Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/SAd1LgdGwh_FIfsHJOouD3G4t4w.roa
File: SAd1LgdGwh_FIfsHJOouD3G4t4w.roa (raw, json)
Hash identifier: qkc/SUqFg+cp1+3nMJdaUc+oxNRiKRK0/2yZMW/OMLQ=
Subject key identifier: 48:07:75:2E:07:46:C2:1F:C5:21:FB:07:24:EA:2E:0F:71:B8:B7:8C
Certificate issuer: /CN=e4c86da3f483246518d368034bc86113906a55a3
Certificate serial: 01927112AD0A44A3A738F9E6B08DC7D5D0F3
Authority key identifier: E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/SAd1LgdGwh_FIfsHJOouD3G4t4w.roa
Signing time: Wed 09 Oct 2024 11:38:22 +0000
ROA not before: Wed 09 Oct 2024 11:38:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29512
IP address blocks: 5.39.192.0/21 maxlen: 21
79.110.0.0/20 maxlen: 24
94.231.224.0/20 maxlen: 24
195.140.236.0/22 maxlen: 24
2a00:fbc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 11 Oct 2024 08:52:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:71:12:ad:0a:44:a3:a7:38:f9:e6:b0:8d:c7:d5:d0:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4c86da3f483246518d368034bc86113906a55a3
Validity
Not Before: Oct 9 11:38:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4807752e0746c21fc521fb0724ea2e0f71b8b78c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:bb:58:a6:37:83:c4:b6:fa:21:b9:45:48:1c:
27:7a:76:f8:d4:62:53:2c:1f:ac:70:bf:83:d8:dc:
ed:ac:da:da:d9:4f:0a:16:19:30:b5:05:cf:6f:51:
ba:3a:95:10:a7:43:32:83:7a:29:72:07:c3:48:2f:
69:45:f0:06:6d:dc:29:d7:c1:98:5f:54:47:e8:cd:
9b:2e:e1:fb:c5:af:9f:51:57:56:98:d9:df:75:4c:
c8:a8:5f:65:e7:82:67:79:0d:1c:7e:21:3c:bf:a2:
bb:7f:fd:80:0f:aa:a9:b3:c4:ad:4e:87:ad:2f:d5:
0b:fc:63:38:22:fe:91:87:7f:d6:92:b4:0c:e1:5f:
ac:45:59:32:2a:a1:83:44:b4:5e:b3:2c:f8:4b:8c:
9b:a9:cb:3e:a4:63:21:1d:0e:f6:7a:8d:9c:22:4e:
a4:fb:29:5b:af:a2:e5:58:08:df:a8:28:f9:63:52:
78:aa:a3:3c:95:5c:8f:ac:fb:41:00:b0:78:21:bc:
1a:d1:af:cd:1c:1d:bc:26:1b:e8:ce:f0:0e:a6:e4:
f4:40:02:c4:e0:c9:fe:76:88:54:dd:34:a3:d9:33:
26:3b:18:57:34:0d:78:9d:ef:fc:4f:cd:98:39:c6:
c4:93:3c:3f:9c:55:9f:ef:4c:cb:52:57:59:d4:5d:
4d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:07:75:2E:07:46:C2:1F:C5:21:FB:07:24:EA:2E:0F:71:B8:B7:8C
X509v3 Authority Key Identifier:
keyid:E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/SAd1LgdGwh_FIfsHJOouD3G4t4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/5Mhto_SDJGUY02gDS8hhE5BqVaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.192.0/21
79.110.0.0/20
94.231.224.0/20
195.140.236.0/22
IPv6:
2a00:fbc0::/29
Signature Algorithm: sha256WithRSAEncryption
c5:db:a2:1e:94:f0:30:5e:f7:7b:67:4f:38:b5:5f:24:db:d2:
cb:58:4e:b0:c5:09:0f:88:8c:69:46:16:4c:49:f9:03:78:b1:
c4:61:07:2d:22:9e:77:ce:b9:2d:fd:dc:08:78:12:e0:55:58:
9f:76:78:75:c0:f0:aa:a1:64:55:1b:87:74:5b:93:8f:ce:23:
60:bd:9b:9c:1b:52:64:b6:b5:c7:d4:e8:b9:16:51:aa:95:a3:
d8:5e:4e:b5:f7:43:61:d7:94:42:ed:14:b3:73:7c:55:c5:6c:
bc:df:a7:0a:c6:f4:e4:30:70:37:5d:99:20:d1:63:ca:62:c5:
1f:04:10:b2:78:56:a4:0d:ed:fe:36:65:a6:b0:6c:68:36:c5:
39:68:ac:f9:3a:a0:45:c6:d4:fe:bf:de:a8:c0:d0:26:7d:4a:
97:cc:f8:61:a3:c7:31:71:e6:1a:4a:79:4e:c4:aa:34:63:e7:
ec:8f:14:f4:64:40:52:fa:e1:99:2a:b3:4b:a1:1b:5b:c1:ea:
02:cd:18:01:39:3e:73:de:34:20:4a:69:6f:ea:4c:00:06:f3:
8a:64:eb:31:63:34:f9:23:23:94:a5:7c:16:fe:1a:29:0e:49:
17:3b:32:a0:cd:53:3f:4a:79:c8:04:03:e3:68:73:03:ba:13:
cd:96:48:5e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZJxEq0KRKOnOPnmsI3H1dDzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0Yzg2ZGEzZjQ4MzI0NjUxOGQzNjgwMzRiYzg2MTEzOTA2
YTU1YTMwHhcNMjQxMDA5MTEzODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODA3NzUyZTA3NDZjMjFmYzUyMWZiMDcyNGVhMmUwZjcxYjhiNzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbtYpjeDxLb6IblFSBwnenb41GJT
LB+scL+D2NztrNra2U8KFhkwtQXPb1G6OpUQp0Myg3opcgfDSC9pRfAGbdwp18GY
X1RH6M2bLuH7xa+fUVdWmNnfdUzIqF9l54JneQ0cfiE8v6K7f/2AD6qps8StToet
L9UL/GM4Iv6Rh3/WkrQM4V+sRVkyKqGDRLResyz4S4ybqcs+pGMhHQ72eo2cIk6k
+ylbr6LlWAjfqCj5Y1J4qqM8lVyPrPtBALB4Ibwa0a/NHB28JhvozvAOpuT0QALE
4Mn+dohU3TSj2TMmOxhXNA14ne/8T82YOcbEkzw/nFWf70zLUldZ1F1NSQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEgHdS4HRsIfxSH7ByTqLg9xuLeMMB8GA1UdIwQY
MBaAFOTIbaP0gyRlGNNoA0vIYROQalWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTct
YzUxMWEzZTkxMmI2LzEvU0FkMUxnZEd3aF9GSWZzSEpPb3VEM0c0dDR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTctYzUxMWEzZTkxMmI2
LzEvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBSfAAwQE
T24AAwQEXufgAwQCw4zsMA0EAgACMAcDBQMqAPvAMA0GCSqGSIb3DQEBCwUAA4IB
AQDF26IelPAwXvd7Z084tV8k29LLWE6wxQkPiIxpRhZMSfkDeLHEYQctIp53zrkt
/dwIeBLgVVifdnh1wPCqoWRVG4d0W5OPziNgvZucG1JktrXH1Oi5FlGqlaPYXk61
90Nh15RC7RSzc3xVxWy836cKxvTkMHA3XZkg0WPKYsUfBBCyeFakDe3+NmWmsGxo
NsU5aKz5OqBFxtT+v96owNAmfUqXzPhho8cxceYaSnlOxKo0Y+fsjxT0ZEBS+uGZ
KrNLoRtbweoCzRgBOT5z3jQgSmlv6kwABvOKZOsxYzT5IyOUpXwW/hopDkkXOzKg
zVM/SnnIBAPjaHMDuhPNlkhe
-----END CERTIFICATE-----
Generated at Fri Oct 11 13:27:57 2024 by rpki-client on console-ams.rpki-client.org