Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/b56b01-292f-4a1d-baa2-bcd6ada1b9da/1/LrSzM2GJRXrMZpGtfOmzUe76fK8.roa
File: LrSzM2GJRXrMZpGtfOmzUe76fK8.roa (raw, json)
Hash identifier: QLploDK2uakkAbCiMsTI5OBc3Hp21POW24nCAy4eQOA=
Subject key identifier: 2E:B4:B3:33:61:89:45:7A:CC:66:91:AD:7C:E9:B3:51:EE:FA:7C:AF
Certificate issuer: /CN=096bf7e6b32a5623f54bb9c737db8f814e93ad39
Certificate serial: 018A92F082B34FD5631ADE51DC810E783A1D
Authority key identifier: 09:6B:F7:E6:B3:2A:56:23:F5:4B:B9:C7:37:DB:8F:81:4E:93:AD:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWv35rMqViP1S7nHN9uPgU6TrTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/b56b01-292f-4a1d-baa2-bcd6ada1b9da/1/LrSzM2GJRXrMZpGtfOmzUe76fK8.roa
Signing time: Thu 14 Sep 2023 09:05:50 +0000
ROA not before: Thu 14 Sep 2023 09:05:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25591
IP address blocks: 5.188.144.0/22 maxlen: 22
185.104.4.0/22 maxlen: 22
5.183.64.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:92:f0:82:b3:4f:d5:63:1a:de:51:dc:81:0e:78:3a:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=096bf7e6b32a5623f54bb9c737db8f814e93ad39
Validity
Not Before: Sep 14 09:05:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2eb4b3336189457acc6691ad7ce9b351eefa7caf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b9:ab:4c:a8:71:90:a5:cc:26:2e:f5:d6:97:
67:2e:4a:55:32:f6:f0:14:84:ab:f6:ee:d9:f9:69:
c7:8d:ea:fd:1c:34:cf:ed:28:62:13:d7:f0:1c:24:
28:8d:e5:c2:61:bb:93:a8:06:a9:00:4f:1f:f8:31:
7d:1d:1e:b0:30:e4:88:d5:f8:c1:a9:7d:7b:bb:10:
76:0d:27:ea:ec:22:e8:eb:58:5f:f0:4a:24:3c:e6:
44:b1:ad:50:6d:bd:14:c3:15:9e:8f:0c:6b:3b:42:
2c:90:56:8c:83:5e:e3:c2:04:c0:88:a1:99:ea:43:
01:66:bf:fe:22:91:cf:85:15:d9:7a:9d:f8:3e:de:
8c:17:cc:e7:35:52:00:5a:bf:9b:6e:c7:92:79:d8:
f8:d8:53:69:5f:d8:4a:c6:c6:c4:a2:18:65:52:cf:
fd:e7:b0:91:be:27:f7:17:42:c4:4f:63:66:e3:3d:
71:3f:95:4f:b8:ce:3d:92:a1:a9:dd:d7:51:fa:5f:
21:4b:ae:d7:37:83:fb:21:1e:74:23:4d:01:d9:15:
b9:92:72:a2:01:00:0f:88:6f:64:20:8a:2b:13:e3:
17:0a:48:42:3f:e7:7e:6b:66:d4:39:19:8a:21:0b:
8d:9b:81:e6:29:9b:dd:a2:1b:6b:08:4a:c8:ac:87:
f3:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:B4:B3:33:61:89:45:7A:CC:66:91:AD:7C:E9:B3:51:EE:FA:7C:AF
X509v3 Authority Key Identifier:
keyid:09:6B:F7:E6:B3:2A:56:23:F5:4B:B9:C7:37:DB:8F:81:4E:93:AD:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWv35rMqViP1S7nHN9uPgU6TrTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/b56b01-292f-4a1d-baa2-bcd6ada1b9da/1/LrSzM2GJRXrMZpGtfOmzUe76fK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/b56b01-292f-4a1d-baa2-bcd6ada1b9da/1/CWv35rMqViP1S7nHN9uPgU6TrTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.64.0/22
5.188.144.0/22
185.104.4.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:e4:ea:1c:95:c8:40:ef:82:fa:91:45:ee:f7:69:2a:44:7b:
86:5b:d2:0f:01:bb:ae:7f:5b:b2:98:79:66:b5:4a:4e:d9:53:
28:c8:75:b7:f9:5e:ca:c8:67:dd:99:1e:44:6d:22:75:c4:67:
e8:4d:01:22:5e:b7:79:62:2b:41:3d:a4:9f:c1:c7:4c:75:73:
cd:d6:39:f1:98:82:1f:c7:8c:58:03:10:7a:00:bb:17:33:f6:
23:50:e2:34:63:a9:ec:f7:22:63:30:66:b9:d1:8d:33:b2:be:
60:df:8d:67:b2:a7:24:d2:fc:fc:d2:04:e9:74:65:1a:35:98:
76:31:e5:d7:7b:6f:2d:05:9a:30:c0:26:93:91:f9:68:d5:c7:
df:c6:22:e2:52:78:1f:66:97:ba:10:8a:97:91:61:56:56:28:
c7:3e:76:6d:ab:9d:f0:ac:be:e5:c1:cc:2a:93:b3:ba:d3:33:
9c:0f:3f:c3:a1:ba:97:fe:e2:aa:4e:de:5d:8a:38:60:48:ba:
93:fb:76:df:4e:74:43:50:2d:7f:78:48:96:eb:bc:cd:16:fa:
8a:eb:8c:f1:d7:3a:09:69:e1:b2:9f:4c:7d:1c:71:f4:f4:db:
fb:13:74:5b:44:26:bb:4b:49:97:35:3e:8c:72:21:a7:ae:4f:
23:28:5e:9d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqS8IKzT9VjGt5R3IEOeDodMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NmJmN2U2YjMyYTU2MjNmNTRiYjljNzM3ZGI4ZjgxNGU5
M2FkMzkwHhcNMjMwOTE0MDkwNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWI0YjMzMzYxODk0NTdhY2M2NjkxYWQ3Y2U5YjM1MWVlZmE3Y2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrmrTKhxkKXMJi711pdnLkpVMvbw
FISr9u7Z+WnHjer9HDTP7ShiE9fwHCQojeXCYbuTqAapAE8f+DF9HR6wMOSI1fjB
qX17uxB2DSfq7CLo61hf8EokPOZEsa1Qbb0UwxWejwxrO0IskFaMg17jwgTAiKGZ
6kMBZr/+IpHPhRXZep34Pt6MF8znNVIAWr+bbseSedj42FNpX9hKxsbEohhlUs/9
57CRvif3F0LET2Nm4z1xP5VPuM49kqGp3ddR+l8hS67XN4P7IR50I00B2RW5knKi
AQAPiG9kIIorE+MXCkhCP+d+a2bUORmKIQuNm4HmKZvdohtrCErIrIfzBQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC60szNhiUV6zGaRrXzps1Hu+nyvMB8GA1UdIwQY
MBaAFAlr9+azKlYj9Uu5xzfbj4FOk605MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1d2MzVyTXFWaVAxUzduSE45dVBnVTZUclRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9iNTZiMDEtMjkyZi00YTFkLWJhYTIt
YmNkNmFkYTFiOWRhLzEvTHJTek0yR0pSWHJNWnBHdGZPbXpVZTc2Zks4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9iNTZiMDEtMjkyZi00YTFkLWJhYTItYmNkNmFkYTFiOWRh
LzEvQ1d2MzVyTXFWaVAxUzduSE45dVBnVTZUclRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBbdAAwQC
BbyQAwQCuWgEMA0GCSqGSIb3DQEBCwUAA4IBAQCl5OoclchA74L6kUXu92kqRHuG
W9IPAbuuf1uymHlmtUpO2VMoyHW3+V7KyGfdmR5EbSJ1xGfoTQEiXrd5YitBPaSf
wcdMdXPN1jnxmIIfx4xYAxB6ALsXM/YjUOI0Y6ns9yJjMGa50Y0zsr5g341nsqck
0vz80gTpdGUaNZh2MeXXe28tBZowwCaTkflo1cffxiLiUngfZpe6EIqXkWFWVijH
PnZtq53wrL7lwcwqk7O60zOcDz/DobqX/uKqTt5dijhgSLqT+3bfTnRDUC1/eEiW
67zNFvqK64zx1zoJaeGyn0x9HHH09Nv7E3RbRCa7S0mXNT6MciGnrk8jKF6d
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:12 2024 by rpki-client on console-fra.rpki-client.org