Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/1S9bSc8RfWOZneiz7LeiKAAxNvE.roa
File: 1S9bSc8RfWOZneiz7LeiKAAxNvE.roa (raw, json)
Hash identifier: 9FK19wMnrZukEWslKOx/X8xlC9MGLXQydIavkZFTMQ0=
Subject key identifier: D5:2F:5B:49:CF:11:7D:63:99:9D:E8:B3:EC:B7:A2:28:00:31:36:F1
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 01881F67953C5AFBE1D3F866E433DCDF9E2E
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/1S9bSc8RfWOZneiz7LeiKAAxNvE.roa
Signing time: Mon 15 May 2023 12:34:22 +0000
ROA not before: Mon 15 May 2023 12:34:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58345
IP address blocks: 5.134.32.0/20 maxlen: 20
193.108.230.0/23 maxlen: 23
185.103.148.0/22 maxlen: 22
185.102.204.0/22 maxlen: 22
193.108.206.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1f:67:95:3c:5a:fb:e1:d3:f8:66:e4:33:dc:df:9e:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: May 15 12:34:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d52f5b49cf117d63999de8b3ecb7a228003136f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d2:eb:47:8c:ab:59:21:3f:c2:0e:1d:45:d2:
db:0b:b9:97:a3:e3:59:3b:fd:f0:c1:02:c8:88:89:
55:85:4b:98:8d:4f:ff:70:7e:d6:f5:4d:91:b2:12:
34:d3:dc:98:5d:33:7d:88:47:8c:30:d5:40:1f:36:
00:fa:cc:d7:83:49:7d:93:4a:f3:10:49:b5:44:66:
8f:ba:67:38:5a:83:b1:fc:ec:90:f3:5b:c8:d2:51:
24:eb:0c:01:ef:09:74:f6:be:f2:1a:be:55:03:10:
41:b6:b3:bb:43:a9:e5:58:4c:c3:a7:aa:72:de:aa:
8c:36:f5:0d:a9:ee:06:c4:1b:bf:91:93:50:da:e7:
dc:7e:18:03:ee:f9:fc:1f:1a:ab:d1:50:ad:a8:ce:
7e:21:ed:67:3f:4a:a8:cd:c4:41:a9:8d:9d:e0:2b:
dd:25:b3:ca:f4:db:f1:8b:af:05:4a:30:6d:43:f3:
a7:8c:24:22:c0:c9:92:f0:73:16:5b:11:81:05:e5:
f4:72:5e:49:70:dd:26:3d:76:91:91:11:db:48:dc:
76:22:ea:01:76:72:7a:2d:37:9f:44:eb:1d:86:dd:
30:eb:a8:a6:dd:bd:36:66:94:bf:f7:49:c8:7a:97:
60:cb:cf:76:1e:16:0c:c9:ad:03:9a:7a:e8:d7:23:
3e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:2F:5B:49:CF:11:7D:63:99:9D:E8:B3:EC:B7:A2:28:00:31:36:F1
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/1S9bSc8RfWOZneiz7LeiKAAxNvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.32.0/20
185.102.204.0/22
185.103.148.0/22
193.108.206.0/23
193.108.230.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:bc:6a:0f:ea:88:82:58:e5:0c:82:b1:f7:7c:14:18:c1:d3:
b2:f9:90:f5:b7:43:6a:5e:59:bf:e3:e8:c5:91:e1:4e:d3:eb:
88:62:62:b9:4d:80:f4:b7:15:cb:0a:b0:b7:31:68:f8:e4:5a:
af:0f:e4:12:91:0a:ee:d6:3a:16:06:26:92:31:78:15:b5:fd:
82:39:d5:e1:ff:ce:07:8d:02:16:fc:1b:82:89:25:e3:a7:03:
66:1c:67:8a:43:af:88:82:b6:ec:34:86:85:dc:ae:40:45:de:
ae:aa:42:ab:b2:47:84:be:50:b7:b8:a7:a1:14:49:82:77:34:
ad:a9:f3:48:97:e6:43:08:3c:8d:b6:82:77:ef:66:9d:30:33:
1c:e1:58:56:65:f1:23:ad:08:9f:4c:7a:e1:29:eb:61:be:a0:
59:44:30:8b:c8:78:33:e0:fc:7d:b0:22:85:d3:78:cf:c8:f8:
4b:0d:97:f7:f2:4f:57:6d:5c:4b:41:12:8a:e7:d6:43:ce:d9:
f7:b8:06:0e:4c:d9:3d:47:02:d7:98:e0:5b:0b:93:f4:d7:63:
61:1f:fe:95:f9:8d:42:f1:54:2f:f9:e8:dd:80:a3:f0:72:98:
89:51:13:a2:ab:c4:2c:4e:e7:0e:3a:92:b4:f1:0f:8f:ba:e3:
0f:58:44:0d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYgfZ5U8Wvvh0/hm5DPc354uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjMwNTE1MTIzNDIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTJmNWI0OWNmMTE3ZDYzOTk5ZGU4YjNlY2I3YTIyODAwMzEzNmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNLrR4yrWSE/wg4dRdLbC7mXo+NZ
O/3wwQLIiIlVhUuYjU//cH7W9U2RshI009yYXTN9iEeMMNVAHzYA+szXg0l9k0rz
EEm1RGaPumc4WoOx/OyQ81vI0lEk6wwB7wl09r7yGr5VAxBBtrO7Q6nlWEzDp6py
3qqMNvUNqe4GxBu/kZNQ2ufcfhgD7vn8Hxqr0VCtqM5+Ie1nP0qozcRBqY2d4Cvd
JbPK9Nvxi68FSjBtQ/OnjCQiwMmS8HMWWxGBBeX0cl5JcN0mPXaRkRHbSNx2IuoB
dnJ6LTefROsdht0w66im3b02ZpS/90nIepdgy892HhYMya0Dmnro1yM+iwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNUvW0nPEX1jmZ3os+y3oigAMTbxMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvMVM5YlNjOFJmV09abmVpejdMZWlLQUF4TnZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEBYYgAwQC
uWbMAwQCuWeUAwQBwWzOAwQBwWzmMA0GCSqGSIb3DQEBCwUAA4IBAQA9vGoP6oiC
WOUMgrH3fBQYwdOy+ZD1t0NqXlm/4+jFkeFO0+uIYmK5TYD0txXLCrC3MWj45Fqv
D+QSkQru1joWBiaSMXgVtf2COdXh/84HjQIW/BuCiSXjpwNmHGeKQ6+IgrbsNIaF
3K5ARd6uqkKrskeEvlC3uKehFEmCdzStqfNIl+ZDCDyNtoJ372adMDMc4VhWZfEj
rQifTHrhKethvqBZRDCLyHgz4Px9sCKF03jPyPhLDZf38k9XbVxLQRKK59ZDztn3
uAYOTNk9RwLXmOBbC5P012NhH/6V+Y1C8VQv+ejdgKPwcpiJUROiq8QsTucOOpK0
8Q+PuuMPWEQN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:18 2024 by rpki-client on console-fra.rpki-client.org