Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/0893f1-ffb4-46b3-bf27-a7016980c86f/1/lesHWX4svc0fIZYL2TR0obd7i6I.roa
File: lesHWX4svc0fIZYL2TR0obd7i6I.roa (raw, json)
Hash identifier: j5AE4ptKLafeOrRhsATy8UB8RvMm49woavbXm6opEmw=
Subject key identifier: 95:EB:07:59:7E:2C:BD:CD:1F:21:96:0B:D9:34:74:A1:B7:7B:8B:A2
Certificate issuer: /CN=dc5facca14de08174ef5c96c91f1e7825f42d07b
Certificate serial: 018FC40350AC0630CEAE9E441566BBD0E9E5
Authority key identifier: DC:5F:AC:CA:14:DE:08:17:4E:F5:C9:6C:91:F1:E7:82:5F:42:D0:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3F-syhTeCBdO9clskfHngl9C0Hs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/0893f1-ffb4-46b3-bf27-a7016980c86f/1/lesHWX4svc0fIZYL2TR0obd7i6I.roa
Signing time: Wed 29 May 2024 11:01:42 +0000
ROA not before: Wed 29 May 2024 11:01:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205330
IP address blocks: 37.130.216.0/21 maxlen: 24
185.109.56.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Nov 2024 13:28:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c4:03:50:ac:06:30:ce:ae:9e:44:15:66:bb:d0:e9:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc5facca14de08174ef5c96c91f1e7825f42d07b
Validity
Not Before: May 29 11:01:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95eb07597e2cbdcd1f21960bd93474a1b77b8ba2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:91:88:9c:bb:97:e0:c3:99:7d:99:c7:31:55:
5e:8c:c6:8b:71:37:bb:85:8f:fb:63:70:eb:a2:24:
9b:8f:9e:7a:8e:31:fe:58:17:68:65:e7:87:d9:72:
a7:77:b3:3a:14:37:e7:a5:fa:b9:b1:7c:79:48:eb:
55:54:d0:48:d1:cf:05:11:3a:a4:54:f8:31:60:fd:
37:8c:d3:70:b5:86:73:bc:ef:c1:ce:62:33:02:5e:
e6:b2:9e:5f:36:80:4d:2e:90:5a:dc:9e:98:89:06:
da:a9:eb:0f:8d:18:84:06:90:14:86:79:6d:36:37:
6e:f2:e9:3f:c1:95:b9:ad:20:1f:7e:4c:41:93:50:
02:98:6e:a6:77:14:cb:6f:5a:c9:90:16:cd:e9:22:
d5:7c:af:7c:ef:98:72:ad:70:8a:a4:f5:6b:33:45:
e4:8d:00:0f:c7:22:c8:77:62:4c:0c:d8:6d:90:e3:
75:15:5d:d8:74:79:57:49:4e:e5:ce:36:8c:c4:fe:
00:32:b0:f4:94:f1:43:70:d3:e8:5e:91:02:09:4f:
11:9d:47:13:72:83:a2:e6:14:90:ab:da:89:b3:c2:
db:ec:3f:a4:ca:b5:60:d6:86:c2:cd:c6:2b:38:04:
80:24:b5:3a:c0:54:ef:37:2e:6d:c1:94:81:8a:8a:
34:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:EB:07:59:7E:2C:BD:CD:1F:21:96:0B:D9:34:74:A1:B7:7B:8B:A2
X509v3 Authority Key Identifier:
keyid:DC:5F:AC:CA:14:DE:08:17:4E:F5:C9:6C:91:F1:E7:82:5F:42:D0:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3F-syhTeCBdO9clskfHngl9C0Hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0893f1-ffb4-46b3-bf27-a7016980c86f/1/lesHWX4svc0fIZYL2TR0obd7i6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0893f1-ffb4-46b3-bf27-a7016980c86f/1/3F-syhTeCBdO9clskfHngl9C0Hs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.216.0/21
185.109.56.0/22
Signature Algorithm: sha256WithRSAEncryption
06:78:11:22:d8:8f:26:f5:46:e9:4c:2a:79:c4:c2:ea:30:24:
3f:33:07:c1:8c:e9:99:87:46:4c:4d:7e:2c:6d:eb:d5:4b:97:
c8:ce:84:06:3b:c7:48:9c:2f:58:ad:30:31:76:5b:22:51:fd:
f4:ea:8d:34:f1:59:5a:e5:be:28:ca:5a:a2:e0:17:85:bb:2b:
76:8e:68:71:48:f9:f7:17:9e:58:e6:57:c2:2d:7a:af:e5:6c:
c5:fb:45:6d:66:6d:75:b2:e3:86:01:b9:27:79:30:32:9b:1c:
a9:78:d3:e0:1d:f8:de:c1:b7:d7:36:66:a0:03:8f:f8:1e:19:
8a:19:38:9f:a9:04:75:f9:9d:a1:b1:06:e2:a9:c1:ad:7f:3b:
f1:2a:54:fc:3d:c2:46:6f:54:d1:8a:cf:e0:27:db:ef:ba:10:
02:29:c3:9b:4c:1d:b0:97:b1:d5:ea:72:de:83:de:07:4b:e7:
51:6a:55:4c:5c:79:04:2d:8f:5a:8b:b3:fb:de:42:c4:10:58:
b9:74:ad:4f:d0:21:d2:3d:4b:7a:23:a1:bd:58:22:27:60:64:
3b:8d:f4:3d:90:db:b8:fc:f1:85:a6:a6:19:86:c3:06:b9:cc:
1b:80:19:6d:c2:21:2c:be:c5:38:d6:b4:71:15:64:cb:1e:c2:
9f:6e:f6:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/EA1CsBjDOrp5EFWa70OnlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNWZhY2NhMTRkZTA4MTc0ZWY1Yzk2YzkxZjFlNzgyNWY0
MmQwN2IwHhcNMjQwNTI5MTEwMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWViMDc1OTdlMmNiZGNkMWYyMTk2MGJkOTM0NzRhMWI3N2I4YmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15GInLuX4MOZfZnHMVVejMaLcTe7
hY/7Y3DroiSbj556jjH+WBdoZeeH2XKnd7M6FDfnpfq5sXx5SOtVVNBI0c8FETqk
VPgxYP03jNNwtYZzvO/BzmIzAl7msp5fNoBNLpBa3J6YiQbaqesPjRiEBpAUhnlt
Njdu8uk/wZW5rSAffkxBk1ACmG6mdxTLb1rJkBbN6SLVfK9875hyrXCKpPVrM0Xk
jQAPxyLId2JMDNhtkON1FV3YdHlXSU7lzjaMxP4AMrD0lPFDcNPoXpECCU8RnUcT
coOi5hSQq9qJs8Lb7D+kyrVg1obCzcYrOASAJLU6wFTvNy5twZSBioo0uwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJXrB1l+LL3NHyGWC9k0dKG3e4uiMB8GA1UdIwQY
MBaAFNxfrMoU3ggXTvXJbJHx54JfQtB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0Ytc3loVGVDQmRPOWNsc2tmSG5nbDlDMEhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8wODkzZjEtZmZiNC00NmIzLWJmMjct
YTcwMTY5ODBjODZmLzEvbGVzSFdYNHN2YzBmSVpZTDJUUjBvYmQ3aTZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8wODkzZjEtZmZiNC00NmIzLWJmMjctYTcwMTY5ODBjODZm
LzEvM0Ytc3loVGVDQmRPOWNsc2tmSG5nbDlDMEhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDJYLYAwQC
uW04MA0GCSqGSIb3DQEBCwUAA4IBAQAGeBEi2I8m9UbpTCp5xMLqMCQ/MwfBjOmZ
h0ZMTX4sbevVS5fIzoQGO8dInC9YrTAxdlsiUf306o008Vla5b4oylqi4BeFuyt2
jmhxSPn3F55Y5lfCLXqv5WzF+0VtZm11suOGAbkneTAymxypeNPgHfjewbfXNmag
A4/4HhmKGTifqQR1+Z2hsQbiqcGtfzvxKlT8PcJGb1TRis/gJ9vvuhACKcObTB2w
l7HV6nLeg94HS+dRalVMXHkELY9ai7P73kLEEFi5dK1P0CHSPUt6I6G9WCInYGQ7
jfQ9kNu4/PGFpqYZhsMGucwbgBltwiEsvsU41rRxFWTLHsKfbvZu
-----END CERTIFICATE-----
Generated at Fri Nov 15 17:21:25 2024 by rpki-client on console-ams.rpki-client.org