Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/LRDa3AJCiI5-bEJ7_pNwVcChHko.roa
File: LRDa3AJCiI5-bEJ7_pNwVcChHko.roa (raw, json)
Hash identifier: EQW8VM37385TsDdQ0M8YXNjsVtT3pTphgeFfQk/7KAc=
Subject key identifier: 2D:10:DA:DC:02:42:88:8E:7E:6C:42:7B:FE:93:70:55:C0:A1:1E:4A
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 0185735F12D567774869A275ED18CA93DC73
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/LRDa3AJCiI5-bEJ7_pNwVcChHko.roa
Signing time: Mon 02 Jan 2023 16:44:48 +0000
ROA not before: Mon 02 Jan 2023 16:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35761
IP address blocks: 185.58.20.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:5f:12:d5:67:77:48:69:a2:75:ed:18:ca:93:dc:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Jan 2 16:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d10dadc0242888e7e6c427bfe937055c0a11e4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2e:5f:b9:a4:47:30:58:b7:97:a5:54:b9:a0:
40:2f:fb:7b:47:11:03:e6:73:8d:0a:43:52:c8:76:
bd:0b:e8:ee:ef:53:5f:d4:d9:1c:77:3e:e2:71:da:
3c:1d:51:99:7c:19:8c:ba:78:ca:9b:a4:60:79:5e:
24:02:f3:cc:48:11:4a:af:8b:95:23:ac:1e:18:7b:
84:e9:b3:25:a4:93:f6:38:e1:72:48:2c:67:58:3b:
1f:65:6d:33:a4:6b:e7:e5:69:86:21:4c:b0:6d:b1:
8d:26:9c:b3:78:c4:9a:bd:71:83:14:09:c5:72:52:
d8:9f:03:57:eb:cb:67:bf:14:f5:d8:6c:d7:f2:b3:
7b:1f:87:a9:6d:dd:e5:e3:75:b2:31:60:f3:3e:0d:
2a:f8:d8:b1:6f:af:03:31:0a:23:1a:35:35:2c:93:
37:f5:9d:61:ab:32:04:f6:77:3c:1d:a1:6a:ba:f0:
97:29:a9:fd:57:39:93:fd:51:c2:c6:09:4a:d8:4b:
57:c2:04:5f:c0:aa:be:f7:4f:0a:b2:ca:c9:94:47:
f5:f9:6c:96:71:ce:4e:be:6e:0f:c7:da:c2:fc:91:
02:49:5b:91:34:04:eb:ff:17:38:7b:9c:64:c1:44:
f7:b3:27:aa:73:ac:b9:aa:03:37:8f:4f:fe:75:97:
9d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:10:DA:DC:02:42:88:8E:7E:6C:42:7B:FE:93:70:55:C0:A1:1E:4A
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/LRDa3AJCiI5-bEJ7_pNwVcChHko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.20.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:46:c4:8f:5f:db:e8:48:9d:0b:58:69:1d:28:3b:16:3d:8a:
a8:10:22:bd:05:ef:ad:9b:6f:05:b7:eb:28:00:02:78:02:88:
23:fa:54:4c:78:05:c7:2b:c0:b3:3c:5d:1c:0f:ab:fa:cd:d6:
04:86:0e:ec:09:27:4f:b7:7a:80:41:f5:fa:31:4e:5f:5f:c7:
60:4e:ea:df:61:bc:71:ff:a5:93:45:d7:3d:3c:a1:83:8c:09:
f2:80:e9:54:d4:60:89:12:9b:40:36:25:8f:c0:60:21:7f:3b:
36:e1:59:35:7d:8a:0b:0b:79:cb:c8:f9:8e:8f:95:61:1d:51:
d4:96:bc:43:00:72:06:e8:25:34:57:08:8e:8c:a9:fb:bf:98:
b0:eb:59:2c:aa:bc:a6:a5:a7:9a:53:e9:2d:8c:77:fe:d3:80:
c6:5b:b2:21:02:07:0a:75:41:b2:2b:31:bc:8f:e7:df:ad:96:
fe:7b:ba:b8:b6:c1:84:14:70:3e:ca:20:f5:4f:60:de:cb:92:
5b:1b:0d:97:72:de:ca:31:52:cc:4e:93:82:15:ae:3e:04:21:
08:55:b2:2f:cd:6b:6b:7a:b9:09:9d:19:8d:af:4e:d5:e5:8d:
2e:60:34:5e:cd:cf:98:a6:0e:c1:f5:b3:64:56:6a:ac:81:e8:
a6:6e:42:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzXxLVZ3dIaaJ17RjKk9xzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjMwMTAyMTY0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDEwZGFkYzAyNDI4ODhlN2U2YzQyN2JmZTkzNzA1NWMwYTExZTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiC5fuaRHMFi3l6VUuaBAL/t7RxED
5nONCkNSyHa9C+ju71Nf1Nkcdz7icdo8HVGZfBmMunjKm6RgeV4kAvPMSBFKr4uV
I6weGHuE6bMlpJP2OOFySCxnWDsfZW0zpGvn5WmGIUywbbGNJpyzeMSavXGDFAnF
clLYnwNX68tnvxT12GzX8rN7H4epbd3l43WyMWDzPg0q+Nixb68DMQojGjU1LJM3
9Z1hqzIE9nc8HaFquvCXKan9VzmT/VHCxglK2EtXwgRfwKq+908KssrJlEf1+WyW
cc5Ovm4Px9rC/JECSVuRNATr/xc4e5xkwUT3syeqc6y5qgM3j0/+dZedSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC0Q2twCQoiOfmxCe/6TcFXAoR5KMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvTFJEYTNBSkNpSTUtYkVKN19wTndWY0NoSGtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuToUMA0G
CSqGSIb3DQEBCwUAA4IBAQCORsSPX9voSJ0LWGkdKDsWPYqoECK9Be+tm28Ft+so
AAJ4Aogj+lRMeAXHK8CzPF0cD6v6zdYEhg7sCSdPt3qAQfX6MU5fX8dgTurfYbxx
/6WTRdc9PKGDjAnygOlU1GCJEptANiWPwGAhfzs24Vk1fYoLC3nLyPmOj5VhHVHU
lrxDAHIG6CU0VwiOjKn7v5iw61ksqrympaeaU+ktjHf+04DGW7IhAgcKdUGyKzG8
j+ffrZb+e7q4tsGEFHA+yiD1T2Dey5JbGw2Xct7KMVLMTpOCFa4+BCEIVbIvzWtr
erkJnRmNr07V5Y0uYDRezc+Ypg7B9bNkVmqsgeimbkJc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:13 2024 by rpki-client on console-fra.rpki-client.org