Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/4RsCvZ5frka0WSmm5s0Kc7AdNiE.roa
File: 4RsCvZ5frka0WSmm5s0Kc7AdNiE.roa (raw, json)
Hash identifier: TJgDKEhwYRL73vcoi0/eSqIW8sLP3i5454MgeOmuRYE=
Subject key identifier: E1:1B:02:BD:9E:5F:AE:46:B4:59:29:A6:E6:CD:0A:73:B0:1D:36:21
Certificate issuer: /CN=3fffcbec888c1047f221d7cf9396bf1412abaf9b
Certificate serial: 018C8674AEC6F32F6C895B6F38E78AD51069
Authority key identifier: 3F:FF:CB:EC:88:8C:10:47:F2:21:D7:CF:93:96:BF:14:12:AB:AF:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P__L7IiMEEfyIdfPk5a_FBKrr5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/4RsCvZ5frka0WSmm5s0Kc7AdNiE.roa
Signing time: Wed 20 Dec 2023 09:00:42 +0000
ROA not before: Wed 20 Dec 2023 09:00:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212602
IP address blocks: 5.180.112.0/24 maxlen: 24
5.180.113.0/24 maxlen: 24
185.194.208.0/22 maxlen: 22
5.133.114.0/24 maxlen: 24
2a10:7040::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:86:74:ae:c6:f3:2f:6c:89:5b:6f:38:e7:8a:d5:10:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fffcbec888c1047f221d7cf9396bf1412abaf9b
Validity
Not Before: Dec 20 09:00:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e11b02bd9e5fae46b45929a6e6cd0a73b01d3621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:13:85:7b:bc:4f:98:21:3f:73:76:d5:6e:a4:
8a:e6:cd:66:71:ca:03:90:dd:b9:f0:05:2a:9d:76:
00:cd:9c:59:3b:c1:9c:fa:15:f8:04:94:f7:6b:39:
05:38:76:25:53:7a:40:cb:e2:4c:8b:52:75:54:a2:
44:c9:c2:07:05:87:4e:ba:55:8c:81:c3:c7:7f:52:
cc:3e:59:d5:48:20:cc:90:98:98:2c:8c:8b:ce:48:
a3:49:80:f6:9e:cd:7d:05:70:c5:6f:4b:d9:0f:e4:
20:bb:dc:5b:9d:d9:7a:fe:0f:3a:76:0e:0f:32:29:
44:e0:8a:f0:53:ef:de:1b:ed:40:31:c0:0d:c2:31:
7c:2e:23:de:53:92:12:27:0d:4b:65:b2:79:59:58:
a6:35:63:81:a4:88:10:59:6d:49:6d:00:49:31:df:
62:42:fb:6d:79:03:11:52:88:63:17:8c:65:c2:ad:
e9:1c:c8:86:b3:22:3b:8a:02:96:63:02:c0:21:61:
18:76:e8:16:42:e2:e2:7a:ef:06:05:88:20:f9:93:
e4:ee:7a:df:4b:a5:47:57:9a:18:a7:32:4a:02:b8:
bf:08:22:5e:57:66:a7:a5:be:01:ad:e8:dc:1e:7b:
d7:71:f1:4d:aa:d0:e5:75:94:f1:7f:ec:b2:11:54:
88:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:1B:02:BD:9E:5F:AE:46:B4:59:29:A6:E6:CD:0A:73:B0:1D:36:21
X509v3 Authority Key Identifier:
keyid:3F:FF:CB:EC:88:8C:10:47:F2:21:D7:CF:93:96:BF:14:12:AB:AF:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P__L7IiMEEfyIdfPk5a_FBKrr5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/4RsCvZ5frka0WSmm5s0Kc7AdNiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/P__L7IiMEEfyIdfPk5a_FBKrr5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.114.0/24
5.180.112.0/23
185.194.208.0/22
IPv6:
2a10:7040::/29
Signature Algorithm: sha256WithRSAEncryption
49:72:63:d2:f3:73:00:f5:c0:50:46:00:cc:85:58:23:c4:3d:
44:c3:84:01:13:16:89:5b:f3:23:46:d6:cd:5f:3b:a4:4f:58:
76:10:84:42:47:33:63:13:d3:39:4d:7c:d8:6a:64:2b:f7:9d:
27:ab:e8:f9:f8:e4:4a:87:aa:b5:b9:f8:d1:b1:39:e9:9b:51:
9a:42:c8:78:c8:1f:4e:7c:85:76:dc:fa:1d:de:04:83:c0:d7:
1a:fa:64:6b:18:10:1e:3e:94:a0:48:8d:5f:db:3d:0d:9e:cc:
99:a6:83:af:03:23:47:39:3b:9a:fd:aa:28:52:dc:65:5c:99:
11:aa:cd:f6:6a:c8:01:af:08:5e:b0:34:6f:f6:ab:f3:95:01:
1f:2a:2a:65:c1:ef:f6:3e:47:85:52:fd:9e:99:96:3c:94:30:
4d:5d:84:bc:6d:2a:a7:38:03:2e:97:88:51:cf:03:b4:78:2e:
a2:fc:f5:cf:b8:98:e1:23:89:99:d3:86:b6:3a:c9:9e:4f:54:
dc:06:f0:ca:8e:c7:0a:4b:78:6b:34:83:98:58:b2:fb:9b:0b:
2c:68:e5:97:18:96:f4:65:37:d3:f5:8f:2c:22:5c:85:67:53:
29:6c:c1:2c:10:7c:04:80:02:c0:f8:1f:39:57:24:b5:2a:26:
2d:d7:ae:fe
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYyGdK7G8y9siVtvOOeK1RBpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZmZjYmVjODg4YzEwNDdmMjIxZDdjZjkzOTZiZjE0MTJh
YmFmOWIwHhcNMjMxMjIwMDkwMDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTFiMDJiZDllNWZhZTQ2YjQ1OTI5YTZlNmNkMGE3M2IwMWQzNjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxOFe7xPmCE/c3bVbqSK5s1mccoD
kN258AUqnXYAzZxZO8Gc+hX4BJT3azkFOHYlU3pAy+JMi1J1VKJEycIHBYdOulWM
gcPHf1LMPlnVSCDMkJiYLIyLzkijSYD2ns19BXDFb0vZD+Qgu9xbndl6/g86dg4P
MilE4IrwU+/eG+1AMcANwjF8LiPeU5ISJw1LZbJ5WVimNWOBpIgQWW1JbQBJMd9i
QvtteQMRUohjF4xlwq3pHMiGsyI7igKWYwLAIWEYdugWQuLieu8GBYgg+ZPk7nrf
S6VHV5oYpzJKAri/CCJeV2anpb4BrejcHnvXcfFNqtDldZTxf+yyEVSIIwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOEbAr2eX65GtFkppubNCnOwHTYhMB8GA1UdIwQY
MBaAFD//y+yIjBBH8iHXz5OWvxQSq6+bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUF9fTDdJaU1FRWZ5SWRmUGs1YV9GQktycjVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9iYmI3YjYtM2VlNS00NmQ5LWIzN2It
NjE2NjdjNzY5MWIyLzEvNFJzQ3ZaNWZya2EwV1NtbTVzMEtjN0FkTmlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9iYmI3YjYtM2VlNS00NmQ5LWIzN2ItNjE2NjdjNzY5MWIy
LzEvUF9fTDdJaU1FRWZ5SWRmUGs1YV9GQktycjVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQABYVyAwQB
BbRwAwQCucLQMA0EAgACMAcDBQMqEHBAMA0GCSqGSIb3DQEBCwUAA4IBAQBJcmPS
83MA9cBQRgDMhVgjxD1Ew4QBExaJW/MjRtbNXzukT1h2EIRCRzNjE9M5TXzYamQr
950nq+j5+ORKh6q1ufjRsTnpm1GaQsh4yB9OfIV23Pod3gSDwNca+mRrGBAePpSg
SI1f2z0NnsyZpoOvAyNHOTua/aooUtxlXJkRqs32asgBrwhesDRv9qvzlQEfKipl
we/2PkeFUv2emZY8lDBNXYS8bSqnOAMul4hRzwO0eC6i/PXPuJjhI4mZ04a2Osme
T1TcBvDKjscKS3hrNIOYWLL7mwssaOWXGJb0ZTfT9Y8sIlyFZ1MpbMEsEHwEgALA
+B85VyS1KiYt167+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:39 2024 by rpki-client on console-ams.rpki-client.org