Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/68PF3RZE7zSr5whLdoHvy1rJcRY.roa
File: 68PF3RZE7zSr5whLdoHvy1rJcRY.roa (raw, json)
Hash identifier: SEfmEzSxWZe56OPfGi7Ej4IHISOP3ajHq9zhzLwV7TM=
Subject key identifier: EB:C3:C5:DD:16:44:EF:34:AB:E7:08:4B:76:81:EF:CB:5A:C9:71:16
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 01914B0B561DA89D3430EA580A2EFC2014DB
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/68PF3RZE7zSr5whLdoHvy1rJcRY.roa
Signing time: Tue 13 Aug 2024 09:21:59 +0000
ROA not before: Tue 13 Aug 2024 09:21:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 5.249.176.0/22 maxlen: 24
5.249.184.0/22 maxlen: 24
37.19.64.0/22 maxlen: 24
37.19.68.0/22 maxlen: 24
185.145.52.0/24 maxlen: 24
195.95.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Oct 2024 06:44:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4b:0b:56:1d:a8:9d:34:30:ea:58:0a:2e:fc:20:14:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Aug 13 09:21:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ebc3c5dd1644ef34abe7084b7681efcb5ac97116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:39:b6:66:da:02:5d:2d:a5:4e:82:1d:72:01:
e3:92:0d:64:4c:c5:f8:a6:f4:6e:d9:62:b1:cf:d7:
75:bf:70:dd:69:72:e9:16:42:a2:be:86:8c:bd:55:
d3:2e:bd:48:04:a6:19:b3:b0:7e:0b:4a:79:33:9b:
36:33:3c:ea:c1:da:fd:83:00:83:49:ca:6c:cf:7f:
97:51:2c:79:4e:a7:ea:61:98:5c:b4:15:66:26:7a:
49:60:69:41:61:66:28:e6:2a:d2:96:cf:cc:11:6c:
60:04:07:d1:b4:2d:1d:6b:33:f4:be:f7:57:a1:99:
5d:0e:cc:5b:ea:e1:7b:03:dc:41:68:0a:58:f7:57:
4f:49:ed:65:31:dc:ab:9a:20:f0:7f:5e:20:c9:34:
db:7d:2c:94:50:4f:ba:ce:96:57:aa:31:4c:f9:c5:
c5:38:f7:36:17:9b:b4:4e:96:12:8f:4f:78:24:43:
55:83:41:c3:0f:40:0a:57:f2:e5:66:c0:bb:5e:cb:
fe:fe:3e:4b:1f:bc:fa:e5:2b:9b:81:8a:0d:a9:fc:
d5:1c:6d:68:eb:bd:90:db:2f:2f:ff:b0:53:0e:e2:
29:18:e5:ea:38:6c:1e:34:50:16:18:d6:7f:8b:8b:
f5:45:fe:fe:98:4b:50:f7:9d:dd:3a:b5:d5:77:a0:
70:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:C3:C5:DD:16:44:EF:34:AB:E7:08:4B:76:81:EF:CB:5A:C9:71:16
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/68PF3RZE7zSr5whLdoHvy1rJcRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.176.0/22
5.249.184.0/22
37.19.64.0/21
185.145.52.0/24
195.95.200.0/24
Signature Algorithm: sha256WithRSAEncryption
65:79:d3:01:12:14:fd:02:17:ed:73:5b:23:a4:04:7c:88:f1:
9e:d1:de:46:ee:b0:60:50:f4:d6:a0:fe:2c:90:a6:0b:d2:b6:
d0:ef:65:df:c9:fd:a1:ab:41:33:f2:64:86:12:59:04:39:84:
c1:7d:99:86:e7:27:3c:82:68:7a:c2:54:9d:ca:cc:ad:90:69:
c5:69:39:d4:3a:6c:1d:c8:9b:06:11:db:9a:d1:91:63:77:02:
f1:70:2e:b3:10:cc:a6:5b:aa:5f:04:48:cf:91:d0:b0:91:83:
4b:86:8a:c0:ed:67:84:be:6e:94:56:0e:35:d4:1d:90:0f:b2:
16:3c:9c:ef:1b:82:f6:da:04:dc:ae:aa:55:96:ab:56:98:3b:
f8:fd:d9:cc:eb:57:d8:7f:d7:af:a1:c8:8b:ce:1d:ba:71:da:
8c:7a:a5:71:41:ef:90:5f:7d:b1:91:37:4e:8c:50:7c:d1:56:
57:5c:7e:52:36:fe:cb:f0:69:2f:52:62:61:7e:e8:5c:ba:a7:
9b:45:52:11:70:14:95:91:87:df:c3:07:ca:1e:21:b1:25:87:
01:d2:ea:03:ce:b4:63:57:6d:e9:69:5b:ed:21:3e:ad:76:70:
f0:d7:2c:f1:b9:60:44:03:69:bc:67:46:28:ec:78:89:32:b2:
2a:fa:f3:6a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZFLC1YdqJ00MOpYCi78IBTbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjQwODEzMDkyMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmMzYzVkZDE2NDRlZjM0YWJlNzA4NGI3NjgxZWZjYjVhYzk3MTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTm2ZtoCXS2lToIdcgHjkg1kTMX4
pvRu2WKxz9d1v3DdaXLpFkKivoaMvVXTLr1IBKYZs7B+C0p5M5s2Mzzqwdr9gwCD
Scpsz3+XUSx5TqfqYZhctBVmJnpJYGlBYWYo5irSls/MEWxgBAfRtC0dazP0vvdX
oZldDsxb6uF7A9xBaApY91dPSe1lMdyrmiDwf14gyTTbfSyUUE+6zpZXqjFM+cXF
OPc2F5u0TpYSj094JENVg0HDD0AKV/LlZsC7Xsv+/j5LH7z65SubgYoNqfzVHG1o
672Q2y8v/7BTDuIpGOXqOGweNFAWGNZ/i4v1Rf7+mEtQ953dOrXVd6BwmwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOvDxd0WRO80q+cIS3aB78tayXEWMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvNjhQRjNSWkU3elNyNXdoTGRvSHZ5MXJKY1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBfmwAwQC
Bfm4AwQDJRNAAwQAuZE0AwQAw1/IMA0GCSqGSIb3DQEBCwUAA4IBAQBledMBEhT9
Ahftc1sjpAR8iPGe0d5G7rBgUPTWoP4skKYL0rbQ72Xfyf2hq0Ez8mSGElkEOYTB
fZmG5yc8gmh6wlSdysytkGnFaTnUOmwdyJsGEdua0ZFjdwLxcC6zEMymW6pfBEjP
kdCwkYNLhorA7WeEvm6UVg411B2QD7IWPJzvG4L22gTcrqpVlqtWmDv4/dnM61fY
f9evociLzh26cdqMeqVxQe+QX32xkTdOjFB80VZXXH5SNv7L8GkvUmJhfuhcuqeb
RVIRcBSVkYffwwfKHiGxJYcB0uoDzrRjV23paVvtIT6tdnDw1yzxuWBEA2m8Z0Yo
7HiJMrIq+vNq
-----END CERTIFICATE-----
Generated at Thu Oct 17 09:01:38 2024 by rpki-client on console-fra.rpki-client.org