Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/ExD4jhQC5eqx9cKKZmER7AN57m4.roa
File: ExD4jhQC5eqx9cKKZmER7AN57m4.roa (raw, json)
Hash identifier: vOZUXVV3Gp7OsHl80Yu0bYhu6bxV2CZDgdEnqJeJhxo=
Subject key identifier: 13:10:F8:8E:14:02:E5:EA:B1:F5:C2:8A:66:61:11:EC:03:79:EE:6E
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 018E8B45663D596745DADB04A5FF5FED445A
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/ExD4jhQC5eqx9cKKZmER7AN57m4.roa
Signing time: Fri 29 Mar 2024 17:32:44 +0000
ROA not before: Fri 29 Mar 2024 17:32:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.249.184.0/22 maxlen: 24
195.95.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Apr 2024 08:47:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8b:45:66:3d:59:67:45:da:db:04:a5:ff:5f:ed:44:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Mar 29 17:32:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1310f88e1402e5eab1f5c28a666111ec0379ee6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cb:6a:3a:31:5e:66:bc:05:7a:e7:69:df:c3:
c1:4e:65:ab:5e:8f:1f:f6:62:74:ef:da:3f:2a:7c:
a5:2c:d3:91:63:80:b6:b1:f7:c5:f8:37:4a:ce:a4:
86:46:e8:89:35:5f:51:e5:cf:d4:a6:05:36:6e:3c:
df:ad:72:86:f9:0c:70:57:8e:c3:80:1f:61:d7:ba:
9f:b8:bc:da:67:15:29:ff:d7:ef:b9:95:65:70:3f:
64:59:2e:4f:7a:46:94:d4:bf:cd:8f:ba:a1:24:f5:
33:b4:c2:1a:f3:3f:2a:58:24:bf:89:06:21:77:68:
e1:b2:d1:e6:48:a5:dd:ca:bd:75:93:92:a5:47:25:
2a:49:e4:e3:6a:e0:bf:9f:38:28:5d:c0:c1:61:64:
08:4e:a5:57:ce:57:9a:f3:94:f1:f9:4d:ea:b3:ec:
d0:a4:b8:2e:b8:7b:cd:9e:4c:a5:75:27:f4:25:f5:
7e:db:66:0d:b1:75:89:9c:7e:3c:09:a6:69:0a:fc:
77:d6:a8:10:15:35:44:a0:dc:57:59:ff:30:0d:f5:
1c:1f:52:5f:d8:23:51:47:22:e6:3d:18:97:f3:35:
39:63:7d:8a:71:52:5a:eb:2d:0a:22:9e:92:03:90:
c9:06:78:bf:7d:38:6b:b5:f4:ba:f6:79:62:c1:14:
3c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:10:F8:8E:14:02:E5:EA:B1:F5:C2:8A:66:61:11:EC:03:79:EE:6E
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/ExD4jhQC5eqx9cKKZmER7AN57m4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.184.0/22
195.95.200.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:d5:87:3d:b6:2c:ab:fb:1c:f5:66:44:7d:b7:17:2e:2f:9e:
6e:51:c9:95:7b:32:dd:7a:bc:e2:51:f0:40:b9:23:54:96:2c:
4e:c2:18:20:e1:5f:56:a1:ed:cd:86:7b:3b:27:ac:70:7a:04:
7c:2f:05:88:cf:2b:86:50:66:15:18:6f:ff:75:bd:50:88:54:
97:2f:90:01:44:7c:88:03:ed:aa:1f:be:74:62:f3:44:fd:28:
a8:6e:8a:ab:55:4f:6f:f7:82:77:7d:2c:2e:07:92:6c:22:ce:
30:c9:22:1b:b7:15:b5:b8:80:c5:e6:9a:d5:61:40:56:05:cf:
08:12:f1:77:b2:63:7f:34:fe:da:19:db:e0:20:a7:21:e5:da:
42:8b:ec:e2:61:47:cb:d8:e8:0a:32:af:bc:fd:f6:ea:3f:a2:
36:26:81:6f:f7:a8:18:67:1a:14:26:2a:a1:93:6f:1a:00:42:
e3:66:ce:f9:78:7c:8f:10:dd:66:e7:ed:b9:14:e3:a9:27:4d:
04:27:25:37:1c:bd:0f:64:b6:15:6a:2a:75:8c:f7:03:75:85:
21:79:9e:db:95:ec:b0:4f:f1:4f:2f:2c:25:01:9c:40:7b:8c:
cc:32:a5:3d:a8:93:ae:34:1a:94:e6:e2:cb:f4:ee:94:87:c0:
f2:92:1f:03
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6LRWY9WWdF2tsEpf9f7URaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjQwMzI5MTczMjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzEwZjg4ZTE0MDJlNWVhYjFmNWMyOGE2NjYxMTFlYzAzNzllZTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8tqOjFeZrwFeudp38PBTmWrXo8f
9mJ079o/KnylLNORY4C2sffF+DdKzqSGRuiJNV9R5c/UpgU2bjzfrXKG+QxwV47D
gB9h17qfuLzaZxUp/9fvuZVlcD9kWS5PekaU1L/Nj7qhJPUztMIa8z8qWCS/iQYh
d2jhstHmSKXdyr11k5KlRyUqSeTjauC/nzgoXcDBYWQITqVXzlea85Tx+U3qs+zQ
pLguuHvNnkyldSf0JfV+22YNsXWJnH48CaZpCvx31qgQFTVEoNxXWf8wDfUcH1Jf
2CNRRyLmPRiX8zU5Y32KcVJa6y0KIp6SA5DJBni/fThrtfS69nliwRQ8gwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBMQ+I4UAuXqsfXCimZhEewDee5uMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvRXhENGpoUUM1ZXF4OWNLS1ptRVI3QU41N200LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBfm4AwQA
w1/IMA0GCSqGSIb3DQEBCwUAA4IBAQDS1Yc9tiyr+xz1ZkR9txcuL55uUcmVezLd
erziUfBAuSNUlixOwhgg4V9Woe3Nhns7J6xwegR8LwWIzyuGUGYVGG//db1QiFSX
L5ABRHyIA+2qH750YvNE/SioboqrVU9v94J3fSwuB5JsIs4wySIbtxW1uIDF5prV
YUBWBc8IEvF3smN/NP7aGdvgIKch5dpCi+ziYUfL2OgKMq+8/fbqP6I2JoFv96gY
ZxoUJiqhk28aAELjZs75eHyPEN1m5+25FOOpJ00EJyU3HL0PZLYVaip1jPcDdYUh
eZ7bleywT/FPLywlAZxAe4zMMqU9qJOuNBqU5uLL9O6Uh8Dykh8D
-----END CERTIFICATE-----
Generated at Thu Apr 4 11:58:00 2024 by rpki-client on console-ams.rpki-client.org