Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/tVdplHlX8AblKzvTOiMIoZXXF9M.roa
File: tVdplHlX8AblKzvTOiMIoZXXF9M.roa (raw, json)
Hash identifier: evTM1SF8HtmI22WemUyCGu5RR+uIG8yW6VtVZpAkBkE=
Subject key identifier: B5:57:69:94:79:57:F0:06:E5:2B:3B:D3:3A:23:08:A1:95:D7:17:D3
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 018AF58BF11561F9C1C9D29C770D73B77F7F
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/tVdplHlX8AblKzvTOiMIoZXXF9M.roa
Signing time: Tue 03 Oct 2023 12:38:23 +0000
ROA not before: Tue 03 Oct 2023 12:38:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 37.19.64.0/22 maxlen: 24
37.19.68.0/22 maxlen: 24
185.145.52.0/24 maxlen: 24
5.249.176.0/22 maxlen: 24
5.249.184.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f5:8b:f1:15:61:f9:c1:c9:d2:9c:77:0d:73:b7:7f:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Oct 3 12:38:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b55769947957f006e52b3bd33a2308a195d717d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f6:7a:23:67:5e:56:4f:04:b2:44:24:f6:ca:
0b:31:cb:61:f8:fa:84:99:b0:45:f5:92:a2:3e:76:
ce:ed:20:51:e6:2e:6a:f4:c0:07:c5:c8:fb:88:ad:
70:47:2c:3c:66:57:72:a6:c0:95:dd:2d:ef:f2:cb:
b4:52:55:64:73:fa:d9:14:a6:5b:c7:7e:ad:62:27:
2b:dd:43:c8:82:24:31:9d:5e:20:98:5d:38:ea:a7:
23:a7:c3:4b:98:2f:d1:9a:79:87:3a:2e:6e:69:58:
c2:e3:ba:a8:39:74:05:5b:23:e3:78:e9:79:35:a7:
06:94:94:b0:0a:2f:b2:bb:72:e1:f8:ea:7d:cb:b6:
48:3c:13:d8:fe:f4:e2:da:05:e8:58:00:fc:3c:86:
59:c2:05:a9:34:a6:96:a2:18:20:18:14:d1:38:c2:
10:50:ac:c2:d5:82:46:cf:c5:3e:ce:86:80:c5:93:
23:3b:d1:e4:6f:14:9f:18:0a:56:90:9f:b8:65:36:
3d:4f:84:b4:46:10:e2:dc:bb:1c:4c:2f:0c:28:91:
19:dd:18:f7:61:33:44:74:2f:63:66:31:9b:c9:db:
35:fa:d8:8e:7e:1e:8f:c5:36:cd:87:8b:d0:32:e4:
af:83:3b:1b:17:5b:21:94:e8:45:3c:98:51:e9:d9:
7b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:57:69:94:79:57:F0:06:E5:2B:3B:D3:3A:23:08:A1:95:D7:17:D3
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/tVdplHlX8AblKzvTOiMIoZXXF9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.176.0/22
5.249.184.0/22
37.19.64.0/21
185.145.52.0/24
Signature Algorithm: sha256WithRSAEncryption
74:72:4a:b3:4c:72:db:91:6e:ae:ee:e3:a0:18:ff:de:4f:51:
5a:5e:48:57:d8:1a:9f:b9:6c:8a:7c:8d:0c:ae:86:11:2a:58:
b2:11:01:97:c1:7f:5c:03:cd:ec:84:a2:fe:50:53:16:ba:dd:
d3:86:10:19:39:22:97:0a:99:01:35:05:55:36:19:70:47:e5:
ee:62:7a:58:64:3c:0f:42:c3:d4:78:61:53:88:a3:02:c7:d6:
9f:b6:6c:00:63:ea:6b:7f:cc:73:49:7f:f0:4d:13:04:71:dc:
49:11:01:69:c1:8f:7e:7a:21:e7:6d:ed:d9:6b:e9:a0:33:73:
67:62:f7:9c:58:a1:86:66:8b:49:e5:d7:5c:5e:7d:0f:74:76:
9a:12:2f:1f:1b:49:82:82:56:1e:92:ff:a3:fb:68:d6:43:97:
20:84:63:38:40:9e:73:4d:5c:b8:52:e9:9f:0c:4d:1c:3b:18:
9f:0d:04:f9:fa:56:60:af:c7:67:af:c5:6e:2d:d3:8e:43:9b:
8b:61:3d:64:7d:57:24:ff:37:a3:fc:c9:7d:d7:71:38:c5:30:
05:07:18:fc:15:cf:8d:41:72:29:89:d5:0b:ba:ed:a7:6a:3f:
ca:08:3b:65:7d:e5:ca:3b:8c:47:29:26:6c:1f:49:59:e8:3c:
4a:e1:80:e3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYr1i/EVYfnBydKcdw1zt39/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjMxMDAzMTIzODIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTU3Njk5NDc5NTdmMDA2ZTUyYjNiZDMzYTIzMDhhMTk1ZDcxN2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/Z6I2deVk8EskQk9soLMcth+PqE
mbBF9ZKiPnbO7SBR5i5q9MAHxcj7iK1wRyw8ZldypsCV3S3v8su0UlVkc/rZFKZb
x36tYicr3UPIgiQxnV4gmF046qcjp8NLmC/RmnmHOi5uaVjC47qoOXQFWyPjeOl5
NacGlJSwCi+yu3Lh+Op9y7ZIPBPY/vTi2gXoWAD8PIZZwgWpNKaWohggGBTROMIQ
UKzC1YJGz8U+zoaAxZMjO9HkbxSfGApWkJ+4ZTY9T4S0RhDi3LscTC8MKJEZ3Rj3
YTNEdC9jZjGbyds1+tiOfh6PxTbNh4vQMuSvgzsbF1shlOhFPJhR6dl7ZwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLVXaZR5V/AG5Ss70zojCKGV1xfTMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvdFZkcGxIbFg4QWJsS3p2VE9pTUlvWlhYRjlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBfmwAwQC
Bfm4AwQDJRNAAwQAuZE0MA0GCSqGSIb3DQEBCwUAA4IBAQB0ckqzTHLbkW6u7uOg
GP/eT1FaXkhX2BqfuWyKfI0MroYRKliyEQGXwX9cA83shKL+UFMWut3ThhAZOSKX
CpkBNQVVNhlwR+XuYnpYZDwPQsPUeGFTiKMCx9aftmwAY+prf8xzSX/wTRMEcdxJ
EQFpwY9+eiHnbe3Za+mgM3NnYvecWKGGZotJ5ddcXn0PdHaaEi8fG0mCglYekv+j
+2jWQ5cghGM4QJ5zTVy4UumfDE0cOxifDQT5+lZgr8dnr8VuLdOOQ5uLYT1kfVck
/zej/Ml913E4xTAFBxj8Fc+NQXIpidULuu2naj/KCDtlfeXKO4xHKSZsH0lZ6DxK
4YDj
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:13 2024 by rpki-client on console-fra.rpki-client.org