Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/sFKGHlALed08RVbwXk7hPeOzKJE.roa
File: sFKGHlALed08RVbwXk7hPeOzKJE.roa (raw, json)
Hash identifier: yv9x5TQ4wzT45EWHVlJpZrPLODMjMTAdV/axFGGnzj8=
Subject key identifier: B0:52:86:1E:50:0B:79:DD:3C:45:56:F0:5E:4E:E1:3D:E3:B3:28:91
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018E56E2C26559A2AC6C338E870A844C5964
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/sFKGHlALed08RVbwXk7hPeOzKJE.roa
Signing time: Tue 19 Mar 2024 13:24:45 +0000
ROA not before: Tue 19 Mar 2024 13:24:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16625
IP address blocks: 84.53.156.0/22 maxlen: 22
84.53.164.0/22 maxlen: 22
84.53.188.0/22 maxlen: 22
92.123.240.0/22 maxlen: 22
195.95.192.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 20 Mar 2024 14:57:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:56:e2:c2:65:59:a2:ac:6c:33:8e:87:0a:84:4c:59:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Mar 19 13:24:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b052861e500b79dd3c4556f05e4ee13de3b32891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:f6:d5:56:7f:7f:58:1e:6f:18:d7:b1:76:bc:
b9:52:3f:b8:69:b3:e2:1b:74:27:12:58:f5:45:04:
24:26:30:21:76:e5:59:c6:51:7d:a9:63:51:9b:6f:
f2:98:31:71:ce:b5:31:a0:27:56:42:e1:d4:02:b8:
02:f4:30:cc:35:04:ff:06:4d:27:1a:83:6a:a7:8e:
ee:20:04:f5:25:e1:15:a5:d9:45:45:ec:b8:3d:05:
a3:55:78:56:81:29:17:97:24:af:f3:b0:6c:fe:03:
a6:66:28:7c:f0:59:97:19:93:4f:ac:b2:e9:43:59:
8b:6b:18:14:57:c2:e9:b0:0e:6f:92:0e:26:ad:65:
6b:c0:3b:91:45:05:1f:ae:4a:72:19:c4:88:bc:07:
09:fe:f5:5f:55:bd:99:4d:eb:37:14:8f:7a:6e:c3:
86:59:9b:d6:e3:92:1e:44:4e:d8:c9:ee:57:0b:93:
69:eb:16:7c:a9:f5:37:14:12:b4:18:c3:3b:04:fa:
f2:4e:4f:6e:63:98:84:22:05:bf:9c:30:52:e8:59:
bb:ca:08:7c:2e:bf:d9:9d:e6:4b:8b:58:a4:3b:57:
49:de:bf:d4:c3:af:d8:db:91:d0:13:59:f7:48:3c:
d0:bd:f3:7a:7a:7b:a1:d5:44:d3:43:05:3e:ce:b6:
07:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:52:86:1E:50:0B:79:DD:3C:45:56:F0:5E:4E:E1:3D:E3:B3:28:91
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/sFKGHlALed08RVbwXk7hPeOzKJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.53.156.0/22
84.53.164.0/22
84.53.188.0/22
92.123.240.0/22
195.95.192.0/22
Signature Algorithm: sha256WithRSAEncryption
88:62:b2:1e:be:ef:d4:73:84:24:dc:05:33:fa:75:b9:0b:5b:
54:4b:91:f3:49:d2:50:96:76:a1:c7:85:93:ff:3c:80:cf:65:
89:82:14:4e:10:2f:9a:ec:ad:22:49:18:5b:56:72:22:a1:97:
24:4e:a2:bf:a1:9e:90:81:cd:e1:19:05:f8:f3:ce:f8:27:b3:
73:32:48:ea:96:01:e3:ac:26:6a:74:fc:5c:64:22:90:be:e7:
60:56:6d:d1:60:d8:f3:44:0a:2b:1e:91:4e:36:f3:dc:af:ae:
44:d8:04:41:34:50:d5:a9:9f:b8:c5:76:2b:9d:f2:aa:64:6e:
6a:ec:b2:24:69:bc:e5:14:71:f3:7e:a9:05:8a:71:b8:9b:48:
0d:8e:41:0e:be:45:b4:ea:b1:6f:ab:a5:f1:48:34:53:07:54:
ff:5a:80:ec:43:a9:19:02:84:9f:d2:f8:48:a5:66:43:84:2b:
11:d1:69:77:94:4a:f5:2c:d2:ec:34:be:0c:bc:6a:d6:0f:35:
f6:3f:57:25:b1:85:5e:16:64:46:6e:d5:2a:36:c6:e5:20:6d:
31:fb:06:9c:57:b1:25:da:9f:e1:19:d2:58:d4:11:7d:a1:1c:
a8:0c:d9:b6:42:1b:8d:b8:f1:cc:fa:e6:aa:d2:ec:3f:9e:67:
cd:85:c8:6d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY5W4sJlWaKsbDOOhwqETFlkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMzE5MTMyNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDUyODYxZTUwMGI3OWRkM2M0NTU2ZjA1ZTRlZTEzZGUzYjMyODkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PbVVn9/WB5vGNexdry5Uj+4abPi
G3QnElj1RQQkJjAhduVZxlF9qWNRm2/ymDFxzrUxoCdWQuHUArgC9DDMNQT/Bk0n
GoNqp47uIAT1JeEVpdlFRey4PQWjVXhWgSkXlySv87Bs/gOmZih88FmXGZNPrLLp
Q1mLaxgUV8LpsA5vkg4mrWVrwDuRRQUfrkpyGcSIvAcJ/vVfVb2ZTes3FI96bsOG
WZvW45IeRE7Yye5XC5Np6xZ8qfU3FBK0GMM7BPryTk9uY5iEIgW/nDBS6Fm7ygh8
Lr/ZneZLi1ikO1dJ3r/Uw6/Y25HQE1n3SDzQvfN6enuh1UTTQwU+zrYHUQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLBShh5QC3ndPEVW8F5O4T3jsyiRMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvc0ZLR0hsQUxlZDA4UlZid1hrN2hQZU96S0pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCVDWcAwQC
VDWkAwQCVDW8AwQCXHvwAwQCw1/AMA0GCSqGSIb3DQEBCwUAA4IBAQCIYrIevu/U
c4Qk3AUz+nW5C1tUS5HzSdJQlnahx4WT/zyAz2WJghROEC+a7K0iSRhbVnIioZck
TqK/oZ6Qgc3hGQX48874J7NzMkjqlgHjrCZqdPxcZCKQvudgVm3RYNjzRAorHpFO
NvPcr65E2ARBNFDVqZ+4xXYrnfKqZG5q7LIkabzlFHHzfqkFinG4m0gNjkEOvkW0
6rFvq6XxSDRTB1T/WoDsQ6kZAoSf0vhIpWZDhCsR0Wl3lEr1LNLsNL4MvGrWDzX2
P1clsYVeFmRGbtUqNsblIG0x+wacV7El2p/hGdJY1BF9oRyoDNm2QhuNuPHM+uaq
0uw/nmfNhcht
-----END CERTIFICATE-----
Generated at Wed Mar 20 19:58:05 2024 by rpki-client on console-ams.rpki-client.org