Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/3fa36d-8faf-4bdc-ad9e-013c1f01edb9/1/_wYLcF7SR7gb7I568qfO_GjT3GA.roa
File: _wYLcF7SR7gb7I568qfO_GjT3GA.roa (raw, json)
Hash identifier: 8qPIIGDDjKVLAiQi4zcOqUm/q6wDUobF1Ht8zyjk0Ng=
Subject key identifier: FF:06:0B:70:5E:D2:47:B8:1B:EC:8E:7A:F2:A7:CE:FC:68:D3:DC:60
Certificate issuer: /CN=0830bc34b8f4fcbc2bf523bbdbe9a044a2445fbe
Certificate serial: 019126BC0FC3EE03BAB4ED0F919328163B64
Authority key identifier: 08:30:BC:34:B8:F4:FC:BC:2B:F5:23:BB:DB:E9:A0:44:A2:44:5F:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CDC8NLj0_Lwr9SO72-mgRKJEX74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/3fa36d-8faf-4bdc-ad9e-013c1f01edb9/1/_wYLcF7SR7gb7I568qfO_GjT3GA.roa
Signing time: Tue 06 Aug 2024 08:09:04 +0000
ROA not before: Tue 06 Aug 2024 08:09:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 5.154.244.0/22 maxlen: 22
185.48.80.0/22 maxlen: 22
2a01:9560::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 16 Oct 2024 07:52:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:26:bc:0f:c3:ee:03:ba:b4:ed:0f:91:93:28:16:3b:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0830bc34b8f4fcbc2bf523bbdbe9a044a2445fbe
Validity
Not Before: Aug 6 08:09:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff060b705ed247b81bec8e7af2a7cefc68d3dc60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:34:05:f0:f2:bf:97:ea:b3:c6:55:f5:b5:aa:
de:79:28:82:90:d5:e8:00:69:dc:ed:42:11:3c:6e:
ad:8b:66:1e:6c:25:26:bf:2c:17:fa:94:f5:81:e9:
51:43:9c:be:0b:93:8e:87:c3:fb:d2:34:45:9d:be:
cd:c3:89:31:46:6f:82:7c:26:6f:31:ff:1d:fb:fa:
bf:f1:93:e0:53:5d:46:10:66:c2:cc:fd:60:12:e1:
67:8a:c8:ed:b2:99:8b:71:31:5a:96:67:b3:8a:0a:
d3:1d:c3:db:b8:4f:0f:fa:33:e5:cf:11:dd:92:c0:
16:01:84:dc:10:32:b6:9f:ba:e3:cd:d0:4e:d8:4d:
02:c0:68:98:bb:b0:47:c9:47:fd:cd:67:fe:8e:70:
db:c5:5b:c3:22:5b:77:cd:5f:03:05:e8:18:7b:ac:
ea:c3:95:eb:03:6a:bd:36:67:1c:98:9e:a3:47:19:
72:35:fc:f1:f4:33:ff:93:e8:6b:8a:cc:eb:12:0a:
9d:7a:89:51:00:bd:6f:34:9e:53:f4:11:b8:ee:63:
d7:7f:35:95:77:e2:6e:40:af:93:45:d3:75:c6:aa:
cf:ca:e2:d2:48:24:b2:49:82:2c:84:c5:d9:9d:fd:
d7:d5:36:6e:26:b8:5d:52:a1:b2:c6:dc:9d:54:b5:
bc:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:06:0B:70:5E:D2:47:B8:1B:EC:8E:7A:F2:A7:CE:FC:68:D3:DC:60
X509v3 Authority Key Identifier:
keyid:08:30:BC:34:B8:F4:FC:BC:2B:F5:23:BB:DB:E9:A0:44:A2:44:5F:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDC8NLj0_Lwr9SO72-mgRKJEX74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3fa36d-8faf-4bdc-ad9e-013c1f01edb9/1/_wYLcF7SR7gb7I568qfO_GjT3GA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3fa36d-8faf-4bdc-ad9e-013c1f01edb9/1/CDC8NLj0_Lwr9SO72-mgRKJEX74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.244.0/22
185.48.80.0/22
IPv6:
2a01:9560::/32
Signature Algorithm: sha256WithRSAEncryption
27:b5:17:db:e9:c8:51:2b:9e:4e:67:38:34:08:70:c1:22:13:
27:de:b8:8d:be:4e:1c:7a:a8:f5:cd:45:ed:79:10:7a:d6:01:
a2:9b:ff:e0:10:5e:5e:38:2f:83:ef:9a:38:f7:8d:85:6c:00:
1c:3e:84:19:c4:72:8f:64:9d:1c:d6:e4:2a:cd:51:f0:af:f9:
c5:42:3f:d7:6f:ea:a5:8e:cc:1e:07:ec:69:ca:5a:cd:73:da:
1b:5e:33:5d:b1:2b:c5:20:01:42:e8:50:9f:2c:86:a7:38:46:
c2:19:54:67:87:de:66:98:4e:ac:ba:aa:f3:4c:19:0c:11:fa:
7a:d6:61:40:86:a4:f5:dc:3d:c4:e9:9a:ad:4c:c1:0f:ab:4d:
7a:19:3c:0a:5c:98:0f:c0:7b:b4:88:4b:31:3e:d7:93:a7:58:
87:bd:7e:48:88:14:85:e9:95:a3:10:2d:64:c1:71:f4:bd:2e:
a3:c8:2a:b9:e6:bc:57:a7:89:da:36:8f:f6:e4:56:e4:c5:e4:
08:58:c6:f1:22:b4:d8:6f:b6:d5:7e:5a:a4:32:27:7d:ef:e9:
a9:f5:ef:b4:53:4d:f3:87:ce:d5:16:65:8e:c8:fd:ee:a2:e5:
0f:25:66:35:1e:de:b8:52:1d:4a:77:f1:61:12:10:e2:c5:49:
d9:16:dd:7d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZEmvA/D7gO6tO0PkZMoFjtkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MzBiYzM0YjhmNGZjYmMyYmY1MjNiYmRiZTlhMDQ0YTI0
NDVmYmUwHhcNMjQwODA2MDgwOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjA2MGI3MDVlZDI0N2I4MWJlYzhlN2FmMmE3Y2VmYzY4ZDNkYzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjQF8PK/l+qzxlX1tareeSiCkNXo
AGnc7UIRPG6ti2YebCUmvywX+pT1gelRQ5y+C5OOh8P70jRFnb7Nw4kxRm+CfCZv
Mf8d+/q/8ZPgU11GEGbCzP1gEuFnisjtspmLcTFalmezigrTHcPbuE8P+jPlzxHd
ksAWAYTcEDK2n7rjzdBO2E0CwGiYu7BHyUf9zWf+jnDbxVvDIlt3zV8DBegYe6zq
w5XrA2q9NmccmJ6jRxlyNfzx9DP/k+hriszrEgqdeolRAL1vNJ5T9BG47mPXfzWV
d+JuQK+TRdN1xqrPyuLSSCSySYIshMXZnf3X1TZuJrhdUqGyxtydVLW8FwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFP8GC3Be0ke4G+yOevKnzvxo09xgMB8GA1UdIwQY
MBaAFAgwvDS49Py8K/Uju9vpoESiRF++MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0RDOE5MajBfTHdyOVNPNzItbWdSS0pFWDc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8zZmEzNmQtOGZhZi00YmRjLWFkOWUt
MDEzYzFmMDFlZGI5LzEvX3dZTGNGN1NSN2diN0k1NjhxZk9fR2pUM0dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8zZmEzNmQtOGZhZi00YmRjLWFkOWUtMDEzYzFmMDFlZGI5
LzEvQ0RDOE5MajBfTHdyOVNPNzItbWdSS0pFWDc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCBZr0AwQC
uTBQMA0EAgACMAcDBQAqAZVgMA0GCSqGSIb3DQEBCwUAA4IBAQAntRfb6chRK55O
Zzg0CHDBIhMn3riNvk4ceqj1zUXteRB61gGim//gEF5eOC+D75o4942FbAAcPoQZ
xHKPZJ0c1uQqzVHwr/nFQj/Xb+qljsweB+xpylrNc9obXjNdsSvFIAFC6FCfLIan
OEbCGVRnh95mmE6suqrzTBkMEfp61mFAhqT13D3E6ZqtTMEPq016GTwKXJgPwHu0
iEsxPteTp1iHvX5IiBSF6ZWjEC1kwXH0vS6jyCq55rxXp4naNo/25FbkxeQIWMbx
IrTYb7bVflqkMid97+mp9e+0U03zh87VFmWOyP3uouUPJWY1Ht64Uh1Kd/FhEhDi
xUnZFt19
-----END CERTIFICATE-----
Generated at Wed Oct 16 10:45:14 2024 by rpki-client on console-ams.rpki-client.org