Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/lSjw5AaVfLQHPZFFPOcMEfyIqsE.roa
File: lSjw5AaVfLQHPZFFPOcMEfyIqsE.roa (raw, json)
Hash identifier: mrNR/IEL/rbw0ylxtbtiO/FgztYpC69lJzNokbwhOB4=
Subject key identifier: 95:28:F0:E4:06:95:7C:B4:07:3D:91:45:3C:E7:0C:11:FC:88:AA:C1
Certificate issuer: /CN=e4c86da3f483246518d368034bc86113906a55a3
Certificate serial: 019286E5111D118A6B77D991147B407FD21E
Authority key identifier: E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/lSjw5AaVfLQHPZFFPOcMEfyIqsE.roa
Signing time: Sun 13 Oct 2024 17:20:11 +0000
ROA not before: Sun 13 Oct 2024 17:20:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.39.192.0/22 maxlen: 22
5.39.196.0/22 maxlen: 22
185.10.122.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 17 Oct 2024 16:11:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:86:e5:11:1d:11:8a:6b:77:d9:91:14:7b:40:7f:d2:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4c86da3f483246518d368034bc86113906a55a3
Validity
Not Before: Oct 13 17:20:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9528f0e406957cb4073d91453ce70c11fc88aac1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:77:5e:c1:75:00:3f:da:02:36:8f:d7:9c:27:
2c:94:26:62:75:5c:51:8e:65:f2:e2:42:ae:d1:ea:
31:69:75:cc:a5:99:3c:4c:2c:32:3b:3b:6c:a4:85:
27:a8:e0:fc:fa:71:63:98:ca:6e:21:95:f3:8a:a3:
4c:78:dd:17:84:c0:f9:12:47:b8:e2:5e:9d:aa:49:
f6:67:46:3c:8b:ce:54:fe:a4:6a:ca:d7:16:1a:38:
bc:be:6f:9b:ed:5a:8d:92:94:7f:fb:8d:f0:f3:73:
af:6e:db:6d:d6:da:fc:cf:f3:4c:69:c5:f9:eb:4c:
e3:26:6f:b8:28:5a:82:d9:7b:14:fa:96:34:ce:2a:
23:bd:16:b6:86:d4:a4:d0:d7:e3:26:c9:fe:98:a5:
c7:74:13:77:58:e0:bb:8a:6b:d6:95:e8:16:8a:0a:
ed:33:83:06:82:49:f8:04:4e:58:32:de:6a:8f:13:
aa:c3:75:6a:30:9b:d1:78:ac:90:a4:7d:f7:1c:68:
0a:dd:2b:56:4e:91:d2:40:e4:a0:fa:fc:e4:ce:c3:
a9:35:75:88:de:54:5f:e1:6c:e9:0b:0d:d3:cc:f5:
79:ff:9d:30:69:8c:2b:1e:49:12:f3:64:a6:6a:45:
d0:e4:77:3b:8a:52:66:d3:f7:fa:bd:de:bc:69:f2:
95:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:28:F0:E4:06:95:7C:B4:07:3D:91:45:3C:E7:0C:11:FC:88:AA:C1
X509v3 Authority Key Identifier:
keyid:E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/lSjw5AaVfLQHPZFFPOcMEfyIqsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/5Mhto_SDJGUY02gDS8hhE5BqVaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.192.0/21
185.10.122.0/23
Signature Algorithm: sha256WithRSAEncryption
95:cf:46:91:0d:2d:be:9c:64:35:77:ef:c5:41:c9:e6:f1:02:
50:cb:1e:3c:56:51:38:59:0e:94:6d:ab:a9:34:85:f8:cf:67:
c7:50:10:7a:a0:09:13:c9:a1:f6:57:9d:28:61:0c:80:b4:63:
81:17:6e:ee:41:04:5d:c7:fe:fa:70:2a:e4:7d:c6:c1:f6:fc:
6d:9a:d9:44:39:30:34:02:82:94:4d:4f:57:fa:83:62:c3:3f:
b6:73:82:a3:ff:c2:52:0d:96:ee:70:b8:6d:04:08:7b:f0:fc:
a3:14:48:5c:1a:c2:36:d7:13:7d:79:04:3f:6b:9a:1d:45:93:
69:e7:89:d2:cb:bd:78:75:75:31:5e:00:bf:26:c6:78:c5:f6:
56:06:51:ce:0e:b1:51:61:3c:e4:3c:7a:d4:ca:6c:48:fc:5b:
61:3f:56:db:f7:c8:c4:da:85:15:c4:33:c7:78:2b:75:24:10:
74:36:d9:e6:58:ee:6a:fe:60:fc:ed:58:83:1a:f2:73:13:cf:
bf:4e:5d:b8:71:a2:56:b6:d5:12:f4:45:80:5e:01:b1:9c:8c:
24:7b:c1:99:1d:fa:7e:5d:7d:10:29:21:e2:8a:97:77:c1:a3:
5e:8c:26:d1:63:af:ab:cf:f7:3c:19:5b:05:54:5e:1d:e8:e5:
d5:b8:3e:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKG5REdEYprd9mRFHtAf9IeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0Yzg2ZGEzZjQ4MzI0NjUxOGQzNjgwMzRiYzg2MTEzOTA2
YTU1YTMwHhcNMjQxMDEzMTcyMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTI4ZjBlNDA2OTU3Y2I0MDczZDkxNDUzY2U3MGMxMWZjODhhYWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HdewXUAP9oCNo/XnCcslCZidVxR
jmXy4kKu0eoxaXXMpZk8TCwyOztspIUnqOD8+nFjmMpuIZXziqNMeN0XhMD5Eke4
4l6dqkn2Z0Y8i85U/qRqytcWGji8vm+b7VqNkpR/+43w83Ovbttt1tr8z/NMacX5
60zjJm+4KFqC2XsU+pY0ziojvRa2htSk0NfjJsn+mKXHdBN3WOC7imvWlegWigrt
M4MGgkn4BE5YMt5qjxOqw3VqMJvReKyQpH33HGgK3StWTpHSQOSg+vzkzsOpNXWI
3lRf4WzpCw3TzPV5/50waYwrHkkS82SmakXQ5Hc7ilJm0/f6vd68afKVtQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJUo8OQGlXy0Bz2RRTznDBH8iKrBMB8GA1UdIwQY
MBaAFOTIbaP0gyRlGNNoA0vIYROQalWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTct
YzUxMWEzZTkxMmI2LzEvbFNqdzVBYVZmTFFIUFpGRlBPY01FZnlJcXNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTctYzUxMWEzZTkxMmI2
LzEvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDBSfAAwQB
uQp6MA0GCSqGSIb3DQEBCwUAA4IBAQCVz0aRDS2+nGQ1d+/FQcnm8QJQyx48VlE4
WQ6UbaupNIX4z2fHUBB6oAkTyaH2V50oYQyAtGOBF27uQQRdx/76cCrkfcbB9vxt
mtlEOTA0AoKUTU9X+oNiwz+2c4Kj/8JSDZbucLhtBAh78PyjFEhcGsI21xN9eQQ/
a5odRZNp54nSy714dXUxXgC/JsZ4xfZWBlHODrFRYTzkPHrUymxI/FthP1bb98jE
2oUVxDPHeCt1JBB0NtnmWO5q/mD87ViDGvJzE8+/Tl24caJWttUS9EWAXgGxnIwk
e8GZHfp+XX0QKSHiipd3waNejCbRY6+rz/c8GVsFVF4d6OXVuD43
-----END CERTIFICATE-----
Generated at Thu Oct 17 19:48:48 2024 by rpki-client on console-ams.rpki-client.org