Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/0H3oTmlGAxOY431G5UGzLwohZp8.roa
File: 0H3oTmlGAxOY431G5UGzLwohZp8.roa (raw, json)
Hash identifier: p+yhFn67DJWWBgH5ZvCCB+xb5oI22lko0LyqsMhlt8Q=
Subject key identifier: D0:7D:E8:4E:69:46:03:13:98:E3:7D:46:E5:41:B3:2F:0A:21:66:9F
Certificate issuer: /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial: 018AB7368159BA84BF94DCE6CF9B2D47ACB7
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/0H3oTmlGAxOY431G5UGzLwohZp8.roa
Signing time: Thu 21 Sep 2023 10:08:37 +0000
ROA not before: Thu 21 Sep 2023 10:08:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 79.133.180.0/24 maxlen: 24
185.244.48.0/24 maxlen: 24
185.250.45.0/24 maxlen: 24
5.253.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b7:36:81:59:ba:84:bf:94:dc:e6:cf:9b:2d:47:ac:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
Validity
Not Before: Sep 21 10:08:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d07de84e6946031398e37d46e541b32f0a21669f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:34:6b:03:b0:a3:0f:b6:9a:5a:69:15:f5:2b:
98:2f:b3:63:37:39:e6:ab:f0:b0:53:40:e2:6f:a1:
34:7d:7f:38:be:1e:36:6f:9b:33:c9:44:56:dc:91:
19:47:63:17:53:49:f3:4e:84:92:dc:46:d9:7f:ff:
d9:9d:57:23:a2:4b:20:ce:22:7f:ed:8a:dc:2a:3c:
db:8f:06:aa:88:0b:d1:e2:40:05:09:52:5c:65:76:
92:8e:0c:13:62:0a:7f:37:3b:df:c4:c5:83:12:a6:
65:77:54:d4:52:23:f2:0f:e4:d5:1f:28:77:53:6a:
59:9c:3b:65:50:ad:5b:bf:87:09:fe:e8:23:a5:17:
c8:57:91:5f:92:a2:26:ca:fb:ec:74:a3:9f:d8:2d:
a5:b6:a3:cd:51:31:ab:5e:7c:6b:69:23:b0:3a:59:
1b:c3:4e:5e:23:99:33:af:6f:db:f3:62:87:55:6f:
62:de:7e:c6:9a:3b:af:40:52:db:9f:5f:ee:44:52:
72:b5:51:0e:61:e3:6c:be:72:3b:0b:0e:13:d7:c3:
a9:94:52:60:23:a9:a8:e0:9e:31:a6:24:2d:cf:d1:
f1:6b:58:ba:72:75:ce:d4:f7:7e:92:d3:ab:68:e8:
30:8b:72:6b:62:d5:c5:90:6d:97:5d:d8:cf:a8:22:
96:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:7D:E8:4E:69:46:03:13:98:E3:7D:46:E5:41:B3:2F:0A:21:66:9F
X509v3 Authority Key Identifier:
keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/0H3oTmlGAxOY431G5UGzLwohZp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.63.0/24
79.133.180.0/24
185.244.48.0/24
185.250.45.0/24
Signature Algorithm: sha256WithRSAEncryption
00:ee:28:d9:7e:cb:67:2c:b0:1d:d0:a9:a1:33:ad:72:cf:21:
37:0c:c4:d9:50:a2:49:ae:3e:61:f9:0f:cc:c2:ad:17:2f:bf:
41:16:c9:ae:0d:c9:4c:7a:ac:18:24:be:72:98:f6:05:2f:f7:
b1:d6:fe:00:d1:b0:5f:a2:a9:73:72:75:61:fe:0d:aa:11:84:
03:ec:77:aa:bb:cb:3c:18:07:09:22:c2:7a:30:8a:46:13:c3:
2a:42:f7:50:fd:6b:6f:50:08:1a:2c:70:f0:f5:05:2e:ce:97:
63:30:ed:0c:14:34:13:ab:1e:cb:69:b3:9c:d5:00:83:bb:4c:
cd:a2:8f:f7:63:ae:64:9c:80:fa:43:f4:93:fe:c0:6b:c7:c8:
e2:85:a7:52:b4:37:be:fb:15:3a:16:3d:77:d7:2a:8a:b1:6f:
da:02:82:bc:a5:70:d4:05:d7:b1:6f:06:a4:eb:2a:20:b1:07:
29:aa:9e:ac:cc:92:7f:b1:15:d3:58:ff:34:e0:de:b3:a2:a1:
84:a9:ba:95:2b:1c:1f:b3:28:40:e8:8d:7a:fa:b3:b0:30:3e:
bf:85:c8:a3:3b:7b:0b:15:59:ca:4c:21:78:76:e3:6f:fb:c7:
cb:fc:73:e8:df:09:be:20:89:d5:35:d8:05:27:43:8e:ff:96:
c6:b3:25:5e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYq3NoFZuoS/lNzmz5stR6y3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjMwOTIxMTAwODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDdkZTg0ZTY5NDYwMzEzOThlMzdkNDZlNTQxYjMyZjBhMjE2NjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzRrA7CjD7aaWmkV9SuYL7NjNznm
q/CwU0Dib6E0fX84vh42b5szyURW3JEZR2MXU0nzToSS3EbZf//ZnVcjoksgziJ/
7YrcKjzbjwaqiAvR4kAFCVJcZXaSjgwTYgp/NzvfxMWDEqZld1TUUiPyD+TVHyh3
U2pZnDtlUK1bv4cJ/ugjpRfIV5FfkqImyvvsdKOf2C2ltqPNUTGrXnxraSOwOlkb
w05eI5kzr2/b82KHVW9i3n7GmjuvQFLbn1/uRFJytVEOYeNsvnI7Cw4T18OplFJg
I6mo4J4xpiQtz9Hxa1i6cnXO1Pd+ktOraOgwi3JrYtXFkG2XXdjPqCKWVQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNB96E5pRgMTmON9RuVBsy8KIWafMB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvMEgzb1RtbEdBeE9ZNDMxRzVVR3pMd29oWnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABf0/AwQA
T4W0AwQAufQwAwQAufotMA0GCSqGSIb3DQEBCwUAA4IBAQAA7ijZfstnLLAd0Kmh
M61yzyE3DMTZUKJJrj5h+Q/Mwq0XL79BFsmuDclMeqwYJL5ymPYFL/ex1v4A0bBf
oqlzcnVh/g2qEYQD7Hequ8s8GAcJIsJ6MIpGE8MqQvdQ/WtvUAgaLHDw9QUuzpdj
MO0MFDQTqx7LabOc1QCDu0zNoo/3Y65knID6Q/ST/sBrx8jihadStDe++xU6Fj13
1yqKsW/aAoK8pXDUBdexbwak6yogsQcpqp6szJJ/sRXTWP804N6zoqGEqbqVKxwf
syhA6I16+rOwMD6/hcijO3sLFVnKTCF4duNv+8fL/HPo3wm+IInVNdgFJ0OO/5bG
syVe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:02 2024 by rpki-client on console-ams.rpki-client.org