Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/pmvdWgFztjV-szvPC1ImD2-bhyU.roa
File: pmvdWgFztjV-szvPC1ImD2-bhyU.roa (raw, json)
Hash identifier: VFos23+oxU48cg2Eh0qWJq56ewatEXOEZmaXII5gIpQ=
Subject key identifier: A6:6B:DD:5A:01:73:B6:35:7E:B3:3B:CF:0B:52:26:0F:6F:9B:87:25
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 018C05BBC7E1333566D064808777E7BB96D1
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/pmvdWgFztjV-szvPC1ImD2-bhyU.roa
Signing time: Sat 25 Nov 2023 09:07:21 +0000
ROA not before: Sat 25 Nov 2023 09:07:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 195.95.201.0/24 maxlen: 24
5.249.184.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Dec 2023 00:32:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:05:bb:c7:e1:33:35:66:d0:64:80:87:77:e7:bb:96:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Nov 25 09:07:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a66bdd5a0173b6357eb33bcf0b52260f6f9b8725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0a:86:f7:b7:e4:82:a3:ef:9e:ee:0f:9e:42:
66:f6:b7:7c:7e:8e:3c:51:06:af:e9:89:63:73:4f:
7f:18:25:34:26:b6:be:4f:df:1f:23:bc:57:0c:51:
20:2d:d0:93:72:0b:14:dd:97:21:06:cc:d5:f7:68:
f3:2c:cf:28:71:0d:0e:02:c0:82:e7:76:4a:58:4d:
bf:c8:2b:7c:ca:06:38:ef:6f:7a:55:6b:b4:63:7d:
c1:cf:44:ad:8d:94:38:81:09:b5:eb:12:cd:c2:de:
38:4d:c8:3e:c6:1d:a8:b2:cb:23:fd:cc:99:e8:39:
b8:06:d4:e1:ae:8d:22:8c:6d:7f:a4:09:84:17:b7:
4f:5d:f1:13:82:ea:7e:55:a4:cb:1c:11:a7:12:2f:
2f:70:79:32:3f:dc:ef:73:d1:6d:70:a0:f4:f8:9e:
59:72:8b:5a:5a:9a:a8:e7:ff:a8:1c:b9:ed:41:a6:
ae:df:e3:c1:04:e2:17:e1:e2:f3:7d:6b:8c:9b:54:
b1:bd:14:37:e5:df:4a:2b:7a:33:21:d5:c2:5f:c3:
bb:58:61:1b:81:a0:28:1c:88:b7:a7:c6:f3:52:db:
d6:0f:a5:f6:9c:0c:ba:bd:81:b7:93:6f:7c:2e:33:
18:c6:a5:90:cc:78:ac:ec:ef:49:0e:db:aa:f9:ff:
da:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:6B:DD:5A:01:73:B6:35:7E:B3:3B:CF:0B:52:26:0F:6F:9B:87:25
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/pmvdWgFztjV-szvPC1ImD2-bhyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.184.0/22
195.95.201.0/24
Signature Algorithm: sha256WithRSAEncryption
be:d6:cb:ca:36:8a:e9:f9:e8:0e:37:e1:f1:f3:e5:ed:d6:be:
b1:0a:a3:a7:01:37:21:38:00:c0:a0:f6:10:08:4d:f5:be:be:
7e:53:ce:56:66:c1:f5:29:e8:83:66:01:41:28:ff:63:60:79:
79:d0:b2:56:9e:4a:9c:24:97:d1:2b:f4:b5:56:59:b4:dc:21:
83:60:94:cc:88:19:24:4c:96:a6:44:d4:5b:2b:b1:cc:44:cb:
e3:8b:a0:7d:a9:e4:d8:6e:49:5c:33:80:4f:2b:08:0e:93:0d:
63:e9:79:c3:3c:b2:e7:61:3a:8c:b1:d5:6e:91:2d:06:7c:53:
32:5f:97:7d:6a:e0:75:72:fd:cd:5a:7a:9c:86:66:64:ee:67:
0e:34:53:5c:78:2b:66:f8:23:67:ef:ec:ea:ae:4b:d5:00:d5:
3a:7b:a3:d1:d2:83:2b:54:f9:23:5e:db:9c:13:cd:8a:78:f8:
39:b0:1f:1d:e6:93:e6:d3:63:84:b6:7a:a8:ab:0b:c3:a5:64:
28:b3:9b:04:87:49:6a:84:b6:1c:67:de:9d:0d:2d:9d:0b:f9:
a6:76:5c:02:62:db:70:8e:b0:f8:0c:d9:15:8c:2f:cc:cb:d9:
55:0c:ea:96:a6:f6:ea:67:89:68:20:28:fb:88:70:76:d8:40:
d6:29:05:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwFu8fhMzVm0GSAh3fnu5bRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjMxMTI1MDkwNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjZiZGQ1YTAxNzNiNjM1N2ViMzNiY2YwYjUyMjYwZjZmOWI4NzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogqG97fkgqPvnu4PnkJm9rd8fo48
UQav6Yljc09/GCU0Jra+T98fI7xXDFEgLdCTcgsU3ZchBszV92jzLM8ocQ0OAsCC
53ZKWE2/yCt8ygY47296VWu0Y33Bz0StjZQ4gQm16xLNwt44Tcg+xh2osssj/cyZ
6Dm4BtThro0ijG1/pAmEF7dPXfETgup+VaTLHBGnEi8vcHkyP9zvc9FtcKD0+J5Z
cotaWpqo5/+oHLntQaau3+PBBOIX4eLzfWuMm1SxvRQ35d9KK3ozIdXCX8O7WGEb
gaAoHIi3p8bzUtvWD6X2nAy6vYG3k298LjMYxqWQzHis7O9JDtuq+f/anwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKZr3VoBc7Y1frM7zwtSJg9vm4clMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvcG12ZFdnRnp0alYtc3p2UEMxSW1EMi1iaHlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBfm4AwQA
w1/JMA0GCSqGSIb3DQEBCwUAA4IBAQC+1svKNorp+egON+Hx8+Xt1r6xCqOnATch
OADAoPYQCE31vr5+U85WZsH1KeiDZgFBKP9jYHl50LJWnkqcJJfRK/S1Vlm03CGD
YJTMiBkkTJamRNRbK7HMRMvji6B9qeTYbklcM4BPKwgOkw1j6XnDPLLnYTqMsdVu
kS0GfFMyX5d9auB1cv3NWnqchmZk7mcONFNceCtm+CNn7+zqrkvVANU6e6PR0oMr
VPkjXtucE82KePg5sB8d5pPm02OEtnqoqwvDpWQos5sEh0lqhLYcZ96dDS2dC/mm
dlwCYttwjrD4DNkVjC/My9lVDOqWpvbqZ4loICj7iHB22EDWKQXD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:05 2024 by rpki-client on console-fra.rpki-client.org