Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/1ec1d7-aced-4eaa-978c-2a990f2850fb/1/gLUGtFodGdG1V0M1ztv8ftOmkRM.roa
File: gLUGtFodGdG1V0M1ztv8ftOmkRM.roa (raw, json)
Hash identifier: QkSaBryncQZv3wJ1GyeQPn9Nc64ng9PRtzIDXKzoT+8=
Subject key identifier: 80:B5:06:B4:5A:1D:19:D1:B5:57:43:35:CE:DB:FC:7E:D3:A6:91:13
Certificate issuer: /CN=f5e8e36be1dba073590382bb1ffff317653900d1
Certificate serial: 01856D81980BB704097254F974B5EB761CA3
Authority key identifier: F5:E8:E3:6B:E1:DB:A0:73:59:03:82:BB:1F:FF:F3:17:65:39:00:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9ejja-HboHNZA4K7H__zF2U5ANE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/1ec1d7-aced-4eaa-978c-2a990f2850fb/1/gLUGtFodGdG1V0M1ztv8ftOmkRM.roa
Signing time: Sun 01 Jan 2023 13:24:47 +0000
ROA not before: Sun 01 Jan 2023 13:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200003
IP address blocks: 185.39.104.0/22 maxlen: 22
185.39.104.0/24 maxlen: 24
185.39.105.0/24 maxlen: 24
185.39.107.0/24 maxlen: 24
185.39.106.0/24 maxlen: 24
2a04:7b40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:98:0b:b7:04:09:72:54:f9:74:b5:eb:76:1c:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5e8e36be1dba073590382bb1ffff317653900d1
Validity
Not Before: Jan 1 13:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80b506b45a1d19d1b5574335cedbfc7ed3a69113
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:eb:b5:82:fe:f4:d2:23:a7:7c:e4:6e:2b:f9:
3b:2e:5f:55:17:35:eb:91:aa:6f:dd:3c:b7:8e:28:
30:16:67:d3:5b:ce:b0:7e:42:90:1a:25:56:78:a2:
02:89:12:6b:90:c7:dc:08:d2:d0:37:57:49:c5:7a:
65:25:5a:96:32:00:90:04:50:79:f6:22:ea:2d:db:
a9:52:e9:80:ae:2d:09:78:5a:06:15:ca:94:12:ad:
73:95:ba:23:da:ef:6c:12:a8:27:33:71:be:f1:6a:
18:95:a2:5b:07:04:32:26:15:0d:e8:9f:ed:7e:71:
dd:d5:32:4d:e2:3d:b1:40:bd:6a:80:82:66:ad:24:
b9:99:e9:c8:7f:3c:d7:00:09:5f:d3:fe:2c:ce:17:
1e:0e:91:8f:19:6f:df:45:64:49:f4:a4:a8:20:97:
df:a4:cf:02:aa:2e:3c:90:f9:c9:1e:e5:6c:b2:6f:
0b:b8:56:0c:20:79:6a:6a:c5:10:33:22:a8:b8:a5:
5b:d2:3f:2d:ac:18:a0:79:39:fc:f3:08:0d:b5:b6:
14:d3:48:80:03:3e:e7:88:e5:05:eb:8a:0e:a0:29:
0e:b6:9a:43:27:38:96:41:ba:67:88:ad:d2:1b:90:
fd:2d:89:19:83:0a:d2:b3:53:99:fc:6b:10:8b:ca:
76:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:B5:06:B4:5A:1D:19:D1:B5:57:43:35:CE:DB:FC:7E:D3:A6:91:13
X509v3 Authority Key Identifier:
keyid:F5:E8:E3:6B:E1:DB:A0:73:59:03:82:BB:1F:FF:F3:17:65:39:00:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9ejja-HboHNZA4K7H__zF2U5ANE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/1ec1d7-aced-4eaa-978c-2a990f2850fb/1/gLUGtFodGdG1V0M1ztv8ftOmkRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/1ec1d7-aced-4eaa-978c-2a990f2850fb/1/9ejja-HboHNZA4K7H__zF2U5ANE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.104.0/22
IPv6:
2a04:7b40::/29
Signature Algorithm: sha256WithRSAEncryption
9d:98:51:f3:38:38:db:0c:3e:e1:6e:e7:08:fc:89:8c:b1:21:
01:94:7e:bf:32:d2:b0:04:c3:ea:7b:dc:48:cd:e8:1d:4e:03:
2e:5f:fb:eb:2c:c6:72:b6:0e:f9:f1:a4:ba:e8:9b:28:c5:38:
49:7e:e1:e0:d1:fd:af:34:f5:70:98:70:9f:07:32:64:b4:05:
69:68:4d:87:eb:1b:dc:15:cc:aa:19:09:7d:86:92:f9:b6:f6:
36:30:68:f1:66:fe:9e:8c:be:c5:34:24:6f:0b:8c:ed:b4:49:
0e:f4:46:b6:5f:7d:56:1c:4a:86:a6:06:61:42:c0:51:4d:b6:
75:e5:6b:f0:71:81:26:c9:3f:49:6a:1c:4c:cd:7d:db:43:2d:
cc:12:7a:75:14:a8:6c:11:2e:cc:0f:81:3d:80:a1:fb:47:00:
0a:66:c1:78:b5:97:04:e0:9f:6b:32:95:6f:a6:f3:88:a4:20:
66:f1:0d:99:33:4c:cc:a6:52:97:6d:f0:e7:a0:95:33:e1:67:
fc:85:1b:b2:96:b3:f7:cd:0a:ec:9b:c1:da:41:a8:76:52:59:
70:cd:cd:41:d8:7c:08:7e:7f:18:d9:f5:42:fb:40:b3:5d:04:
11:a8:83:58:76:5c:cc:23:c2:96:57:e4:1f:7f:80:43:fa:b8:
ab:55:44:4a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtgZgLtwQJclT5dLXrdhyjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZThlMzZiZTFkYmEwNzM1OTAzODJiYjFmZmZmMzE3NjUz
OTAwZDEwHhcNMjMwMTAxMTMyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGI1MDZiNDVhMWQxOWQxYjU1NzQzMzVjZWRiZmM3ZWQzYTY5MTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuu1gv700iOnfORuK/k7Ll9VFzXr
kapv3Ty3jigwFmfTW86wfkKQGiVWeKICiRJrkMfcCNLQN1dJxXplJVqWMgCQBFB5
9iLqLdupUumAri0JeFoGFcqUEq1zlboj2u9sEqgnM3G+8WoYlaJbBwQyJhUN6J/t
fnHd1TJN4j2xQL1qgIJmrSS5menIfzzXAAlf0/4szhceDpGPGW/fRWRJ9KSoIJff
pM8Cqi48kPnJHuVssm8LuFYMIHlqasUQMyKouKVb0j8trBigeTn88wgNtbYU00iA
Az7niOUF64oOoCkOtppDJziWQbpniK3SG5D9LYkZgwrSs1OZ/GsQi8p2iwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIC1BrRaHRnRtVdDNc7b/H7TppETMB8GA1UdIwQY
MBaAFPXo42vh26BzWQOCux//8xdlOQDRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWVqamEtSGJvSE5aQTRLN0hfX3pGMlU1QU5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8xZWMxZDctYWNlZC00ZWFhLTk3OGMt
MmE5OTBmMjg1MGZiLzEvZ0xVR3RGb2RHZEcxVjBNMXp0djhmdE9ta1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8xZWMxZDctYWNlZC00ZWFhLTk3OGMtMmE5OTBmMjg1MGZi
LzEvOWVqamEtSGJvSE5aQTRLN0hfX3pGMlU1QU5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSdoMA0E
AgACMAcDBQMqBHtAMA0GCSqGSIb3DQEBCwUAA4IBAQCdmFHzODjbDD7hbucI/ImM
sSEBlH6/MtKwBMPqe9xIzegdTgMuX/vrLMZytg758aS66JsoxThJfuHg0f2vNPVw
mHCfBzJktAVpaE2H6xvcFcyqGQl9hpL5tvY2MGjxZv6ejL7FNCRvC4zttEkO9Ea2
X31WHEqGpgZhQsBRTbZ15WvwcYEmyT9JahxMzX3bQy3MEnp1FKhsES7MD4E9gKH7
RwAKZsF4tZcE4J9rMpVvpvOIpCBm8Q2ZM0zMplKXbfDnoJUz4Wf8hRuylrP3zQrs
m8HaQah2Ullwzc1B2HwIfn8Y2fVC+0CzXQQRqINYdlzMI8KWV+Qff4BD+rirVURK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:20 2024 by rpki-client on console-ams.rpki-client.org