG9FYgEdVKTEVPkKfS1Mv58.roa
Signing time: Mon 01 Jan 2024 10:30:25 +0000
ROA not before: Mon 01 Jan 2024 10:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29205
IP address blocks: 185.49.12.0/22 maxlen: 24
91.230.36.0/23 maxlen: 23
185.100.228.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 07 Mar 2024 13:04:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:20:ee:0e:ae:05:66:90:ba:2a:fe:39:7d:b3:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f7da568ad027b9e249c13e223d322769881a29f
Validity
Not Before: Jan 1 10:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f994a606f4562011d54a4c454f90a7d2d4cbf9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:48:c3:6d:55:aa:90:f9:d6:61:8c:45:cc:65:
6c:94:7b:3f:c8:5f:54:1f:ad:74:d5:8a:9e:e1:e5:
e7:60:86:0d:d2:1b:90:a7:73:f6:e4:19:b8:0e:3d:
bc:39:71:d9:cc:82:13:e6:ec:d0:17:cf:ca:ca:56:
2e:ee:d5:c2:22:11:ba:4d:6a:c2:ce:10:5e:c3:fc:
54:b6:5b:20:ce:52:f8:7d:88:ff:16:c7:69:c1:35:
cd:5c:50:af:15:34:f8:0c:d8:1a:66:63:14:98:bf:
f7:e2:ca:33:ea:4a:ca:34:bb:00:6e:c4:91:6c:37:
6d:f0:22:1e:14:82:85:10:dc:80:f1:b8:bf:f5:a1:
86:43:aa:e4:11:9d:1b:93:78:65:1d:f5:9d:ee:a2:
08:20:6d:2f:9e:c8:b0:44:06:2e:2c:dc:ea:78:ac:
09:f8:2c:fc:b3:b3:87:ab:8f:08:b3:97:b6:9b:71:
ee:74:34:9d:1b:76:9c:e6:c1:33:1e:e0:fe:1a:df:
a1:61:a4:fd:1e:e0:94:0b:18:49:0a:13:3b:6b:bf:
3b:d3:2a:0a:41:22:30:ec:d0:3e:7c:ec:fc:01:29:
57:d6:5c:69:42:50:9e:f2:6c:16:c7:79:b4:3f:25:
2f:35:00:5a:44:67:90:7b:d8:5e:a5:38:34:d0:db:
10:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:99:4A:60:6F:45:62:01:1D:54:A4:C4:54:F9:0A:7D:2D:4C:BF:9F
X509v3 Authority Key Identifier:
keyid:5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/L5lKYG9FYgEdVKTEVPkKfS1Mv58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.36.0/23
185.49.12.0/22
185.100.228.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:df:02:1b:0e:50:9d:c7:bb:d0:d9:f6:b7:a1:39:0d:2d:e4:
1d:c7:03:1a:81:b5:d5:ab:46:9b:04:02:24:4c:32:c3:08:46:
54:c6:d4:73:24:f7:5c:11:60:10:74:2e:e4:a9:38:83:4c:20:
6a:28:2e:35:49:cf:86:13:bb:77:a2:62:29:40:09:d1:1e:b5:
d9:3e:ce:4e:82:af:c8:46:1c:0f:0a:b0:49:69:ee:86:03:4e:
d1:20:64:39:73:1c:11:78:5f:18:da:70:60:62:5e:b4:da:21:
b7:44:61:b2:22:72:1a:19:f4:58:f4:8c:a7:26:72:69:dc:7c:
66:48:e4:24:96:57:16:fc:31:43:52:23:80:3f:98:80:fa:77:
4d:c4:e5:a5:f3:2c:56:70:ef:7a:56:e5:29:d8:c0:9c:d1:e6:
cc:3a:8e:d6:90:59:93:48:bf:b6:ff:83:2d:57:e4:41:5b:d5:
76:0c:e7:66:dd:51:8a:fe:49:ff:f8:34:fe:db:34:31:9f:b8:
74:3c:85:29:b8:39:e6:92:23:dc:5e:af:28:f7:e2:a3:fc:c0:
d5:75:2f:5a:07:2a:29:fb:bf:da:38:0f:53:0c:a1:aa:59:f1:
74:a5:c5:07:f3:f3:5d:ca:40:63:5a:06:48:43:47:1f:05:00:
8a:13:14:39
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEkyDuDq4FZpC6Kv45fbMZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmN2RhNTY4YWQwMjdiOWUyNDljMTNlMjIzZDMyMjc2OTg4
MWEyOWYwHhcNMjQwMTAxMTAzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjk5NGE2MDZmNDU2MjAxMWQ1NGE0YzQ1NGY5MGE3ZDJkNGNiZjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEjDbVWqkPnWYYxFzGVslHs/yF9U
H6101Yqe4eXnYIYN0huQp3P25Bm4Dj28OXHZzIIT5uzQF8/KylYu7tXCIhG6TWrC
zhBew/xUtlsgzlL4fYj/FsdpwTXNXFCvFTT4DNgaZmMUmL/34soz6krKNLsAbsSR
bDdt8CIeFIKFENyA8bi/9aGGQ6rkEZ0bk3hlHfWd7qIIIG0vnsiwRAYuLNzqeKwJ
+Cz8s7OHq48Is5e2m3HudDSdG3ac5sEzHuD+Gt+hYaT9HuCUCxhJChM7a7870yoK
QSIw7NA+fOz8ASlX1lxpQlCe8mwWx3m0PyUvNQBaRGeQe9hepTg00NsQ6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC+ZSmBvRWIBHVSkxFT5Cn0tTL+fMB8GA1UdIwQY
MBaAFF99pWitAnueJJwT4iPTInaYgaKfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUt
Mzc1NzUzOWMyYWM5LzEvTDVsS1lHOUZZZ0VkVktURVZQa0tmUzFNdjU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUtMzc1NzUzOWMyYWM5
LzEvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW+YkAwQC
uTEMAwQCuWTkMA0GCSqGSIb3DQEBCwUAA4IBAQA63wIbDlCdx7vQ2fa3oTkNLeQd
xwMagbXVq0abBAIkTDLDCEZUxtRzJPdcEWAQdC7kqTiDTCBqKC41Sc+GE7t3omIp
QAnRHrXZPs5Ogq/IRhwPCrBJae6GA07RIGQ5cxwReF8Y2nBgYl602iG3RGGyInIa
GfRY9IynJnJp3HxmSOQkllcW/DFDUiOAP5iA+ndNxOWl8yxWcO96VuUp2MCc0ebM
Oo7WkFmTSL+2/4MtV+RBW9V2DOdm3VGK/kn/+DT+2zQxn7h0PIUpuDnmkiPcXq8o
9+Kj/MDVdS9aByop+7/aOA9TDKGqWfF0pcUH8/NdykBjWgZIQ0cfBQCKExQ5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:58 2024 by rpki-client on console-fra.rpki-client.org