Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/1FHNQkkUYQnMJUrIXdadUTF00Bg.roa
File: 1FHNQkkUYQnMJUrIXdadUTF00Bg.roa (raw, json)
Hash identifier: eZdrC+EPYpJ/J5rQ7CggZcFo9g9owNft7XXVwm7czCU=
Subject key identifier: D4:51:CD:42:49:14:61:09:CC:25:4A:C8:5D:D6:9D:51:31:74:D0:18
Certificate issuer: /CN=e4c86da3f483246518d368034bc86113906a55a3
Certificate serial: 01857295B8F68E577D79CACF518B7CEB6284
Authority key identifier: E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/1FHNQkkUYQnMJUrIXdadUTF00Bg.roa
Signing time: Mon 02 Jan 2023 13:04:52 +0000
ROA not before: Mon 02 Jan 2023 13:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29512
IP address blocks: 195.140.236.0/22 maxlen: 24
94.231.224.0/20 maxlen: 24
185.10.120.0/22 maxlen: 22
79.110.0.0/20 maxlen: 24
5.39.192.0/21 maxlen: 21
2a00:fbc0::/32 maxlen: 48
Validation: Failed, certificate revoked on Sat 01 Apr 2023 07:08:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:b8:f6:8e:57:7d:79:ca:cf:51:8b:7c:eb:62:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4c86da3f483246518d368034bc86113906a55a3
Validity
Not Before: Jan 2 13:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d451cd4249146109cc254ac85dd69d513174d018
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:42:ff:29:ba:bd:a3:85:eb:ce:b9:f5:e9:84:
df:62:5e:9d:17:f6:08:9a:c2:ce:e4:3c:e0:ba:fb:
fc:7b:53:79:ce:3a:03:25:2b:57:31:fb:59:4a:30:
2c:88:28:4f:0d:c4:c2:79:b1:27:55:64:02:b7:cb:
33:8d:79:70:a3:3c:37:48:c7:ec:c0:c5:dd:57:b8:
c2:67:e2:c6:0a:26:14:36:c2:06:3a:b3:bd:c6:af:
ec:00:13:80:1d:ff:c1:79:8c:bc:bf:a6:85:17:93:
22:b0:b5:07:a1:54:90:91:5d:88:cb:54:e6:07:53:
df:43:4f:03:bb:3c:14:e7:45:d8:2d:b3:7f:ce:ff:
5f:20:d8:ef:99:3b:ed:73:45:a6:13:2a:71:3e:cc:
89:32:5f:65:b1:9c:9f:fe:ba:5e:c1:a6:f5:76:ed:
f0:a4:bc:0e:96:ee:99:92:41:50:4d:a5:e3:7b:3d:
f6:12:2a:4c:bb:1c:4d:cb:6b:1a:9a:90:f7:29:c0:
59:c9:61:55:b6:0d:25:e4:51:0b:ae:0b:23:60:05:
af:61:99:96:d2:47:43:85:b0:09:48:df:2b:2f:35:
77:49:da:f6:af:5a:e2:51:db:90:3a:f8:6a:21:3e:
41:0e:2d:48:3a:c2:34:0d:39:04:16:9c:e5:74:e8:
57:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:51:CD:42:49:14:61:09:CC:25:4A:C8:5D:D6:9D:51:31:74:D0:18
X509v3 Authority Key Identifier:
keyid:E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/1FHNQkkUYQnMJUrIXdadUTF00Bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/5Mhto_SDJGUY02gDS8hhE5BqVaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.192.0/21
79.110.0.0/20
94.231.224.0/20
185.10.120.0/22
195.140.236.0/22
IPv6:
2a00:fbc0::/32
Signature Algorithm: sha256WithRSAEncryption
64:4a:a3:84:b4:4a:d6:62:12:a3:89:b7:67:2b:86:09:ab:1b:
40:b8:43:88:30:2a:94:1f:26:89:6c:60:23:1a:bc:94:72:ac:
52:70:e8:85:4d:89:bc:ee:a7:4d:2e:fb:0f:8d:30:a1:70:d2:
6d:56:47:5f:d3:a0:be:cc:93:90:4c:ac:7f:81:d4:dd:24:a4:
50:3f:96:4d:67:07:32:ff:99:0f:95:5b:8e:07:83:fc:42:a4:
dd:7b:03:a1:8d:97:84:28:2a:19:9f:83:60:80:88:55:0e:5e:
00:1a:b0:58:93:a2:f7:c7:1f:e0:fe:4a:c2:ad:8f:d0:40:c1:
ed:6b:3b:27:12:ad:d4:da:a8:b7:a4:33:22:42:d1:9b:3d:d3:
f5:c3:5b:05:d2:82:9e:2a:7e:2b:34:4f:11:f0:42:31:9b:72:
66:2e:78:62:df:10:d9:27:c6:79:da:b1:ae:62:99:d6:de:be:
63:01:e7:ee:4d:40:4d:70:eb:aa:02:fb:87:26:f3:cf:e4:eb:
e6:c2:a0:4c:5c:a4:e3:88:c1:a1:d5:09:8c:29:70:1d:fb:ad:
17:8f:24:57:f7:2c:22:4a:02:ca:3c:78:22:54:af:b4:1b:94:
7f:0f:72:a0:e0:e5:37:82:e2:1d:00:e9:30:03:69:1f:95:ec:
a7:09:68:da
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVylbj2jld9ecrPUYt862KEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0Yzg2ZGEzZjQ4MzI0NjUxOGQzNjgwMzRiYzg2MTEzOTA2
YTU1YTMwHhcNMjMwMTAyMTMwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDUxY2Q0MjQ5MTQ2MTA5Y2MyNTRhYzg1ZGQ2OWQ1MTMxNzRkMDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0L/Kbq9o4Xrzrn16YTfYl6dF/YI
msLO5Dzguvv8e1N5zjoDJStXMftZSjAsiChPDcTCebEnVWQCt8szjXlwozw3SMfs
wMXdV7jCZ+LGCiYUNsIGOrO9xq/sABOAHf/BeYy8v6aFF5MisLUHoVSQkV2Iy1Tm
B1PfQ08DuzwU50XYLbN/zv9fINjvmTvtc0WmEypxPsyJMl9lsZyf/rpewab1du3w
pLwOlu6ZkkFQTaXjez32EipMuxxNy2sampD3KcBZyWFVtg0l5FELrgsjYAWvYZmW
0kdDhbAJSN8rLzV3Sdr2r1riUduQOvhqIT5BDi1IOsI0DTkEFpzldOhX0wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNRRzUJJFGEJzCVKyF3WnVExdNAYMB8GA1UdIwQY
MBaAFOTIbaP0gyRlGNNoA0vIYROQalWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTct
YzUxMWEzZTkxMmI2LzEvMUZITlFra1VZUW5NSlVySVhkYWRVVEYwMEJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTctYzUxMWEzZTkxMmI2
LzEvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBSfAAwQE
T24AAwQEXufgAwQCuQp4AwQCw4zsMA0EAgACMAcDBQAqAPvAMA0GCSqGSIb3DQEB
CwUAA4IBAQBkSqOEtErWYhKjibdnK4YJqxtAuEOIMCqUHyaJbGAjGryUcqxScOiF
TYm87qdNLvsPjTChcNJtVkdf06C+zJOQTKx/gdTdJKRQP5ZNZwcy/5kPlVuOB4P8
QqTdewOhjZeEKCoZn4NggIhVDl4AGrBYk6L3xx/g/krCrY/QQMHtazsnEq3U2qi3
pDMiQtGbPdP1w1sF0oKeKn4rNE8R8EIxm3JmLnhi3xDZJ8Z52rGuYpnW3r5jAefu
TUBNcOuqAvuHJvPP5OvmwqBMXKTjiMGh1QmMKXAd+60XjyRX9ywiSgLKPHgiVK+0
G5R/D3Kg4OU3guIdAOkwA2kfleynCWja
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:04 2024 by rpki-client on console-ams.rpki-client.org