Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/lGoGf4X2Kavsvk1EcAe35MMUafw.roa
File: lGoGf4X2Kavsvk1EcAe35MMUafw.roa (raw, json)
Hash identifier: B8qy1EkrqSXj+fnw8yueD9BPYRC7EHFVgBQUxr5R3HA=
Subject key identifier: 94:6A:06:7F:85:F6:29:AB:EC:BE:4D:44:70:07:B7:E4:C3:14:69:FC
Certificate issuer: /CN=bfe3971a32c0692c4e342e911790662470cf31b2
Certificate serial: 018D3603713A88954CF0D574492613934461
Authority key identifier: BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/lGoGf4X2Kavsvk1EcAe35MMUafw.roa
Signing time: Tue 23 Jan 2024 11:10:11 +0000
ROA not before: Tue 23 Jan 2024 11:10:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201814
IP address blocks: 5.181.188.0/22 maxlen: 22
5.181.189.0/24 maxlen: 24
95.214.52.0/22 maxlen: 23
146.19.24.0/24 maxlen: 24
185.16.36.0/22 maxlen: 24
212.23.222.0/24 maxlen: 24
2a03:cfc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 26 Jan 2024 12:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:36:03:71:3a:88:95:4c:f0:d5:74:49:26:13:93:44:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe3971a32c0692c4e342e911790662470cf31b2
Validity
Not Before: Jan 23 11:10:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=946a067f85f629abecbe4d447007b7e4c31469fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:dd:38:22:82:31:a1:04:25:8b:03:a3:e8:45:
4e:1b:bd:99:21:51:5c:ba:05:06:cd:34:81:0a:8a:
1f:4e:12:b1:a0:6f:f5:e8:91:7d:2b:70:a1:22:e9:
07:71:35:91:6d:66:a2:5b:4e:f1:b8:1a:da:c0:4f:
97:be:fa:e9:da:ed:97:cf:40:56:e7:4d:fc:16:af:
fb:b9:33:e7:34:de:ca:6b:e1:6b:7f:b5:ff:97:22:
39:5d:c7:ea:ab:05:0b:02:6f:4c:62:ec:4a:ed:a4:
09:f2:9d:fc:da:b6:d0:fd:1f:6a:f5:25:e7:e6:8d:
bf:1c:27:79:79:3e:3a:89:58:04:04:49:a4:98:18:
34:35:39:4d:05:c1:83:9a:cd:89:44:ae:d0:6c:30:
05:d7:b3:5a:e2:7f:0c:eb:97:ab:c9:a4:48:dc:38:
fc:c8:28:14:3c:3e:fa:b7:67:53:47:b9:f8:ea:46:
36:a9:46:40:ab:46:fc:9f:bc:d5:f1:1f:c1:2e:c0:
cc:db:05:01:83:65:72:e1:75:69:bd:a8:d4:fa:73:
05:e4:1b:d5:23:8a:04:0b:35:8c:45:7d:69:48:b8:
e8:c8:e3:ae:3d:25:c6:09:ec:16:38:18:3e:7e:b9:
6c:9c:63:2c:45:4e:07:09:7b:3e:f3:c3:ff:7e:7d:
4e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:6A:06:7F:85:F6:29:AB:EC:BE:4D:44:70:07:B7:E4:C3:14:69:FC
X509v3 Authority Key Identifier:
keyid:BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/lGoGf4X2Kavsvk1EcAe35MMUafw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/v-OXGjLAaSxONC6RF5BmJHDPMbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.188.0/22
95.214.52.0/22
146.19.24.0/24
185.16.36.0/22
212.23.222.0/24
IPv6:
2a03:cfc0::/32
Signature Algorithm: sha256WithRSAEncryption
6d:97:18:67:e9:71:66:f3:86:10:1d:b4:ca:12:7a:d0:98:3e:
7e:5e:c1:1a:f7:35:d4:e7:21:5f:98:b1:40:3c:f4:6c:df:13:
bb:e5:53:09:a5:c9:b3:84:7e:18:54:e2:3c:84:2c:91:5d:43:
79:17:1a:a7:a3:65:33:47:91:55:69:c0:2d:49:0e:dc:fc:fe:
44:78:c9:8a:c3:8f:ba:f6:72:0f:21:fb:2e:e5:e7:8d:a3:76:
e7:04:04:a0:9b:de:e1:fc:ae:8a:c0:89:87:67:1b:5c:3e:81:
eb:fe:09:0b:f4:bb:16:17:20:8e:f7:b0:b1:69:47:7a:7f:2b:
6a:d0:1a:3d:b1:26:3f:57:bc:2d:a3:da:9a:78:ea:49:3e:54:
b3:b3:12:43:bb:5e:90:32:67:80:b5:ba:91:2c:7e:ea:45:3d:
c6:c1:40:b3:ee:54:98:28:bd:1e:92:54:03:9e:4e:cf:ca:02:
85:cd:7c:de:87:68:87:85:37:1e:4a:9f:50:88:90:9f:f6:c5:
b4:ec:69:0e:af:c3:07:e8:12:32:4a:07:b8:e1:b7:9d:fd:c4:
c4:28:1e:eb:71:c6:dc:84:39:99:e9:24:ef:0b:c1:4e:11:ea:
ae:30:7b:4f:12:fc:5d:64:8c:d5:b3:d2:9c:c9:dd:ca:ef:c4:
d5:c4:d5:64
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY02A3E6iJVM8NV0SSYTk0RhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZTM5NzFhMzJjMDY5MmM0ZTM0MmU5MTE3OTA2NjI0NzBj
ZjMxYjIwHhcNMjQwMTIzMTExMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDZhMDY3Zjg1ZjYyOWFiZWNiZTRkNDQ3MDA3YjdlNGMzMTQ2OWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr904IoIxoQQliwOj6EVOG72ZIVFc
ugUGzTSBCoofThKxoG/16JF9K3ChIukHcTWRbWaiW07xuBrawE+Xvvrp2u2Xz0BW
5038Fq/7uTPnNN7Ka+Frf7X/lyI5XcfqqwULAm9MYuxK7aQJ8p382rbQ/R9q9SXn
5o2/HCd5eT46iVgEBEmkmBg0NTlNBcGDms2JRK7QbDAF17Na4n8M65eryaRI3Dj8
yCgUPD76t2dTR7n46kY2qUZAq0b8n7zV8R/BLsDM2wUBg2Vy4XVpvajU+nMF5BvV
I4oECzWMRX1pSLjoyOOuPSXGCewWOBg+frlsnGMsRU4HCXs+88P/fn1OLQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJRqBn+F9imr7L5NRHAHt+TDFGn8MB8GA1UdIwQY
MBaAFL/jlxoywGksTjQukReQZiRwzzGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1PWEdqTEFhU3hPTkM2UkY1Qm1KSERQTWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9kNzZiZjgtNTQxZi00ZWZjLTk4YzUt
YzRkY2M3ZjZiN2RmLzEvbEdvR2Y0WDJLYXZzdmsxRWNBZTM1TU1VYWZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9kNzZiZjgtNTQxZi00ZWZjLTk4YzUtYzRkY2M3ZjZiN2Rm
LzEvdi1PWEdqTEFhU3hPTkM2UkY1Qm1KSERQTWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCBbW8AwQC
X9Y0AwQAkhMYAwQCuRAkAwQA1BfeMA0EAgACMAcDBQAqA8/AMA0GCSqGSIb3DQEB
CwUAA4IBAQBtlxhn6XFm84YQHbTKEnrQmD5+XsEa9zXU5yFfmLFAPPRs3xO75VMJ
pcmzhH4YVOI8hCyRXUN5Fxqno2UzR5FVacAtSQ7c/P5EeMmKw4+69nIPIfsu5eeN
o3bnBASgm97h/K6KwImHZxtcPoHr/gkL9LsWFyCO97CxaUd6fytq0Bo9sSY/V7wt
o9qaeOpJPlSzsxJDu16QMmeAtbqRLH7qRT3GwUCz7lSYKL0eklQDnk7PygKFzXze
h2iHhTceSp9QiJCf9sW07GkOr8MH6BIySge44bed/cTEKB7rccbchDmZ6STvC8FO
EequMHtPEvxdZIzVs9Kcyd3K78TVxNVk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:03 2024 by rpki-client on console-ams.rpki-client.org