Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/lG3atjT2nv9zTaUvgYVGVV5ImrQ.roa
File: lG3atjT2nv9zTaUvgYVGVV5ImrQ.roa (raw, json)
Hash identifier: dnXUWHpjGXAJwrpc5aCb19K9+o4/awwJ3uR1s+5rFCo=
Subject key identifier: 94:6D:DA:B6:34:F6:9E:FF:73:4D:A5:2F:81:85:46:55:5E:48:9A:B4
Certificate issuer: /CN=a1864edfa412d77a03cbf59131e3fcc03a60e188
Certificate serial: 018571D7C1534EA90F5670C5033A9288E5FC
Authority key identifier: A1:86:4E:DF:A4:12:D7:7A:03:CB:F5:91:31:E3:FC:C0:3A:60:E1:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oYZO36QS13oDy_WRMeP8wDpg4Yg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/lG3atjT2nv9zTaUvgYVGVV5ImrQ.roa
Signing time: Mon 02 Jan 2023 09:37:23 +0000
ROA not before: Mon 02 Jan 2023 09:37:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56828
IP address blocks: 185.84.36.0/22 maxlen: 22
91.186.64.0/19 maxlen: 19
31.25.216.0/21 maxlen: 21
83.118.128.0/18 maxlen: 18
2a05:ec0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:c1:53:4e:a9:0f:56:70:c5:03:3a:92:88:e5:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1864edfa412d77a03cbf59131e3fcc03a60e188
Validity
Not Before: Jan 2 09:37:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=946ddab634f69eff734da52f818546555e489ab4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e6:8f:13:f1:79:e0:20:ee:c7:6b:cd:45:8a:
85:7c:af:e4:be:96:92:58:bf:4d:18:0d:0f:a1:a4:
00:86:bb:0a:73:22:2e:71:c3:ee:01:f5:b2:34:7e:
24:a7:1e:60:5e:44:78:78:d9:ee:3f:84:e1:f4:4e:
2f:12:da:3d:79:f2:94:2b:ba:c4:80:c5:6c:54:32:
51:99:05:e2:5b:27:09:05:b1:3a:16:e8:cc:a6:1c:
22:1a:e4:00:45:9b:10:50:6c:36:45:0c:06:ea:84:
8e:da:f0:c0:51:03:d0:68:37:31:70:6e:ae:87:db:
7c:d8:a2:58:4a:10:59:69:c7:e6:e9:b1:31:09:38:
36:48:44:75:da:20:e6:6f:ef:f4:70:71:e7:20:96:
ab:c7:d7:f7:29:a0:9b:39:c3:34:b7:9b:64:b2:c8:
c4:87:c5:e2:92:7c:91:c2:cd:99:8d:b1:0c:dc:07:
73:8d:80:a7:28:d0:0b:86:43:ea:ac:55:ff:09:0c:
b1:61:16:b2:00:4c:3b:70:b2:0a:5e:e2:85:24:71:
e3:a8:ac:5f:f4:22:21:ab:03:51:f6:17:6a:01:6c:
4b:11:a1:85:be:fa:b2:c3:30:a1:c7:f2:54:f8:a9:
dc:3f:d8:c9:64:b7:25:47:24:80:87:ed:9d:c2:14:
18:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:6D:DA:B6:34:F6:9E:FF:73:4D:A5:2F:81:85:46:55:5E:48:9A:B4
X509v3 Authority Key Identifier:
keyid:A1:86:4E:DF:A4:12:D7:7A:03:CB:F5:91:31:E3:FC:C0:3A:60:E1:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYZO36QS13oDy_WRMeP8wDpg4Yg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/lG3atjT2nv9zTaUvgYVGVV5ImrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/oYZO36QS13oDy_WRMeP8wDpg4Yg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.216.0/21
83.118.128.0/18
91.186.64.0/19
185.84.36.0/22
IPv6:
2a05:ec0::/29
Signature Algorithm: sha256WithRSAEncryption
2c:8f:ae:97:20:d0:a8:61:5b:37:5e:a0:08:a3:50:95:4b:20:
d6:41:52:f9:4b:1b:b9:bc:8d:36:b5:da:12:b7:1c:2c:88:44:
91:97:00:88:2b:52:fd:75:30:cf:d6:27:5e:de:70:61:12:cd:
33:b1:9f:18:1b:46:17:e7:79:1f:f7:c0:09:05:ef:fe:86:d5:
10:44:4b:6e:f4:53:2b:bb:d8:2d:5c:e6:41:27:32:21:00:3f:
7e:bc:76:62:28:75:d7:35:ca:0b:ec:aa:49:7d:6d:a0:cc:09:
0c:bd:d8:63:3d:1a:45:bc:09:7b:2c:4c:cb:9b:18:b1:a3:ef:
c3:5b:c6:6b:37:11:82:93:34:dc:e4:03:e6:14:48:12:68:81:
23:b4:a2:f6:b3:02:75:89:47:75:7f:c4:7c:6a:0a:4d:2a:29:
51:bd:03:93:d2:8b:3e:73:00:c0:dc:3f:45:ce:65:85:b4:3e:
7e:dd:ce:33:16:f3:a0:25:55:40:0c:41:44:f9:b6:e1:ed:94:
f0:a0:48:81:21:8b:3f:70:54:1c:c3:68:47:b0:a8:05:4b:12:
28:ae:1d:0b:01:ac:3d:32:5f:41:c6:2f:41:56:18:71:fb:c2:
dc:a9:a0:23:9a:7d:99:06:2c:00:63:07:33:a5:dc:2b:f3:91:
cd:b9:2f:a3
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVx18FTTqkPVnDFAzqSiOX8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODY0ZWRmYTQxMmQ3N2EwM2NiZjU5MTMxZTNmY2MwM2E2
MGUxODgwHhcNMjMwMTAyMDkzNzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDZkZGFiNjM0ZjY5ZWZmNzM0ZGE1MmY4MTg1NDY1NTVlNDg5YWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluaPE/F54CDux2vNRYqFfK/kvpaS
WL9NGA0PoaQAhrsKcyIuccPuAfWyNH4kpx5gXkR4eNnuP4Th9E4vEto9efKUK7rE
gMVsVDJRmQXiWycJBbE6FujMphwiGuQARZsQUGw2RQwG6oSO2vDAUQPQaDcxcG6u
h9t82KJYShBZacfm6bExCTg2SER12iDmb+/0cHHnIJarx9f3KaCbOcM0t5tkssjE
h8XiknyRws2ZjbEM3AdzjYCnKNALhkPqrFX/CQyxYRayAEw7cLIKXuKFJHHjqKxf
9CIhqwNR9hdqAWxLEaGFvvqywzChx/JU+KncP9jJZLclRySAh+2dwhQYLQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJRt2rY09p7/c02lL4GFRlVeSJq0MB8GA1UdIwQY
MBaAFKGGTt+kEtd6A8v1kTHj/MA6YOGIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1laTzM2UVMxM29EeV9XUk1lUDh3RHBnNFlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS84YzNkNWMtYTM2Yy00ZTNmLWEwNTkt
MWE1NTc5ZThjNmMwLzEvbEczYXRqVDJudjl6VGFVdmdZVkdWVjVJbXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS84YzNkNWMtYTM2Yy00ZTNmLWEwNTktMWE1NTc5ZThjNmMw
LzEvb1laTzM2UVMxM29EeV9XUk1lUDh3RHBnNFlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDHxnYAwQG
U3aAAwQFW7pAAwQCuVQkMA0EAgACMAcDBQMqBQ7AMA0GCSqGSIb3DQEBCwUAA4IB
AQAsj66XINCoYVs3XqAIo1CVSyDWQVL5Sxu5vI02tdoStxwsiESRlwCIK1L9dTDP
1ide3nBhEs0zsZ8YG0YX53kf98AJBe/+htUQREtu9FMru9gtXOZBJzIhAD9+vHZi
KHXXNcoL7KpJfW2gzAkMvdhjPRpFvAl7LEzLmxixo+/DW8ZrNxGCkzTc5APmFEgS
aIEjtKL2swJ1iUd1f8R8agpNKilRvQOT0os+cwDA3D9FzmWFtD5+3c4zFvOgJVVA
DEFE+bbh7ZTwoEiBIYs/cFQcw2hHsKgFSxIorh0LAaw9Ml9Bxi9BVhhx+8LcqaAj
mn2ZBiwAYwczpdwr85HNuS+j
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:39 2024 by rpki-client on console-ams.rpki-client.org