Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/Csz5rqDNw8dR1eL3Qadn8C4qx0A.roa
File: Csz5rqDNw8dR1eL3Qadn8C4qx0A.roa (raw, json)
Hash identifier: aN+bFyGJPvlh1/BGSjZS2Dg9qF39e5ggNEuEBbKbHN4=
Subject key identifier: 0A:CC:F9:AE:A0:CD:C3:C7:51:D5:E2:F7:41:A7:67:F0:2E:2A:C7:40
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 01857D786B73D70916E0AA357B9CB7F27B92
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/Csz5rqDNw8dR1eL3Qadn8C4qx0A.roa
Signing time: Wed 04 Jan 2023 15:48:41 +0000
ROA not before: Wed 04 Jan 2023 15:48:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 37.19.64.0/22 maxlen: 24
185.145.52.0/24 maxlen: 24
5.249.184.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Jan 2023 00:22:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7d:78:6b:73:d7:09:16:e0:aa:35:7b:9c:b7:f2:7b:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Jan 4 15:48:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0accf9aea0cdc3c751d5e2f741a767f02e2ac740
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9d:a0:18:d5:c3:4e:65:e7:8d:8b:b0:40:cf:
2c:2e:bd:38:79:4d:cf:21:64:c9:6c:87:2e:b2:6c:
91:00:6f:e4:fa:9f:2b:d4:fd:b3:27:43:74:b9:ba:
1e:95:e8:41:0a:67:41:45:bc:2f:19:60:04:20:c5:
b2:06:43:f3:1e:ad:b4:1a:32:83:e5:c5:5a:1e:51:
27:2b:44:78:7f:b9:61:94:ac:0a:03:1a:bf:8d:10:
23:22:2b:53:75:bd:95:90:21:14:5f:7a:4c:12:f2:
e0:88:6f:f6:c2:95:49:83:f9:10:6b:5b:aa:d5:1f:
67:1e:84:d6:ef:25:00:55:74:e3:25:b2:8c:6e:cc:
4a:27:d0:13:d6:4f:fe:03:b8:3d:0f:74:39:e5:0e:
1a:be:e9:26:c3:7a:f3:d1:14:78:33:9e:c7:2f:c4:
b6:55:b3:bb:4d:64:d2:ad:8d:71:b2:4f:4b:c8:55:
06:ef:3f:38:bc:71:a8:3e:14:d3:1b:35:34:ca:51:
93:8a:67:cf:c9:0f:9c:d2:30:92:05:fe:48:e1:b6:
be:fd:11:7a:30:ef:b2:e8:ec:55:47:5a:0c:ec:75:
41:a7:2f:24:0a:2b:05:d2:c0:e6:92:41:26:d0:d4:
4d:c9:ad:50:b1:ce:5f:95:ef:0b:a4:83:e1:de:99:
cb:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:CC:F9:AE:A0:CD:C3:C7:51:D5:E2:F7:41:A7:67:F0:2E:2A:C7:40
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/Csz5rqDNw8dR1eL3Qadn8C4qx0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.184.0/22
37.19.64.0/22
185.145.52.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:dc:01:1b:f9:78:69:2b:dc:e9:ab:93:61:38:e5:2f:71:09:
59:08:99:16:ba:83:2d:fe:9e:e1:3e:89:98:eb:c9:68:d6:5e:
8c:f2:38:31:b8:8c:31:2a:9d:a5:24:7e:d7:3e:5b:33:95:a9:
66:08:ae:eb:fa:65:95:ff:b6:c9:ba:47:40:cd:3f:81:ff:a5:
8a:26:c8:c0:94:61:89:f8:12:3f:3b:cf:b8:2d:c7:2e:8a:43:
41:10:a6:12:13:20:fd:6a:d5:da:97:ab:94:89:38:55:44:90:
e7:9a:5f:f4:a2:c9:26:5c:cc:43:9d:30:46:2f:6a:88:24:42:
d2:23:bf:16:cd:a2:79:74:8a:97:0f:45:53:9d:bf:81:d4:19:
fa:9d:3b:ff:9e:01:d9:27:46:60:35:bf:b2:43:a1:db:13:37:
ac:ec:9f:1a:d0:d3:69:ae:27:fb:0c:53:1f:5d:60:46:fd:27:
ba:f3:cf:87:dd:42:50:74:0b:7b:92:33:36:cf:fc:bd:a1:a0:
88:fd:d5:68:b2:24:25:a8:f7:ca:47:5d:17:67:eb:5d:0f:b4:
2f:01:8f:5f:e0:48:41:31:e1:cc:76:2d:ad:fd:90:c6:0f:9f:
80:ab:b9:83:69:3c:f8:0d:01:6e:17:d3:9f:d0:63:8e:8f:98:
5f:b9:6c:d1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYV9eGtz1wkW4Ko1e5y38nuSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjMwMTA0MTU0ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWNjZjlhZWEwY2RjM2M3NTFkNWUyZjc0MWE3NjdmMDJlMmFjNzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJ2gGNXDTmXnjYuwQM8sLr04eU3P
IWTJbIcusmyRAG/k+p8r1P2zJ0N0uboelehBCmdBRbwvGWAEIMWyBkPzHq20GjKD
5cVaHlEnK0R4f7lhlKwKAxq/jRAjIitTdb2VkCEUX3pMEvLgiG/2wpVJg/kQa1uq
1R9nHoTW7yUAVXTjJbKMbsxKJ9AT1k/+A7g9D3Q55Q4avukmw3rz0RR4M57HL8S2
VbO7TWTSrY1xsk9LyFUG7z84vHGoPhTTGzU0ylGTimfPyQ+c0jCSBf5I4ba+/RF6
MO+y6OxVR1oM7HVBpy8kCisF0sDmkkEm0NRNya1Qsc5fle8LpIPh3pnLiQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFArM+a6gzcPHUdXi90GnZ/AuKsdAMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvQ3N6NXJxRE53OGRSMWVMM1FhZG44QzRxeDBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBfm4AwQC
JRNAAwQAuZE0MA0GCSqGSIb3DQEBCwUAA4IBAQCx3AEb+XhpK9zpq5NhOOUvcQlZ
CJkWuoMt/p7hPomY68lo1l6M8jgxuIwxKp2lJH7XPlszlalmCK7r+mWV/7bJukdA
zT+B/6WKJsjAlGGJ+BI/O8+4LccuikNBEKYSEyD9atXal6uUiThVRJDnml/0oskm
XMxDnTBGL2qIJELSI78WzaJ5dIqXD0VTnb+B1Bn6nTv/ngHZJ0ZgNb+yQ6HbEzes
7J8a0NNprif7DFMfXWBG/Se688+H3UJQdAt7kjM2z/y9oaCI/dVosiQlqPfKR10X
Z+tdD7QvAY9f4EhBMeHMdi2t/ZDGD5+Aq7mDaTz4DQFuF9Of0GOOj5hfuWzR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:09 2024 by rpki-client on console-ams.rpki-client.org