Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/DIdqSJ48f2Mb5lJeYCvo9aO4fq8.roa
File: DIdqSJ48f2Mb5lJeYCvo9aO4fq8.roa (raw, json)
Hash identifier: VR79WSSU2pfCu7CbMclLRXTSlOoRn/Ifp4H4sPU0apA=
Subject key identifier: 0C:87:6A:48:9E:3C:7F:63:1B:E6:52:5E:60:2B:E8:F5:A3:B8:7E:AF
Certificate issuer: /CN=e4c86da3f483246518d368034bc86113906a55a3
Certificate serial: 018CC56EA9634B011E853092293C7B4F3F7D
Authority key identifier: E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/DIdqSJ48f2Mb5lJeYCvo9aO4fq8.roa
Signing time: Mon 01 Jan 2024 14:30:13 +0000
ROA not before: Mon 01 Jan 2024 14:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29512
IP address blocks: 195.140.236.0/22 maxlen: 24
94.231.224.0/20 maxlen: 24
185.10.120.0/22 maxlen: 22
79.110.0.0/20 maxlen: 24
5.39.192.0/21 maxlen: 21
2a00:fbc0::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 07 Oct 2024 09:23:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:a9:63:4b:01:1e:85:30:92:29:3c:7b:4f:3f:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4c86da3f483246518d368034bc86113906a55a3
Validity
Not Before: Jan 1 14:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c876a489e3c7f631be6525e602be8f5a3b87eaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:39:77:19:18:7a:b5:25:9b:55:e6:2d:af:93:
3c:3f:c6:d0:58:f6:59:c5:fc:c4:a4:0d:a1:61:c5:
60:f9:bd:c1:f8:81:42:e8:4b:60:ea:d5:91:f6:df:
19:40:5d:d4:06:90:c4:9c:f4:ee:08:f2:cd:0c:42:
b3:47:f7:1b:df:bf:fa:70:c7:65:dd:75:7d:75:fd:
24:3a:dd:b7:58:4b:f5:c2:ee:ca:ac:11:70:99:4a:
d4:66:02:bf:79:26:7e:cb:3e:06:ee:b9:8b:fd:9b:
c7:24:74:de:61:e8:92:4b:2d:bb:88:1d:84:72:9c:
e6:5e:cb:4d:f8:3e:cc:72:a3:44:02:c4:1d:e4:82:
4a:26:f2:9b:28:16:2d:6f:96:fc:fb:3c:46:9f:49:
70:a5:dc:7d:b1:a8:cf:75:9e:12:00:4f:2e:49:bc:
0e:a8:e4:bd:05:c2:d8:dc:b5:d8:a2:ba:ec:fa:8c:
32:4b:4a:64:98:f1:02:ee:4d:18:3b:b8:6e:c2:34:
29:d6:d7:cd:db:51:ac:c1:b7:a0:c0:f0:2c:03:59:
54:96:7c:04:8e:25:d9:8f:37:42:b1:ad:0d:5d:27:
e6:5d:d0:87:05:07:94:d9:e7:16:68:c3:b6:c9:b4:
60:4f:ca:62:37:15:70:1b:c3:13:95:e0:99:96:92:
a4:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:87:6A:48:9E:3C:7F:63:1B:E6:52:5E:60:2B:E8:F5:A3:B8:7E:AF
X509v3 Authority Key Identifier:
keyid:E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/DIdqSJ48f2Mb5lJeYCvo9aO4fq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/5Mhto_SDJGUY02gDS8hhE5BqVaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.192.0/21
79.110.0.0/20
94.231.224.0/20
185.10.120.0/22
195.140.236.0/22
IPv6:
2a00:fbc0::/29
Signature Algorithm: sha256WithRSAEncryption
b8:12:31:9d:92:da:52:5b:d4:4a:78:a4:1f:d2:8a:ba:43:5e:
ca:f4:68:6f:f4:25:d2:6a:e0:b8:d1:8a:54:5c:31:2d:0e:ac:
22:81:5e:53:f0:db:c0:09:bc:fd:23:51:0b:04:3e:ad:c3:93:
15:e4:b0:16:fa:13:94:4a:ea:c0:c1:ef:bc:91:a0:d5:45:ad:
d0:27:ea:1c:7b:79:2f:7d:ab:22:e1:b7:9d:44:d6:59:59:88:
c0:c9:b4:e3:16:9e:3c:5a:e1:af:18:e1:60:11:42:68:6c:f2:
6d:4d:40:7f:5d:f4:01:89:4c:bc:f2:2d:95:7d:ec:97:70:51:
6e:61:a7:09:4d:c1:4b:63:1e:3e:e1:25:14:29:36:89:40:2d:
87:52:02:02:7a:10:c2:d6:f5:fc:50:73:94:4c:48:01:0f:b5:
d0:02:ac:b4:a1:09:fe:c4:6c:7e:cc:87:07:0e:be:56:a4:9f:
80:2a:86:8e:84:c3:e2:15:2e:86:dc:2e:99:4e:da:ae:b0:d6:
18:99:6a:c8:d7:35:98:0a:10:c9:64:29:f7:31:ff:79:c7:e5:
36:5d:57:ac:27:a3:80:bc:33:c3:bc:ef:64:8c:fe:e4:41:5b:
dc:35:1d:f1:90:89:b9:07:68:d2:70:25:9d:9c:3b:1b:59:4e:
9f:bb:06:ff
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzFbqljSwEehTCSKTx7Tz99MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0Yzg2ZGEzZjQ4MzI0NjUxOGQzNjgwMzRiYzg2MTEzOTA2
YTU1YTMwHhcNMjQwMTAxMTQzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzg3NmE0ODllM2M3ZjYzMWJlNjUyNWU2MDJiZThmNWEzYjg3ZWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzl3GRh6tSWbVeYtr5M8P8bQWPZZ
xfzEpA2hYcVg+b3B+IFC6Etg6tWR9t8ZQF3UBpDEnPTuCPLNDEKzR/cb37/6cMdl
3XV9df0kOt23WEv1wu7KrBFwmUrUZgK/eSZ+yz4G7rmL/ZvHJHTeYeiSSy27iB2E
cpzmXstN+D7McqNEAsQd5IJKJvKbKBYtb5b8+zxGn0lwpdx9sajPdZ4SAE8uSbwO
qOS9BcLY3LXYorrs+owyS0pkmPEC7k0YO7huwjQp1tfN21GswbegwPAsA1lUlnwE
jiXZjzdCsa0NXSfmXdCHBQeU2ecWaMO2ybRgT8piNxVwG8MTleCZlpKkywIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFAyHakiePH9jG+ZSXmAr6PWjuH6vMB8GA1UdIwQY
MBaAFOTIbaP0gyRlGNNoA0vIYROQalWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTct
YzUxMWEzZTkxMmI2LzEvRElkcVNKNDhmMk1iNWxKZVlDdm85YU80ZnE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTctYzUxMWEzZTkxMmI2
LzEvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBSfAAwQE
T24AAwQEXufgAwQCuQp4AwQCw4zsMA0EAgACMAcDBQMqAPvAMA0GCSqGSIb3DQEB
CwUAA4IBAQC4EjGdktpSW9RKeKQf0oq6Q17K9Ghv9CXSauC40YpUXDEtDqwigV5T
8NvACbz9I1ELBD6tw5MV5LAW+hOUSurAwe+8kaDVRa3QJ+oce3kvfasi4bedRNZZ
WYjAybTjFp48WuGvGOFgEUJobPJtTUB/XfQBiUy88i2VfeyXcFFuYacJTcFLYx4+
4SUUKTaJQC2HUgICehDC1vX8UHOUTEgBD7XQAqy0oQn+xGx+zIcHDr5WpJ+AKoaO
hMPiFS6G3C6ZTtqusNYYmWrI1zWYChDJZCn3Mf95x+U2XVesJ6OAvDPDvO9kjP7k
QVvcNR3xkIm5B2jScCWdnDsbWU6fuwb/
-----END CERTIFICATE-----
Generated at Mon Oct 7 13:25:52 2024 by rpki-client on console-fra.rpki-client.org