Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/179bd8-fc68-4f76-86ff-68f316607376/1/3lKWR4LG5D31XW1NNfOK8w2hurM.roa
File: 3lKWR4LG5D31XW1NNfOK8w2hurM.roa (raw, json)
Hash identifier: oA5ggqWQ457/0TIcY0Zar5tQ+8bHjOJHZ4w8wGACfb4=
Subject key identifier: DE:52:96:47:82:C6:E4:3D:F5:5D:6D:4D:35:F3:8A:F3:0D:A1:BA:B3
Certificate issuer: /CN=5a3b1dddab33e45506ad977040924720417d5688
Certificate serial: 018CC79435E699F222516776D01A7A39F604
Authority key identifier: 5A:3B:1D:DD:AB:33:E4:55:06:AD:97:70:40:92:47:20:41:7D:56:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wjsd3asz5FUGrZdwQJJHIEF9Vog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/179bd8-fc68-4f76-86ff-68f316607376/1/3lKWR4LG5D31XW1NNfOK8w2hurM.roa
Signing time: Tue 02 Jan 2024 00:30:28 +0000
ROA not before: Tue 02 Jan 2024 00:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200915
IP address blocks: 185.91.152.0/22 maxlen: 23
2a05:eb40::/29 maxlen: 30
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:35:e6:99:f2:22:51:67:76:d0:1a:7a:39:f6:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a3b1dddab33e45506ad977040924720417d5688
Validity
Not Before: Jan 2 00:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de52964782c6e43df55d6d4d35f38af30da1bab3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1f:96:f2:33:c4:64:64:ea:a6:42:43:7e:ae:
a4:05:cd:dd:90:9a:1d:e4:db:44:5a:82:d4:b5:79:
bb:b6:b3:53:cc:e9:81:e3:01:b8:ef:b2:ec:4b:65:
60:a3:d7:00:b8:05:80:4c:87:bb:37:17:03:9f:18:
5c:8b:80:89:75:88:f6:02:35:7c:f9:31:f7:ff:55:
ee:12:4b:fd:89:61:c5:c0:06:e3:7f:5a:d3:11:1f:
23:17:32:b6:47:bf:25:4a:71:4c:df:3b:c2:87:c5:
2f:05:c0:0e:6c:c0:b6:b7:08:4c:7b:a3:fb:a0:12:
66:6e:7f:cc:af:7a:d1:49:87:f8:7e:a5:06:46:11:
27:31:70:f5:3f:9f:c3:e5:2b:d9:b7:6b:2d:aa:19:
a7:2e:24:b9:66:e8:22:a2:84:07:7e:a0:e8:dd:3a:
c2:ac:01:46:a6:d6:e8:ed:2f:6d:29:ba:80:b7:0e:
24:7d:0c:50:7b:31:55:9d:fd:c8:aa:94:a6:83:11:
83:ec:fd:8a:3a:a8:59:cc:f7:a3:51:94:87:bb:8b:
d2:cd:05:28:cc:54:24:3b:8b:18:28:56:7d:b2:b3:
6e:09:fb:94:0a:a7:c1:ad:96:7a:2a:7e:97:8a:05:
ba:97:36:91:91:a1:50:27:27:ff:96:8c:cb:54:a2:
5a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:52:96:47:82:C6:E4:3D:F5:5D:6D:4D:35:F3:8A:F3:0D:A1:BA:B3
X509v3 Authority Key Identifier:
keyid:5A:3B:1D:DD:AB:33:E4:55:06:AD:97:70:40:92:47:20:41:7D:56:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wjsd3asz5FUGrZdwQJJHIEF9Vog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/179bd8-fc68-4f76-86ff-68f316607376/1/3lKWR4LG5D31XW1NNfOK8w2hurM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/179bd8-fc68-4f76-86ff-68f316607376/1/Wjsd3asz5FUGrZdwQJJHIEF9Vog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.152.0/22
IPv6:
2a05:eb40::/29
Signature Algorithm: sha256WithRSAEncryption
4b:56:db:cb:06:35:36:a0:03:68:62:6b:d5:6c:09:6c:b3:f0:
18:82:94:67:45:cd:39:a8:0f:6e:4e:0c:a2:83:d1:9e:e9:e6:
69:a7:54:55:3a:77:9b:44:6c:20:61:1d:07:32:3f:f3:c5:80:
2f:6f:e6:b6:39:db:17:03:fd:35:9d:cf:74:5a:f6:8f:eb:9f:
2e:f1:83:bc:3a:88:b9:cc:5b:3e:f0:6a:ca:29:b4:12:a2:22:
26:c8:33:e0:c2:2d:51:c1:b6:f0:5d:af:44:fd:87:f5:2a:f0:
28:81:1e:e2:ee:c0:da:55:f5:69:d5:3a:7f:db:94:c8:8a:6d:
a5:93:46:98:7b:d0:95:e2:cd:d2:06:4b:62:d3:b1:66:fe:3c:
ac:d1:c1:d2:9c:36:82:5d:73:b0:9e:b0:c3:6c:0a:bd:d5:b4:
38:fb:fd:f5:de:6f:4b:45:f5:79:b1:66:e8:b4:17:61:92:fa:
fd:89:93:5d:95:72:91:b7:b5:1f:9f:68:af:2d:66:4d:67:98:
b2:50:4a:b3:46:f8:51:47:02:fd:45:50:93:14:ec:34:cc:62:
7f:3a:56:dc:63:39:82:99:e2:63:e0:bc:fa:8c:18:f4:02:8f:
b0:e0:b4:80:6c:a1:5f:11:db:70:3f:b0:54:f8:06:02:f2:dc:
bd:6e:ed:71
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlDXmmfIiUWd20Bp6OfYEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhM2IxZGRkYWIzM2U0NTUwNmFkOTc3MDQwOTI0NzIwNDE3
ZDU2ODgwHhcNMjQwMTAyMDAzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTUyOTY0NzgyYzZlNDNkZjU1ZDZkNGQzNWYzOGFmMzBkYTFiYWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh+W8jPEZGTqpkJDfq6kBc3dkJod
5NtEWoLUtXm7trNTzOmB4wG477LsS2Vgo9cAuAWATIe7NxcDnxhci4CJdYj2AjV8
+TH3/1XuEkv9iWHFwAbjf1rTER8jFzK2R78lSnFM3zvCh8UvBcAObMC2twhMe6P7
oBJmbn/Mr3rRSYf4fqUGRhEnMXD1P5/D5SvZt2stqhmnLiS5ZugiooQHfqDo3TrC
rAFGptbo7S9tKbqAtw4kfQxQezFVnf3IqpSmgxGD7P2KOqhZzPejUZSHu4vSzQUo
zFQkO4sYKFZ9srNuCfuUCqfBrZZ6Kn6XigW6lzaRkaFQJyf/lozLVKJaywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN5SlkeCxuQ99V1tTTXzivMNobqzMB8GA1UdIwQY
MBaAFFo7Hd2rM+RVBq2XcECSRyBBfVaIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2pzZDNhc3o1RlVHclpkd1FKSkhJRUY5Vm9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8xNzliZDgtZmM2OC00Zjc2LTg2ZmYt
NjhmMzE2NjA3Mzc2LzEvM2xLV1I0TEc1RDMxWFcxTk5mT0s4dzJodXJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8xNzliZDgtZmM2OC00Zjc2LTg2ZmYtNjhmMzE2NjA3Mzc2
LzEvV2pzZDNhc3o1RlVHclpkd1FKSkhJRUY5Vm9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVuYMA0E
AgACMAcDBQMqBetAMA0GCSqGSIb3DQEBCwUAA4IBAQBLVtvLBjU2oANoYmvVbAls
s/AYgpRnRc05qA9uTgyig9Ge6eZpp1RVOnebRGwgYR0HMj/zxYAvb+a2OdsXA/01
nc90WvaP658u8YO8Ooi5zFs+8GrKKbQSoiImyDPgwi1RwbbwXa9E/Yf1KvAogR7i
7sDaVfVp1Tp/25TIim2lk0aYe9CV4s3SBkti07Fm/jys0cHSnDaCXXOwnrDDbAq9
1bQ4+/313m9LRfV5sWbotBdhkvr9iZNdlXKRt7Ufn2ivLWZNZ5iyUEqzRvhRRwL9
RVCTFOw0zGJ/OlbcYzmCmeJj4Lz6jBj0Ao+w4LSAbKFfEdtwP7BU+AYC8ty9bu1x
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:12:04 2025 by rpki-client